From 8d529a8f600e39240028bb9fc49ad0f5f7dbc93e Mon Sep 17 00:00:00 2001
From: Adam Miller <admiller@redhat.com>
Date: Wed, 6 Apr 2016 16:43:02 +0000
Subject: [PATCH] update docker-distribution role to handle certs more
 logically

Signed-off-by: Adam Miller <admiller@redhat.com>
---
 playbooks/hosts/osbs-dev.fedorainfracloud.org.yml | 11 +++++------
 roles/docker-distribution/defaults/main.yml       | 13 ++++++-------
 roles/docker-distribution/handlers/main.yml       |  2 ++
 roles/docker-distribution/tasks/main.yml          |  9 +++++----
 4 files changed, 18 insertions(+), 17 deletions(-)

diff --git a/playbooks/hosts/osbs-dev.fedorainfracloud.org.yml b/playbooks/hosts/osbs-dev.fedorainfracloud.org.yml
index bbfced9e36..5de0fd06c5 100644
--- a/playbooks/hosts/osbs-dev.fedorainfracloud.org.yml
+++ b/playbooks/hosts/osbs-dev.fedorainfracloud.org.yml
@@ -142,12 +142,11 @@
     - {
       role: docker-distribution,
         cert: {
-          private_path: "files/osbs/osbs-dev.certs",
-          dir: "/etc/pki/docker/osbs-dev.fedorainfracloud.org:5000/",
-          src_name: "osbs-dev.fedorainfracloud.org.crt",
-          src_key_name: "osbs-dev.fedorainfracloud.org.key",
-          dest_name: "ca.cert",
-          dest_key_name: "ca.key"
+          dest_dir: "/etc/pki/docker/osbs-dev.fedorainfracloud.org:5000/",
+          cert_src: "{{private}}files/osbs/osbs-dev.certs/osbs-dev.fedorainfracloud.org.crt",
+          cert_dest: "ca.key",
+          key_src: "{{private}}files/osbs/osbs-dev.certs/osbs-dev.fedorainfracloud.org.key",
+          key_dest: "ca.cert",
         },
         tls: {
           enabled: True,
diff --git a/roles/docker-distribution/defaults/main.yml b/roles/docker-distribution/defaults/main.yml
index cfc827da2b..610aa6608b 100644
--- a/roles/docker-distribution/defaults/main.yml
+++ b/roles/docker-distribution/defaults/main.yml
@@ -19,14 +19,13 @@ storage:
   filesystem:
     rootdirectory: "/var/lib/registry/"
 http:
-  addr: ":5000"
+  addr: "localhost:5000"
 
 # Cert information to place certificate files on system
 cert:
-  private_path: "PRIVATE_PATH_TO_CERT_DIR"
-  dir: "/etc/pki/docker/{{ ansible_fqdn }}{{ http.addr }}"
-  src_name: "ca.crt"
-  src_key_name: "ca.key"
-  dest_name: "ca.crt"
-  dest_key_name: "ca.key"
+  dest_dir: "/etc/pki/docker/{{ ansible_fqdn }}{{ http.addr }}"
+  cert_src: "ca.crt"
+  cert_dest: "ca.crt"
+  key_src: "ca.key"
+  key_dest: "ca.key"
 
diff --git a/roles/docker-distribution/handlers/main.yml b/roles/docker-distribution/handlers/main.yml
index 99c49e5cb5..ce8771fdb9 100644
--- a/roles/docker-distribution/handlers/main.yml
+++ b/roles/docker-distribution/handlers/main.yml
@@ -1,2 +1,4 @@
 ---
 # handlers file for docker-distribution
+- name: restart docker-distribution
+  service: name=docker-distribution state=restarted
diff --git a/roles/docker-distribution/tasks/main.yml b/roles/docker-distribution/tasks/main.yml
index a6b4de11bd..d76dee0aac 100644
--- a/roles/docker-distribution/tasks/main.yml
+++ b/roles/docker-distribution/tasks/main.yml
@@ -11,6 +11,7 @@
   template:
     src: config.yml.j2
     dest: "{{ conf_path }}"
+  notify: restart docker-distribution
 
 - name: ensure docker certs dir exists
   file:
@@ -22,13 +23,13 @@
 
 - name: install tls cert for docker
   copy:
-    src: "{{ private  }}/{{ cert.private_path }}/{{ cert.src_name }}"
-    dest: "{{ cert.dir }}/{{ cert.dest_name }}"
+    src: "{{ cert.cert_src }}"
+    dest: "{{ cert.dir}}/{{ cert.cert_dest }}"
   when: tls.enabled
 
 - name: install tls key for docker
   copy:
-    src: "{{ private  }}/{{ cert.private_path }}/{{ cert.src_key_name }}"
-    dest: "{{ cert.dir}}/{{ cert.dest_key_name }}"
+    src: "{{ cert.key_src }}"
+    dest: "{{ cert.dir}}/{{ cert.key_dest }}"
   when: tls.enabled