2024-02-02 19:29:00 +00:00
|
|
|
---
|
|
|
|
- name: Prepare
|
|
|
|
hosts: all
|
|
|
|
become: true
|
|
|
|
tasks:
|
|
|
|
- name: "Include ednxzu.install_docker"
|
|
|
|
ansible.builtin.include_role:
|
|
|
|
name: ednxzu.install_docker
|
|
|
|
vars:
|
|
|
|
install_docker_python_packages: true
|
|
|
|
|
|
|
|
- name: "Generate self-signed certificates" # noqa: run-once[task]
|
|
|
|
delegate_to: localhost
|
|
|
|
run_once: true
|
|
|
|
block:
|
|
|
|
- name: "Create temporary cert directory /tmp/haproxy-cert"
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: "/tmp/haproxy-cert"
|
|
|
|
state: directory
|
2024-02-02 22:42:53 +00:00
|
|
|
owner: "1000"
|
|
|
|
group: "1000"
|
2024-02-02 19:29:00 +00:00
|
|
|
mode: "0777"
|
|
|
|
|
|
|
|
- name: "Create private key"
|
|
|
|
community.crypto.openssl_privatekey:
|
2024-02-02 22:42:53 +00:00
|
|
|
path: /tmp/haproxy-cert/cert.pem.key
|
2024-02-03 21:11:57 +00:00
|
|
|
owner: "1000"
|
|
|
|
group: "1000"
|
2024-02-02 19:29:00 +00:00
|
|
|
|
|
|
|
- name: "Create certificate signing request"
|
|
|
|
community.crypto.openssl_csr_pipe:
|
2024-02-02 22:42:53 +00:00
|
|
|
privatekey_path: /tmp/haproxy-cert/cert.pem.key
|
2024-02-02 19:29:00 +00:00
|
|
|
common_name: haproxy.ansible.test
|
|
|
|
organization_name: Ansible, Inc.
|
|
|
|
register: csr
|
|
|
|
|
|
|
|
- name: "Create self-signed certificate from CSR"
|
|
|
|
community.crypto.x509_certificate:
|
|
|
|
path: /tmp/haproxy-cert/cert.pem
|
|
|
|
csr_content: "{{ csr.csr }}"
|
2024-02-02 22:42:53 +00:00
|
|
|
privatekey_path: /tmp/haproxy-cert/cert.pem.key
|
2024-02-02 19:29:00 +00:00
|
|
|
provider: selfsigned
|
2024-02-03 21:11:57 +00:00
|
|
|
owner: "1000"
|
2024-02-03 21:18:59 +00:00
|
|
|
group: "1000"
|