Bertrand Lanson
90a958fba0
All checks were successful
test / Linting (push) Successful in 35s
test / Molecule tests (default, debian12) (push) Successful in 1m14s
test / Molecule tests (default, ubuntu2004) (push) Successful in 1m29s
test / Molecule tests (default, ubuntu2204) (push) Successful in 1m22s
test / Molecule tests (with_custom_config, debian11) (push) Successful in 1m15s
test / Molecule tests (with_custom_config, ubuntu2004) (push) Successful in 1m28s
test / Molecule tests (with_custom_config, ubuntu2204) (push) Successful in 1m31s
test / Molecule tests (with_custom_config, debian12) (push) Successful in 3m14s
test / Molecule tests (default, debian11) (push) Successful in 1m11s
59 lines
2.1 KiB
YAML
59 lines
2.1 KiB
YAML
---
|
|
# task/configure file for renew_consul_certificates
|
|
- name: "Configure files for consul certificate renewal"
|
|
notify:
|
|
- "systemctl-enable-consul-certs"
|
|
- "systemctl-restart-consul-certs"
|
|
block:
|
|
- name: "Copy consul_config.hcl template"
|
|
ansible.builtin.template:
|
|
src: consul_config.hcl.j2
|
|
dest: "{{ renew_consul_certificates_config_dir }}/consul_config.hcl"
|
|
owner: "{{ renew_consul_certificates_consul_user }}"
|
|
group: "{{ renew_consul_certificates_consul_group }}"
|
|
mode: '0600'
|
|
|
|
- name: "Copy consul_ca.pem.tpl template"
|
|
ansible.builtin.template:
|
|
src: consul_ca.pem.tpl.j2
|
|
dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_ca.pem.tpl"
|
|
owner: "{{ renew_consul_certificates_consul_user }}"
|
|
group: "{{ renew_consul_certificates_consul_group }}"
|
|
mode: '0600'
|
|
|
|
- name: "Copy consul_cert.pem.tpl template"
|
|
ansible.builtin.template:
|
|
src: consul_cert.pem.tpl.j2
|
|
dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_cert.pem.tpl"
|
|
owner: "{{ renew_consul_certificates_consul_user }}"
|
|
group: "{{ renew_consul_certificates_consul_group }}"
|
|
mode: '0600'
|
|
|
|
- name: "Copy consul_cert.key.tpl template"
|
|
ansible.builtin.template:
|
|
src: consul_key.pem.tpl.j2
|
|
dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_key.pem.tpl"
|
|
owner: "{{ renew_consul_certificates_consul_user }}"
|
|
group: "{{ renew_consul_certificates_consul_group }}"
|
|
mode: '0600'
|
|
|
|
- name: "Configure consul-certs systemd service"
|
|
notify:
|
|
- "systemctl-daemon-reload"
|
|
block:
|
|
- name: "Configure consul-certs env file"
|
|
ansible.builtin.template:
|
|
src: consul-certs.env.j2
|
|
dest: "{{ renew_consul_certificates_config_dir }}/consul-certs.env"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: "Configure consul-certs systemd service"
|
|
ansible.builtin.template:
|
|
src: consul-certs.service.j2
|
|
dest: /etc/systemd/system/consul-certs.service
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|