| Zack Williams | 65edc22 | 2018-01-30 18:52:30 -0700 | [diff] [blame] | 1 | --- |
| 2 | # Copyright 2017-present Open Networking Foundation |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | # you may not use this file except in compliance with the License. |
| 6 | # You may obtain a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | # See the License for the specific language governing permissions and |
| 14 | # limitations under the License. |
| 15 | |
| 16 | # docker-registry-client/tasks/main.yml |
| 17 | # Configure a node to be able to access the docker registry |
| 18 | |
| 19 | - name: Create directories for registry access client SSL keys |
| 20 | file: |
| 21 | state: directory |
| 22 | dest: "{{ item }}" |
| 23 | owner: root |
| 24 | group: docker |
| 25 | mode: 0755 |
| 26 | with_items: |
| 27 | - "/etc/docker/certs.d/" |
| 28 | - "/etc/docker/certs.d/{{ docker_registry }}" |
| 29 | |
| 30 | - name: Copy over registry access client SSL keys |
| 31 | copy: |
| 32 | src: "{{ item.src }}" |
| 33 | dest: "/etc/docker/certs.d/{{ docker_registry }}/{{ item.dest }}" |
| 34 | mode: "{{ item.mode }}" |
| 35 | owner: root |
| 36 | group: docker |
| 37 | with_items: |
| 38 | - src: "{{ pki_dir }}/root_ca/certs/ca_cert.pem" |
| 39 | dest: "ca.crt" |
| 40 | mode: "0444" |
| 41 | - src: "{{ pki_dir }}/{{ site_name }}_im_ca/certs/dockerclient_cert_chain.pem" |
| 42 | dest: "client.cert" |
| 43 | mode: "0444" |
| 44 | - src: "{{ pki_dir }}/{{ site_name }}_im_ca/private/dockerclient_key.pem" |
| 45 | dest: "client.key" |
| 46 | mode: "0400" |
| 47 | |