blob: 632ac15ddcfbe1b743d237647fc45ee4b854185e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
---
- name: Create a tarball of the etcd ca certs
command: >
tar -czvf {{ etcd_conf_dir }}/{{ etcd_ca_name }}.tgz
-C {{ etcd_ca_dir }} .
args:
creates: "{{ etcd_conf_dir }}/{{ etcd_ca_name }}.tgz"
warn: no
delegate_to: "{{ etcd_ca_host }}"
run_once: true
- name: Retrieve etcd ca cert tarball
fetch:
src: "{{ etcd_conf_dir }}/{{ etcd_ca_name }}.tgz"
dest: "{{ etcd_sync_cert_dir }}/"
flat: yes
fail_on_missing: yes
validate_checksum: yes
delegate_to: "{{ etcd_ca_host }}"
run_once: true
- name: Ensure ca directory exists
file:
path: "{{ etcd_ca_dir }}"
state: directory
- name: Unarchive etcd ca cert tarballs
unarchive:
src: "{{ etcd_sync_cert_dir }}/{{ etcd_ca_name }}.tgz"
dest: "{{ etcd_ca_dir }}"
- name: Read current etcd CA
slurp:
src: "{{ etcd_conf_dir }}/ca.crt"
register: g_current_etcd_ca_output
- name: Read new etcd CA
slurp:
src: "{{ etcd_ca_dir }}/ca.crt"
register: g_new_etcd_ca_output
- copy:
content: "{{ (g_new_etcd_ca_output.content|b64decode) + (g_current_etcd_ca_output.content|b64decode) }}"
dest: "{{ item }}/ca.crt"
with_items:
- "{{ etcd_conf_dir }}"
- "{{ etcd_ca_dir }}"
|