From d0a0ca74d19eaee8d28db97bb68e2f82cb1626ef Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Tue, 3 Jun 2014 16:31:57 +0000
Subject: [PATCH] ssl certorama

---
 roles/koji_hub/tasks/main.yml | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml
index 6be6f82934..81d9cf320c 100644
--- a/roles/koji_hub/tasks/main.yml
+++ b/roles/koji_hub/tasks/main.yml
@@ -42,7 +42,22 @@
   tags:
   - config
 
-- name: init koji ca cert file
+- name: install kojiweb_cert_key.pem
+  copy: src={{ puppet_private }}/kojiweb_cert_key.pem dest=/etc/pki/tls/private/kojiweb_cert_key.pem owner=apache mode=600
+  tags:
+  - config
+
+- name: install koji_key.pem
+  copy: src={{ puppet_private }}/koji_key.pem dest=/etc/pki/tls/private/koji_key.pem owner=apache mode=600
+  tags:
+  - config
+
+- name: install koji_cert.pem
+  copy: src={{ puppet_private }}/koji_cert.pem dest=/etc/pki/tls/certs/koji_cert.pem owner=apache mode=600
+  tags:
+  - config
+
+- name: Install koji ssl certs
   copy: src={{ puppet_private }}/koji/koji.stg_cert.pem dest=/etc/pki/tls/certs/koji.stg_cert.pem
   tags:
   - config
@@ -52,6 +67,21 @@
   tags:
   - config
 
+- name: instaall fedora-ca.cert in various places
+  copy: src={{ puppet_private }}/fedora-ca.cert dest={{ item }} owner=apache
+  with_items: 
+  - /etc/kojira/extras_cacert.pem
+  - /etc/pki/tls/certs/extras_cacert.pem
+  - /etc/pki/tls/certs/extras_upload_cacert.pem
+  - /etc/pki/tls/certs/upload_cacert.pem
+  tags:
+  - config
+
+- name: install kojira_cert_key
+  copy: src={{ puppet_private }}/kojira_cert_key.pem dest=/etc/kojira/kojira_cert_key.pem owner=apache mode=600
+  tags:
+  - config
+
 - name: koji web config files
   copy: src={{ item }} dest=/etc/httpd/conf.d/{{ item }} owner=root group=root
   with_items: