# x509 client
- name: Installation du certificat client
  copy:
    src: "certs/{{ ansible_hostname }}.{{ item }}.{{ crtversion }}.crt"
    dest: "/etc/pki/tls/certs/{{ ansible_hostname }}.{{ item }}.crt"
    owner: root
    group: root
    mode: 0644
  tags: keys
  loop:
    - dbcirrus
    - dblinks
    - nfs
    - redis

- name: Installation de la clé cliente
  copy:
    src: "certs/{{ ansible_hostname }}.{{ item }}.{{ crtversion }}.key"
    dest: "/etc/pki/tls/private/{{ ansible_hostname }}.{{ item }}.key"
    owner: root
    group: root
    mode: 0400
  tags: keys
  loop:
    - dbcirrus
    - dblinks
    - nfs
    - redis