Code Review / ta / caas-security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Update cert role to enable to load them to secrets
[ta/caas-security.git] / ansible / roles / cert / vars / main.yml
diff --git a/ansible/roles/cert/vars/main.yml b/ansible/roles/cert/vars/main.yml
index 50c63df..aaf7166 100644 (file)
--- a/ansible/roles/cert/vars/main.yml
+++ b/ansible/roles/cert/vars/main.yml
@@ -21,3 +21,7 @@ _conf_file: "{{ conf_file | default('node.conf') }}"
 _expiry: "{{ cert_expiry | default('1825') }}"
 _subject: "/CN={{ _cn }}{% if _org %}/O={{ _org }}{% endif %}"
 _alt_names: "{{ alt_names | default( {'dns':[], 'ip':[]} ) }}"
+_secret_name: "{{ secret_name | default ( '' ) }}"
+_secret_type: "{{ sercret_type | default ( 'tls' ) }}"
+_secret_ns: "{{ secret_ns | default ( 'kube-system' ) }}"
+_keep_files: "{{ keep_files | default ( true ) }}"
contains all the code related to managing users, certificates for TLS, authentication, authorization, and hardening of the CaaS sub-system.