From c1c3a372d74a4520a9954bca3248a1c2d1a3f276 Mon Sep 17 00:00:00 2001
From: Alessandro Fael Garcia <alessfg@hotmail.com>
Date: Wed, 9 Jan 2019 00:26:14 +0100
Subject: [PATCH] Allow setting a custom apt and rpm signing key host (#84)

* Allow setting a custom apt and rpm signing key host

* Change default fallback key to https

* Use facts to determine which signing key to use

* Add single quotes
---
 README.md              | 5 ++++-
 defaults/main.yml      | 4 ++++
 tasks/keys/apt-key.yml | 6 +++++-
 tasks/keys/rpm-key.yml | 6 +++++-
 4 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index bc60429..442a456 100644
--- a/README.md
+++ b/README.md
@@ -184,6 +184,10 @@ nginx_type: opensource
 # Default is nginx_repository.
 nginx_install_from: nginx_repository
 
+# Choose where to fetch the NGINX signing key from.
+# Default is the official NGINX signing key host.
+nginx_signing_key: https://nginx.org/keys/nginx_signing.key
+
 # Specify source repository for NGINX Open Source.
 # Only works if 'install_from' is set to 'nginx_repository'.
 # Defaults are the official NGINX repositories.
@@ -364,7 +368,6 @@ nginx_http_template:
 # Enable creating dynamic templated NGINX stream configuration files.
 nginx_stream_template_enable: false
 nginx_stream_template_listen: 12345
-
 ```
 
 Dependencies
diff --git a/defaults/main.yml b/defaults/main.yml
index a7db8f8..122adf0 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -17,6 +17,10 @@ nginx_type: opensource
 # Default is nginx_repository.
 nginx_install_from: nginx_repository
 
+# Choose where to fetch the NGINX signing key from.
+# Default is the official NGINX signing key host.
+nginx_signing_key: http://nginx.org/keys/nginx_signing.key
+
 # Specify source repository for NGINX Open Source.
 # Only works if 'install_from' is set to 'nginx_repository'.
 # Defaults are the official NGINX repositories.
diff --git a/tasks/keys/apt-key.yml b/tasks/keys/apt-key.yml
index a52bbe0..0153940 100644
--- a/tasks/keys/apt-key.yml
+++ b/tasks/keys/apt-key.yml
@@ -1,4 +1,8 @@
 ---
+- name: "(Install: APT OSs) Set APT NGINX Signing Key URL"
+  set_fact:
+    keysite: "{{ nginx_signing_key | default('http://nginx.org/keys/nginx_signing.key') }}"
+
 - name: "(Install: APT OSs) Add APT NGINX Signing Key"
   apt_key:
-    url: "{{ 'http://nginx.org/keys/nginx_signing.key' | default('https://nginx.org/keys/nginx_signing.key') }}"
+    url: "{{ keysite | default('https://nginx.org/keys/nginx_signing.key') }}"
diff --git a/tasks/keys/rpm-key.yml b/tasks/keys/rpm-key.yml
index d1b0531..e3356c5 100644
--- a/tasks/keys/rpm-key.yml
+++ b/tasks/keys/rpm-key.yml
@@ -1,4 +1,8 @@
 ---
+- name: "(Install: RPM OSs) Set RPM NGINX Signing Key URL"
+  set_fact:
+    keysite: "{{ nginx_signing_key | default('http://nginx.org/keys/nginx_signing.key') }}"
+
 - name: "(Install: RPM OSs) Add RPM NGINX Signing Key"
   rpm_key:
-    key: "{{ 'http://nginx.org/keys/nginx_signing.key' | default('https://nginx.org/keys/nginx_signing.key') }}"
+    key: "{{ keysite | default('https://nginx.org/keys/nginx_signing.key') }}"