diff options
| author | Matthew Fennell <matthew@fennell.dev> | 2025-08-10 19:13:10 +0100 |
|---|---|---|
| committer | Matthew Fennell <matthew@fennell.dev> | 2025-08-10 19:13:10 +0100 |
| commit | fc0cbbd2af2f98d10e740d6ff7ce9f1888dec222 (patch) | |
| tree | 29c7ab79ab5ab2855fae615fc6e48cba8a1e8247 | |
| parent | 086ca5643f1d9dc95e373c2d576c44c73adc2c77 (diff) | |
Set pipefail when retrieving DANE hash
This is now enforced by ansible-lint.
| -rw-r--r-- | playbook.yaml | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/playbook.yaml b/playbook.yaml index 45e7ac0..5399fd2 100644 --- a/playbook.yaml +++ b/playbook.yaml @@ -54,9 +54,10 @@ - name: Retrieve DANE hash ansible.builtin.shell: cmd: > - openssl x509 -in ~/.lego/certificates/{{ virtual_host }}.crt -noout - -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 - -binary | hexdump -ve '/1 "%02x"' + set -o pipefail && openssl x509 -in + ~/.lego/certificates/{{ virtual_host }}.crt -noout -pubkey | openssl + pkey -pubin -outform DER | openssl dgst -sha256 -binary | hexdump -ve + '/1 "%02x"' register: dane_hash changed_when: false delegate_to: localhost |