36 lines
958 B
YAML
36 lines
958 B
YAML
- name: Configure fallback name resolution
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/hosts
|
|
line: "{{ vapp['metacluster.vip'] }} {{ item ~ '.' ~ vapp['metacluster.fqdn'] }}"
|
|
state: present
|
|
loop:
|
|
# TODO: Make this list dynamic
|
|
- ca
|
|
- git
|
|
- gitops
|
|
- ingress
|
|
- registry
|
|
- storage
|
|
|
|
- name: Retrieve root CA certificate
|
|
ansible.builtin.uri:
|
|
url: https://ca.{{ vapp['metacluster.fqdn'] }}/roots
|
|
validate_certs: no
|
|
method: GET
|
|
status_code: [200, 201]
|
|
register: rootca_certificate
|
|
|
|
- name: Store root CA certificate
|
|
ansible.builtin.copy:
|
|
dest: /usr/local/share/ca-certificates/root_ca.crt
|
|
content: "{{ rootca_certificate.json.crts | list | join('\n') }}"
|
|
|
|
- name: Update certificate truststore
|
|
ansible.builtin.command:
|
|
cmd: update-ca-certificates
|
|
|
|
- name: Remove redundant files
|
|
ansible.builtin.file:
|
|
path: /var/lib/rancher/k3s/server/manifests/traefik-config.yaml
|
|
state: absent
|