Deploy the FM keys before using them
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard
parent
e882eca30b
commit
52134e8e00
1 changed files with 40 additions and 40 deletions
|
|
@ -299,6 +299,46 @@
|
||||||
- config
|
- config
|
||||||
- bodhi
|
- bodhi
|
||||||
|
|
||||||
|
- name: Create /etc/pki/fedora-messaging
|
||||||
|
file:
|
||||||
|
dest: /etc/pki/fedora-messaging
|
||||||
|
mode: 0775
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
state: directory
|
||||||
|
tags:
|
||||||
|
- bodhi
|
||||||
|
|
||||||
|
- name: Deploy the fedora-messaging CA
|
||||||
|
copy:
|
||||||
|
src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt"
|
||||||
|
dest: /etc/pki/fedora-messaging/cacert.pem
|
||||||
|
mode: 0644
|
||||||
|
owner: apache
|
||||||
|
group: apache
|
||||||
|
tags:
|
||||||
|
- bodhi
|
||||||
|
|
||||||
|
- name: Deploy the fedora-messaging cert
|
||||||
|
copy:
|
||||||
|
src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/bodhi{{env_suffix}}.crt"
|
||||||
|
dest: /etc/pki/fedora-messaging/bodhi-cert.pem
|
||||||
|
mode: 0644
|
||||||
|
owner: apache
|
||||||
|
group: apache
|
||||||
|
tags:
|
||||||
|
- bodhi
|
||||||
|
|
||||||
|
- name: Deploy the fedora-messaging key
|
||||||
|
copy:
|
||||||
|
src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/bodhi{{env_suffix}}.key"
|
||||||
|
dest: /etc/pki/fedora-messaging/bodhi-key.pem
|
||||||
|
mode: 0600
|
||||||
|
owner: apache
|
||||||
|
group: apache
|
||||||
|
tags:
|
||||||
|
- bodhi
|
||||||
|
|
||||||
- name: Let the ftpsync user also read the fedora-messaging config
|
- name: Let the ftpsync user also read the fedora-messaging config
|
||||||
command: /usr/bin/setfacl -m user:ftpsync:rx /etc/fedora-messaging/config.toml
|
command: /usr/bin/setfacl -m user:ftpsync:rx /etc/fedora-messaging/config.toml
|
||||||
tags:
|
tags:
|
||||||
|
|
@ -358,46 +398,6 @@
|
||||||
tags:
|
tags:
|
||||||
- bodhi
|
- bodhi
|
||||||
|
|
||||||
- name: Create /etc/pki/fedora-messaging
|
|
||||||
file:
|
|
||||||
dest: /etc/pki/fedora-messaging
|
|
||||||
mode: 0775
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
state: directory
|
|
||||||
tags:
|
|
||||||
- bodhi
|
|
||||||
|
|
||||||
- name: Deploy the fedora-messaging CA
|
|
||||||
copy:
|
|
||||||
src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt"
|
|
||||||
dest: /etc/pki/fedora-messaging/cacert.pem
|
|
||||||
mode: 0644
|
|
||||||
owner: apache
|
|
||||||
group: apache
|
|
||||||
tags:
|
|
||||||
- bodhi
|
|
||||||
|
|
||||||
- name: Deploy the fedora-messaging cert
|
|
||||||
copy:
|
|
||||||
src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/bodhi{{env_suffix}}.crt"
|
|
||||||
dest: /etc/pki/fedora-messaging/bodhi-cert.pem
|
|
||||||
mode: 0644
|
|
||||||
owner: apache
|
|
||||||
group: apache
|
|
||||||
tags:
|
|
||||||
- bodhi
|
|
||||||
|
|
||||||
- name: Deploy the fedora-messaging key
|
|
||||||
copy:
|
|
||||||
src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/bodhi{{env_suffix}}.key"
|
|
||||||
dest: /etc/pki/fedora-messaging/bodhi-key.pem
|
|
||||||
mode: 0600
|
|
||||||
owner: apache
|
|
||||||
group: apache
|
|
||||||
tags:
|
|
||||||
- bodhi
|
|
||||||
|
|
||||||
- name: ensure fedora-messaging and celery are enabled and started on the backend
|
- name: ensure fedora-messaging and celery are enabled and started on the backend
|
||||||
service:
|
service:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue