114 lines
5.8 KiB
YAML
114 lines
5.8 KiB
YAML
---
|
|
# Copyright 2020 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
- name: Converge
|
|
hosts: all
|
|
vars:
|
|
tripleo_update_trusted_cas_ca_map:
|
|
ca1:
|
|
content: |
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIDkTCCAnmgAwIBAgIUbRyjH5xf0yGj7larMhEDIrvOgo4wDQYJKoZIhvcNAQEL
|
|
BQAwWDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5DMRAwDgYDVQQHDAdSYWxlaWdo
|
|
MRQwEgYDVQQKDAtleGFtcGxlLmNvbTEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcN
|
|
MjAwNzI4MTYxNDM0WhcNMjUwNzI3MTYxNDM0WjBYMQswCQYDVQQGEwJVUzELMAkG
|
|
A1UECAwCTkMxEDAOBgNVBAcMB1JhbGVpZ2gxFDASBgNVBAoMC2V4YW1wbGUuY29t
|
|
MRQwEgYDVQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
|
|
AQoCggEBAOqk0OJOAa64bjF0k4MFJNZrzEsv1/UBReUF3c7NiYLayy5uk9DJghOH
|
|
Ic2Nphyafd4EvcoMkoBUe802iOW5zKjIgza/hVtcC6PPWbhkBdGpx832idjrXnWj
|
|
EBSbBZLY3Usikp3va9+7mCLcjnBQZ6ngSiqGnSpWhqvtm4eEIi9+CbmfBtWiBBK+
|
|
w1glCQY/FZdGcJ0W0XgHLI06muSMujENMjSHiODqCx7QA/aNnW0RiYTENtS1yRdd
|
|
8CIGGEf3HkvFFfwrZH6Qj4KW+0GXPkI6VzJCDsVL1YRuayTZl9rn9uGZDOdcljgb
|
|
RwbxHQTM3qGvNz2ErhG7PXs0lj/36AECAwEAAaNTMFEwHQYDVR0OBBYEFD8ANnVk
|
|
DhcDFLcj0uC3lCG9PMIkMB8GA1UdIwQYMBaAFD8ANnVkDhcDFLcj0uC3lCG9PMIk
|
|
MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAGsrBZO/vU57lzXh
|
|
rFqH8LLPdR8E7amcDj9KZXVLPZlU5DHeyFVbCQ4qq1/p9uCFiJ+VfNKbB1BQW6ds
|
|
kK+v7aUmloFS2Yy2cp73CdgXnktglLLxcfp9nCezK+eBsdtAgD0tOSw68rm4Bavd
|
|
2sGwTmOHNLllcOaH0yIL6lFWPeNNnEN4/YrKoe12z/aTLcJsMjn4kB3G/CHSZWIf
|
|
T0W5eurx1BCXJmSZb3SBuAB0s3K0m2aggZvzLKtYT0f4vnmjeJ4rw0KPGF7bRmxE
|
|
tU0ysc4zecSShj3KcwzV5mV6ZhS3TVq4nHgK8m3vv49aGT8ZCLqGFLxKssqg5NFR
|
|
A9Z4Owk=
|
|
-----END CERTIFICATE-----
|
|
ca2:
|
|
content: |
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIDoTCCAomgAwIBAgIUVk/ek5wON2pd8PYSsULNSVag09MwDQYJKoZIhvcNAQEL
|
|
BQAwYDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1TYW4gRnJh
|
|
bmNpc2NvMRUwEwYDVQQKDAxleGFtcGxlMi5jb20xFTATBgNVBAMMDGV4YW1wbGUy
|
|
LmNvbTAeFw0yMDA3MjgxNjE3NDNaFw0yNTA3MjcxNjE3NDNaMGAxCzAJBgNVBAYT
|
|
AlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UE
|
|
CgwMZXhhbXBsZTIuY29tMRUwEwYDVQQDDAxleGFtcGxlMi5jb20wggEiMA0GCSqG
|
|
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqpNDiTgGuuG4xdJODBSTWa8xLL9f1AUXl
|
|
Bd3OzYmC2ssubpPQyYIThyHNjaYcmn3eBL3KDJKAVHvNNojlucyoyIM2v4VbXAuj
|
|
z1m4ZAXRqcfN9onY6151oxAUmwWS2N1LIpKd72vfu5gi3I5wUGep4Eoqhp0qVoar
|
|
7ZuHhCIvfgm5nwbVogQSvsNYJQkGPxWXRnCdFtF4ByyNOprkjLoxDTI0h4jg6gse
|
|
0AP2jZ1tEYmExDbUtckXXfAiBhhH9x5LxRX8K2R+kI+ClvtBlz5COlcyQg7FS9WE
|
|
bmsk2Zfa5/bhmQznXJY4G0cG8R0EzN6hrzc9hK4Ruz17NJY/9+gBAgMBAAGjUzBR
|
|
