From c505ecfe73263b8700083b6b0b53f44044493a7d Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Wed, 15 Nov 2023 17:03:55 +0100 Subject: ch-mon: add certificate for monitoring --- inventory/host_vars/ch-mon.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'inventory/host_vars/ch-mon.yml') diff --git a/inventory/host_vars/ch-mon.yml b/inventory/host_vars/ch-mon.yml index 5d9ddfba..f21bd9b2 100644 --- a/inventory/host_vars/ch-mon.yml +++ b/inventory/host_vars/ch-mon.yml @@ -108,6 +108,9 @@ prometheus_job_multitarget_blackbox__probe: - instance: "ssh-{{ inventory_hostname }}" target: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }}:{{ ansible_port | default(22) }}" module: ssh_banner + - instance: "https-mon.chaos-at-home.org" + target: "https://{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }}" + module: http_tls_2xx prometheus_job_multitarget_ssl__probe: ch-mon: @@ -204,3 +207,35 @@ grafana_admin_password: "{{ vault_grafana_admin_password }}" monitoring_landingpage_hostnames: - "mon.chaos-at-home.org" monitoring_landingpage_title: "chaos@home Monitoring Host" +monitoring_landingpage_tls: + certificate_provider: ownca + certificate_config: + mode: "0750" + owner: root + group: www-data + ca: + key_content: "{{ chaos_at_home_internal_ca_key }}" + cert_content: "{{ chaos_at_home_internal_ca_cert }}" + key: + mode: "0640" + owner: root + group: www-data + type: RSA + size: 4096 + cert: + mode: "0644" + owner: root + group: www-data + common_name: "{{ host_name }}" + san_extra: "{{ ['IP:'] | product(ansible_all_ipv4_addresses) | map('join') | list }}" + key_usage: + - digitalSignature + - keyAgreement + key_usage_critical: yes + extended_key_usage: + - serverAuth + extended_key_usage_critical: yes + create_subject_key_identifier: yes + not_before: +0h + not_after: +365d + renew_margin: +70d -- cgit v1.2.3