roles/pki-install/tasks/main.yml - platform-install - Gitiles

 ---
 # pki-install/tasks/main.yml

 - name: Copy CA certificates to head node
   become: yes
   copy:
     src: "{{ pki_dir }}/{{ item.src }}"
     dest: "/usr/local/share/ca-certificates/{{ item.dest }}"
   with_items:
     - src: "root_ca/certs/ca_cert.pem"
       dest: "cord_root_ca.crt"
     - src: "intermediate_ca/certs/im_cert.pem"
       dest: "cord_intermediate_ca.crt"
   notify:
     - Run update-ca-certificates on head node

 - name: Ensure PKI directory
   become: yes
   file:
     path: "{{ pki_dir }}"
     state: directory

 - name: Copy certs needed by XOS
   become: yes
   copy:
     src: "{{ pki_dir }}/{{ item.src }}"
     dest: "{{ pki_dir }}/{{ item.dest }}"
   with_items:
     - src: "intermediate_ca/certs/im_cert_chain.pem"
       dest: "im_cert_chain.pem"
     - src: "intermediate_ca/private/xos-core.{{ site_suffix }}_key.pem"
       dest: "core_api_key.pem"
     - src: "intermediate_ca/certs/xos-core.{{ site_suffix }}_cert_chain.pem"
       dest: "core_api_cert.pem"

 - name: Copy certs needed by OpenStack
   become: yes
   when: use_openstack
   copy:
     src: "{{ pki_dir }}/{{ item.src }}"
     dest: "{{ pki_dir }}/{{ item.dest }}"
   with_items:
     - src: "intermediate_ca/private/keystone.{{ site_suffix }}_key.pem"
       dest: "keystone.{{ site_suffix }}_key.pem"
     - src: "intermediate_ca/certs/keystone.{{ site_suffix }}_cert.pem"
       dest: "keystone.{{ site_suffix }}_cert.pem"
	---
	# pki-install/tasks/main.yml

	- name: Copy CA certificates to head node
	become: yes
	copy:
	src: "{{ pki_dir }}/{{ item.src }}"
	dest: "/usr/local/share/ca-certificates/{{ item.dest }}"
	with_items:
	- src: "root_ca/certs/ca_cert.pem"
	dest: "cord_root_ca.crt"
	- src: "intermediate_ca/certs/im_cert.pem"
	dest: "cord_intermediate_ca.crt"
	notify:
	- Run update-ca-certificates on head node

	- name: Ensure PKI directory
	become: yes
	file:
	path: "{{ pki_dir }}"
	state: directory

	- name: Copy certs needed by XOS
	become: yes
	copy:
	src: "{{ pki_dir }}/{{ item.src }}"
	dest: "{{ pki_dir }}/{{ item.dest }}"
	with_items:
	- src: "intermediate_ca/certs/im_cert_chain.pem"
	dest: "im_cert_chain.pem"
	- src: "intermediate_ca/private/xos-core.{{ site_suffix }}_key.pem"
	dest: "core_api_key.pem"
	- src: "intermediate_ca/certs/xos-core.{{ site_suffix }}_cert_chain.pem"
	dest: "core_api_cert.pem"

	- name: Copy certs needed by OpenStack
	become: yes
	when: use_openstack
	copy:
	src: "{{ pki_dir }}/{{ item.src }}"
	dest: "{{ pki_dir }}/{{ item.dest }}"
	with_items:
	- src: "intermediate_ca/private/keystone.{{ site_suffix }}_key.pem"
	dest: "keystone.{{ site_suffix }}_key.pem"
	- src: "intermediate_ca/certs/keystone.{{ site_suffix }}_cert.pem"
	dest: "keystone.{{ site_suffix }}_cert.pem"