feat: copying certificates to target directory

roles/vault_agent/tasks/main.yml

@@ -63,12 +63,13 @@
   notify: Restart vault-agent-certificates
 
 - name: Copy retrieving_cert.tmpl
-  ansible.builtin.copy:
-    src: retrieving_cert.tmpl
+  ansible.builtin.template:
+    src: retrieving_cert.tmpl.j2
     dest: /root/vault_agent_certificat/retrieving_cert.tmpl
     mode: '0644'
     owner: root
     group: root
+  notify: Restart vault-agent-certificates
 
 - name: Copy vault-agent-certificates.service
   ansible.builtin.copy:
@@ -78,6 +79,14 @@
     owner: root
     group: root
 
+- name: Create directory for certificates
+  ansible.builtin.file:
+    state: directory
+    dest: "{{ vault_agent_certificate_directory }}"
+    mode: '0755'
+    owner: root
+    group: root
+
 - name: Start vault-agent-certificates service
   ansible.builtin.systemd:
     name: vault-agent-certificates

roles/vault_agent/templates/retrieving_cert.tmpl.j2

@@ -0,0 +1,10 @@
+{{ '{{' }}with secret "secret/certificat-web"{{ '}}' }}
+{{ '{{' }} index .Data.data "privkey.pem" | writeToFile "{{vault_agent_certificate_directory}}/privkey.pem" "" "" "0400"{{ '}}' }}
+{{ '{{' }} index .Data.data "chain.pem" | writeToFile "{{vault_agent_certificate_directory}}/chain.pem" "" "" "0400"{{ '}}' }}
+{{ '{{' }} index .Data.data "cert.pem" | writeToFile "{{vault_agent_certificate_directory}}/cert.pem" "" "" "0400"{{ '}}' }}
+{{ '{{' }} index .Data.data "fullchain.pem" | writeToFile "{{vault_agent_certificate_directory}}/fullchain.pem" "" "" "0400"{{ '}}' }}
+{{ '{{' }} index .Data.data "privkey.pem"{{ '}}' }}
+{{ '{{' }} index .Data.data "chain.pem"{{ '}}' }}
+{{ '{{' }} index .Data.data "cert.pem"{{ '}}' }}
+{{ '{{' }} index .Data.data "fullchain.pem"{{ '}}' }}
+{{ '{{' }}end{{ '}}' }}