ansible/test/integration/targets/win_iis_webbinding/tasks/setup.yml
nwsparks 0a3da471f5 win_iis_webbinding rewrite (#33958)
* Begin rewrite of win_iis_webbinding
Add integration testing, check mode and idempotency
Add support for SNI
Fix replacing SSL cert on existing bindings

* finished up initial rewrite of win_iis_webbinding

* updated test to remove tests as filters

* updated win_iis_webbinding docs

* fix more doc/formatting issues win_iis_webbinding

* Removed string empty defaults for certs. Added a few new helpful
comments.

* Revert "Removed string empty defaults for certs. Added a few new helpful"

This reverts commit 48f35faea8d5294b34e1aa842a95c9352b90257f.
2018-01-01 19:30:18 -05:00

88 lines
2.7 KiB
YAML

- name: reboot before feature install to ensure server is in clean state
win_reboot:
- name: ensure IIS features are installed
win_feature:
name: Web-Server
state: present
includ_sub_features: True
include_management_tools: True
register: feature_install
- name: reboot after feature install
win_reboot:
when: feature_install.reboot_required
- name: get all websites from server
raw: powershell.exe "(get-website).name"
register: existing_sites
- name: ensure all sites are removed for clean testing
win_iis_website:
name: "{{ item }}"
state: absent
with_items:
- "{{ existing_sites.stdout_lines }}"
- name: add testing site {{ test_iis_site_name }}
win_iis_website:
name: "{{ test_iis_site_name }}"
physical_path: c:\inetpub\wwwroot
- name: ensure all bindings are removed prior to starting testing
win_iis_webbinding:
name: "{{ test_iis_site_name }}"
state: absent
protocol: "{{ item.protocol }}"
port: "{{ item.port }}"
host_header: '*'
with_items:
- {protocol: http, port: 80}
- {protocol: https, port: 443}
- name: copy certreq file
win_copy:
content: |-
[NewRequest]
Subject = "CN={{ item.name }}"
KeyLength = 2048
KeyAlgorithm = RSA
MachineKeySet = true
RequestType = Cert
dest: "{{ item.dest }}"
with_items:
- {name: test.com, dest: 'c:\windows\temp\certreq1.txt'}
- {name: test1.com, dest: 'c:\windows\temp\certreq2.txt'}
- {name: '*.test.com', dest: 'c:\windows\temp\certreqwc.txt'}
- name: make sure response files are absent
win_file:
path: "{{ item }}"
state: absent
with_items:
- 'c:\windows\temp\certreqresp1.txt'
- 'c:\windows\temp\certreqresp2.txt'
- 'c:\windows\temp\certreqrespwc.txt'
- name: create self signed cert from certreq
win_command: certreq -new -machine {{ item.req }} {{ item.resp }}
with_items:
- {req: 'c:\windows\temp\certreq1.txt', resp: 'c:\windows\temp\certreqresp1.txt'}
- {req: 'c:\windows\temp\certreq2.txt', resp: 'c:\windows\temp\certreqresp2.txt'}
- {req: 'c:\windows\temp\certreqwc.txt', resp: 'c:\windows\temp\certreqrespwc.txt'}
- name: register certificate thumbprint1
raw: '(gci Cert:\LocalMachine\my | ? {$_.subject -eq "CN=test.com"})[0].Thumbprint'
register: thumbprint1
- name: register certificate thumbprint2
raw: '(gci Cert:\LocalMachine\my | ? {$_.subject -eq "CN=test1.com"})[0].Thumbprint'
register: thumbprint2
- name: register certificate thumbprint_wc
raw: '(gci Cert:\LocalMachine\my | ? {$_.subject -eq "CN=*.test.com"})[0].Thumbprint'
register: thumbprint_wc
- debug: var=thumbprint1.stdout
- debug: var=thumbprint2.stdout
- debug: var=thumbprint_wc.stdout