| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- ---
- - file:
- path: "{{ item }}"
- state: directory
- mode: 0700
- owner: root
- group: root
- with_items:
- - "{{ etcd_ca_new_certs_dir }}"
- - "{{ etcd_ca_crl_dir }}"
- - "{{ etcd_ca_dir }}/fragments"
- - command: cp /etc/pki/tls/openssl.cnf ./
- args:
- chdir: "{{ etcd_ca_dir }}/fragments"
- creates: "{{ etcd_ca_dir }}/fragments/openssl.cnf"
- - template:
- dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf"
- src: openssl_append.j2
- backup: true
- - assemble:
- src: "{{ etcd_ca_dir }}/fragments"
- dest: "{{ etcd_openssl_conf }}"
- - command: touch {{ etcd_ca_db }}
- args:
- creates: "{{ etcd_ca_db }}"
- - copy:
- dest: "{{ etcd_ca_serial }}"
- content: "01"
- force: no
- - command: >
- openssl req -config {{ etcd_openssl_conf }} -newkey rsa:4096
- -keyout {{ etcd_ca_key }} -new -out {{ etcd_ca_cert }}
- -x509 -extensions {{ etcd_ca_exts_self }} -batch -nodes
- -days {{ etcd_ca_default_days }}
- -subj /CN=etcd-signer@{{ ansible_date_time.epoch }}
- args:
- chdir: "{{ etcd_ca_dir }}"
- creates: "{{ etcd_ca_cert }}"
- environment:
- SAN: 'etcd-signer'
|
