65 lines
1.6 KiB
YAML
65 lines
1.6 KiB
YAML
- name: ensure container registries are configured
|
|
template:
|
|
src: registries.conf.j2
|
|
dest: /etc/containers/registries.d/40-registries.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
tags:
|
|
- config
|
|
- containers-registries
|
|
|
|
- name: ensure container registry certs directories exist
|
|
file:
|
|
path: /etc/containers/certs.d/{{ item }}
|
|
owner: root
|
|
group: root
|
|
mode: u=rwx,go=rx
|
|
state: directory
|
|
loop: '{{ container_registry_certs.keys() }}'
|
|
tags:
|
|
- config
|
|
- containers-certs
|
|
- name: ensure container registry ca certs are configured
|
|
copy:
|
|
content: |+
|
|
{{ container_registry_certs[item].ca }}
|
|
dest: /etc/containers/certs.d/{{ item }}/ca.crt
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
loop: '{{ container_registry_certs.keys() }}'
|
|
tags:
|
|
- config
|
|
- containers-certs
|
|
- ca-cert
|
|
- name: ensure container registry client certs are configured
|
|
copy:
|
|
content: |+
|
|
{{ container_registry_certs[item].client_cert }}
|
|
dest: /etc/containers/certs.d/{{ item }}/client.cert
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
when: item.client_cert|d
|
|
loop: '{{ container_registry_certs.keys() }}'
|
|
tags:
|
|
- config
|
|
- containers-certs
|
|
- client-cert
|
|
- name: ensure container registry client keys are configured
|
|
copy:
|
|
content: |+
|
|
{{ container_registry_certs[item].client_key }}
|
|
dest: /etc/containers/certs.d/{{ item }}/client.key
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
diff: false
|
|
when: item.client_key|d
|
|
loop: '{{ container_registry_certs.keys() }}'
|
|
tags:
|
|
- config
|
|
- containers-certs
|
|
- client-key
|