You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

21 lines
876 B

  1. ---
  2. - import_tasks: ../shared/issue_cert.yml
  3. vars:
  4. issue_cert_common_name: "{{ vault_pki_mounts.vault.roles[0].name }}"
  5. issue_cert_alt_names: "{{ groups['vault'] + ['localhost'] + (vault_ca_options['vault']['alt_names'].split(','))|default() }}"
  6. issue_cert_hosts: "{{ groups['vault'] }}"
  7. issue_cert_ip_sans: >-
  8. [
  9. {%- for host in groups['vault'] -%}
  10. "{{ hostvars[host]['ansible_default_ipv4']['address'] }}",
  11. {%- if hostvars[host]['ip'] is defined -%}
  12. "{{ hostvars[host]['ip'] }}",
  13. {%- endif -%}
  14. {%- endfor -%}
  15. "127.0.0.1","::1"
  16. ]
  17. issue_cert_mount_path: "{{ vault_pki_mounts.vault.name }}"
  18. issue_cert_path: "{{ vault_cert_dir }}/api.pem"
  19. issue_cert_role: "{{ vault_pki_mounts.vault.roles[0].name }}"
  20. issue_cert_url: "{{ vault_leader_url }}"
  21. when: vault_api_cert_needed