blob: 9ae41f957c7b05e44ddbaeb83acaf7850af3cbd0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
# Instance configuration for Baserock Trove server.
#
# This configuration can be easily done using the 'TROVE_' variables of trove.configure
# extension, but it's better to deploy the Trove as 'TROVE_GENERIC' and configure
# it later using this playbook. This is for:
#
# - Making upgrades easier. After initial deployment and post-deployment configuration,
# you will only need to deploy a generic Trove as an upgrade.
#
# - Not storing private data in images in OpenStack. We have shared our images with
# other tenants by mistake in the past, and I'd like to avoid this possibility.
---
- hosts: git
gather_facts: False
sudo: yes
tasks:
- name: Install SSL certificate
copy:
content: "{{ lookup('file', '../private/git-with-key.pem') }}"
dest: /etc/trove/baserock.pem
mode: 400
- name: Install CA chain certificate
copy:
src: ../certs/letsencrypt-ca.pem
dest: /etc/trove/letsencrypt-ca.pem
- name: Install trove.conf configuration file
copy:
src: trove.conf
dest: /etc/trove/trove.conf
- name: Copy ssh keys
copy:
content: "{{ lookup('file', '../private/{{ item }}') }}\n"
dest: /etc/trove/{{ item }}
with_items:
- admin.key.pub
- lorry.key
- lorry.key.pub
- worker.key.pub
- name: Restart the trove-setup service to configure the trove
service:
name: trove-setup
state: restarted
|