Blame tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml
|
Packit |
8cb997 |
---
|
|
Packit |
8cb997 |
- name: Playbook to configure IPA server step1
|
|
Packit |
8cb997 |
hosts: ipaserver
|
|
Packit |
8cb997 |
become: true
|
|
Packit |
8cb997 |
vars:
|
|
Packit |
8cb997 |
ipaserver_external_ca: yes
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
roles:
|
|
Packit |
8cb997 |
- role: ipaserver
|
|
Packit |
8cb997 |
state: present
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
post_tasks:
|
|
Packit |
8cb997 |
- name: Copy CSR /root/ipa.csr from node to "{{ groups.ipaserver[0] + '-ipa.csr' }}"
|
|
Packit |
8cb997 |
fetch:
|
|
Packit |
8cb997 |
src: /root/ipa.csr
|
|
Packit |
8cb997 |
dest: "{{ groups.ipaserver[0] + '-ipa.csr' }}"
|
|
Packit |
8cb997 |
flat: yes
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
- name: Get /root/ipa.csr, create CA, sign with our CA and copy to node
|
|
Packit |
8cb997 |
hosts: localhost
|
|
Packit |
8cb997 |
gather_facts: false
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
tasks:
|
|
Packit |
8cb997 |
- name: Run external-ca.sh
|
|
Packit |
8cb997 |
command: >
|
|
Packit |
8cb997 |
/bin/bash
|
|
Packit |
8cb997 |
external-ca.sh
|
|
Packit |
8cb997 |
"{{ groups.ipaserver[0] }}"
|
|
Packit |
8cb997 |
"{{ ipaserver_domain | default(groups.ipaserver[0].split('.')[1:] | join ('.')) }}"
|
|
Packit |
8cb997 |
args:
|
|
Packit |
8cb997 |
chdir: "{{ playbook_dir }}"
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
- name: Playbook to configure IPA server step2
|
|
Packit |
8cb997 |
hosts: ipaserver
|
|
Packit |
8cb997 |
become: true
|
|
Packit |
8cb997 |
vars:
|
|
Packit |
8cb997 |
ipaserver_external_cert_files: "/root/chain.crt"
|
|
Packit |
8cb997 |
#ipaserver_external_ca_file: "cacert.asc"
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
pre_tasks:
|
|
Packit |
8cb997 |
- name: Copy "{{ groups.ipaserver[0] + '-chain.crt' }}" to /root/chain.crt on node
|
|
Packit |
8cb997 |
copy:
|
|
Packit |
8cb997 |
src: "{{ groups.ipaserver[0] + '-chain.crt' }}"
|
|
Packit |
8cb997 |
dest: "/root/chain.crt"
|
|
Packit |
8cb997 |
force: yes
|
|
Packit |
8cb997 |
|
|
Packit |
8cb997 |
roles:
|
|
Packit |
8cb997 |
- role: ipaserver
|
|
Packit |
8cb997 |
state: present
|