WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-25 19:11:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
dfddc08d9dbe6242bbc07ffa855e4fa947fe2b09
fedora-infra_ansible/tasks/keyserver.yml
Nick Bebout 605866f5cc Certificates should be owned by root
2013-08-23 01:47:16 +00:00

101 lines
2.8 KiB
YAML
Raw Blame History

---
- name: install sks
yum: name=sks state=installed
tags:
- packages
- name: install mod_ssl
yum: name=mod_ssl state=installed
tags:
- packages
- name: /srv/sks
file: >
path=/srv/sks
state=directory
owner=sks group=sks mode=0755
- name: /srv/sks/membership
copy: src=$files/keyserver/membership dest=/srv/sks/membership owner=sks group=sks mode=0644
tags:
- config
- name: /srv/sks/sksconf
copy: src=$files/keyserver/sksconf dest=/srv/sks/sksconf owner=sks group=sks mode=0644
tags:
- config
- name: /srv/sks/web
file: >
path=/srv/sks/web
state=directory
owner=sks group=sks mode=0755
- name: /srv/sks/web/index.html
copy: src=$files/keyserver/index.html dest=/srv/sks/web/index.html owner=sks group=sks mode=0644
tags:
- config
- name: /srv/sks/web/css.css
copy: src=$files/keyserver/css.css dest=/srv/sks/web/css.css owner=sks group=sks mode=0644
tags:
- config
- name: /etc/httpd/conf.d/sks.conf
copy: src=$files/keyserver/sks.conf dest=/etc/httpd/conf.d/sks.conf owner=root group=root mode=0644
tags:
- config
- name: /etc/httpd/conf.d/ssl.conf
copy: src=$files/keyserver/ssl.conf dest=/etc/httpd/conf.d/ssl.conf owner=root group=root mode=0644
tags:
- config
- name: /etc/pki/tls/wildcard-2013.fedoraproject.org.cert
copy: src=$puppet_private/httpd/wildcard-2013.fedoraproject.org.cert dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.cert owner=root group=root mode=0600
tags:
- config
- name: /etc/pki/tls/wildcard-2013.fedoraproject.org.key
copy: src=$puppet_private/httpd/wildcard-2013.fedoraproject.org.key dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.key owner=root group=root mode=0600
tags:
- config
- name: /etc/pki/tls/wildcard-2013.fedoraproject.org.intermediate.cert
copy: src=$puppet_private/httpd/wildcard-2013.fedoraproject.org.intermediate.cert dest=/etc/pki/tls/wildcard-2013.fedoraproject.org.intermediate.cert owner=root group=root mode=0600
tags:
- config
- name: /etc/pki/tls/keys_fedoraproject_org.crt.pem
copy: src=$puppet_private/keys_fedoraproject_org.crt.pem dest=/etc/pki/tls/keys_fedoraproject_org.crt.pem owner=root group=root mode=0600
tags:
- config
- name: /etc/pki/tls/keys_fedoraproject_org.key
copy: src=$puppet_private/keys_fedoraproject_org.key dest=/etc/pki/tls/keys_fedoraproject_org.key owner=root group=root mode=0600
tags:
- config
- cron: name="regenerate stats hourly"
hour="*"
minute="5"
job="killall -SIGUSR2 sks-db"
state=present
- name: Set sks-db to run on boot
service: name=sks-db enabled=yes
ignore_errors: true
notify:
- restart sks-db
tags:
- service
- name: Set sks-recon to run on boot
service: name=sks-recon enabled=yes
ignore_errors: true
notify:
- restart sks-recon
tags:
- service
Reference in New Issue View Git Blame Copy Permalink