mirror of
https://github.com/ansible/awx.git
synced 2026-02-21 13:10:11 -03:30
update playbooks to use fqcn
Signed-off-by: Adam Miller <admiller@redhat.com>
This commit is contained in:
committed by
Chris Meyers
parent
0b5e59d9cb
commit
2034cca3a9
@@ -13,12 +13,12 @@
|
||||
cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN="
|
||||
tasks:
|
||||
- name: Generate certificates for keycloak
|
||||
command: 'openssl req -new -x509 -days 365 -nodes -out {{ public_key_file }} -keyout {{ private_key_file }} -subj "{{ cert_subject }}"'
|
||||
ansible.builtin.command: 'openssl req -new -x509 -days 365 -nodes -out {{ public_key_file }} -keyout {{ private_key_file }} -subj "{{ cert_subject }}"'
|
||||
args:
|
||||
creates: "{{ public_key_file }}"
|
||||
|
||||
- name: Load certs, existing and new SAML settings
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
private_key: "{{ private_key_content }}"
|
||||
public_key: "{{ public_key_content }}"
|
||||
public_key_trimmed: "{{ public_key_content | regex_replace('-----BEGIN CERTIFICATE-----\\\\n', '') | regex_replace('\\\\n-----END CERTIFICATE-----', '') }}"
|
||||
@@ -32,18 +32,18 @@
|
||||
private_key_content: "{{ lookup('file', private_key_file) | regex_replace('\n', '\\\\n') }}"
|
||||
|
||||
- name: Displauy existing SAML configuration
|
||||
debug:
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "Here is your existing SAML configuration for reference:"
|
||||
- "{{ existing_saml }}"
|
||||
- "Here is your existing OIDC configuration for reference:"
|
||||
- "{{ existing_oidc }}"
|
||||
|
||||
- pause:
|
||||
- ansible.builtin.pause:
|
||||
prompt: "Continuing to run this will replace your existing saml and OIDC settings (displayed above). They will all be captured except for your private key. Be sure that is backed up before continuing"
|
||||
|
||||
- name: Write out the existing content
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: "../_sources/{{ item.filename }}"
|
||||
content: "{{ item.content }}"
|
||||
loop:
|
||||
@@ -65,7 +65,7 @@
|
||||
validate_certs: False
|
||||
|
||||
- name: Get a keycloak token
|
||||
uri:
|
||||
ansible.builtin.uri:
|
||||
url: "https://localhost:8443/auth/realms/master/protocol/openid-connect/token"
|
||||
method: POST
|
||||
body_format: form-urlencoded
|
||||
@@ -78,12 +78,12 @@
|
||||
register: keycloak_response
|
||||
|
||||
- name: Template the AWX realm
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: keycloak.awx.realm.json.j2
|
||||
dest: "{{ keycloak_realm_template }}"
|
||||
|
||||
- name: Create the AWX realm
|
||||
uri:
|
||||
ansible.builtin.uri:
|
||||
url: "https://localhost:8443/auth/admin/realms"
|
||||
method: POST
|
||||
body_format: json
|
||||
|
||||
@@ -7,21 +7,21 @@
|
||||
awx_host: "https://localhost:8043"
|
||||
tasks:
|
||||
- name: Load existing and new LDAP settings
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
existing_ldap: "{{ lookup('awx.awx.controller_api', 'settings/ldap', host=awx_host, verify_ssl=false) }}"
|
||||
new_ldap: "{{ lookup('template', 'ldap_settings.json.j2') }}"
|
||||
|
||||
- name: Display existing LDAP configuration
|
||||
debug:
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "Here is your existing LDAP configuration for reference:"
|
||||
- "{{ existing_ldap }}"
|
||||
|
||||
- pause:
|
||||
- ansible.builtin.pause:
|
||||
prompt: "Continuing to run this will replace your existing ldap settings (displayed above). They will all be captured. Be sure that is backed up before continuing"
|
||||
|
||||
- name: Write out the existing content
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: "../_sources/existing_ldap_adapter_settings.json"
|
||||
content: "{{ existing_ldap }}"
|
||||
|
||||
|
||||
@@ -26,21 +26,21 @@
|
||||
ansible_connection: httpapi
|
||||
|
||||
- name: Load existing and new Logging settings
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
existing_logging: "{{ lookup('awx.awx.controller_api', 'settings/logging', host=awx_host, verify_ssl=false) }}"
|
||||
new_logging: "{{ lookup('template', 'logging.json.j2') }}"
|
||||
|
||||
- name: Display existing Logging configuration
|
||||
debug:
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "Here is your existing SAML configuration for reference:"
|
||||
- "{{ existing_logging }}"
|
||||
|
||||
- pause:
|
||||
prompt: "Continuing to run this will replace your existing logging settings (displayed above). They will all be captured except for your connection password. Be sure that is backed up before continuing"
|
||||
ansible.builtin.prompt: "Continuing to run this will replace your existing logging settings (displayed above). They will all be captured except for your connection password. Be sure that is backed up before continuing"
|
||||
|
||||
- name: Write out the existing content
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: "../_sources/existing_logging.json"
|
||||
content: "{{ existing_logging }}"
|
||||
|
||||
|
||||
@@ -7,21 +7,21 @@
|
||||
awx_host: "https://localhost:8043"
|
||||
tasks:
|
||||
- name: Load existing and new tacacs+ settings
|
||||
set_fact:
|
||||
ansible.builtin.set_fact:
|
||||
existing_tacacs: "{{ lookup('awx.awx.controller_api', 'settings/tacacsplus', host=awx_host, verify_ssl=false) }}"
|
||||
new_tacacs: "{{ lookup('template', 'tacacsplus_settings.json.j2') }}"
|
||||
|
||||
- name: Display existing tacacs+ configuration
|
||||
debug:
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "Here is your existing tacacsplus configuration for reference:"
|
||||
- "{{ existing_tacacs }}"
|
||||
|
||||
- pause:
|
||||
- ansible.builtin.pause:
|
||||
prompt: "Continuing to run this will replace your existing tacacs settings (displayed above). They will all be captured. Be sure that is backed up before continuing"
|
||||
|
||||
- name: Write out the existing content
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: "../_sources/existing_tacacsplus_adapter_settings.json"
|
||||
content: "{{ existing_tacacs }}"
|
||||
|
||||
|
||||
@@ -4,10 +4,10 @@
|
||||
gather_facts: False
|
||||
tasks:
|
||||
- name: Unseal the vault
|
||||
include_role:
|
||||
ansible.builtin.include_role:
|
||||
name: vault
|
||||
tasks_from: unseal
|
||||
|
||||
- name: Display root token
|
||||
debug:
|
||||
ansible.builtin.debug:
|
||||
var: Initial_Root_Token
|
||||
|
||||
Reference in New Issue
Block a user