vnc-tls-auth.yml: New playbook to generate VNC keys

vnc-tls-auth.yml

+# This play is intended to (re)generate TLS keys for VNC
+# software. Should not be rerun every time, because it overwrites old
+# keys and thus prevent users from logging in, until they get new
+# public keys.
+- hosts: all
+  become: True
+  become_method: sudo
+  remote_user: adamsmith
+  become_flags: "-i"
+  vars_files:
+    - vars/users.yml
+    - vars/passwords.yml
+
+  tasks:
+    - name: Create /etc/custom-vnc
+      file:
+        path: "/etc/custom-vnc"
+        state: directory
+        mode: 0711
+        
+    - name: Get private ip.
+      shell: "hostname -I"
+      register: hip
+      
+    - name: Get hostname.
+      shell: "hostname"
+      register: hname
+
+    - name: Generate keys.
+      script:
+        chdir: "/etc/custom-vnc"
+        cmd: "files/etc/gencert {{ hname.stdout }} {{ hip.stdout }}"
+    - name: Get keys.
+      fetch:
+        flat: yes
+        src: "/etc/custom-vnc/vnc.pub.pem"
+        dest: "pubkeys/{{ hname.stdout }}.vnc.pub.pem"
+
+
+
+