35 lines
1.2 KiB
YAML
35 lines
1.2 KiB
YAML
---
|
|
# tasks file for ansible-role-tripleo-ssl
|
|
- when: ssl_overcloud|bool
|
|
block:
|
|
- name: Ensure rpm requirements for ssl are installed
|
|
yum: name={{ item }} state=latest
|
|
with_items:
|
|
- openssl
|
|
|
|
- name: Ensure tripleo heat template rpm requirements for ssl are installed
|
|
yum: name={{ item }} state=latest
|
|
with_items:
|
|
- openstack-tripleo-heat-templates
|
|
|
|
- name: Create overcloud-create-ssl-cert.sh
|
|
template:
|
|
src: "{{ overcloud_ssl_cert_script }}"
|
|
dest: "{{ working_dir }}/overcloud-create-ssl-cert.sh"
|
|
mode: 0755
|
|
|
|
- name: Generate SSL certificates
|
|
shell: >
|
|
set -o pipefail &&
|
|
{{ working_dir }}/overcloud-create-ssl-cert.sh 2>&1 {{ timestamper_cmd }} >
|
|
{{ overcloud_ssl_cert_log }}
|
|
|
|
- name: fetch template from single remote host
|
|
tls_tht:
|
|
source_dir: "/usr/share/openstack-tripleo-heat-templates/"
|
|
dest_dir: "{{ working_dir }}/"
|
|
cert_filename: "{{ working_dir }}/server-cert.pem"
|
|
cert_ca_filename: "{{ working_dir }}/overcloud-cacert.pem"
|
|
key_filename: "{{ working_dir }}/server-key.pem"
|
|
tht_release: '{{ release }}'
|