From cc583f30f881ba956fb4f1402aa4dd1608b27da2 Mon Sep 17 00:00:00 2001 From: Markos Chandras Date: Tue, 28 Aug 2018 14:55:28 +0100 Subject: Revert "xci: osa: Disable haproxy ssl configuration" This reverts commit 42501f0ef7e0f0729b1c780102fb9713ef383fb3. This also removes the entire SSL management code and we let the haproxy_server role generate the certificates for us. We also need to bump the openrc role to include an upstream patch which fixes the openrc template file. deploy-scenario:os-nosdn-nofeature installer-type:osa Change-Id: I9bb590c9f1d5bc63519cfb4794dc15f794cc5b07 Signed-off-by: Markos Chandras --- xci/playbooks/manage-ssl-certs.yml | 32 -------------------------------- 1 file changed, 32 deletions(-) delete mode 100644 xci/playbooks/manage-ssl-certs.yml (limited to 'xci/playbooks/manage-ssl-certs.yml') diff --git a/xci/playbooks/manage-ssl-certs.yml b/xci/playbooks/manage-ssl-certs.yml deleted file mode 100644 index d0c5c518..00000000 --- a/xci/playbooks/manage-ssl-certs.yml +++ /dev/null @@ -1,32 +0,0 @@ -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2018 SUSE Linux GmbH and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -- name: Install required pip packages for SSL - pip: - name: pyOpenSSL - state: present - extra_args: "{{ extra_args | default(omit) }}" - -- name: Generate XCI private key - openssl_privatekey: - path: /etc/ssl/private/xci.key - size: 2048 - -- name: Generate XCI certificate request - openssl_csr: - privatekey_path: /etc/ssl/private/xci.key - path: /etc/ssl/private/xci.csr - common_name: "{{ xci_ssl_subject }}" - -- name: Generate XCI self signed certificate - openssl_certificate: - path: /etc/ssl/certs/xci.crt - privatekey_path: /etc/ssl/private/xci.key - csr_path: /etc/ssl/private/xci.csr - provider: selfsigned - selfsigned_not_after: 20800101000000Z -- cgit 1.2.3-korg