df13274e15
Supports two scenarios: 1) variables defined in defaults/main.yml are sufficient to create a root/intermediate CA certificate for rabbitmq when this role is used outside openstack-ansible. 2) when: openstack_pki_dir openstack_pki_setup_host openstack_pki_authorities openstack_pki_service_intermediate_cert_name are defined, an external CA already created on the deploy host with a previous run of ansible-role-pki will be used as the CA. Server certificates for the rabbitmq instances are created from the data in rabbitmq_pki_certificates in both situations: Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/788031 Change-Id: I4cb7c48a74a307217b645cb8528fdbb0f7b9f596
67 lines
2.4 KiB
YAML
67 lines
2.4 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Gather variables for each operating system
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['distribution'] | lower }}.yml"
|
|
- "{{ ansible_facts['os_family'] | lower }}.yml"
|
|
tags:
|
|
- always
|
|
|
|
- include_tasks: rabbitmq_pre_install.yml
|
|
tags:
|
|
- rabbitmq_server-install
|
|
|
|
# The install process will be skipped if `rabbitmq_ignore_version_state=true`
|
|
- include_tasks: rabbitmq_install.yml
|
|
when: not rabbitmq_ignore_version_state | bool
|
|
|
|
- name: Create and install SSL certificates
|
|
include_role:
|
|
name: pki
|
|
tasks_from: "{{ rabbitmq_pki_create_ca | ternary('main.yml', 'main_certs.yml') }}"
|
|
vars:
|
|
pki_setup_host: "{{ rabbitmq_pki_setup_host }}"
|
|
pki_dir: "{{ rabbitmq_pki_dir }}"
|
|
pki_create_ca: "{{ rabbitmq_pki_create_ca }}"
|
|
pki_regen_ca: "{{ rabbitmq_pki_regen_ca }}"
|
|
pki_authorities: "{{ rabbitmq_pki_authorities }}"
|
|
pki_install_ca: "{{ rabbitmq_pki_install_ca }}"
|
|
pki_create_certificates: "{{ rabbitmq_user_ssl_cert is not defined and rabbitmq_user_ssl_key is not defined }}"
|
|
pki_regen_certificates: "{{ rabbitmq_pki_regen_cert }}"
|
|
pki_certificates: "{{ rabbitmq_pki_certificates }}"
|
|
pki_install_certificates: "{{ rabbitmq_pki_install_certificates }}"
|
|
|
|
- include_tasks: rabbitmq_set_cookie.yml
|
|
tags:
|
|
- rabbitmq_server-config
|
|
- rabbitmq-config
|
|
|
|
- include_tasks: rabbitmq_post_install.yml
|
|
tags:
|
|
- rabbitmq_server-config
|
|
|
|
- include_tasks: rabbitmq_cluster.yml
|
|
tags:
|
|
- rabbitmq_server-config
|
|
- rabbitmq-cluster
|
|
|
|
- name: Flush handlers
|
|
meta: flush_handlers
|