7b80482ac3
Adds support for HTTP basic authentication with the Docker registry. The kolla docker registry password is now written to passwords.yml. Change-Id: Ie6e854a66a6660d4e02771fe2b5dd97af814194d Story: 2007952 Task: 40429
49 lines
1.3 KiB
YAML
49 lines
1.3 KiB
YAML
---
|
|
- name: Ensure configuration path exists
|
|
file:
|
|
path: "{{ docker_registry_config_path }}"
|
|
state: directory
|
|
owner: "{{ ansible_user_uid }}"
|
|
group: "{{ ansible_user_gid }}"
|
|
mode: 0750
|
|
become: True
|
|
when: >-
|
|
docker_registry_enable_tls | bool or
|
|
docker_registry_enable_basic_auth | bool
|
|
|
|
- name: Ensure TLS certificate exists
|
|
copy:
|
|
src: "{{ docker_registry_cert_path }}"
|
|
dest: "{{ docker_registry_config_path }}/cert.pem"
|
|
owner: "{{ ansible_user_uid }}"
|
|
group: "{{ ansible_user_gid }}"
|
|
mode: 0600
|
|
become: True
|
|
when: docker_registry_enable_tls | bool
|
|
notify:
|
|
- Restart docker-registry container
|
|
|
|
- name: Ensure TLS key exists
|
|
copy:
|
|
src: "{{ docker_registry_key_path }}"
|
|
dest: "{{ docker_registry_config_path }}/key.pem"
|
|
owner: "{{ ansible_user_uid }}"
|
|
group: "{{ ansible_user_gid }}"
|
|
mode: 0600
|
|
become: True
|
|
when: docker_registry_enable_tls | bool
|
|
notify:
|
|
- Restart docker-registry container
|
|
|
|
- name: Ensure basic auth htpasswd file exists
|
|
copy:
|
|
src: "{{ docker_registry_basic_auth_htpasswd_path }}"
|
|
dest: "{{ docker_registry_config_path }}/htpasswd"
|
|
owner: "{{ ansible_user_uid }}"
|
|
group: "{{ ansible_user_gid }}"
|
|
mode: 0600
|
|
become: True
|
|
when: docker_registry_enable_basic_auth | bool
|
|
notify:
|
|
- Restart docker-registry container
|