Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/messaging/base/tasks/main.yml
Aurélien Bompard d884a0f8ba
Use the combined RabbitMQ CA cert in the clients 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2025-04-11 15:15:45 +02:00

63 lines
2.2 KiB
YAML
Raw Blame History

---
- name: Install the messaging packages
ansible.builtin.package: name={{ item }} state=present
with_items:
- fedora-messaging
tags:
- fedora-messaging
- name: Create rabitmq directory
ansible.builtin.file: path=/etc/pki/rabbitmq/ owner=root group=root mode=0755 state=directory
tags:
- fedora-messaging
- name: "Create key/cert directory"
ansible.builtin.file: path=/etc/pki/rabbitmq/{{ item.username }}/
owner={{ item.username }} group={{ item.username }}
mode=0700 state=directory
with_items: "{{ messaging.certificates }}"
tags:
- fedora-messaging
- name: "Copy fedora messaging key"
ansible.builtin.copy: src={{ private }}/files/rabbitmq/{{ env }}/pki/private/{{ item.key }}{% if env == 'staging' %}.stg{% endif %}.key
dest=/etc/pki/rabbitmq/{{ item.username }}/{{ item.key }}.key
owner={{ item.username }} group=root mode=0600
with_items: "{{ messaging.certificates }}"
tags:
- fedora-messaging
- name: "Copy fedora messaging certificate"
ansible.builtin.copy: src={{ private }}/files/rabbitmq/{{ env }}/pki/issued/{{ item.key }}{% if env == 'staging' %}.stg{% endif %}.crt
dest=/etc/pki/rabbitmq/{{ item.username }}/{{ item.key }}.crt
owner={{ item.username }} group=root mode=0644
with_items: "{{ messaging.certificates }}"
tags:
- fedora-messaging
- name: "Copy fedora messaging ca.crt for readers"
ansible.builtin.copy: src={{ private }}/files/rabbitmq/{{ env }}/ca-combined.crt
dest=/etc/pki/rabbitmq/{{ item.username }}/ca.crt
owner={{ item.username }} group=root mode=0644
with_items: "{{ messaging.certificates }}"
tags:
- fedora-messaging
- name: "Install the toml configuration file"
ansible.builtin.template: src="messaging.toml.j2" dest="/etc/fedora-messaging/{{ item.username }}.toml"
owner=root group=root mode=644
vars:
- msg_username: "{{ item.username }}"
- msg_appname: "{{ item.app_name }}"
with_items: "{{ messaging.certificates }}"
tags:
- fedora-messaging
- name: "Make sure the user exists on broker"
include_role: name=rabbit/user
vars:
- user_name: "{{ item.username }}{{ env_suffix }}"
user_sent_topics: "{{ item.sent_topics }}"
with_items: "{{ messaging.certificates }}"
tags:
- fedora-messaging
Reference in a new issue View git blame Copy permalink