Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

proxies: add intermediate certs for mirrors.centos.org

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2021-09-02 16:56:24 -07:00
parent 91d645f656
commit 5a8f655671
2 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
inventory/group_vars/all
View file

@ -281,6 +281,11 @@ ocp_wildcard_cert_file: wildcard-2021.apps.ocp.fedoraproject.org.cert
ocp_wildcard_key_file: wildcard-2021.apps.ocp.fedoraproject.org.key
ocp_wildcard_int_file: wildcard-2021.apps.ocp.fedoraproject.org.intermediate.cert
# This is the mirrors.centos.org certs
mirrors_centos_org_cert_name: mirrors.centos.org
mirrors_centos_org_cert_file: mirrors.centos.org.cert
mirrors_centos_org_key_file: mirrors.centos.org.key
# Everywhere, always, we should sign messages and validate signatures.
# However, we allow individual hosts and groups to override this. Use this very
# carefully.. and never in production (good for testing stuff in staging).

2
playbooks/include/proxies-certificates.yml
View file

@ -69,10 +69,12 @@
- role: httpd/certificate
certname: mirrors.centos.org
SSLCertificateChainFile: mirrors.centos.org.intermediate.cert
when: env != "staging"
- role: httpd/certificate
certname: mirrors.stg.centos.org
SSLCertificateChainFile: mirrors.stg.centos.org.intermediate.cert
when: env == "staging"
# - role: httpd/certificate