28 lines
667 B
YAML
28 lines
667 B
YAML
---
|
|
- name: certs | install cert generation script
|
|
copy:
|
|
src=make-ssl.sh
|
|
dest={{ kube_script_dir }}
|
|
mode=0500
|
|
changed_when: false
|
|
|
|
- name: certs | write openssl config
|
|
template:
|
|
src: "openssl.conf.j2"
|
|
dest: "{{ kube_config_dir }}/.openssl.conf"
|
|
|
|
- name: certs | run cert generation script
|
|
shell: >
|
|
{{ kube_script_dir }}/make-ssl.sh
|
|
-f {{ kube_config_dir }}/.openssl.conf
|
|
-g {{ kube_cert_group }}
|
|
-d {{ kube_cert_dir }}
|
|
args:
|
|
creates: "{{ kube_cert_dir }}/apiserver.pem"
|
|
|
|
- name: certs | check certificate permissions
|
|
file:
|
|
path={{ kube_cert_dir }}
|
|
group={{ kube_cert_group }}
|
|
owner=kube
|
|
recurse=yes
|