mirror of
https://gitea.0xace.cc/ansible-galaxy/patroni.git
synced 2024-11-28 17:46:40 +00:00
support forced custom ips and names in cert
This commit is contained in:
parent
c1f47b991f
commit
117e6f630e
@ -96,12 +96,22 @@
|
|||||||
set_fact:
|
set_fact:
|
||||||
patroni_server_subject_alt_names: "{{ groups[patroni_play_group] | default([]) | map('extract', hostvars, ['inventory_hostname']) | map('regex_replace', '^', 'DNS:') | list }}"
|
patroni_server_subject_alt_names: "{{ groups[patroni_play_group] | default([]) | map('extract', hostvars, ['inventory_hostname']) | map('regex_replace', '^', 'DNS:') | list }}"
|
||||||
|
|
||||||
|
- name: Generate Patroni subject_alt_ips from patroni_cacert_force_append_ips
|
||||||
|
set_fact:
|
||||||
|
patroni_server_subject_alt_ips_force_append: "{{ patroni_cacert_force_append_ips | map('regex_replace', '^', 'IP:') | list }}"
|
||||||
|
when: patroni_cacert_force_append_ips is defined
|
||||||
|
|
||||||
|
- name: Generate Patroni subject_alt_names from patroni_cacert_force_append_names
|
||||||
|
set_fact:
|
||||||
|
patroni_server_subject_alt_names_force_append: "{{ patroni_cacert_force_append_names | map('regex_replace', '^', 'DNS:') | list }}"
|
||||||
|
when: patroni_cacert_force_append_names is defined
|
||||||
|
|
||||||
- name: Generate an OpenSSL Certificate Signing Request for client
|
- name: Generate an OpenSSL Certificate Signing Request for client
|
||||||
community.crypto.openssl_csr:
|
community.crypto.openssl_csr:
|
||||||
path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.csr"
|
path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.csr"
|
||||||
privatekey_path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.key"
|
privatekey_path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.key"
|
||||||
common_name: "{{ patroni_self_signed_cert_name }}"
|
common_name: "{{ patroni_self_signed_cert_name }}"
|
||||||
subject_alt_name: "{{ patroni_server_subject_alt_ips | default([]) + patroni_server_subject_alt_names | default([]) + patroni_agent_subject_alt_ips | default([]) + patroni_agent_subject_alt_names | default([]) + patroni_server_subject_alt_ips_from_ansible_host | default([]) + patroni_server_subject_alt_ips_all_ipv4 | default([]) + patroni_agent_subject_alt_ips_from_ansible_host | default([]) }}"
|
subject_alt_name: "{{ patroni_server_subject_alt_ips | default([]) + patroni_server_subject_alt_names | default([]) + patroni_agent_subject_alt_ips | default([]) + patroni_agent_subject_alt_names | default([]) + patroni_server_subject_alt_ips_from_ansible_host | default([]) + patroni_server_subject_alt_ips_all_ipv4 | default([]) + patroni_agent_subject_alt_ips_from_ansible_host | default([]) + patroni_server_subject_alt_ips_force_append | default([]) + patroni_server_subject_alt_names_force_append | default([]) }}"
|
||||||
owner: postgres
|
owner: postgres
|
||||||
group: postgres
|
group: postgres
|
||||||
register: patroni_csr
|
register: patroni_csr
|
||||||
|
Loading…
Reference in New Issue
Block a user