From e631cf7072dbc3e922bd53168d881014d479a94c Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Thu, 18 Aug 2022 12:28:01 +0200
Subject: [PATCH] Add certificate paths for CAcert applications

---
 deployment/host_vars/localhost.yml | 12 ++++++++++++
 deployment/host_vars/oidcbox.yml   | 12 ++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/deployment/host_vars/localhost.yml b/deployment/host_vars/localhost.yml
index 835cab3..44f326f 100644
--- a/deployment/host_vars/localhost.yml
+++ b/deployment/host_vars/localhost.yml
@@ -11,6 +11,18 @@ hydra_tls:
 # different random values encrypted via ansible-vault
 hydra_system_secret: "AczA+NZ25Ye9eAreglv5bo9XcND6uwBQHVUYCvPfwXo="
 
+idp_tls:
+  cert: "{{ cacert_home }}/etc/login.cacert.localhost.pem"
+  key: "{{ cacert_home }}/etc/login.cacert.localhost-key.pem"
+
+register_tls:
+  cert: "{{ cacert_home }}/etc/register.cacert.localhost.pem"
+  key: "{{ cacert_home }}/etc/register.cacert.localhost-key.pem"
+
+demoapp_tls:
+  cert: "{{ cacert_home }}/etc/app.cacert.localhost.pem"
+  key: "{{ cacert_home }}/etc/app.cacert.localhost-key.pem"
+
 oidc_urls:
   hydra_admin:
     host: hydra.cacert.localhost
diff --git a/deployment/host_vars/oidcbox.yml b/deployment/host_vars/oidcbox.yml
index ba93a1d..0c987fd 100644
--- a/deployment/host_vars/oidcbox.yml
+++ b/deployment/host_vars/oidcbox.yml
@@ -11,6 +11,18 @@ hydra_tls:
 # different random values encrypted via ansible-vault
 hydra_system_secret: "AczA+NZ25Ye9eAreglv5bo9XcND6uwBQHVUYCvPfwXo="
 
+idp_tls:
+  cert: "{{ cacert_home }}/etc/login.cacert.localhost.pem"
+  key: "{{ cacert_home }}/etc/login.cacert.localhost-key.pem"
+
+register_tls:
+  cert: "{{ cacert_home }}/etc/register.cacert.localhost.pem"
+  key: "{{ cacert_home }}/etc/register.cacert.localhost-key.pem"
+
+demoapp_tls:
+  cert: "{{ cacert_home }}/etc/app.cacert.localhost.pem"
+  key: "{{ cacert_home }}/etc/app.cacert.localhost-key.pem"
+
 oidc_urls:
   hydra_admin:
     host: hydra.cacert.localhost