Provision nebula certs using Ansible
This commit is contained in:
parent
92815a6f76
commit
08ff5dcf94
4 changed files with 69 additions and 1 deletions
18
ansible/roles/nebula/files/ca.crt
Normal file
18
ansible/roles/nebula/files/ca.crt
Normal file
|
@ -0,0 +1,18 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
64383034666438336663396339636630323434633037373635386466633163396435336230303736
|
||||
3562386239313435373566373161343932306333356365610a363238356132363465626139643233
|
||||
32343862303066386533303536336335333034326564343030366435643765643032336635646437
|
||||
3131653964356437310a616138306362626139376662373866343238623363646236376364646661
|
||||
34306461373835373037383038626266663565346466393933613836663230643263303361356465
|
||||
31396532656262303336303839383264303435633437303463666338356465616339666231346265
|
||||
31626134613162663461356130373036663366623437653934376462616234373266663435353365
|
||||
30646534353931363766303366393235303964613332316434306366346336363866323235346363
|
||||
63363932626364313731356635323338623766306338653331323363643561643132643630333965
|
||||
39343766393061663039373630666136653635386535346462323937633164663937383762643962
|
||||
34666531363530653163303364633638633838613433353836393830306333656634383137636538
|
||||
36353538383135646138653939613863323866616634643432383437393065653535633734383434
|
||||
35643161343662626466366136393533666234646431313631353631616631366236656365366465
|
||||
37373735636533633762646661653931323533316634336631303834393438646233363866623663
|
||||
61396364303139326539666166633535666639393332346131303539653835616261653436333666
|
||||
38666363323533333631303938663065336163643430373636393866323136646662356333373761
|
||||
3366
|
20
ansible/roles/nebula/files/certs/casey.crt
Normal file
20
ansible/roles/nebula/files/certs/casey.crt
Normal file
|
@ -0,0 +1,20 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
64613133383265373737643031303930643035303131303331313864306332323231616534663731
|
||||
6332326533376638613331386665346166366632376465610a326635366539313466346663336361
|
||||
30366163666530626132373633653732333930306236383934353730336334653366316533333532
|
||||
6462326439306639330a633333373363613339303635373235643961346630373261316365336666
|
||||
63643135366363376666313839656537383265636330323238323738356634343933376334383866
|
||||
66346338316166303332636663396365363339386462356666303038353062633839333339633633
|
||||
66303265666464313737346431313463393265616134346138623763343261646334313061396364
|
||||
34646663633538343965653464343933633062343633643064326463653932383739326430656433
|
||||
62316337626135653534613035363235343135333435646264613664386236623632306465376266
|
||||
31306666656463333561373232343061393034356336393339386135306364363533643965613361
|
||||
34613939653765646263353863633462623434393961396335303735336433653866373534313130
|
||||
64366632313764633636353265383332303561343435333135656230656336316235353734363265
|
||||
63373033613161303736373065323565336638386537656235333639303262383437643739333762
|
||||
31323636373239623838303834353130623038633933306238333632323533303731353539383465
|
||||
34366464366161626163363163323365333932396231333930336132313563323062626334313930
|
||||
64373562366164613964613534306161366531643530343331313538383461666537306639663965
|
||||
62343036386166323036653266343362323961613432336466313731333561636234386662333264
|
||||
64393463303336643231616531393365383632303030616337336234393137393939333130633339
|
||||
333837383764333662313933666132383837
|
11
ansible/roles/nebula/files/certs/casey.key
Normal file
11
ansible/roles/nebula/files/certs/casey.key
Normal file
|
@ -0,0 +1,11 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31386138633139343335346361323831306435383234653738613139376138393138383964633031
|
||||
3337346361396334636433393538666433666136353337360a376435363861393333666438383765
|
||||
35383334303931383331303161303738636437303135623833356462393766633262666433316232
|
||||
6631356631383164620a383265376365643032623835346238353130356463383139623436303935
|
||||
32636463613164613533313633333838396531303431393938393163633566363433613630303435
|
||||
36633138366362623636653565343637633338306534393236643030653532623563613834633538
|
||||
31663565626138376231643537306362336334336334353662633166653630366438633636633765
|
||||
33636362333630653064326165336334396538653332323332656634656361613335373939636264
|
||||
64356163336138316235626331373637316661363233366535356532323539653166303234346162
|
||||
3062666234396362623664626535326534376535346233376232
|
|
@ -22,11 +22,30 @@
|
|||
become: true
|
||||
notify: restart nebula
|
||||
|
||||
- name: Install CA certificate
|
||||
template:
|
||||
src: files/ca.crt
|
||||
dest: /etc/nebula/ca.crt
|
||||
mode: "0600"
|
||||
become: true
|
||||
notify: restart nebula
|
||||
|
||||
- name: Install client certificates
|
||||
template:
|
||||
src: files/certs/{{ item }}
|
||||
dest: /etc/nebula/{{ item }}
|
||||
mode: "0600"
|
||||
loop:
|
||||
- "{{ ansible_fqdn }}.key"
|
||||
- "{{ ansible_fqdn }}.crt"
|
||||
become: true
|
||||
notify: restart nebula
|
||||
|
||||
- name: Install service
|
||||
get_url:
|
||||
url: https://raw.githubusercontent.com/slackhq/nebula/v{{ nebula_version }}/dist/arch/nebula.service
|
||||
dest: /usr/lib/systemd/system/nebula.service
|
||||
mode: '0644'
|
||||
mode: "0644"
|
||||
become: true
|
||||
|
||||
- name: Enable service
|
||||
|
|
Loading…
Reference in a new issue