Allow ansible group for self signed certificate distribution to be overidden
If this role is used outside the context of openstack-ansible then the self signed certificate distribution tasks will fail if the haproxy_all group is not defined, even if self signed certificates are not being used. Change-Id: Iebc4a293fa8e3566bc910de305e6519a25f2884f
This commit is contained in:
parent
dbc8fe1fe2
commit
aa737c5c42
|
@ -152,3 +152,6 @@ haproxy_bind_internal_lb_vip_address: "{{ internal_lb_vip_address }}"
|
|||
# Make the log socket available to the chrooted filesystem
|
||||
haproxy_log_socket: "/dev/log"
|
||||
haproxy_log_mount_point: "/var/lib/haproxy/dev/log"
|
||||
|
||||
# Ansible group name which should be used for distrtibuting self signed SSL Certificates
|
||||
haproxy_ansible_group_name: haproxy_all
|
||||
|
|
|
@ -16,9 +16,9 @@
|
|||
- name: Distribute self signed ssl key
|
||||
copy:
|
||||
dest: "{{ haproxy_ssl_key }}"
|
||||
content: "{{ hostvars[groups['haproxy_all'][0]]['haproxy_ssl_key_fact'] | b64decode }}"
|
||||
content: "{{ hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_key_fact'] | b64decode }}"
|
||||
mode: "0640"
|
||||
when: hostvars[groups['haproxy_all'][0]]['haproxy_ssl_key_fact'] is defined
|
||||
when: hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_key_fact'] is defined
|
||||
notify:
|
||||
- regen pem
|
||||
tags:
|
||||
|
@ -27,9 +27,9 @@
|
|||
- name: Distribute self signed ssl cert
|
||||
copy:
|
||||
dest: "{{ haproxy_ssl_cert }}"
|
||||
content: "{{ hostvars[groups['haproxy_all'][0]]['haproxy_ssl_cert_fact'] | b64decode }}"
|
||||
content: "{{ hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_cert_fact'] | b64decode }}"
|
||||
mode: "0640"
|
||||
when: hostvars[groups['haproxy_all'][0]]['haproxy_ssl_cert_fact'] is defined
|
||||
when: hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_cert_fact'] is defined
|
||||
notify:
|
||||
- regen pem
|
||||
tags:
|
||||
|
|
Loading…
Reference in New Issue