|
|
@@ -9,25 +9,25 @@
|
|
|
mode: 0755
|
|
|
check_mode: no
|
|
|
|
|
|
- - set_fact:
|
|
|
- ansible_service_broker_certs_dir: "{{ openshift.common.config_base }}/ansible-service-broker"
|
|
|
-
|
|
|
- name: Create self signing ca cert
|
|
|
- command: 'openssl req -nodes -x509 -newkey rsa:4096 -keyout {{ ansible_service_broker_certs_dir }}/key.pem -out {{ ansible_service_broker_certs_dir }}/cert.pem -days 365 -subj "/CN=asb-etcd.openshift-ansible-service-broker.svc"'
|
|
|
+ command: 'openssl req -nodes -x509 -newkey rsa:4096 -keyout {{ openshift.common.config_base }}/ansible-service-broker/key.pem -out {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -days 365 -subj "/CN=asb-etcd.openshift-ansible-service-broker.svc"'
|
|
|
args:
|
|
|
- creates: '{{ ansible_service_broker_certs_dir }}/cert.pem'
|
|
|
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/cert.pem'
|
|
|
|
|
|
- name: Create self signed client cert
|
|
|
command: '{{ item.cmd }}'
|
|
|
args:
|
|
|
creates: '{{ item.creates }}'
|
|
|
with_items:
|
|
|
- - cmd: openssl genrsa -out {{ ansible_service_broker_certs_dir }}/client.key 2048
|
|
|
- creates: '{{ ansible_service_broker_certs_dir }}/client.key'
|
|
|
- - cmd: 'openssl req -new -key {{ ansible_service_broker_certs_dir }}/client.key -out {{ ansible_service_broker_certs_dir }}/client.csr -subj "/CN=client"'
|
|
|
- creates: '{{ ansible_service_broker_certs_dir }}/client.csr'
|
|
|
- - cmd: openssl x509 -req -in {{ ansible_service_broker_certs_dir }}/client.csr -CA {{ ansible_service_broker_certs_dir }}/cert.pem -CAkey {{ ansible_service_broker_certs_dir }}/key.pem -CAcreateserial -out {{ ansible_service_broker_certs_dir }}/client.pem -days 1024
|
|
|
- creates: '{{ ansible_service_broker_certs_dir }}/client.pem'
|
|
|
+ - cmd: openssl genrsa -out {{ openshift.common.config_base }}/ansible-service-broker/client.key 2048
|
|
|
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.key'
|
|
|
+ - cmd: 'openssl req -new -key {{ openshift.common.config_base }}/ansible-service-broker/client.key -out {{ openshift.common.config_base }}/ansible-service-broker/client.csr -subj "/CN=client"'
|
|
|
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.csr'
|
|
|
+ - cmd: openssl x509 -req -in {{ openshift.common.config_base }}/ansible-service-broker/client.csr -CA {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -CAkey {{ openshift.common.config_base }}/ansible-service-broker/key.pem -CAcreateserial -out {{ openshift.common.config_base }}/ansible-service-broker/client.pem -days 1024
|
|
|
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.pem'
|
|
|
+
|
|
|
+ - set_fact:
|
|
|
+ ansible_service_broker_certs_dir: "{{ openshift.common.config_base }}/ansible-service-broker"
|
|
|
|
|
|
- set_fact:
|
|
|
etcd_ca_cert: "{{ lookup('file', '{{ ansible_service_broker_certs_dir }}/cert.pem') }}"
|
Scott Dodson