New file |
| | |
| | | --- |
| | | # This playbook redeploys Lets Encrypt certificates for master API and apps (router) |
| | | # It does not renew the certs, which is done by the acme.sh cronjob. |
| | | # |
| | | # Please ensure CA and key have not changed. |
| | | |
| | | - hosts: masters |
| | | gather_facts: no |
| | | become: yes |
| | | any_errors_fatal: yes |
| | | handlers: |
| | | - name: restart master API |
| | | service: |
| | | name: atomic-openshift-master-api |
| | | state: restarted |
| | | tasks: |
| | | - name: Copy certs and CA to master |
| | | copy: |
| | | src: "/root/.acme.sh/{{openshift_master_cluster_hostname}}/{{openshift_master_cluster_hostname}}.cer" |
| | | dest: "/etc/origin/master/named_certificates/{{openshift_master_cluster_hostname}}.cer" |
| | | backup: yes |
| | | notify: restart master API |
| | | |
| | | - import_playbook: /usr/share/ansible/openshift-ansible/playbooks/openshift-hosted/redeploy-router-certificates.yml |
| | | |