From 297a9518f52f5a55667094467cc14674f00bee67 Mon Sep 17 00:00:00 2001
From: Christoph Haas <email@christoph-haas.de>
Date: Sun, 4 Oct 2015 12:46:21 +0200
Subject: [PATCH] Added role to create self-signed certificate

---
 ispmail.yml                              | 1 +
 roles/ispmail-certificate/tasks/main.yml | 4 ++++
 2 files changed, 5 insertions(+)
 create mode 100644 roles/ispmail-certificate/tasks/main.yml

diff --git a/ispmail.yml b/ispmail.yml
index dc0aba8..8aea2a6 100644
--- a/ispmail.yml
+++ b/ispmail.yml
@@ -4,4 +4,5 @@
   roles:
   - ispmail-packages
   - dumpvars
+  - ispmail-certificate
 
diff --git a/roles/ispmail-certificate/tasks/main.yml b/roles/ispmail-certificate/tasks/main.yml
new file mode 100644
index 0000000..df196e5
--- /dev/null
+++ b/roles/ispmail-certificate/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- name: Create a self-signed certificate
+  shell: openssl req -new -x509 -days 3650 -subj "/C=DE/ST=Hamburg/L=Hamburg/O=IT/CN={{ansible_fqdn}}" -nodes -sha256 -newkey rsa:4096 -out /etc/ssl/certs/mailserver.pem -keyout /etc/ssl/private/mailserver.pem -extensions v3_ca creates=/etc/ssl/certs/mailserver.pem
+