Skip to content

Change server connect cert/key vars to use pki vars #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kvelarde-itential merged 1 commit into from
Sep 23, 2025
Merged

Change server connect cert/key vars to use pki vars #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 2 additions & 7 deletions roles/gateway_server/defaults/main/connect.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,5 @@ gateway_server_connect_server_ha_enabled: false
gateway_server_connect_server_ha_is_primary: false

gateway_server_connect_insecure_tls: false
gateway_server_connect_certificate_filename: gw-manager-key.pem
gateway_server_connect_certificate_file: "{{ gateway_server_pki_dir }}/{{ gateway_server_connect_certificate_filename }}"
gateway_server_connect_private_key_filename: gw-manager-key.pem
gateway_server_connect_private_key_file: "{{ gateway_server_pki_dir }}/{{ gateway_server_connect_private_key_filename }}"

gateway_server_connect_local_certificate_file:
gateway_server_connect_local_private_key_file:
gateway_server_connect_certificate_file: "{{ gateway_server_pki_cert_dest }}"
gateway_server_connect_private_key_file: "{{ gateway_server_pki_key_dest }}"
2 changes: 1 addition & 1 deletion roles/gateway_server/defaults/main/secrets.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,5 @@
# Gateway secrets variables
###########################

gateway_server_secrets_encrypt_key_dir: "{{ gateway_server_data_dir }}/keys"
gateway_server_secrets_encrypt_key_dir: "{{ gateway_server_config_dir }}/keys"
gateway_server_secrets_encrypt_key_file: "{{ gateway_server_secrets_encrypt_key_dir }}/encryption-key"
5 changes: 2 additions & 3 deletions roles/gateway_server/tasks/validate-vars.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,16 @@
tags: always
block:
- name: Validate variables when uploading is configured on
when: gateway_upload_certs | bool
when: gateway_pki_upload | bool
block:
- name: Validate gateway_pki_src_dir variable is set
ansible.builtin.assert:
that:
- gateway_pki_src_dir is defined
- gateway_pki_src_dir is not none
fail_msg: gateway_pki_src_dir must be defined when
gateway_upload_certs is set to 'true'
fail_msg: gateway_pki_src_dir must be defined when gateway_pki_upload is set to 'true'

- name: Stat the local pki directory

Check warning on line 17 in roles/gateway_server/tasks/validate-vars.yml

View workflow job for this annotation

GitHub Actions / Ansible Lint

var-naming[no-role-prefix] 

Variables names from within roles should use gateway_server_ as a prefix. (register: stat_result)
ansible.builtin.stat:
path: "{{ gateway_pki_src_dir }}"
register: stat_result
Expand Down
Loading