mirror of
https://github.com/ansible/awx.git
synced 2026-02-02 18:18:12 -03:30
61 lines
1.7 KiB
YAML
61 lines
1.7 KiB
YAML
---
|
|
|
|
- name: Create temporary directory
|
|
tempfile:
|
|
state: directory
|
|
prefix: "tower-install-rmq-certs"
|
|
register: rmq_cert_tempdir
|
|
notify: remove-rmq_cert_tempdir
|
|
|
|
- name: Generate CA private key
|
|
openssl_privatekey:
|
|
path: '{{ rmq_cert_tempdir.path }}/ca.key'
|
|
mode: "0600"
|
|
|
|
- name: Generate CA CSR
|
|
openssl_csr:
|
|
path: '{{ rmq_cert_tempdir.path }}/ca.csr'
|
|
privatekey_path: '{{ rmq_cert_tempdir.path }}/ca.key'
|
|
common_name: 'rabbitmq-ca'
|
|
basic_constraints: 'CA:TRUE'
|
|
mode: "0600"
|
|
|
|
- name: Generate CA certificate
|
|
openssl_certificate:
|
|
path: '{{ rmq_cert_tempdir.path }}/ca.crt'
|
|
csr_path: '{{ rmq_cert_tempdir.path }}/ca.csr'
|
|
privatekey_path: '{{ rmq_cert_tempdir.path }}/ca.key'
|
|
provider: selfsigned
|
|
selfsigned_not_after: "+36524d"
|
|
mode: "0600"
|
|
|
|
- name: Generate server private key
|
|
openssl_privatekey:
|
|
path: '{{ rmq_cert_tempdir.path }}/server.key'
|
|
mode: "0600"
|
|
|
|
- name: Generate server CSR
|
|
openssl_csr:
|
|
path: '{{ rmq_cert_tempdir.path }}/server.csr'
|
|
privatekey_path: '{{ rmq_cert_tempdir.path }}/server.key'
|
|
common_name: 'rabbitmq-server'
|
|
mode: "0600"
|
|
|
|
- name: Generate server certificate
|
|
openssl_certificate:
|
|
path: "{{ rmq_cert_tempdir.path }}/server.crt"
|
|
csr_path: "{{ rmq_cert_tempdir.path }}/server.csr"
|
|
privatekey_path: "{{ rmq_cert_tempdir.path }}/server.key"
|
|
provider: ownca
|
|
ownca_path: "{{ rmq_cert_tempdir.path }}/ca.crt"
|
|
ownca_privatekey_path: "{{ rmq_cert_tempdir.path }}/ca.key"
|
|
ownca_not_after: "+36500d"
|
|
mode: "0600"
|
|
|
|
- name: Create combined certificate
|
|
assemble:
|
|
src: "{{ rmq_cert_tempdir.path }}"
|
|
regexp: "server.crt|server.key"
|
|
dest: "{{ rmq_cert_tempdir.path }}/server-combined.pem"
|
|
mode: "0600"
|