| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 |
- ---
- # tasks/ssl_generate.yml: Generate SSL data and stash to dynamic
- # data store for deployment to clients
- - include_vars: "{{ ansible_distribution }}.yml"
- - name: Ensure SSL generation directory exists
- file:
- dest: "{{ sensu_config_path }}/ssl_generation"
- state: directory
- owner: "{{ sensu_user_name }}"
- group: "{{ sensu_group_name }}"
- when: sensu_master
- - name: Install urllib3 to ensure we can validate the SAN cert
- package:
- name: python-urllib3
- - block:
- - name: Untar the ssl_certs tarball from sensuapp.org
- unarchive:
- args:
- src: http://sensuapp.org/docs/{{ sensu_ssl_tool_version }}/files/sensu_ssl_tool.tar
- dest: "{{ sensu_config_path }}/ssl_generation/"
- creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
- copy: no
- - name: Generate SSL certs
- command: "{{ __bash_path }} {{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/ssl_certs.sh generate"
- args:
- chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool"
- creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server"
- when: sensu_master|bool
- become: true
- become_user: "{{ sensu_user_name }}"
- - name: Stash the Sensu SSL certs/keys
- fetch:
- src: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/{{ item }}"
- dest: "{{ dynamic_data_store }}"
- when: sensu_master
- with_items:
- - sensu_ca/cacert.pem
- - server/cert.pem
- - server/key.pem
- - client/cert.pem
- - client/key.pem
|
