ansible-galaxy/patroni
1
0
Fork 0
mirror of https://gitea.0xace.cc/ansible-galaxy/patroni.git synced 2024-11-24 23:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

support forced custom ips and names in cert

Browse Source
This commit is contained in:
ace 2023-10-09 03:05:06 +03:00
parent c1f47b991f
commit 117e6f630e
Signed by: ace
GPG Key ID: 2C08973DD37A76FD
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tasks/cacert.yaml
View File

@ -96,12 +96,22 @@
set_fact: set_fact:
patroni_server_subject_alt_names: "{{ groups[patroni_play_group] | default([]) | map('extract', hostvars, ['inventory_hostname']) | map('regex_replace', '^', 'DNS:') | list }}" patroni_server_subject_alt_names: "{{ groups[patroni_play_group] | default([]) | map('extract', hostvars, ['inventory_hostname']) | map('regex_replace', '^', 'DNS:') | list }}"
- name: Generate Patroni subject_alt_ips from patroni_cacert_force_append_ips
set_fact:
patroni_server_subject_alt_ips_force_append: "{{ patroni_cacert_force_append_ips | map('regex_replace', '^', 'IP:') | list }}"
when: patroni_cacert_force_append_ips is defined
- name: Generate Patroni subject_alt_names from patroni_cacert_force_append_names
set_fact:
patroni_server_subject_alt_names_force_append: "{{ patroni_cacert_force_append_names | map('regex_replace', '^', 'DNS:') | list }}"
when: patroni_cacert_force_append_names is defined
- name: Generate an OpenSSL Certificate Signing Request for client - name: Generate an OpenSSL Certificate Signing Request for client
community.crypto.openssl_csr: community.crypto.openssl_csr:
path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.csr" path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.csr"
privatekey_path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.key" privatekey_path: "{{ patroni_ssl_path }}/{{ patroni_self_signed_cert_name }}.key"
common_name: "{{ patroni_self_signed_cert_name }}" common_name: "{{ patroni_self_signed_cert_name }}"
subject_alt_name: "{{ patroni_server_subject_alt_ips | default([]) + patroni_server_subject_alt_names | default([]) + patroni_agent_subject_alt_ips | default([]) + patroni_agent_subject_alt_names | default([]) + patroni_server_subject_alt_ips_from_ansible_host | default([]) + patroni_server_subject_alt_ips_all_ipv4 | default([]) + patroni_agent_subject_alt_ips_from_ansible_host | default([]) }}" subject_alt_name: "{{ patroni_server_subject_alt_ips | default([]) + patroni_server_subject_alt_names | default([]) + patroni_agent_subject_alt_ips | default([]) + patroni_agent_subject_alt_names | default([]) + patroni_server_subject_alt_ips_from_ansible_host | default([]) + patroni_server_subject_alt_ips_all_ipv4 | default([]) + patroni_agent_subject_alt_ips_from_ansible_host | default([]) + patroni_server_subject_alt_ips_force_append | default([]) + patroni_server_subject_alt_names_force_append | default([]) }}"
owner: postgres owner: postgres
group: postgres group: postgres
register: patroni_csr register: patroni_csr