diff options
author | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2015-11-11 16:19:58 +0000 |
---|---|---|
committer | Baserock Gerrit <gerrit@baserock.org> | 2015-11-19 14:09:28 +0000 |
commit | e210c2b5a0371b7e01df0c026fb0e323116a20ed (patch) | |
tree | 7875fc0df25e1687548717068b20179e55ef39d7 /baserock_trove/configure-trove.yml | |
parent | 602cea4a31b9acf9e61bfc8e40412c690a9ec823 (diff) | |
download | infrastructure-e210c2b5a0371b7e01df0c026fb0e323116a20ed.tar.gz |
baserock_trove: Add files needed for deploying the Trove
Change-Id: I9c45959dd27e5d9c4daf8566ef82806c25e85196
Diffstat (limited to 'baserock_trove/configure-trove.yml')
-rw-r--r-- | baserock_trove/configure-trove.yml | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/baserock_trove/configure-trove.yml b/baserock_trove/configure-trove.yml new file mode 100644 index 00000000..f832e810 --- /dev/null +++ b/baserock_trove/configure-trove.yml @@ -0,0 +1,51 @@ +# Instance configuration for Baserock Trove server. +# +# This configuration can be easily done using the 'TROVE_' variables of trove.configure +# extension, but it's better to deploy the Trove as 'TROVE_GENERIC' and configure +# it later using this playbook. This is for: +# +# - Making upgrades easier. After initial deployment and post-deployment configuration, +# you will only need to deploy a generic Trove as an upgrade. +# +# - Not storing private data in images in OpenStack. We have shared our images with +# other tenants by mistake in the past, and I'd like to avoid this possibility. +--- +- hosts: git + gather_facts: False + sudo: yes + tasks: + + # To create the .pem file, simply concatenate + # certs/baserock.org-ssl-certificate-temporary-dsilverstone.full.cert with + # the private key for that certificate (which is not committed to Git, of + # course). + - name: Install SSL certificate + copy: + src: ../private/baserock.org-ssl-certificate-temporary-dsilverstone.pem + dest: /etc/trove/baserock.pem + mode: 400 + + - name: Install CA chain certificate + copy: + src: ../certs/startcom-class2-ca-chain-certificate.cert + dest: /etc/trove/startcom-ca.pem + + - name: Install trove.conf configuration file + copy: + src: trove.conf + dest: /etc/trove/trove.conf + + - name: Copy ssh keys + copy: + src: ../private/{{ item }} + dest: /etc/trove/{{ item }} + with_items: + - admin.key.pub + - lorry.key + - lorry.key.pub + - worker.key.pub + + - name: Restart the trove-setup service to configure the trove + service: + name: trove-setup + state: restarted |