summaryrefslogtreecommitdiffstats
path: root/roles/etcd_certificates
diff options
context:
space:
mode:
Diffstat (limited to 'roles/etcd_certificates')
-rw-r--r--roles/etcd_certificates/tasks/client.yml14
-rw-r--r--roles/etcd_certificates/tasks/main.yml4
-rw-r--r--roles/etcd_certificates/tasks/server.yml24
3 files changed, 21 insertions, 21 deletions
diff --git a/roles/etcd_certificates/tasks/client.yml b/roles/etcd_certificates/tasks/client.yml
index 6aa4883e0..a9f130bb9 100644
--- a/roles/etcd_certificates/tasks/client.yml
+++ b/roles/etcd_certificates/tasks/client.yml
@@ -4,7 +4,7 @@
path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}"
state: directory
mode: 0700
- with_items: etcd_needing_client_certs
+ with_items: etcd_needing_client_certs | default([])
- name: Create the client csr
command: >
@@ -12,14 +12,14 @@
-config {{ etcd_openssl_conf }}
-out {{ item.etcd_cert_prefix }}client.csr
-reqexts {{ etcd_req_ext }} -batch -nodes
- -subj /CN={{ item.openshift.common.hostname }}
+ -subj /CN={{ item.etcd_hostname }}
args:
chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}"
creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/'
~ item.etcd_cert_prefix ~ 'client.csr' }}"
environment:
- SAN: "IP:{{ item.openshift.common.ip }}"
- with_items: etcd_needing_client_certs
+ SAN: "IP:{{ item.etcd_ip }}"
+ with_items: etcd_needing_client_certs | default([])
- name: Sign and create the client crt
command: >
@@ -32,11 +32,11 @@
creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/'
~ item.etcd_cert_prefix ~ 'client.crt' }}"
environment:
- SAN: "IP:{{ item.openshift.common.ip }}"
- with_items: etcd_needing_client_certs
+ SAN: "IP:{{ item.etcd_ip }}"
+ with_items: etcd_needing_client_certs | default([])
- file:
src: "{{ etcd_ca_cert }}"
dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt"
state: hard
- with_items: etcd_needing_client_certs
+ with_items: etcd_needing_client_certs | default([])
diff --git a/roles/etcd_certificates/tasks/main.yml b/roles/etcd_certificates/tasks/main.yml
index 3bb715943..17092ca58 100644
--- a/roles/etcd_certificates/tasks/main.yml
+++ b/roles/etcd_certificates/tasks/main.yml
@@ -1,6 +1,6 @@
---
- include: client.yml
- when: etcd_needing_client_certs is defined and etcd_needing_client_certs
+ when: etcd_needing_client_certs | default([]) | length > 0
- include: server.yml
- when: etcd_needing_server_certs is defined and etcd_needing_server_certs
+ when: etcd_needing_server_certs | default([]) | length > 0
diff --git a/roles/etcd_certificates/tasks/server.yml b/roles/etcd_certificates/tasks/server.yml
index 3499dcbef..223917ccd 100644
--- a/roles/etcd_certificates/tasks/server.yml
+++ b/roles/etcd_certificates/tasks/server.yml
@@ -4,7 +4,7 @@
path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}"
state: directory
mode: 0700
- with_items: etcd_needing_server_certs
+ with_items: etcd_needing_server_certs | default([])
- name: Create the server csr
command: >
@@ -12,14 +12,14 @@
-config {{ etcd_openssl_conf }}
-out {{ item.etcd_cert_prefix }}server.csr
-reqexts {{ etcd_req_ext }} -batch -nodes
- -subj /CN={{ item.openshift.common.hostname }}
+ -subj /CN={{ item.etcd_hostname }}
args:
chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}"
creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/'
~ item.etcd_cert_prefix ~ 'server.csr' }}"
environment:
- SAN: "IP:{{ etcd_host_int_map[item.inventory_hostname].interface.ipv4.address }}"
- with_items: etcd_needing_server_certs
+ SAN: "IP:{{ item.etcd_ip }}"
+ with_items: etcd_needing_server_certs | default([])
- name: Sign and create the server crt
command: >
@@ -32,8 +32,8 @@
creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/'
~ item.etcd_cert_prefix ~ 'server.crt' }}"
environment:
- SAN: "IP:{{ etcd_host_int_map[item.inventory_hostname].interface.ipv4.address }}"
- with_items: etcd_needing_server_certs
+ SAN: "IP:{{ item.etcd_ip }}"
+ with_items: etcd_needing_server_certs | default([])
- name: Create the peer csr
command: >
@@ -41,14 +41,14 @@
-config {{ etcd_openssl_conf }}
-out {{ item.etcd_cert_prefix }}peer.csr
-reqexts {{ etcd_req_ext }} -batch -nodes
- -subj /CN={{ item.openshift.common.hostname }}
+ -subj /CN={{ item.etcd_hostname }}
args:
chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}"
creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/'
~ item.etcd_cert_prefix ~ 'peer.csr' }}"
environment:
- SAN: "IP:{{ etcd_host_int_map[item.inventory_hostname].interface.ipv4.address }}"
- with_items: etcd_needing_server_certs
+ SAN: "IP:{{ item.etcd_ip }}"
+ with_items: etcd_needing_server_certs | default([])
- name: Sign and create the peer crt
command: >
@@ -61,11 +61,11 @@
creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/'
~ item.etcd_cert_prefix ~ 'peer.crt' }}"
environment:
- SAN: "IP:{{ etcd_host_int_map[item.inventory_hostname].interface.ipv4.address }}"
- with_items: etcd_needing_server_certs
+ SAN: "IP:{{ item.etcd_ip }}"
+ with_items: etcd_needing_server_certs | default([])
- file:
src: "{{ etcd_ca_cert }}"
dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt"
state: hard
- with_items: etcd_needing_server_certs
+ with_items: etcd_needing_server_certs | default([])
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 21:46:28 +0000