Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / 83308e68d122abf404f86ae8cf455cc511bb8136 / . / roles / pki-install / tasks / main.yml
blob: a49d88d602f29c2c91c7daffa2e225f40be53220 [file] [log] [blame]
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]1---
2# pki-install/tasks/main.yml
3
4- name: Copy CA certificates to head node
5 become: yes
6 copy:
Andy Bavier1cac0012017-03-13 10:06:18 -0400[diff] [blame]7 src: "{{ pki_dir }}/{{ item.src }}"
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]8 dest: "/usr/local/share/ca-certificates/{{ item.dest }}"
9 with_items:
10 - src: "root_ca/certs/ca_cert.pem"
11 dest: "cord_root_ca.crt"
12 - src: "intermediate_ca/certs/im_cert.pem"
13 dest: "cord_intermediate_ca.crt"
14 notify:
15 - Run update-ca-certificates on head node
Andy Bavier1cac0012017-03-13 10:06:18 -0400[diff] [blame]16
17- name: Ensure PKI directory
18 become: yes
19 file:
20 path: "{{ pki_dir }}"
21 state: directory
22
23- name: Copy certs needed by XOS
24 become: yes
25 copy:
26 src: "{{ pki_dir }}/{{ item.src }}"
27 dest: "{{ pki_dir }}/{{ item.dest }}"
28 with_items:
29 - src: "intermediate_ca/certs/im_cert_chain.pem"
30 dest: "im_cert_chain.pem"
Andy Bavierf0b5d7d2017-03-15 16:19:03 -0400[diff] [blame]31 - src: "intermediate_ca/private/xos-core.{{ site_suffix }}_key.pem"
32 dest: "core_api_key.pem"
33 - src: "intermediate_ca/certs/xos-core.{{ site_suffix }}_cert_chain.pem"
34 dest: "core_api_cert.pem"
Andy Bavier1cac0012017-03-13 10:06:18 -0400[diff] [blame]35
36- name: Copy certs needed by OpenStack
37 become: yes
38 when: use_openstack
39 copy:
40 src: "{{ pki_dir }}/{{ item.src }}"
41 dest: "{{ pki_dir }}/{{ item.dest }}"
42 with_items:
43 - src: "intermediate_ca/private/keystone.{{ site_suffix }}_key.pem"
44 dest: "keystone.{{ site_suffix }}_key.pem"
45 - src: "intermediate_ca/certs/keystone.{{ site_suffix }}_cert.pem"
46 dest: "keystone.{{ site_suffix }}_cert.pem"