update docker-distribution role to handle certs more logically

Signed-off-by: Adam Miller <admiller@redhat.com>
2016-04-06 16:43:02 +00:00 · 2016-04-06 16:43:02 +00:00 · 8d529a8f60
commit 8d529a8f60
parent 871473e257
4 changed files with 18 additions and 17 deletions
--- a/playbooks/hosts/osbs-dev.fedorainfracloud.org.yml
+++ b/playbooks/hosts/osbs-dev.fedorainfracloud.org.yml
@ -142,12 +142,11 @@
    - {
      role: docker-distribution,
        cert: {
-          private_path: "files/osbs/osbs-dev.certs",
-          dir: "/etc/pki/docker/osbs-dev.fedorainfracloud.org:5000/",
-          src_name: "osbs-dev.fedorainfracloud.org.crt",
-          src_key_name: "osbs-dev.fedorainfracloud.org.key",
-          dest_name: "ca.cert",
-          dest_key_name: "ca.key"
+          dest_dir: "/etc/pki/docker/osbs-dev.fedorainfracloud.org:5000/",
+          cert_src: "{{private}}files/osbs/osbs-dev.certs/osbs-dev.fedorainfracloud.org.crt",
+          cert_dest: "ca.key",
+          key_src: "{{private}}files/osbs/osbs-dev.certs/osbs-dev.fedorainfracloud.org.key",
+          key_dest: "ca.cert",
        },
        tls: {
          enabled: True,
--- a/roles/docker-distribution/defaults/main.yml
+++ b/roles/docker-distribution/defaults/main.yml
@ -19,14 +19,13 @@ storage:
  filesystem:
    rootdirectory: "/var/lib/registry/"
 http:
-  addr: ":5000"
+  addr: "localhost:5000"

 # Cert information to place certificate files on system
 cert:
-  private_path: "PRIVATE_PATH_TO_CERT_DIR"
-  dir: "/etc/pki/docker/{{ ansible_fqdn }}{{ http.addr }}"
-  src_name: "ca.crt"
-  src_key_name: "ca.key"
-  dest_name: "ca.crt"
-  dest_key_name: "ca.key"
+  dest_dir: "/etc/pki/docker/{{ ansible_fqdn }}{{ http.addr }}"
+  cert_src: "ca.crt"
+  cert_dest: "ca.crt"
+  key_src: "ca.key"
+  key_dest: "ca.key"

--- a/roles/docker-distribution/handlers/main.yml
+++ b/roles/docker-distribution/handlers/main.yml
@ -1,2 +1,4 @@
 ---
 # handlers file for docker-distribution
+- name: restart docker-distribution
+  service: name=docker-distribution state=restarted
--- a/roles/docker-distribution/tasks/main.yml
+++ b/roles/docker-distribution/tasks/main.yml
@ -11,6 +11,7 @@
  template:
    src: config.yml.j2
    dest: "{{ conf_path }}"
+  notify: restart docker-distribution

 - name: ensure docker certs dir exists
  file:
@ -22,13 +23,13 @@

 - name: install tls cert for docker
  copy:
-    src: "{{ private  }}/{{ cert.private_path }}/{{ cert.src_name }}"
-    dest: "{{ cert.dir }}/{{ cert.dest_name }}"
+    src: "{{ cert.cert_src }}"
+    dest: "{{ cert.dir}}/{{ cert.cert_dest }}"
  when: tls.enabled

 - name: install tls key for docker
  copy:
-    src: "{{ private  }}/{{ cert.private_path }}/{{ cert.src_key_name }}"
-    dest: "{{ cert.dir}}/{{ cert.dest_key_name }}"
+    src: "{{ cert.key_src }}"
+    dest: "{{ cert.dir}}/{{ cert.key_dest }}"
  when: tls.enabled