James Tombleson
b7facd7394
Added Sensu Moved default role downloads to ./roles Added unattended-upgrades
32 lines
985 B
YAML
32 lines
985 B
YAML
---
|
|
# tasks/ssl.yml: Deploy the client SSL cert/key to client systems
|
|
|
|
- name: Include ansible_distribution vars
|
|
include_vars:
|
|
file: "{{ ansible_distribution }}.yml"
|
|
|
|
- name: Ensure Sensu SSL directory exists
|
|
file:
|
|
dest: "{{ sensu_config_path }}/ssl"
|
|
state: directory
|
|
owner: "{{ sensu_user_name }}"
|
|
group: "{{ sensu_group_name }}"
|
|
when: sensu_ssl_manage_certs
|
|
|
|
- include_tasks: "{{ role_path }}/tasks/ssl_generate.yml"
|
|
when: sensu_ssl_gen_certs
|
|
|
|
- name: Deploy the Sensu client SSL cert/key
|
|
copy:
|
|
src: "{{ item.src }}"
|
|
owner: "{{ sensu_user_name }}"
|
|
remote_src: "{{ sensu_ssl_deploy_remote_src }}"
|
|
group: "{{ sensu_group_name }}"
|
|
dest: "{{ sensu_config_path }}/ssl/{{ item.dest }}"
|
|
mode: " {{ item.perm }}"
|
|
loop:
|
|
- {src: "{{ sensu_ssl_client_cert }}", dest: cert.pem, perm: "0640" }
|
|
- {src: "{{ sensu_ssl_client_key }}", dest: key.pem, perm: "0640" }
|
|
notify: restart sensu-client service
|
|
when: sensu_ssl_manage_certs
|