MB0GA1UdDgQWBBQ/ADZ1ZA4XAxS3I9Lgt5QhvTzCJDAfBgNVHSMEGDAWgBQ/ADZ1
|
|
ZA4XAxS3I9Lgt5QhvTzCJDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
|
|
A4IBAQBZJF7ryuUD03wxwb4NMyR4AVG0C64/HFDLb+z+6Y6nEWhqFrrDVzVfjF34
|
|
vSf7jTx7tckSf0zfRoqnn0q+gqsb0ELenHpmZrMNf6E1GNJIYBsitpV2JB9PPhAi
|
|
8aJAyO9Vbe58+kNgGp/3HV5VZgau65HmJjT/a4PJGj6hu/u5dfFo5CdQ3lXyv4sA
|
|
VobNkc0Wwwlr1M1a6zDZKoY/hErGsj4py/k59TKQvmL1EVNAovb/lk8GomgI9+Sv
|
|
7gnsmyBykIQR1jOU/WadcZgdHw6/jdaksDHvwXH1Ome8JcSgV/E9yP+cf4Es/jku
|
|
5fLS6gSAaX1GrrRxqvXNhjvAqb/b
|
|
-----END CERTIFICATE-----
|
|
ca3:
|
|
content: |
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIDlzCCAn+gAwIBAgIUQYteZnUZo35iDToskO1lP/FVNDAwDQYJKoZIhvcNAQEL
|
|
BQAwWzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9y
|
|
azEVMBMGA1UECgwMZXhhbXBsZTMuY29tMRUwEwYDVQQDDAxleGFtcGxlMy5jb20w
|
|
HhcNMjAwNzI4MTYyMDMwWhcNMjUwNzI3MTYyMDMwWjBbMQswCQYDVQQGEwJVUzEL
|
|
MAkGA1UECAwCTlkxETAPBgNVBAcMCE5ldyBZb3JrMRUwEwYDVQQKDAxleGFtcGxl
|
|
My5jb20xFTATBgNVBAMMDGV4YW1wbGUzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
|
|
ggEPADCCAQoCggEBAOqk0OJOAa64bjF0k4MFJNZrzEsv1/UBReUF3c7NiYLayy5u
|
|
k9DJghOHIc2Nphyafd4EvcoMkoBUe802iOW5zKjIgza/hVtcC6PPWbhkBdGpx832
|
|
idjrXnWjEBSbBZLY3Usikp3va9+7mCLcjnBQZ6ngSiqGnSpWhqvtm4eEIi9+Cbmf
|
|
BtWiBBK+w1glCQY/FZdGcJ0W0XgHLI06muSMujENMjSHiODqCx7QA/aNnW0RiYTE
|
|
NtS1yRdd8CIGGEf3HkvFFfwrZH6Qj4KW+0GXPkI6VzJCDsVL1YRuayTZl9rn9uGZ
|
|
DOdcljgbRwbxHQTM3qGvNz2ErhG7PXs0lj/36AECAwEAAaNTMFEwHQYDVR0OBBYE
|
|
FD8ANnVkDhcDFLcj0uC3lCG9PMIkMB8GA1UdIwQYMBaAFD8ANnVkDhcDFLcj0uC3
|
|
lCG9PMIkMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJSL5k5q
|
|
V+wfsPhp5kQX4V/aEH0O02Ka8f9HvGcohT/PqFltSIY2LNJvoksgIBFja/UhDtUB
|
|
cqmK3v+l4C/vIy6S6ouajtRYQ7VmGLxgOg3btPtfPjrFFYH9AwSqwb4w70rCt7EF
|
|
CTv2yt6Arjp08BauwqwIQmlhBcmjsNa4/1v0kWlAmT4YOi6iXFN1lqBu4gZw4XDI
|
|
4UWJIKkcJIYwXV+wU9WRAu9cNtJyAtanoPXVdsk/zwlmp4rgUOg4ttaY1SekIdC1
|
|
z2HOmlkvCVkyuJaHvAwWmUGxMTudLlqQACSHAhprn+r2sKMoCC49j1p1XXR7YVPc
|
|
c6FIoPXPEidXLGw=
|
|
-----END CERTIFICATE-----
|
|
tasks:
|
|
- import_role:
|
|
name: "tripleo_update_trusted_cas"
|
|
|
|
- name: check if anchor file created
|
|
stat:
|
|
path: "/etc/pki/ca-trust/source/anchors/{{item}}.pem"
|
|
register: stat_ca
|
|
failed_when: not stat_ca.stat.exists
|
|
loop: ['ca1', 'ca2', 'ca3']
|
|
|
|
- name: check if contents in extracted pem
|
|
lineinfile:
|
|
name: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
|
|
line: "# {{item}}"
|
|
state: present
|
|
check_mode: true
|
|
register: conf
|
|
failed_when: (conf is changed) or (conf is failed)
|
|
loop: ['example.com', 'example2.com', 'example3.com']
|