openstack/ansible-role-lunasa-hsm
Code Issues Proposed changes
Ansible role to manage Luna SA Hardware Security Module (HSM) client software
17 Commits 10 Branches 26 Tags 294 KiB
Python 100%
1ae2b5a261
Go to file
jiangzhilin 1ae2b5a261 setup.cfg: Replace dashes with underscores 
Setuptools v54.1.0 introduces a warning that the use of dash-separated
options in 'setup.cfg' will not be supported in a future version [1].
Get ahead of the issue by replacing the dashes with underscores. Without
this, we see 'UserWarning' messages like the following on new enough
versions of setuptools:

  UserWarning: Usage of dash-separated 'description-file' will not be
  supported in future versions. Please use the underscore name
  'description_file' instead

[1] https://github.com/pypa/setuptools/commit/a2e9ae4cb

Change-Id: Id5f05171b1aa67e4f234ae60b2194031011343ec
2023-09-22 19:05:50 +00:00
defaults Add support for High Availability 2020-07-13 15:41:50 -05:00
tasks Fix lint errors 2023-09-22 13:13:07 -04:00
.gitignore Initial commit 2020-04-23 15:01:05 +00:00
.gitreview Add zuul jobs 2020-04-27 18:47:07 -05:00
.zuul.yaml Add zuul jobs 2020-04-27 18:47:07 -05:00
AUTHORS Initial commit 2020-04-23 15:01:05 +00:00
LICENSE Initial commit 2020-04-23 15:01:05 +00:00
README.rst Add support for High Availability 2020-07-13 15:41:50 -05:00
requirements.txt Initial commit 2020-04-23 15:01:05 +00:00
setup.cfg setup.cfg: Replace dashes with underscores 2023-09-22 19:05:50 +00:00
setup.py Initial commit 2020-04-23 15:01:05 +00:00
test-requirements.txt Initial commit 2020-04-23 15:01:05 +00:00
tox.ini Remove use of ansible_fqdn 2021-06-02 14:43:41 -05:00

README.rst

lunasa-hsm

A role to manage Thales Luna Network Hardware Security Module (HSM) clients.

Role Variables

This ansible role automates the configuration of a new client for the Thales Luna Network HSM.

Name Default Value Description
lunasa_client_working_dir /tmp/lunasa_client_install Working directory in the target host.
lunasa_client_tarball_name None Filename for the Lunasa client software tarball.
lunasa_client_tarball_location None Full URL where a copy of the client software tarball can be downloaded.
lunasa_client_installer_path None Path to the instal.sh script inside the tarball.
lunasa_client_pin None The HSM Partition Password (PKCS#11 PIN) to be used by the client.
lunasa_client_ip None (Optional) When set, this role will use the given IP to register the client instead of the client's fqdn.
lunasa_client_rotate_cert False When set to True, the role will generate a new client certificate to replace the previous one.
lunasa_hsms None List of dictionaries, each of which describes a single HSM see vars.sample.yaml for details. When more than one HSM is listed here, the client will be configured in HA mode.

Requirements

  • ansible >= 2.4