summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorFabian von Feilitzsch <fabian@fabianism.us>2017-11-07 11:22:02 -0500
committerFabian von Feilitzsch <fabian@fabianism.us>2017-11-07 11:22:02 -0500
commitfabf4ca065397ce85164d7bc20facbb40d96a9da (patch)
treeeb97438a5d21f0589037c7b4282d36ca68d02546 /roles
parentf40c09ca56955b130f6357bc72a9877047c9b4b6 (diff)
downloadopenshift-fabf4ca065397ce85164d7bc20facbb40d96a9da.tar.gz
openshift-fabf4ca065397ce85164d7bc20facbb40d96a9da.tar.bz2
openshift-fabf4ca065397ce85164d7bc20facbb40d96a9da.tar.xz
openshift-fabf4ca065397ce85164d7bc20facbb40d96a9da.zip
Move fact definition that breaks when check to end of block
Diffstat (limited to 'roles')
-rw-r--r--roles/ansible_service_broker/tasks/generate_certs.yml22
1 files changed, 11 insertions, 11 deletions
diff --git a/roles/ansible_service_broker/tasks/generate_certs.yml b/roles/ansible_service_broker/tasks/generate_certs.yml
index 50156a35c..b1cb5fc58 100644
--- a/roles/ansible_service_broker/tasks/generate_certs.yml
+++ b/roles/ansible_service_broker/tasks/generate_certs.yml
@@ -9,25 +9,25 @@
mode: 0755
check_mode: no
- - set_fact:
- ansible_service_broker_certs_dir: "{{ openshift.common.config_base }}/ansible-service-broker"
-
- name: Create self signing ca cert
- command: 'openssl req -nodes -x509 -newkey rsa:4096 -keyout {{ ansible_service_broker_certs_dir }}/key.pem -out {{ ansible_service_broker_certs_dir }}/cert.pem -days 365 -subj "/CN=asb-etcd.openshift-ansible-service-broker.svc"'
+ command: 'openssl req -nodes -x509 -newkey rsa:4096 -keyout {{ openshift.common.config_base }}/ansible-service-broker/key.pem -out {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -days 365 -subj "/CN=asb-etcd.openshift-ansible-service-broker.svc"'
args:
- creates: '{{ ansible_service_broker_certs_dir }}/cert.pem'
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/cert.pem'
- name: Create self signed client cert
command: '{{ item.cmd }}'
args:
creates: '{{ item.creates }}'
with_items:
- - cmd: openssl genrsa -out {{ ansible_service_broker_certs_dir }}/client.key 2048
- creates: '{{ ansible_service_broker_certs_dir }}/client.key'
- - cmd: 'openssl req -new -key {{ ansible_service_broker_certs_dir }}/client.key -out {{ ansible_service_broker_certs_dir }}/client.csr -subj "/CN=client"'
- creates: '{{ ansible_service_broker_certs_dir }}/client.csr'
- - cmd: openssl x509 -req -in {{ ansible_service_broker_certs_dir }}/client.csr -CA {{ ansible_service_broker_certs_dir }}/cert.pem -CAkey {{ ansible_service_broker_certs_dir }}/key.pem -CAcreateserial -out {{ ansible_service_broker_certs_dir }}/client.pem -days 1024
- creates: '{{ ansible_service_broker_certs_dir }}/client.pem'
+ - cmd: openssl genrsa -out {{ openshift.common.config_base }}/ansible-service-broker/client.key 2048
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.key'
+ - cmd: 'openssl req -new -key {{ openshift.common.config_base }}/ansible-service-broker/client.key -out {{ openshift.common.config_base }}/ansible-service-broker/client.csr -subj "/CN=client"'
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.csr'
+ - cmd: openssl x509 -req -in {{ openshift.common.config_base }}/ansible-service-broker/client.csr -CA {{ openshift.common.config_base }}/ansible-service-broker/cert.pem -CAkey {{ openshift.common.config_base }}/ansible-service-broker/key.pem -CAcreateserial -out {{ openshift.common.config_base }}/ansible-service-broker/client.pem -days 1024
+ creates: '{{ openshift.common.config_base }}/ansible-service-broker/client.pem'
+
+ - set_fact:
+ ansible_service_broker_certs_dir: "{{ openshift.common.config_base }}/ansible-service-broker"
- set_fact:
etcd_ca_cert: "{{ lookup('file', '{{ ansible_service_broker_certs_dir }}/cert.pem') }}"