From cad74787c18cb39bfc936f50751ec39e18d77c26 Mon Sep 17 00:00:00 2001
From: Martin Garbe <monomartin@opennet-initiative.de>
Date: Tue, 3 Oct 2023 21:12:08 +0200
Subject: [PATCH] opennetca: add year to name of ca-bundle

Also fix weblinks.
---
 roles/opennetca/defaults/main.yml | 24 ++++++++++++------------
 roles/opennetca/tasks/install.yml |  1 +
 roles/opennetca/tasks/web.yml     |  4 ++--
 3 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/roles/opennetca/defaults/main.yml b/roles/opennetca/defaults/main.yml
index 796991dd..59a5eda6 100644
--- a/roles/opennetca/defaults/main.yml
+++ b/roles/opennetca/defaults/main.yml
@@ -17,22 +17,22 @@ opennetca_url: "https://ca.opennet-initiative.de"
 opennetca_year: "2022"
 # used for backwards compatibility, names changed in 2019
 opennetca_weblinks:
-- { src: "opennet-ca-bundle.tar.gz", dest: "ca-bundle.tar.gz" }
-- { src: "opennet-root.crt", dest: "root.crt" }
+- { src: "opennet-ca-bundle_2022.tar.gz", dest: "ca-bundle.tar.gz" }
+- { src: "opennet-root.ca.on_2022.crt", dest: "root.crt" }
 - { src: "opennet-root.crl", dest: "root.crl" }
-- { src: "opennet-vpn-user.crt", dest: "vpn-user.crt" }
+- { src: "opennet-vpn-user.ca.on_2022.crt", dest: "vpn-user.crt" }
 - { src: "opennet-vpn-user.crl", dest: "vpn-user.crl" }
-- { src: "opennet-vpn-ugw.crt", dest: "vpn-ugw.crt" }
+- { src: "opennet-vpn-ugw.ca.on_2022.crt", dest: "vpn-ugw.crt" }
 - { src: "opennet-vpn-ugw.crl", dest: "vpn-ugw.crl" }
-- { src: "opennet-client.crt", dest: "client.crt" }
+- { src: "opennet-client.ca.on_2022.crt", dest: "client.crt" }
 - { src: "opennet-client.crl", dest: "client.crl" }
-- { src: "opennet-server.crt", dest: "server.crt" }
+- { src: "opennet-server.ca.on_2022.crt", dest: "server.crt" }
 - { src: "opennet-server.crl", dest: "server.crl" }
-- { src: "opennet-vpn-user_certchain.crt", dest: "vpn-user_certchain.crt" }
-- { src: "opennet-vpn-ugw_certchain.crt", dest: "vpn-ugw_certchain.crt" }
-- { src: "opennet-client_certchain.crt", dest: "vpn-client_certchain.crt" }
-- { src: "opennet-server_certchain.crt", dest: "vpn-server_certchain.crt" }
-- { src: "opennet-vpn-user.crt", dest: "vpnuser.crt" }
+- { src: "opennet-vpn-user.ca.on_certchain_2022.crt", dest: "vpn-user_certchain.crt" }
+- { src: "opennet-vpn-ugw.ca.on_certchain_2022.crt", dest: "vpn-ugw_certchain.crt" }
+- { src: "opennet-client.ca.on_certchain_2022.crt", dest: "vpn-client_certchain.crt" }
+- { src: "opennet-server.ca.on_certchain_2022.crt", dest: "vpn-server_certchain.crt" }
+- { src: "opennet-vpn-user.ca.on_2022.crt", dest: "vpnuser.crt" }
 - { src: "opennet-vpn-user.crl", dest: "vpnuser.crl" }
-- { src: "opennet-vpn-ugw.crt", dest: "vpnugw.crt" }
+- { src: "opennet-vpn-ugw.ca.on_2022.crt", dest: "vpnugw.crt" }
 - { src: "opennet-vpn-ugw.crl", dest: "vpnugw.crl" }
diff --git a/roles/opennetca/tasks/install.yml b/roles/opennetca/tasks/install.yml
index d17793f5..695bede7 100644
--- a/roles/opennetca/tasks/install.yml
+++ b/roles/opennetca/tasks/install.yml
@@ -3,6 +3,7 @@
     name: "{{ packages }}"
   vars:
     packages:
+    - git
     - openssl
     - jq
     - bsd-mailx
diff --git a/roles/opennetca/tasks/web.yml b/roles/opennetca/tasks/web.yml
index 8a860475..10d6d22d 100644
--- a/roles/opennetca/tasks/web.yml
+++ b/roles/opennetca/tasks/web.yml
@@ -30,13 +30,13 @@
     group: "{{ opennetca_user_web }}"
     remote_src: yes
   with_items:
-    - opennet-ca-bundle.tar.gz
+    - opennet-ca-bundle_2022.tar.gz
     - index.html
     - ca.html
 
 - name: web - Zertifikate der Opennet CA (Public) entpacken
   unarchive:
-    src: "{{ opennetca_path_web }}/opennet-ca-bundle.tar.gz"
+    src: "{{ opennetca_path_web }}/opennet-ca-bundle_2022.tar.gz"
     dest: "{{ opennetca_path_web }}/"
     owner: "{{ opennetca_user_web }}"
     group: "{{ opennetca_user_web }}"