now we goin to set-up root-ca
Some checks failed
Gitea Actions Demo / Explore-Gitea-Actions (push) Has been cancelled
Some checks failed
Gitea Actions Demo / Explore-Gitea-Actions (push) Has been cancelled
This commit is contained in:
hogweed1
@@ -23,4 +23,5 @@
|
||||
- import_playbook: packages.yml
|
||||
- import_playbook: resolvconf.yml
|
||||
- import_playbook: users.yml
|
||||
- import_playbook: exporters.yml
|
||||
- import_playbook: exporters.yml
|
||||
- import_playbook: pmc314-ca.yml
|
||||
19
playbooks/pmc314-ca.yml
Normal file
19
playbooks/pmc314-ca.yml
Normal file
@@ -0,0 +1,19 @@
|
||||
---
|
||||
- name: Install root CA certificate on Debian nodes
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: Copy root CA certificate to trust store
|
||||
ansible.builtin.get_url:
|
||||
url: http://example.lan
|
||||
dest: /usr/local/share/ca-certificates/pmc314_root-ca.crt
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
# Игнорируем ошибку недоверенного SSL при первом подключении
|
||||
validate_certs: false
|
||||
register: ca_cert_downloaded
|
||||
|
||||
- name: Update CA certificates certificates store
|
||||
ansible.builtin.command: update-ca-certificates
|
||||
when: ca_cert_downloaded.changed
|
||||
Reference in New Issue
Block a user