From 77f3d6d901629b55970c3bcfb68c070028917dd6 Mon Sep 17 00:00:00 2001 From: Filip Date: Sun, 13 Oct 2024 07:55:07 +0200 Subject: [PATCH] fix: postgresql_cert_name didn't work properly, using this parameter caused an error. Because there was a missing variable __pg_server_crt definition in the correct context. This commit also enhances the description of postgresql_cern_name variable. Related: SYSROLES-157 --- README.md | 4 +++- tasks/certificate.yml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e53f585..46ba1a3 100644 --- a/README.md +++ b/README.md @@ -92,7 +92,9 @@ postgresql_ssl_enable: true If you want to use your own certificate and private key, use the `postgresql_cert_name` variable to specify the certificate name. You must keep both certificate and key files in the same directory and under the same name -with the `.crt` and `.key` suffixes. +with the `.crt` and `.key` suffixes on the managed node. The value should be an +absolute path. + For example, if your certificate file is located in `/etc/certs/server.crt` and your private key in `/etc/certs/server.key`, set the `postgresql_cert_name` diff --git a/tasks/certificate.yml b/tasks/certificate.yml index cad44cd..bdf41f1 100644 --- a/tasks/certificate.yml +++ b/tasks/certificate.yml @@ -52,6 +52,9 @@ - __postgresql_cert.stat.exists - __postgresql_key.stat.exists - postgresql_certificates | length < 1 + vars: + __pg_server_crt: "{{ __postgresql_data_dir }}/server.crt" + __pg_server_key: "{{ __postgresql_data_dir }}/server.key" block: - name: Install certificate file file: