Do not manage /etc/ssl or /etc/pki directories or symlinks

For a metal deployment the keystone and horizon roles both try to do this and it should be done in one place. This is moved to the openstack_hosts role. Depends-On: https://review.opendev.org/757612 Change-Id: Iba607a89b104ef8a63c9f956e2cd60f6b7ca4466
2020-09-24 14:23:45 +01:00 · 2020-09-24 14:23:45 +01:00 · dd4fa70d11
commit dd4fa70d11
parent 89119bb5f8
1 changed files with 0 additions and 4 deletions
--- a/tasks/keystone_install.yml
+++ b/tasks/keystone_install.yml
@ -21,8 +21,6 @@
    group: "{{ item.group|default(keystone_system_group_name) }}"
    mode: "{{ item.mode|default('0755') }}"
  with_items:
-    - { path: "/etc/pki/tls/certs", owner: "root", group: "root" }
-    - { path: "/etc/pki/tls/private", owner: "root", group: "root" }
    - { path: "/var/lock/keystone", mode: "2755" }
    - { path: "/var/log/httpd", mode: "2755" }
  when:
@ -34,8 +32,6 @@
    dest: "{{ item.dest }}"
    state: "link"
  with_items:
-    - { src: "/etc/pki/tls/certs", dest: "/etc/ssl/certs" }
-    - { src: "/etc/pki/tls/private", dest: "/etc/ssl/private" }
    - { src: "/var/log/httpd", dest: "/var/log/apache2" }
  when:
    - ansible_pkg_mgr in ['yum', 'dnf']