restic: Trust dch-root-ca certificate
Since the MinIO server that Restic uses to store snapshots has a certificate signed by the DCH CA, we need to trust the root certificate in order to communicate with it. Existing servers already had this CA trusted by the `pyrocufflink.yml` playbook, but new servers are not (usually) AD domain members anymore, so we need to be explicit now.unifi-restore
parent
daa59bdba5
commit
572022b557
|
|
@ -1,5 +1,10 @@
|
||||||
- hosts: restic
|
- hosts: restic
|
||||||
roles:
|
roles:
|
||||||
|
- role: trustca
|
||||||
|
ca: dch-root-ca-r2
|
||||||
|
tags:
|
||||||
|
- trustca
|
||||||
|
- dch-root-ca
|
||||||
- role: restic
|
- role: restic
|
||||||
tags:
|
tags:
|
||||||
- restic
|
- restic
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue