infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

Use lookup instead of assemble for the RabbitMQ CA

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2025-04-10 12:16:51 +02:00
parent 4c52d4603b
commit 475838940a
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
1 changed files with 1 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

37
roles/rabbitmq_cluster/tasks/main.yml
View file

@ -37,44 +37,9 @@
- config
when: "env == 'production'"
- name: Create CA certs directory
ansible.builtin.file:
path: /etc/rabbitmq/cacerts/
owner: root
group: root
mode: 0755
state: directory
tags:
- rabbitmq_cluster
- config
- name: Deploy CA certificate
ansible.builtin.copy:
src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
dest: /etc/rabbitmq/cacerts/ca.crt
owner: root
group: root
mode: 0644
tags:
- rabbitmq_cluster
- config
when: "env == 'staging'"
- name: Deploy CA certificate
ansible.builtin.copy:
src: "{{private}}/files/rabbitmq/{{env}}.old-2025-04/pki/ca.crt"
dest: /etc/rabbitmq/cacerts/ca.old.crt
owner: root
group: root
mode: 0644
tags:
- rabbitmq_cluster
- config
when: "env == 'staging'"
- name: Build combined CA cert
ansible.builtin.assemble:
src: /etc/rabbitmq/cacerts/
content: "{{ lookup('file', private+'/files/rabbitmq/+env+'/pki/ca.crt') }}\n{{ lookup('file', private+'/files/rabbitmq/+env+'.new/pki/ca.crt') }}"
dest: /etc/rabbitmq/ca.crt
owner: root
group: root