From 4ff627affe1c424432fd4c814eccbb91ed895bc1 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Mon, 17 Jun 2013 23:15:59 +0000
Subject: [PATCH] Try copying fedmsg certs using a nested var.

---
 inventory/group_vars/badges-backend-stg |  9 +++++++++
 tasks/fedmsg_base.yml                   | 25 +++++++++++++++++++++++++
 2 files changed, 34 insertions(+)

diff --git a/inventory/group_vars/badges-backend-stg b/inventory/group_vars/badges-backend-stg
index b54a21e097..9b2caa4363 100644
--- a/inventory/group_vars/badges-backend-stg
+++ b/inventory/group_vars/badges-backend-stg
@@ -8,3 +8,12 @@ num_cpus: 2
 # the host_vars/$hostname file
 
 tcp_ports: [ 80, 3000 ]
+
+# These are consumed by a task in tasks/fedmsg_base.yml
+fedmsg_certs:
+- service: shell
+  owner: root
+  group: sysadmin
+- service: badges
+  owner: root
+  group: fedmsg
diff --git a/tasks/fedmsg_base.yml b/tasks/fedmsg_base.yml
index 8a48d24127..162da2eb5a 100644
--- a/tasks/fedmsg_base.yml
+++ b/tasks/fedmsg_base.yml
@@ -37,3 +37,28 @@
   tags:
   - config
 
+- name: fedmsg certs
+  copy: >
+    src=$private/files/fedmsg-certs/keys/${item['service']}-${ansible_fqdn}.crt
+    dest=/etc/pki/fedmsg/
+    mode=644
+    owner=${item['owner']}
+    group=${item['group']}
+    service=${item['service']}
+  with_items: ${fedmsg_certs}
+  when: fedmsg_certs is defined
+  tags:
+  - config
+
+- name: fedmsg keys
+  copy: >
+    src=$private/files/fedmsg-certs/keys/${item['service']}-${ansible_fqdn}.crt
+    dest=/etc/pki/fedmsg/
+    mode=644
+    owner=${item['owner']}
+    group=${item['group']}
+    service=${item['service']}
+  with_items: ${fedmsg_certs}
+  when: fedmsg_certs is defined
+  tags:
+  - config