5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 - name: Set basic facts
25 - name: Check if custom pem installed during deploy
27 path: "/opt/installer-ui/certificates/certificate.pem"
28 register: stat_result_deploy
32 - name: Set fact deploy_pem
36 pem_location: "/opt/installer-ui/certificates/certificate.pem"
37 when: stat_result_deploy.stat.exists == True
41 - name: Check if pem is uploaded
43 path: "/tmp/certificate.pem"
44 register: stat_result_uploaded
47 when: deploy_pem == False
49 - name: Set fact upload_pem
53 pem_location: "/tmp/certificate.pem"
54 when: stat_result_uploaded.stat.exists == True
58 - name: Validate certificate
60 path: "{{ pem_location }}"
65 when: upload_pem == True or deploy_pem == True
67 - name: Synchronize pem
69 src: "{{ pem_location }}"
70 dest: "/tmp/certificate.pem"
74 when: upload_pem == True or deploy_pem == True
78 src: "/tmp/certificate.pem"
79 dest: "/etc/ssl/private/certificate.pem"
82 when: upload_pem == True or deploy_pem == True
84 - name: Set permissions for pem
86 path: "/etc/ssl/private/certificate.pem"
92 when: upload_pem == True or deploy_pem == True
94 - name: Restart haproxy
99 daemon_reload: "{{ (ansible_service_mgr == 'systemd') | ternary('yes', omit) }}"
102 when: upload_pem == True or deploy_pem == True