| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- ---
- # tasks/ssl_generate.yml: Generate SSL data and stash to dynamic
- # data store for deployment to clients
- - include_vars: "{{ item }}"
- with_first_found:
- - "{{ ansible_distribution }}.yml"
- - name: Ensure Sensu SSL directory exists
- file:
- dest: "{{ sensu_config_path }}/ssl"
- state: directory
- owner: "{{ sensu_user_name }}"
- group: "{{ sensu_group_name }}"
- - name: Ensure SSL generation directory exists
- file:
- dest: "{{ sensu_config_path }}/ssl_generation"
- state: directory
- owner: "{{ sensu_user_name }}"
- group: "{{ sensu_group_name }}"
- when: sensu_master
- - block:
- - name: Fetch the ssl_certs tarball from sensuapp.org
- get_url:
- url: http://sensuapp.org/docs/0.21/files/sensu_ssl_tool.tar
- dest: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool.tar"
-
- - name: Untar the ssl_certs tarball from sensuapp.org
- shell: tar xf sensu_ssl_tool.tar
- args:
- chdir: "{{ sensu_config_path }}/ssl_generation"
- creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
-
- - name: Generate SSL certs
- shell: ./ssl_certs.sh generate
- args:
- chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
- creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server"
- when: sensu_master|bool
- become: true
- become_user: "{{ sensu_user_name }}"
- - name: Stash the Sensu SSL certs/keys
- fetch:
- src: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/{{ item }}"
- dest: "{{ dynamic_data_store }}"
- when: sensu_master
- with_items:
- - sensu_ca/cacert.pem
- - server/cert.pem
- - server/key.pem
- - client/cert.pem
- - client/key.pem
|
