Mirror of a valuable repository.
 
 
Go to file
Felix Fontein 616afdc9ea Remove CI scripts. 2024-08-28 17:46:46 +02:00
changelogs Release 1.9.26. 2024-08-28 17:38:23 +02:00
docs/docsite Fix Galaxy URLs. (#658) (#659) 2023-09-30 22:48:50 +02:00
meta openssl_pkcs12: allow to specify certificate bundles in other_certificates (#166) 2021-01-26 10:21:49 +01:00
plugins ecs_certificate: allow to request renewal without csr (#740) (#752) 2024-05-09 21:31:06 +02:00
tests Fix PKCS#12 tests. (#787) (#788) 2024-07-21 15:06:44 +02:00
.gitignore Porting guide (#67) 2020-06-15 22:26:17 +02:00
Apache-2.0.txt Add Apache 2.0 license for Apache 2.0 licensed parts. (#479) 2022-06-17 08:21:08 +02:00
CHANGELOG.md Release 1.9.26. 2024-08-28 17:38:23 +02:00
CHANGELOG.md.license Add MarkDown changelog and use it by default. (#709) 2024-02-09 13:08:17 +01:00
CHANGELOG.rst Release 1.9.26. 2024-08-28 17:38:23 +02:00
COPYING Add proper README and update COPYING (#10) 2020-04-01 15:17:37 +02:00
PSF-license.txt [stable-1] Add PSF-license.txt file (#455) 2022-05-16 09:02:58 +02:00
README.md Improve communication link description. 2024-08-15 21:41:36 +02:00
galaxy.yml The next expected release is 1.9.26. 2024-05-20 11:59:35 +02:00
simplified_bsd.txt Add simplified_bsd.txt license file (#467) (#468) 2022-06-02 08:14:26 +02:00

README.md

Ansible Community Crypto Collection

Codecov

Provides modules for Ansible for various cryptographic operations.

You can find documentation for this collection on the Ansible docs site.

Please note that this collection does not support Windows targets.

Communication

  • Join the Ansible forum:

    • Get Help: get help or help others. Please add appropriate tags if you start new discussions, for example the crypto or acme tags.
    • Posts tagged with 'crypto': subscribe to participate in cryptography related conversations.
    • Posts tagged with 'acme': subscribe to participate in ACME (RFC 8555) related conversations.
    • Social Spaces: gather and interact with fellow enthusiasts.
    • News & Announcements: track project-wide announcements including social events.
  • The Ansible Bullhorn newsletter: used to announce releases and important changes.

For more information about communication, see the Ansible communication guide.

Tested with Ansible

Tested with the current Ansible 2.9, ansible-base 2.10, ansible-core 2.11, ansible-core 2.12 and ansible-core 2.13 releases. Ansible versions before 2.9.10 are not supported.

External requirements

The exact requirements for every module are listed in the module documentation.

Most modules require a recent enough version of the Python cryptography library. See the module documentations for the minimal version supported for each module.

Included content

  • OpenSSL / PKI modules:
    • openssl_csr_info
    • openssl_csr
    • openssl_dhparam
    • openssl_pkcs12
    • openssl_privatekey_info
    • openssl_privatekey
    • openssl_publickey
    • openssl_signature_info
    • openssl_signature
    • x509_certificate_info
    • x509_certificate
    • x509_crl_info
    • x509_crl
    • certificate_complete_chain
  • OpenSSH modules:
    • openssh_cert
    • openssh_keypair
  • ACME modules:
    • acme_account_info
    • acme_account
    • acme_certificate
    • acme_certificate_revoke
    • acme_challenge_cert_helper
    • acme_inspect
  • ECS modules:
    • ecs_certificate
    • ecs_domain
  • Miscellaneous modules:
    • get_certificate
    • luks_device

You can also find a list of all modules with documentation on the Ansible docs site.

Using this collection

Before using the crypto community collection, you need to install the collection with the ansible-galaxy CLI:

ansible-galaxy collection install community.crypto

You can also include it in a requirements.yml file and install it via ansible-galaxy collection install -r requirements.yml using the format:

collections:
- name: community.crypto

See Ansible Using collections for more details.

Contributing to this collection

We're following the general Ansible contributor guidelines; see Ansible Community Guide.

If you want to clone this repositority (or a fork of it) to improve it, you can proceed as follows:

  1. Create a directory ansible_collections/community;
  2. In there, checkout this repository (or a fork) as crypto;
  3. Add the directory containing ansible_collections to your ANSIBLE_COLLECTIONS_PATH.

See Ansible's dev guide for more information.

Release notes

See the changelog.

Roadmap

We plan to regularly release minor and patch versions, whenever new features are added or bugs fixed. Our collection follows semantic versioning, so breaking changes will only happen in major releases.

Most modules will drop PyOpenSSL support in version 2.0.0 of the collection, i.e. in the next major version. We currently plan to release 2.0.0 somewhen during 2021. Around then, the supported versions of the most common distributions will contain a new enough version of cryptography.

Once 2.0.0 has been released, bugfixes will still be backported to 1.0.0 for some time, and some features might also be backported. If we do not want to backport something ourselves because we think it is not worth the effort, backport PRs by non-maintainers are usually accepted.

In 2.0.0, the following notable features will be removed:

  • PyOpenSSL backends of all modules, except openssl_pkcs12 which does not have a cryptography backend due to lack of support of PKCS#12 functionality in cryptography.
  • The assertonly provider of x509_certificate will be removed.

More information

Licensing

GNU General Public License v3.0 or later.

See COPYING to see the full text.