blob: ab151fe5b65f49ded55974cf88a19f319b33939d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
---
- file:
path: "{{ etcd_ca_dir }}/{{ item }}"
state: directory
mode: 0700
owner: root
group: root
with_items:
- certs
- crl
- fragments
- command: cp /etc/pki/tls/openssl.cnf ./
args:
chdir: "{{ etcd_ca_dir }}/fragments"
creates: "{{ etcd_ca_dir }}/fragments/openssl.cnf"
- template:
dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf"
src: openssl_append.j2
- assemble:
src: "{{ etcd_ca_dir }}/fragments"
dest: "{{ etcd_ca_dir }}/openssl.cnf"
- command: touch index.txt
args:
chdir: "{{ etcd_ca_dir }}"
creates: "{{ etcd_ca_dir }}/index.txt"
- copy:
dest: "{{ etcd_ca_dir }}/serial"
content: "01"
force: no
- command: >
openssl req -config openssl.cnf -newkey rsa:4096
-keyout ca.key -new -out ca.crt -x509 -extensions etcd_v3_ca_self
-batch -nodes -subj /CN=etcd-signer@{{ ansible_date_time.epoch }}
args:
chdir: "{{ etcd_ca_dir }}"
creates: "{{ etcd_ca_dir }}/ca.crt"
environment:
SAN: ''
|