blob: 8d73e68404b12ae74b6f11483c71398c9a1247a9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
---
- name: Install openssl
package: name=openssl state=present
when: not openshift.common.is_atomic | bool
- name: Create CA directory
file: path="{{ nuage_ca_dir }}" state=directory
run_once: true
delegate_to: "{{ nuage_ca_master }}"
- name: Create certificate directory
file: path="{{ nuage_ca_master_crt_dir }}" state=directory
run_once: true
delegate_to: "{{ nuage_ca_master }}"
- name: Check if the CA key already exists
stat: path="{{ nuage_ca_key }}"
register: nuage_ca_key_check
delegate_to: "{{ nuage_ca_master }}"
- name: Create CA key
command: openssl genrsa -out "{{ nuage_ca_key }}" 4096
run_once: true
delegate_to: "{{ nuage_ca_master }}"
when: nuage_ca_key_check.stat.exists is defined and nuage_ca_key_check.stat.exists == False
- name: Check if the CA crt already exists
stat: path="{{ nuage_ca_crt }}"
register: nuage_ca_crt_check
delegate_to: "{{ nuage_ca_master }}"
- name: Create CA crt
command: openssl req -new -x509 -key "{{ nuage_ca_key }}" -out "{{ nuage_ca_crt }}" -subj "/CN=nuage-signer"
run_once: true
delegate_to: "{{ nuage_ca_master }}"
when: nuage_ca_crt_check.stat.exists is defined and nuage_ca_crt_check.stat.exists == False
- name: Create the serial file
copy: src=serial.txt dest="{{ nuage_ca_serial }}"
run_once: true
delegate_to: "{{ nuage_ca_master }}"
- name: Copy SSL config file
copy: src=openssl.cnf dest="{{ nuage_ca_dir }}/openssl.cnf"
run_once: true
delegate_to: "{{ nuage_ca_master }}"
|