Add a cron job to expose the rabbitmq certs

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

roles/batcave/files/make-rabbitmq-certs-public.sh

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+BASE_SRC_DIR=/srv/private/ansible/files/rabbitmq
+BASE_DEST_DIR=/var/cache/rabbitmq-certs
+
+set -e
+
+for env in staging production; do
+        dest_dir=${BASE_DEST_DIR}/${env}
+        mkdir -p ${dest_dir}
+        cp -a ${BASE_SRC_DIR}/${env}/pki/issued/*.crt ${dest_dir}/
+        chmod 644 ${dest_dir}/*.crt
+done

roles/batcave/tasks/main.yml

@@ -88,6 +88,17 @@
   - batcave
   - config
   when: inventory_hostname.startswith('batcave01')
+
+- name: setup cron to expose the rabbitmq certs
+  copy:
+    src: make-rabbitmq-certs-public.sh
+    dest: /etc/cron.daily/make-rabbitmq-certs-public
+    mode: 0755
+  tags:
+  - batcave
+  - config
+  when: inventory_hostname.startswith('batcave01')
+
 #
 # Set selinux booleans we need
 #