afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make cert generation idempotent

Browse Source
This commit is contained in:
Manuel Gutierrez 2020-06-12 17:36:18 +02:00
parent be21ad434e
commit bbbc656985
No known key found for this signature in database
GPG Key ID: CEB8789DAED15AAD
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
roles/opendistro/opendistro-elasticsearch/tasks/local_actions.yml
View File

@ -31,13 +31,13 @@
template: template:
src: "templates/tlsconfig.yml.j2" src: "templates/tlsconfig.yml.j2"
dest: "{{ local_certs_path }}/config/tlsconfig.yml" dest: "{{ local_certs_path }}/config/tlsconfig.yml"
register: tlsconfig_template
- name: Create a directory if it does not exist - name: Create a directory if it does not exist
file: file:
path: "{{ local_certs_path }}/certs/" path: "{{ local_certs_path }}/certs/"
state: directory state: directory
mode: '0755' mode: '0755'
delegate_to: localhost
- name: Local action | Check if root CA file exists - name: Local action | Check if root CA file exists
stat: stat:
@ -51,7 +51,9 @@
-ca -crt -ca -crt
-t {{ local_certs_path }}/certs/ -t {{ local_certs_path }}/certs/
-f -o -f -o
when: not root_ca_file.stat.exists when:
- not root_ca_file.stat.exists
- tlsconfig_template.changed
- name: Local action | Generate the node & admin certificates using an existing root CA - name: Local action | Generate the node & admin certificates using an existing root CA
command: >- command: >-
@ -60,7 +62,9 @@
-crt -crt
-t {{ local_certs_path }}/certs/ -t {{ local_certs_path }}/certs/
-f -f
when: root_ca_file.stat.exists when:
- root_ca_file.stat.exists
- tlsconfig_template.changed
run_once: true run_once: true
delegate_to: localhost delegate_to: localhost