Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / 9e557c693fd79473a80d92a9dea1b38df7886e31 / . / roles / pki-install / tasks / main.yml
blob: 72cd0f88730e343112e67f0015225b202ef34ae8 [file] [log] [blame]
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]1---
2# pki-install/tasks/main.yml
3
4- name: Copy CA certificates to head node
5 become: yes
6 copy:
Andy Bavier1cac0012017-03-13 10:06:18 -0400[diff] [blame]7 src: "{{ pki_dir }}/{{ item.src }}"
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]8 dest: "/usr/local/share/ca-certificates/{{ item.dest }}"
9 with_items:
10 - src: "root_ca/certs/ca_cert.pem"
11 dest: "cord_root_ca.crt"
12 - src: "intermediate_ca/certs/im_cert.pem"
13 dest: "cord_intermediate_ca.crt"
14 notify:
15 - Run update-ca-certificates on head node
Andy Bavier1cac0012017-03-13 10:06:18 -0400[diff] [blame]16
17- name: Ensure PKI directory
18 become: yes
19 file:
20 path: "{{ pki_dir }}"
21 state: directory
22
23- name: Copy certs needed by XOS
24 become: yes
25 copy:
26 src: "{{ pki_dir }}/{{ item.src }}"
27 dest: "{{ pki_dir }}/{{ item.dest }}"
28 with_items:
29 - src: "intermediate_ca/certs/im_cert_chain.pem"
30 dest: "im_cert_chain.pem"
31
32- name: Copy certs needed by OpenStack
33 become: yes
34 when: use_openstack
35 copy:
36 src: "{{ pki_dir }}/{{ item.src }}"
37 dest: "{{ pki_dir }}/{{ item.dest }}"
38 with_items:
39 - src: "intermediate_ca/private/keystone.{{ site_suffix }}_key.pem"
40 dest: "keystone.{{ site_suffix }}_key.pem"
41 - src: "intermediate_ca/certs/keystone.{{ site_suffix }}_cert.pem"
42 dest: "keystone.{{ site_suffix }}_cert.pem"