Whitelist Ansible task config.yml in gitignore

.gitignore

@@ -44,3 +44,5 @@ deploy/aws/provision/config_files/*
 !deploy/aws/config_files/README.md
 deploy/aws/modules/*/data
 
+# Ansible
+!deploy/aws/provision/tasks/common/config.yml

deploy/aws/provision/tasks/common/config.yml

@@ -0,0 +1,54 @@
+---
+#  Copyright 2018 Banco Bilbao Vizcaya Argentaria, S.A.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+- name: Create certs & key dif
+  file:
+      path: config_files 
+      state: directory
+
+- name: Create private key
+  shell: ssh-keygen -t ed25519 -f config_files/id_ed25519 -P ''
+  args:
+    creates: config_files/id_ed25519
+
+- name: Create SSL certs
+  shell: >
+    openssl req \
+        -newkey rsa:2048 \
+        -nodes \
+        -days 3650 \
+        -x509 \
+        -keyout config_files/ca.key \
+        -out config_files/ca.crt \
+        -subj "/CN=*"
+    openssl req \
+        -newkey rsa:2048 \
+        -nodes \
+        -keyout config_files/server.key \
+        -out config_files/server.csr \
+        -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=*"
+    openssl x509 \
+        -req \
+        -days 365 \
+        -sha256 \
+        -in config_files/server.csr \
+        -CA config_files/ca.crt \
+        -CAkey config_files/ca.key \
+        -CAcreateserial \
+        -out config_files/server.crt \
+        ## Not present in all OpenSSL version 
+        ## -extfile <(echo subjectAltName = IP:127.0.0.1)
+  args:
+    creates: config_files/server.crt
+