| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- ---
- - name: Install openssl
- package: name=openssl state=present
- when: not openshift.common.is_atomic | bool
- register: result
- until: result is succeeded
- - name: Create CA directory
- file: path="{{ nuage_ca_dir }}" state=directory
- run_once: true
- delegate_to: "{{ nuage_ca_master }}"
- - name: Create certificate directory
- file: path="{{ nuage_ca_master_crt_dir }}" state=directory
- run_once: true
- delegate_to: "{{ nuage_ca_master }}"
- - name: Check if the CA key already exists
- stat: path="{{ nuage_ca_key }}"
- register: nuage_ca_key_check
- delegate_to: "{{ nuage_ca_master }}"
- - name: Create CA key
- command: openssl genrsa -out "{{ nuage_ca_key }}" 4096
- run_once: true
- delegate_to: "{{ nuage_ca_master }}"
- when: nuage_ca_key_check.stat.exists is defined and nuage_ca_key_check.stat.exists == False
- - name: Check if the CA crt already exists
- stat: path="{{ nuage_ca_crt }}"
- register: nuage_ca_crt_check
- delegate_to: "{{ nuage_ca_master }}"
- - name: Create CA crt
- command: openssl req -new -x509 -key "{{ nuage_ca_key }}" -out "{{ nuage_ca_crt }}" -subj "/CN=nuage-signer"
- run_once: true
- delegate_to: "{{ nuage_ca_master }}"
- when: nuage_ca_crt_check.stat.exists is defined and nuage_ca_crt_check.stat.exists == False
- - name: Create the serial file
- copy: src=serial.txt dest="{{ nuage_ca_serial }}"
- run_once: true
- delegate_to: "{{ nuage_ca_master }}"
- - name: Copy SSL config file
- copy: src=openssl.cnf dest="{{ nuage_ca_dir }}/openssl.cnf"
- run_once: true
- delegate_to: "{{ nuage_ca_master }}"
|
