Files
@ 74b1cab547fc
Branch filter:
Location: majic-ansible-roles/testsite/playbooks/tls.yml - annotation
74b1cab547fc
2.1 KiB
text/x-yaml
MAR-122: Fixed handling of complex package versions for pip with Ansible 2.x:
- Use list for installing specific version of pip in the "pipreqcheck" virtual
environment in common role.
- Removed superficious (and incorrect) definition for application admin username
in wsgi_website role.
- Updated test playbook for wsgi_website role to test the fix.
- Switched to passing-in package list for installing packages in virtual
environment instead of using "with_items" in wsgi_website role.
- Use list for installing specific version of pip in the "pipreqcheck" virtual
environment in common role.
- Removed superficious (and incorrect) definition for application admin username
in wsgi_website role.
- Updated test playbook for wsgi_website role to test the fix.
- Switched to passing-in package list for installing packages in virtual
environment instead of using "with_items" in wsgi_website role.
70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 2b3af82bc50e 2b3af82bc50e 2b3af82bc50e 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 | ---
- hosts: preseed
vars:
host_tls_info:
- hostname: ldap
service: ldap
name: LDAP
- hostname: mail
service: imap
name: IMAP
- hostname: mail
service: smtp
name: SMTP
- hostname: phpinfo
service: https
name: PHP Info
- hostname: web
service: https
name: Web
- hostname: wsgi
service: https
name: WSGI Hello World
- hostname: wsgireq
service: https
name: WSGI Hello World
- hostname: xmpp
service: xmpp
name: XMPP
tasks:
- name: Create GnuTLS certificate templates for all hosts
template: src="../tls/gnutls_server_certificate.cfg.j2" dest="../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg"
with_items: host_tls_info
- name: Create the CA key
command: certtool --sec-param high --generate-privkey --outfile ../tls/ca.key
args:
creates: ../tls/ca.key
- name: Create the CA certificate
command: certtool --template ../tls/ca.cfg --generate-self-signed --load-privkey ../tls/ca.key --outfile ../tls/ca.pem
args:
creates: ../tls/ca.pem
- name: Create private keys for all hosts
command: certtool --sec-param normal --generate-privkey --outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
with_items: host_tls_info
args:
creates: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
- name: Issue certificates for all hosts
shell: sleep 1 && certtool --generate-certificate
--load-ca-privkey "../tls/ca.key" --load-ca-certificate "../tls/ca.pem"
--template "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg"
--load-privkey "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
--outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.pem"
with_items: host_tls_info
args:
creates: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.pem"
|