msvsphere
/
ansible-msvsphere.ci
12
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a98ad908f2'
${ noResults }
ansible-msvsphere.ci/roles/koji_server_ca/README.md

1.3 KiB
Raw Blame History

msvsphere.ci.koji_server_ca

An Ansible role that creates a Koji server CA and issues an HTTPS certificate.

For production Koji deployment it's recommended to use FreeIPA or other centralized certificate management system. This role is intended for development purposes.

The role creates the /etc/pki/koji directory and produces the following artifacts:

  • koji-ca.crt - CA certificate.
  • koji-ca.key - CA private key.
  • koji.msvsphere.test.key - Koji server HTTPS certificate private key.
  • build.msvsphere.test.csr - Koji server HTTPS certificate signing request.
  • build.msvsphere.test.crt - Koji server HTTPS certificate.
  • build.msvsphere.test.chain.crt - Koji server HTTPS certificate chain.

Here koji.msvsphere.test is the koji_server_ca_fqdn value.

Also, the role will add the CA certificate to the list of trusted certificates.

Variables

Variable Default value Type Description Required
koji_server_ca_fqdn string Koji server domain name. yes

Example playbook

---
- hosts: all
  roles:
    - role: msvsphere.ci.koji_server_ca
      koji_server_ca_fqdn: koji.msvsphere.test

License

MIT.

Authors