Add playbook to set up blog certificate in k8s

author: alex <alex@pdp7.net> 2023-10-08 14:09:18 +0200
committer: alex <alex@pdp7.net> 2023-10-08 14:09:35 +0200
commit: 708a5f688babc1a23e85ced758665bb22d93919b (patch)
tree: fc92bf196ad301b5bb43b28b066f435a91513e67
parent: d5b26f7041b9d0f8ce02435b5235d2aa931ec5e2 (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/personal_infra/playbooks/setup_blog_keys.yaml b/personal_infra/playbooks/setup_blog_keys.yaml
new file mode 100644
index 00000000..b664bcb8
--- /dev/null
+++ b/personal_infra/playbooks/setup_blog_keys.yaml
@@ -0,0 +1,23 @@
+---
+- hosts: h1.pdp7.net
+  tasks:
+  - name: get public cert
+    ansible.builtin.slurp:
+      src: "/etc/apache2/md/domains/blog.pdp7.net/pubcert.pem"
+    register: public_cert
+  - name: get private key
+    ansible.builtin.slurp:
+      src: "/etc/apache2/md/domains/blog.pdp7.net/privkey.pem"
+    register: private_key
+  - k8s:
+      context: "admin@k8s-test.h1"
+      state: present
+      definition:
+        kind: Secret
+        metadata:
+          namespace: blog
+          name: tls-gemini
+        data:
+          tls.crt: "{{ public_cert.content }}"
+          tls.key: "{{ private_key.content }}"
+    delegate_to: 127.0.0.1
author	alex <alex@pdp7.net>	2023-10-08 14:09:18 +0200
committer	alex <alex@pdp7.net>	2023-10-08 14:09:35 +0200
commit	708a5f688babc1a23e85ced758665bb22d93919b (patch)
tree	fc92bf196ad301b5bb43b28b066f435a91513e67
parent	d5b26f7041b9d0f8ce02435b5235d2aa931ec5e2 (diff)