--- - name: Create certs directory file: path: /etc/octavia/certs/ state: directory - name: Register a fact for the cert and key set_fact: octavia_ca_private_key_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_ca_private_key']['content'] | b64decode }}" octavia_ca_certificate_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_ca_certificate']['content'] | b64decode }}" octavia_server_ca_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_server_ca']['content'] | b64decode }}" octavia_client_ca_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_client_ca']['content'] | b64decode }}" octavia_client_cert_fact: "{{ hostvars[octavia_cert_setup_host]['_octavia_client_cert']['content'] | b64decode }}" when: octavia_cert_setup_host != 'localhost' - name: Register a fact for the cert and key set_fact: octavia_ca_private_key_fact: "{{ _octavia_ca_private_key['content'] | b64decode }}" octavia_ca_certificate_fact: "{{ _octavia_ca_certificate['content'] | b64decode }}" octavia_server_ca_fact: "{{ _octavia_server_ca['content'] | b64decode }}" octavia_client_ca_fact: "{{ _octavia_client_ca['content'] | b64decode }}" octavia_client_cert_fact: "{{ _octavia_client_cert['content'] | b64decode }}" when: octavia_cert_setup_host == 'localhost' - name: Copy certificates copy: content: "{{ item.content }}" dest: "{{ item.dest }}" owner: "{{ octavia_system_user_name }}" group: "{{ octavia_system_group_name }}" mode: "0640" with_items: - content: "{{ octavia_ca_private_key_fact }}" dest: "/etc/octavia/certs/ca_key.pem" - content: "{{ octavia_ca_certificate_fact }}" dest: "/etc/octavia/certs/ca.pem" - content: "{{ octavia_server_ca_fact }}" dest: "/etc/octavia/certs/server_ca.pem" - content: "{{ octavia_client_ca_fact }}" dest: "/etc/octavia/certs/client_ca.pem" - content: "{{ octavia_client_cert_fact }}" dest: "/etc/octavia/certs/client.pem" notify: - Restart octavia services - Restart uwsgi services