diff options
| author | Jan Chaloupka <jchaloup@redhat.com> | 2017-09-14 12:10:15 +0200 |
|---|---|---|
| committer | Jan Chaloupka <jchaloup@redhat.com> | 2017-09-18 20:16:24 +0200 |
| commit | 99745a04223f2ed8111b5eb4b49d2bcfec9e678f (patch) | |
| tree | 978e10f97d6e223866523e507ece55b6ff796df9 /roles/etcd_ca/tasks | |
| parent | 74d245fbab25d91a989fc7263ae3e8827267510c (diff) | |
| download | openshift-99745a04223f2ed8111b5eb4b49d2bcfec9e678f.tar.gz openshift-99745a04223f2ed8111b5eb4b49d2bcfec9e678f.tar.bz2 openshift-99745a04223f2ed8111b5eb4b49d2bcfec9e678f.tar.xz openshift-99745a04223f2ed8111b5eb4b49d2bcfec9e678f.zip | |
Consolidate etcd certs roles
This is a part of the etcd_ like role consolidationi into an action-based role.
As part of the consilidation some roles have been removed and some replaced by
include_role module. Resulting in reorder and shift of role dependencies
from a role into a play.
Diffstat (limited to 'roles/etcd_ca/tasks')
| -rw-r--r-- | roles/etcd_ca/tasks/main.yml | 76 |
1 files changed, 0 insertions, 76 deletions
diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml deleted file mode 100644 index b4dea4a07..000000000 --- a/roles/etcd_ca/tasks/main.yml +++ /dev/null @@ -1,76 +0,0 @@ ---- -- name: Install openssl - package: name=openssl state=present - when: not etcd_is_atomic | bool - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- file: - path: "{{ item }}" - state: directory - mode: 0700 - owner: root - group: root - with_items: - - "{{ etcd_ca_new_certs_dir }}" - - "{{ etcd_ca_crl_dir }}" - - "{{ etcd_ca_dir }}/fragments" - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- command: cp /etc/pki/tls/openssl.cnf ./ - args: - chdir: "{{ etcd_ca_dir }}/fragments" - creates: "{{ etcd_ca_dir }}/fragments/openssl.cnf" - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- template: - dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf" - src: openssl_append.j2 - backup: true - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- assemble: - src: "{{ etcd_ca_dir }}/fragments" - dest: "{{ etcd_openssl_conf }}" - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- name: Check etcd_ca_db exist - stat: path="{{ etcd_ca_db }}" - register: etcd_ca_db_check - changed_when: false - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- name: Touch etcd_ca_db file - file: - path: "{{ etcd_ca_db }}" - state: touch - when: etcd_ca_db_check.stat.isreg is not defined - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- copy: - dest: "{{ etcd_ca_serial }}" - content: "01" - force: no - delegate_to: "{{ etcd_ca_host }}" - run_once: true - -- name: Create etcd CA certificate - command: > - openssl req -config {{ etcd_openssl_conf }} -newkey rsa:4096 - -keyout {{ etcd_ca_key }} -new -out {{ etcd_ca_cert }} - -x509 -extensions {{ etcd_ca_exts_self }} -batch -nodes - -days {{ etcd_ca_default_days }} - -subj /CN=etcd-signer@{{ ansible_date_time.epoch }} - args: - chdir: "{{ etcd_ca_dir }}" - creates: "{{ etcd_ca_cert }}" - environment: - SAN: 'etcd-signer' - delegate_to: "{{ etcd_ca_host }}" - run_once: true |