ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/files/deploy_certs.sh
@@ -1,2 +1,4 @@ #!/bin/bash ansible-playbook ./deploy_certs.yml pushd ~/certbot/config/renewal-hooks/deploy ansible-playbook ./deploy_certs.yml -e cluster_name="{{cluster_name}}" popd ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/files/deploy_certs.yml
@@ -11,6 +11,8 @@ - _certbot_install_dir: "/home/{{ ansible_user }}/certificates" - _certbot_remote_dir: "/home/{{ ansible_user }}" - _certbot_dir: "{{ _certbot_remote_dir }}/certbot" environment: KUBECONFIG: /home/{{ansible_user}}/{{cluster_name}}/auth/kubeconfig tasks: - name: Determine API server hostname shell: "oc whoami --show-server | cut -f 2 -d ':' | cut -f 3 -d '/' | sed 's/-api././'" @@ -52,7 +54,7 @@ - name: Create new Ingress Controller Certificate k8s: state: present definition: "{{ lookup('template', './router-certs.j2' ) | from_yaml }}" definition: "{{ lookup('template', './templates/router-certs.j2' ) | from_yaml }}" - name: Find Ingress Controller Pods k8s_facts: @@ -107,4 +109,3 @@ regexp: "^ +certificate-authority-data:" state: absent loop: "{{r_config_files.files}}" ansible/roles/ocp4-workload-enable-lets-encrypt-certificates/tasks/workload.yml
@@ -94,21 +94,30 @@ - name: Install redeploy hook scripts copy: src: ./files/deploy_certs.sh dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/deploy_certs.sh" dest: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/deploy_certs.sh" mode: 0775 owner: "{{ ansible_user }}" - name: Install redeploy hook playbook copy: src: "./files/deploy_certs.yml" dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/deploy_certs.yml" src: "./files/{{ item }}" dest: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/{{ item }}" mode: 0664 owner: "{{ ansible_user }}" loop: - deploy_certs.yml - name: Create template dir file: name: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/templates" state: directory owner: "{{ ansible_user }}" mode: 0775 - name: Install redeploy secret templates copy: src: "./templates/{{ item }}" dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/{{ item }}" dest: "/home/{{ ansible_user }}/certbot/config/renewal-hooks/deploy/templates/{{ item }}" mode: 0664 owner: "{{ ansible_user }}" loop: