From 519b7f0e54a2a3d149da0ef58477505a078c0d3d Mon Sep 17 00:00:00 2001
From: Jack Ivanov <e601809@gmail.com>
Date: Sat, 13 Apr 2019 11:18:29 +0200
Subject: [PATCH] Move `Delete the CA key` task to the appropriate role

---
 roles/strongswan/tasks/openssl.yml | 10 ++++++++++
 server.yml                         | 10 ----------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/roles/strongswan/tasks/openssl.yml b/roles/strongswan/tasks/openssl.yml
index 694bb83c..ffaa7062 100644
--- a/roles/strongswan/tasks/openssl.yml
+++ b/roles/strongswan/tasks/openssl.yml
@@ -209,3 +209,13 @@
     - gencrl.changed
   notify:
     - rereadcrls
+
+- name: Delete the CA key
+  local_action:
+    module: file
+    path: "{{ ipsec_pki_path }}/private/cakey.pem"
+    state: absent
+  become: false
+  when:
+    - ipsec_enabled
+    - not algo_store_cakey
diff --git a/server.yml b/server.yml
index 40326830..349150cb 100644
--- a/server.yml
+++ b/server.yml
@@ -37,16 +37,6 @@
         tags: ssh_tunneling
 
       - block:
-        - name: Delete the CA key
-          local_action:
-            module: file
-            path: "{{ ipsec_pki_path }}/private/cakey.pem"
-            state: absent
-          become: false
-          when:
-            - ipsec_enabled
-            - not algo_store_cakey
-
         - name: Dump the configuration
           local_action:
             module: copy