diff options
Diffstat (limited to 'roles/apps/node-red/instance/tasks/main.yml')
-rw-r--r-- | roles/apps/node-red/instance/tasks/main.yml | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/roles/apps/node-red/instance/tasks/main.yml b/roles/apps/node-red/instance/tasks/main.yml new file mode 100644 index 00000000..ec9b9dff --- /dev/null +++ b/roles/apps/node-red/instance/tasks/main.yml @@ -0,0 +1,54 @@ +--- +## TODO: add storage handling! +- set_fact: + node_red_instance_basepath: "/srv/node-red/{{ node_red_instance }}" +## + +## TODO: custom user + +- name: create instance directories + loop: + - data + - tls + file: + path: "{{ node_red_instance_basepath }}/{{ item }}" + state: directory + owner: 1000 + mode: 0700 + +- name: generate/install/fetch TLS certificate + when: "'mqtt_tls' in node_red_instances[node_red_instance]" + vars: + x509_certificate_name: "node-red-{{ node_red_instance }}_mqtt" + x509_certificate_hostnames: [] + x509_certificate_config: "{{ node_red_instances[node_red_instance].mqtt_tls.certificate_config }}" + x509_certificate_renewal: + install: + - dest: "{{ node_red_instance_basepath }}/tls/mqtt-crt.pem" + src: + - fullchain + owner: root + group: 1000 + mode: "0644" + - dest: "{{ node_red_instance_basepath }}/tls/mqtt-key.pem" + src: + - key + owner: root + group: 1000 + mode: "0640" + - dest: "{{ node_red_instance_basepath }}/tls/mqtt-ca-crt.pem" + src: + - ca_cert + owner: root + group: 1000 + mode: "0644" + include_role: + name: "x509/{{ node_red_instances[node_red_instance].mqtt_tls.certificate_provider }}/cert" + +- name: install pod manifest + vars: + kubernetes_standalone_pod: + name: "node-red-{{ node_red_instance }}" + spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" + include_role: + name: kubernetes/standalone/pod |