| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- ---
- - file:
- path: "{{ etcd_ca_dir }}/{{ item }}"
- state: directory
- mode: 0700
- owner: root
- group: root
- with_items:
- - certs
- - crl
- - fragments
- - command: cp /etc/pki/tls/openssl.cnf ./
- args:
- chdir: "{{ etcd_ca_dir }}/fragments"
- creates: "{{ etcd_ca_dir }}/fragments/openssl.cnf"
- - template:
- dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf"
- src: openssl_append.j2
- backup: true
- - assemble:
- src: "{{ etcd_ca_dir }}/fragments"
- dest: "{{ etcd_ca_dir }}/openssl.cnf"
- - command: touch index.txt
- args:
- chdir: "{{ etcd_ca_dir }}"
- creates: "{{ etcd_ca_dir }}/index.txt"
- - copy:
- dest: "{{ etcd_ca_dir }}/serial"
- content: "01"
- force: no
- - command: >
- openssl req -config openssl.cnf -newkey rsa:4096
- -keyout ca.key -new -out ca.crt -x509 -extensions etcd_v3_ca_self
- -batch -nodes -subj /CN=etcd-signer@{{ ansible_date_time.epoch }}
- -days 365
- args:
- chdir: "{{ etcd_ca_dir }}"
- creates: "{{ etcd_ca_dir }}/ca.crt"
- environment:
- SAN: ''
|
