Skip to content

Commit a0c0ab8

Browse files
m-bullm-bull
committed
Configure TLS on local Pulp
1 parent 251b4c5 commit a0c0ab8

File tree

3 files changed

+36
-3
lines changed

3 files changed

+36
-3
lines changed

etc/kayobe/containers/pulp/pre.yml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,3 +19,24 @@
1919
dest: /opt/kayobe/containers/pulp/settings.py
2020
mode: 0644
2121
become: true
22+
23+
- name: Configure TLS for local Pulp
24+
when: pulp_enable_tls
25+
become: true
26+
block:
27+
- name: Ensure /opt/kayobe/containers/pulp/certs exists
28+
file:
29+
path: "/opt/kayobe/containers/pulp/certs"
30+
state: directory
31+
32+
- name: Copy TLS cert and key into container directory
33+
template:
34+
src: "{{ item.src }}"
35+
dest: "/opt/kayobe/containers/pulp/certs/{{ item.dest }}"
36+
mode: 0644
37+
become: true
38+
loop:
39+
- src: "{{ pulp_cert_path }}"
40+
dest: 'pulp_webserver.crt'
41+
- src: "{{ pulp_key_path }}"
42+
dest: 'pulp_webserver.key'

etc/kayobe/pulp.yml

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,22 @@
11
---
22
###############################################################################
3-
# Local Pulp access credentials
3+
# Local Pulp server configuration
44

55
# Base URL of the local Pulp service.
66
# Default uses the seed node's IP on the admin network.
7-
pulp_url: "http://{{ admin_oc_net_name | net_ip(groups['seed'][0]) }}:80"
7+
pulp_url: "{{ 'https' if pulp_enable_tls else 'http' }}://{{ admin_oc_net_name | net_ip(groups['seed'][0]) }}:80"
8+
9+
# Whether to enable TLS for Pulp.
10+
pulp_enable_tls: false
11+
12+
# Path to a TLS certificate to use when TLS is enabled.
13+
#pulp_cert_path:
14+
15+
# Path to a TLS key to use when TLS is enabled.
16+
#pulp_key_path:
17+
18+
###############################################################################
19+
# Local Pulp access credentials
820

921
# Credentials used to access the local Pulp REST API.
1022
pulp_username: admin

etc/kayobe/seed.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,7 @@ seed_pulp_container:
9696
image: pulp/pulp
9797
pre: "{{ kayobe_config_path }}/containers/pulp/pre.yml"
9898
post: "{{ kayobe_config_path }}/containers/pulp/post.yml"
99-
tag: "3.16"
99+
tag: "{{ '3.16-https' if pulp_enable_tls else '3.16' }}"
100100
network_mode: host
101101
volumes:
102102
- /opt/kayobe/containers/pulp:/etc/pulp

0 commit comments

Comments
 (0)