-
Notifications
You must be signed in to change notification settings - Fork 22
/
Copy pathdeployVa.yml
41 lines (36 loc) · 962 Bytes
/
deployVa.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
---
# ansible-playbook -i inventory -l va01,pkiTlsCerts,pkiCsrCerts deployVa.yml
- hosts: pkiServers:eeVaServers
become: yes
become_method: sudo
roles:
- ansible-hostname
- ansible-role-mariadb
- ansible-ejbca-wildfly
- ansible-ejbca-pkc11-client
- ansible-ejbca-prep
- ansible-ejbca-va-ee
The group_vars for pkiTlsCerts needs to be updated with the TLS cert info needed to create the TLS cert.
This is not dynamically created.
- hosts: pkiTlsCerts
become: yes
become_method: sudo
gather_facts: false
roles:
- ansible-ejbca-certreq-cli
- hosts: pkiCsrCerts
become: yes
become_method: sudo
gather_facts: false
roles:
- ansible-ejbca-certreq-cli
- hosts: pkiServers:eeVaServers
become: yes
become_method: sudo
gather_facts: true
roles:
- ansible-ejbca-importcacrt
- ansible-ejbca-crl-import-export
- ansible-ejbca-peer-in
- ansible-ejbca-va-ocsp-bind
- ansible-pki-ss-httpd