openstack
/
openstack-ansible-os_octavia
Code Issues Proposed changes
openstack-ansible-os_octavia/tasks/octavia_certs_distribute.yml

47 lines
2.0 KiB
YAML
Raw Blame History

---
- name: Create certs directory
file:
path: /etc/octavia/certs/
state: directory
- name: Register a fact for the cert and key
set_fact:
octavia_ca_private_key_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_ca_private_key']['content'] | b64decode }}"
octavia_ca_certificate_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_ca_certificate']['content'] | b64decode }}"
octavia_server_ca_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_server_ca']['content'] | b64decode }}"
octavia_client_ca_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_client_ca']['content'] | b64decode }}"
octavia_client_cert_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_client_cert']['content'] | b64decode }}"
when: octavia_cert_setup_host != 'localhost'
- name: Register a fact for the cert and key
set_fact:
octavia_ca_private_key_fact: "{{ _octavia_ca_private_key['content'] | b64decode }}"
octavia_ca_certificate_fact: "{{ _octavia_ca_certificate['content'] | b64decode }}"
octavia_server_ca_fact: "{{ _octavia_server_ca['content'] | b64decode }}"
octavia_client_ca_fact: "{{ _octavia_client_ca['content'] | b64decode }}"
octavia_client_cert_fact: "{{ _octavia_client_cert['content'] | b64decode }}"
when: octavia_cert_setup_host == 'localhost'
- name: Copy certificates
copy:
content: "{{ item.content }}"
dest: "{{ item.dest }}"
owner: "{{ octavia_system_user_name }}"
group: "{{ octavia_system_group_name }}"
mode: "0640"
with_items:
- content: "{{ octavia_ca_private_key_fact }}"
dest: "/etc/octavia/certs/ca_key.pem"
- content: "{{ octavia_ca_certificate_fact }}"
dest: "/etc/octavia/certs/ca.pem"
- content: "{{ octavia_server_ca_fact }}"
dest: "/etc/octavia/certs/server_ca.pem"
- content: "{{ octavia_client_ca_fact }}"
dest: "/etc/octavia/certs/client_ca.pem"
- content: "{{ octavia_client_cert_fact }}"
dest: "/etc/octavia/certs/client.pem"
notify:
- Restart octavia services
- Restart uwsgi services
View Git Blame Copy Permalink