ansible-collection-famedly-.../roles/synapse/tasks/crypto.yml

---
- name: Install signedjson
  pip:
    name: signedjson

- name: Create signing key
  matrix_signing_key:
    path: "{{ matrix_synapse_config.signing_key_path }}"
  notify:
    - "restart matrix-synapse"

- name: Write server's certificate and private key
  block:
    - name: create DH parameters
      openssl_dhparam:
        path: "{{ matrix_synapse_dh_path }}"
        owner: synapse
    - name: Write certificate
      copy:
        content: "{{ matrix_synapse_tls_cert }}"
        dest: "{{ matrix_synapse_config.tls_certificate_path }}"
        owner: synapse
        group: synapse
        mode: "0644"
    - name: Write keyfile
      copy:
        content: "{{ matrix_synapse_tls_key }}"
        dest: "{{ matrix_synapse_config.tls_private_key_path }}"
        owner: synapse
        group: synapse
        mode: "0600"
  when: not matrix_synapse_config.no_tls
Extract letsencrypt operations to a separate play 2018-12-02 22:25:20 +00:00			`---`
fix typo 2019-06-18 16:20:47 +00:00			`- name: Install signedjson`
Extract signing key creation to module 2019-02-15 02:10:38 +00:00			`pip:`
			`name: signedjson`

Use the builtin openssl dhparam module instead of the openssl command 2018-12-03 22:28:34 +00:00			`- name: Create signing key`
Extract signing key creation to module 2019-02-15 02:10:38 +00:00			`matrix_signing_key:`
Retireve the Certificate and Key paths from the configs 2019-02-17 20:10:35 +00:00			`path: "{{ matrix_synapse_config.signing_key_path }}"`
Use the builtin openssl dhparam module instead of the openssl command 2018-12-03 22:28:34 +00:00			`notify:`
Notify the correct handler 2019-02-15 02:08:08 +00:00			`- "restart matrix-synapse"`
Use the builtin openssl dhparam module instead of the openssl command 2018-12-03 22:28:34 +00:00
Write the tls certificate and private key to a file 2019-02-12 01:58:16 +00:00			`- name: Write server's certificate and private key`
			`block:`
DH parameters are only needed in case of TLS 2019-02-17 20:52:36 +00:00			`- name: create DH parameters`
			`openssl_dhparam:`
			`path: "{{ matrix_synapse_dh_path }}"`
			`owner: synapse`
Write the tls certificate and private key to a file 2019-02-12 01:58:16 +00:00			`- name: Write certificate`
			`copy:`
			`content: "{{ matrix_synapse_tls_cert }}"`
Retireve the Certificate and Key paths from the configs 2019-02-17 20:10:35 +00:00			`dest: "{{ matrix_synapse_config.tls_certificate_path }}"`
Write the tls certificate and private key to a file 2019-02-12 01:58:16 +00:00			`owner: synapse`
			`group: synapse`
			`mode: "0644"`
			`- name: Write keyfile`
			`copy:`
			`content: "{{ matrix_synapse_tls_key }}"`
Retireve the Certificate and Key paths from the configs 2019-02-17 20:10:35 +00:00			`dest: "{{ matrix_synapse_config.tls_private_key_path }}"`
Write the tls certificate and private key to a file 2019-02-12 01:58:16 +00:00			`owner: synapse`
			`group: synapse`
			`mode: "0600"`
Extract skip tls from configuration 2019-02-17 20:52:15 +00:00			`when: not matrix_synapse_config.no_tls`