Extract signing key creation to module

2024-11-10 05:34:16 +00:00 · 2019-02-15 03:10:38 +01:00 · 2019-02-15 03:10:38 +01:00 · 6d4c34ef78
commit 6d4c34ef78
parent b397a278a6
2 changed files with 57 additions and 10 deletions
--- a/library/matrix_signing_key.py
+++ b/library/matrix_signing_key.py
@ -0,0 +1,51 @@
+#!/bin/python3
+# Copyright: (c) 2018, Emmanouil Kampitakis <info@kampitakis.de>
+# Apache 2.0
+
+from ansible.module_utils.basic import AnsibleModule
+from signedjson import key
+import os
+
+def write_signing_key(path):
+    with open(path,'w') as f:
+        key.write_signing_keys(
+              f, 
+              [key.generate_signing_key('first')]
+        )
+
+def run_module():
+    module_args = dict(
+        path=dict(type='str', required=True),
+    )
+
+    result = dict(
+        changed=False,
+        original_message='',
+        message=''
+    )
+
+    module = AnsibleModule(
+        argument_spec=module_args,
+        supports_check_mode=True
+    )
+
+    signing_key_path = module.params['path']
+
+    signing_key_exists = os.path.isfile(signing_key_path)
+
+    if not signing_key_exists:
+        result['changed'] = True
+        if module.check_mode: 
+            return result
+        
+        write_signing_key(signing_key_path)
+
+    module.exit_json(**result)
+
+def main():
+    run_module()
+
+if __name__ == '__main__':
+    main()
+
+
--- a/tasks/crypto.yml
+++ b/tasks/crypto.yml
@ -1,15 +1,11 @@
 ---
+- name: Install singedjson
+  pip:
+    name: signedjson
+
 - name: Create signing key
-  shell: >
-    /opt/synapse/env/bin/python -c "
-    from signedjson import key;
-    with open('{{ matrix_synapse_signing_key_path }}','w') as file:
-      key.write_signing_keys(file, [key.generate_signing_key('first')]);
-    "
-  args:
-    creates: "{{ matrix_synapse_signing_key_path }}" 
-  become: true
-  become_user: synapse
+  matrix_signing_key:
+    path: "{{ matrix_synapse_signing_key_path }}" 
  notify:
    - "restart matrix-synapse"