diff --git a/roles/copr/frontend/files/cacert.pem b/roles/copr/frontend/files/cacert.pem new file mode 100644 index 0000000000..1de26a3dd5 --- /dev/null +++ b/roles/copr/frontend/files/cacert.pem @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIDVjCCAj6gAwIBAgIJAPbJfaf2j9z8MA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV +BAMMFlJhYmJpdE1RIFBST0RVQ1RJT04gQ0EwHhcNMTgxMTA2MDYxNDMwWhcNMjgx +MTAzMDYxNDMwWjAhMR8wHQYDVQQDDBZSYWJiaXRNUSBQUk9EVUNUSU9OIENBMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xu06VGAPu9LmH1JMAzfUMx9 +i0eHeNUFOEXnf3BAdFeafvucSrdtH3s9hY1OByk5uH0VfJklUB7DMk+YDnEbCjJm +fF2fvTfzVqPoIrK+APSltPxZPNLVWusErE1XeKfwl7dcmMosHkbJheOGH6OHhjZ/ +8MvQZeL0gQzPnkbq/E/ZiIyXuMOkNotwqIZWuWQJd7bLcgCxFoLlr+A4W29up+cS +9eSz4BuqcBJ1gh9IwCANOxBdrbYU900wQmRJ9js0vpMZYLMiiMeb03Hb59vMKfeg +igY18G1aqG0+MFZa+7JjVE8Dxb3xVJ50cYzahdoWrlq10U8VRP1aqybf9NjBJQID +AQABo4GQMIGNMB0GA1UdDgQWBBQWP9bbzXjOqE4iE9nrH+YYPHrVgzBRBgNVHSME +SjBIgBQWP9bbzXjOqE4iE9nrH+YYPHrVg6ElpCMwITEfMB0GA1UEAwwWUmFiYml0 +TVEgUFJPRFVDVElPTiBDQYIJAPbJfaf2j9z8MAwGA1UdEwQFMAMBAf8wCwYDVR0P +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCqZeI+slLiLfachAy7mvLUpYlfa0eN +JvR+Ak4UwZ5LoiAz2N66axEKBmVkrfkOF2vQdreATh0JnuL20t+mjwmZxpqf3VqB +9UOQtZQqAASy8Esc+adSn9wQUsDgltd1Ofb0rAbjUyqyDtuN7a87eIg1/j/di1S8 +JbaUViycEJ5J7TQvssWSEjPgKWLzdjgNOUe503VY74t8W0YS9eTVA9xN9Vg7ii14 +X1WHlJNJH7JfL3sjACrnraGzEiZURxDVOz8Q30lmkMA0MBfbVwdEeeBY0zFuLGZq +r/A5NY0IZnUBWNwPmOq6RFwhlnFX2bartvyhAA2+chR2sU7KiUqKy12j +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDbzCCAlegAwIBAgIUWo3mUoL1i2mmPYsNsVmhCXSYSOAwDQYJKoZIhvcNAQEL +BQAwITEfMB0GA1UEAwwWUmFiYml0TVEgUFJPRFVDVElPTiBDQTAeFw0yNTA0MTcx +NTIzMDNaFw0zNTA0MTUxNTIzMDNaMCExHzAdBgNVBAMMFlJhYmJpdE1RIFBST0RV +Q1RJT04gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnTDPkSsoZ +bIq4sNNP3l5Jnff7Z3FsOaKveZ/qz/RF4rN1ip84VU2KPrFedZkL1JleiC9RJgAT +mqAVFa50ndbekqurtqo+d5dubgAEnZM/O8D56y+EaorRZSLMwp+C4m3GVVhR1EXx +tQvOwrjjALN5NwXhPvvZXooZos88FxW+9yONkY263ge/pf8vq6mFbeVxZypbgWCo +vv8EDFJH0JFZ3TEdD7PRXrz76Z+n8EL0Xm3gzDQI7GNEsXpLKW6jbUvIxUUk3kHM +bzHYcOVkYlVE9mhtPGnZBPM+mlvzqY46SWUQthVutKtBsZ28dWwBQ89tK0eDuo2y +ba9f+taBmylbAgMBAAGjgZ4wgZswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +Pv4eeebiJy73VaDMLot27xu0BpwwXAYDVR0jBFUwU4AUPv4eeebiJy73VaDMLot2 +7xu0BpyhJaQjMCExHzAdBgNVBAMMFlJhYmJpdE1RIFBST0RVQ1RJT04gQ0GCFFqN +5lKC9Ytppj2LDbFZoQl0mEjgMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOC +AQEAbRkeBWizgoe/DWT3t/SAMpUeohpeWhBF5kLaHvtFm3/44+1O6SXQKybIa/qC +QB+5Q2N1G4tddM3S2eq/o3cKqjVdqaOmpsiybD1VVXqZZo4cwQH6Ci3iKEP7zJe0 +FmkE4Vw8StuJ15oCWGdyjcDg2ukKGzdclmU28LWitlwaPAME/dyALqFq3IC9aIYm +3MSZKS1dlzFtJPjL7jKrT9+7vxYtDaC/sGXG5c0vRmKjCKygCHQxvEColiauACaL +MEQvqbH5dBKzOP6YO1NSvV1xMoIj4jI20GIkP5CC7Q1IVPKUlkNMBs/Fx1OIpJT6 +QXuy/G1adiQ+uO/MIT/wV321NA== +-----END CERTIFICATE----- diff --git a/roles/copr/frontend/files/stg-cacert.pem b/roles/copr/frontend/files/stg-cacert.pem new file mode 100644 index 0000000000..72f9ec4198 --- /dev/null +++ b/roles/copr/frontend/files/stg-cacert.pem @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIDTTCCAjWgAwIBAgIJAKTvGuTvFNZ/MA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV +BAMME1JhYmJpdE1RIFNUQUdJTkcgQ0EwHhcNMTgwODAyMTk1NjMwWhcNMjgwNzMw +MTk1NjMwWjAeMRwwGgYDVQQDDBNSYWJiaXRNUSBTVEFHSU5HIENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZBkTjpV/8wVVv98q9l+Wb7ItgWUKAbE +9T6N28T+SyhwNEzVACW8eCqUlY3Jfz/GSa+FG5pUcNu8soI8IL9F2bXQDtqWGp6+ +lxiEUKWzKwAAdNSsC4LCzj0pJvAbpWjTZs9tGxO/LfubsFx4BK93G5dyT1z9VV2n +lStBn/WZeow53ZiOl4Ue/BYjDyZX+pN9V38SavNDjwphvYdtUooimNu4FdngHJtF +fonssFPf2b0H9z89QVaZEcRpDPTLY+/868VQWuTPnT7ass5d1bliCNJ29GZEhqTD +yZjFVml6abN4DLJkSoN58DoST0DvAw+0WlR6JnG2296k9e9RInHQkwIDAQABo4GN +MIGKMB0GA1UdDgQWBBQdCSjObvxJDLt/tZhyk2EUHhR7VzBOBgNVHSMERzBFgBQd +CSjObvxJDLt/tZhyk2EUHhR7V6EipCAwHjEcMBoGA1UEAwwTUmFiYml0TVEgU1RB +R0lORyBDQYIJAKTvGuTvFNZ/MAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0G +CSqGSIb3DQEBCwUAA4IBAQAiXp2ljGrEuhLB6byVXm7lQLfxcWECcmbCR/3XsOir +csVQaOtSY5jDVMWFnuArPMMzZPc81zmOdYwwuxqPVvki751LPNCQuqWkEwqLVRXO +y8mET1efnFvHgXMszg01KSa1YPa5iVhIRGZkyckIkzB5pT45zk3FB10ty78nSozZ +qvSm7uZhmtb9ZwcSeQIRx3pnCZks/BgBUIzCvW/oDmeya9oirZfMVq5zqv83iwcW +svdtE43C/zHSlgr10JxzA5lXl16DxOXUXO6gZoavkI++7fB13xkYUSl0VgiIbI+7 +LZ+v5VAIDNtwvHxkjey6Mz5P0fHazrmXTaIzs5JSZwln +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDZjCCAk6gAwIBAgIUJpcjxQvI1atZSNH8S6XkOUk+D9YwDQYJKoZIhvcNAQEL +BQAwHjEcMBoGA1UEAwwTUmFiYml0TVEgU1RBR0lORyBDQTAeFw0yNTA0MDkwOTQz +NThaFw0zNTA0MDcwOTQzNThaMB4xHDAaBgNVBAMME1JhYmJpdE1RIFNUQUdJTkcg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgKhr4j/3XeN+0kqP0 +SX5vnjCSca81MmBOhEH9irz0DGVmsPtkF6U0EH7Fx0SHtQDDXmRGQII2GMuA3Jeb +MN3U82/YVeKimdl14Ot3zR453fZH2F/TSCThKRcex6Q53U5X4Gm5FjVK8NVHpx0E +Zj7IfBC1DwvD4wY7yESmS03rffMNnIcW2p+JXQrrE89FIzC8HtM5IAK8Y209mcSg +OvR8OtWQgRE39HlYfNSijd8ZQisTcER8GYKyPpEThDnMnxAALNMdEuVI9VuYQJ8r +VgGm/HtPgN72YsSpQuvHpmAMOIce0ZBothdVYhUidjUzPXDQbO7cPOonr6tMRlD2 +nYSpAgMBAAGjgZswgZgwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUF0R/a+nZ +L2afaKuFnfCKxB3Kk6QwWQYDVR0jBFIwUIAUF0R/a+nZL2afaKuFnfCKxB3Kk6Sh +IqQgMB4xHDAaBgNVBAMME1JhYmJpdE1RIFNUQUdJTkcgQ0GCFCaXI8ULyNWrWUjR +/Eul5DlJPg/WMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcw1DCZwz +PHjMlEu8Ju9VbksSGaip04l+7mGoG0aWXmJ0mV751LA28C9MzSa9SyFES9ID8u+I +3iZeMDlN8eok51RWeqGzusTH0FxvL48KZz8LPZw77aRfU7T4iyc1PCzSIxy67N+e +ByUhipaRhuLe5hJUHJfPmH9hUCAJb8fLcAZMMMvGPdMJsgrr9LQHtK97AX9ZUmHk +zcLRaLd7k4XOZNIB0EW9lNrRd0IdZgwn9UfJ4pzUIn6zqkAETyojBERU4TF4b674 +nsMwa6960s0mC7Sl8j3h5wi4s7zhSO6cqjAkDBrv84oyd+0a9WzeJB5Vo4aBw6ZM +ZBT7SV30x0aC2g== +-----END CERTIFICATE----- diff --git a/roles/copr/frontend/tasks/main.yml b/roles/copr/frontend/tasks/main.yml index 12699b8d88..2cd4d51e86 100644 --- a/roles/copr/frontend/tasks/main.yml +++ b/roles/copr/frontend/tasks/main.yml @@ -192,13 +192,13 @@ - pagure_events - name: Deploy fedora-messaging CA certificates - ansible.builtin.get_url: - url: "{{ item.url }}" - dest: "/etc/fedora-messaging/{{ item.filename }}" + ansible.builtin.copy: + src: "{{ item }}" + dest: "/etc/fedora-messaging/{{ item }}" mode: "0644" with_items: - - { url: "https://infrastructure.fedoraproject.org/infra/rabbitmq-certs/production/ca.crt", filename: "cacert.pem" } - - { url: "https://infrastructure.fedoraproject.org/infra/rabbitmq-certs/staging/ca.crt", filename: "stg-cacert.pem" } + - "stg-cacert.pem" + - "cacert.pem" notify: - Restart copr-fe-fedora-messaging-reader tags: