Ansible role to manage ATOS Hardware Security Module (HSM) client software
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Douglas Mendizábal e51c244f4f Use underscore instead of dash 2 months ago
defaults Document role variables and defaults 1 year ago
handlers Add HA (load balancing) support 4 months ago
releasenotes/notes Add HA (load balancing) support 4 months ago
tasks Add HA (load balancing) support 4 months ago
templates Add HA (load balancing) support 4 months ago
zuul.d Add gate config 1 year ago
.gitreview OpenDev Migration Patch 1 year ago
AUTHORS Add AUTHORS file. 1 year ago
LICENSE Initial commit 1 year ago
README.rst Add HA (load balancing) support 4 months ago
requirements.txt Add files for Python build 1 year ago
setup.cfg Use underscore instead of dash 2 months ago
setup.py Add files for Python build 1 year ago
test-requirements.txt Add HA (load balancing) support 4 months ago
tox.ini Add gate config 1 year ago
vars.yaml.sample Add HA (load balancing) support 4 months ago

README.rst

atos-hsm

A role to manage ATOS Hardware Security Module (HSM) client software.

Role Variables

Name Default Value Description
atos_client_working_dir /tmp/atos_client_install Working directory in the target host.
atos_client_iso_name None Filename for the ATOS Client Software ISO.
atos_client_iso_location None Full URL where a copy of ATOS Client ISO can be downloaded.
atos_client_cert_location None Full URL where the client certificate can be downloaded.
atos_client_key_location None Full URL where the client key can be downloaded.
atos_hsms None List of one or more HSM devices.

Requirements

  • ansible >= 2.4

Usage

You'll need to set up a temporary HTTP server somewhere that is accessible to the node where this role will be applied. The HTTP server should serve the following:

  • ATOS Client Software ISO file.
  • HSM Server Certificate file(s).
  • HSM Client Certificate file.
  • HSM Client Key file associated with the Client Certificate.

Due to the sensitive nature of the Certificate and Key files, you should use TLS encryption and username and passwords to access the HTTP server.

Use the hostname and user/password for your HTTP server for the full URL values that need to be set for this role. See vars.yaml.example.