mirror of https://github.com/ceph/ceph-ansible.git
27 lines
811 B
YAML
27 lines
811 B
YAML
---
|
|
- name: install nss-tools on redhat
|
|
package:
|
|
name: nss-tools
|
|
state: present
|
|
when: ansible_pkg_mgr == "yum" or ansible_pkg_mgr == "dnf"
|
|
|
|
- name: install libnss3-tools on debian
|
|
package:
|
|
name: libnss3-tools
|
|
state: present
|
|
when: ansible_pkg_mgr == 'apt'
|
|
|
|
- name: create nss directory for keystone certificates
|
|
file:
|
|
path: "{{ radosgw_nss_db_path }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
|
|
- name: create nss entries for keystone certificates
|
|
shell: "{{ item }}"
|
|
with_items:
|
|
- "openssl x509 -in /etc/keystone/ssl/certs/ca.pem -pubkey |certutil -d {{ radosgw_nss_db_path }} -A -n ca -t 'TCu,Cu,Tuw'"
|
|
- "openssl x509 -in /etc/keystone/ssl/certs/signing_cert.pem -pubkey | certutil -A -d {{ radosgw_nss_db_path }} -n signing_cert -t 'P,P,P'"
|