Ansible role to manage ATOS Hardware Security Module (HSM) client software
baec445a57
The tox option to skip source distribution building is skipsdist, but this seems to be often misspelled skipdist instead, which gets silently ignored and so does not take effect. Correct it everywhere, in hopes that new projects will finally stop copying this mistake around. See https://tox.readthedocs.io/en/latest/config.html#conf-skipsdist and https://github.com/tox-dev/tox/issues/1388 for details. Change-Id: Ic982e06ed216507a8a8e2d8a09ac26cabae743dd |
||
---|---|---|
defaults | ||
handlers | ||
releasenotes/notes | ||
tasks | ||
templates | ||
zuul.d | ||
.ansible-lint | ||
.gitreview | ||
AUTHORS | ||
LICENSE | ||
README.rst | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini | ||
vars.yaml.sample |
atos-hsm
A role to manage ATOS Hardware Security Module (HSM) client software.
Role Variables
Name | Default Value | Description |
---|---|---|
atos_client_working_dir | /tmp/atos_client_install | Working directory in the target host. |
atos_client_iso_name | None | Filename for the ATOS Client Software ISO. |
atos_client_iso_location | None | Full URL where a copy of ATOS Client ISO can be downloaded. |
atos_client_cert_location | None | Full URL where the client certificate can be downloaded. |
atos_client_key_location | None | Full URL where the client key can be downloaded. |
atos_hsms | None | List of one or more HSM devices. |
Requirements
- ansible >= 2.4
Usage
You'll need to set up a temporary HTTP server somewhere that is accessible to the node where this role will be applied. The HTTP server should serve the following:
- ATOS Client Software ISO file.
- HSM Server Certificate file(s).
- HSM Client Certificate file.
- HSM Client Key file associated with the Client Certificate.
Due to the sensitive nature of the Certificate and Key files, you should use TLS encryption and username and passwords to access the HTTP server.
Use the hostname and user/password for your HTTP server for the full URL values that need to be set for this role. See vars.yaml.example.