External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-03 17:51:06 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5609 from shanemcd/downstream-k8s-changes

Browse Source 
Pull in downstream k8s installer changes
This commit is contained in:
Shane McDonald
2020-01-10 13:56:49 -05:00
committed by GitHub
parent ed474df744 d3b7829e69
commit 8ac8bc8df2
2 changed files with 67 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
installer/roles/kubernetes/handlers/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
- name: remove-rmq_cert_tempdir
file:
state: absent
path: "{{ rmq_cert_tempdir.path }}"

61
installer/roles/kubernetes/tasks/ssl_cert_gen.yml Normal file
View File

@@ -0,0 +1,61 @@
---
- name: Create temporary directory
tempfile:
state: directory
prefix: "tower-install-rmq-certs"
register: rmq_cert_tempdir
notify: remove-rmq_cert_tempdir
- name: Generate CA private key
openssl_privatekey:
path: '{{ rmq_cert_tempdir.path }}/ca.key'
mode: "0600"
- name: Generate CA CSR
openssl_csr:
path: '{{ rmq_cert_tempdir.path }}/ca.csr'
privatekey_path: '{{ rmq_cert_tempdir.path }}/ca.key'
common_name: 'rabbitmq-ca'
basic_constraints: 'CA:TRUE'
mode: "0600"
- name: Generate CA certificate
openssl_certificate:
path: '{{ rmq_cert_tempdir.path }}/ca.crt'
csr_path: '{{ rmq_cert_tempdir.path }}/ca.csr'
privatekey_path: '{{ rmq_cert_tempdir.path }}/ca.key'
provider: selfsigned
selfsigned_not_after: "+36524d"
mode: "0600"
- name: Generate server private key
openssl_privatekey:
path: '{{ rmq_cert_tempdir.path }}/server.key'
mode: "0600"
- name: Generate server CSR
openssl_csr:
path: '{{ rmq_cert_tempdir.path }}/server.csr'
privatekey_path: '{{ rmq_cert_tempdir.path }}/server.key'
common_name: 'rabbitmq-server'
mode: "0600"
- name: Generate server certificate
openssl_certificate:
path: "{{ rmq_cert_tempdir.path }}/server.crt"
csr_path: "{{ rmq_cert_tempdir.path }}/server.csr"
privatekey_path: "{{ rmq_cert_tempdir.path }}/server.key"
provider: ownca
ownca_path: "{{ rmq_cert_tempdir.path }}/ca.crt"
ownca_privatekey_path: "{{ rmq_cert_tempdir.path }}/ca.key"
ownca_not_after: "+36500d"
mode: "0600"
- name: Create combined certificate
assemble:
src: "{{ rmq_cert_tempdir.path }}"
regexp: "server.crt|server.key"
dest: "{{ rmq_cert_tempdir.path }}/server-combined.pem"
mode: "0600"