How to distribute file per server?

Hi guys,

sorry if this is a newbie question, but looking around I couldn't find an answer...

I have my own CA, and create x509 key and certificate for each server.

What is the best way to distribute them with ansible? Currently, they are distributed via host_vars, and certificate contents i pasted within variable. That seems to me like a cludgy solution, I would like to rather have files within repository, then c/p within host_vars/group_vars.

These files are pure text by chance, what would happen if I wanted to distribute for example java keystore files via Ansible?

How do you do it?

What I've come up so far is role called 'ca', which has structure looking like this:

% find roles/ca/files
roles/ca/files
roles/ca/files/ca.crt.pem
roles/ca/files/private
roles/ca/files/private/myhost1.example.net.crt.pem
roles/ca/files/certs
roles/ca/files/certs/myhost1.example.net.key.pem
roles/ca/files/keystore
roles/ca/files/keystore/myhost1.example.net.ks

Then, I just use copy with {{ ansible_nodename }} to push files around...

Any smarter solutions for this problem?

Anyone?!?!

Use inventory_hostname and with_fileglob (https://docs.ansible.com/ansible/playbooks_loops.html#id4) to match the filenames, and use the file module to copy the respective files.

Something like :

`

• file: src={{item|basename}}.crt.pem dest=/etc/ssl/certs/{{item|basename}}.crt.pem owner=root group=root mode=0644
  with_fileglob:
• …/files/*.crt.pem
  when: item|basename == inventory_hostname
  `