CORD-1151
Make cord_dir and cord_profile_dir local to config node
use head_* and config_* prefixes to avoid hardcoding paths
config-side ssh key generation+
fix frontend & mock builds
[build] group in inventory
fix inventory strangeness
raise privs when creating ssh_pki_dir
move admin-openrc.sh.j2 to cord-profile
add copy-cord-playbook.yml, clarify where it runs
fix paths for head_cord_profile_dir with mock/frontend
use /opt/cord_profile/admin-openrc.sh rather than ~/admin-openrc.sh
install pki
make comment in do-enlist-compute-node accurate, set correct interface
remove hardcoded credential path
logging and ssh key fixes
Change-Id: Ie7560c911dce1558e09806c9997884dfbd475e9c
diff --git a/roles/pki-root-ca/tasks/main.yml b/roles/pki-root-ca/tasks/main.yml
index 8c2f34d..fd526e4 100644
--- a/roles/pki-root-ca/tasks/main.yml
+++ b/roles/pki-root-ca/tasks/main.yml
@@ -1,21 +1,16 @@
---
# pki-root-ca/tasks/main.yml
-- name: Create credentials directory
+- name: Create PKI and credentials directories
become: yes
file:
- dest: "{{ credentials_dir }}"
+ dest: "{{ item }}"
state: directory
owner: "{{ ansible_user_id }}"
mode: 0700
-
-- name: Create PKI directory
- become: yes
- file:
- dest: "{{ pki_dir }}"
- state: directory
- owner: "{{ ansible_user_id }}"
- mode: 0755
+ with_items:
+ - "{{ credentials_dir }}"
+ - "{{ pki_dir }}"
- name: Create root CA directory
become: yes