| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- ---
- # tasks/ssl_generate.yml: Generate SSL data and stash to dynamic
- # data store for deployment to clients
- - include_vars: "{{ item }}"
- with_first_found:
- - "{{ ansible_distribution }}.yml"
- - name: Ensure Sensu SSL directory exists
- file: dest={{ sensu_config_path }}/ssl state=directory
- owner={{ sensu_user_name }} group={{ sensu_group_name }}
- - name: Ensure SSL generation directory exists
- file: dest={{ sensu_config_path }}/ssl_generation state=directory
- owner={{ sensu_user_name }} group={{ sensu_group_name }}
- when: sensu_master
- - name: Fetch the ssl_certs tarball from sensuapp.org
- get_url: url=http://sensuapp.org/docs/0.20/files/sensu_ssl_tool.tar
- dest={{ sensu_config_path }}/ssl_generation/sensu_ssl_tool.tar
- when: sensu_master
- sudo: yes
- sudo_user: "{{ sensu_user_name }}"
- - name: Untar the ssl_certs tarball from sensuapp.org
- shell: tar xf sensu_ssl_tool.tar chdir={{ sensu_config_path }}/ssl_generation
- args:
- creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
- when: sensu_master
- sudo: yes
- sudo_user: "{{ sensu_user_name }}"
- - name: Generate SSL certs
- shell: ./ssl_certs.sh generate chdir={{ sensu_config_path }}/ssl_generation/sensu_ssl_tool
- args:
- creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server"
- when: sensu_master
- sudo: yes
- sudo_user: "{{ sensu_user_name }}"
- - name: Stash the Sensu SSL certs/keys
- fetch: src={{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/{{ item }}
- dest={{ dynamic_data_store }}
- when: sensu_master
- with_items:
- - sensu_ca/cacert.pem
- - server/cert.pem
- - server/key.pem
- - client/cert.pem
- - client/key.pem
|
