From bc001d962bccf2faff6eecfbbace44cc6d6e7a27 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 20 Dec 2023 16:26:28 +0100
Subject: mosqitto: rename to mosquitto/broker and add mosquitto/client

---
 inventory/host_vars/ch-testvm-phoebe.yml | 38 ++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

(limited to 'inventory/host_vars/ch-testvm-phoebe.yml')

diff --git a/inventory/host_vars/ch-testvm-phoebe.yml b/inventory/host_vars/ch-testvm-phoebe.yml
index d15e4142..7eae49e7 100644
--- a/inventory/host_vars/ch-testvm-phoebe.yml
+++ b/inventory/host_vars/ch-testvm-phoebe.yml
@@ -39,3 +39,41 @@ network:
     address: "{{ network_zones.iot.prefix | ansible.utils.ipaddr(network_zones.iot.offsets[inventory_hostname]) }}"
 
 ntp_variant: systemd-timesyncd
+
+
+###
+mosquitto_client_tls:
+  foo-consumer:
+    certificate_provider: managed-ca
+    certificate_config:
+      ca:
+        host: ch-testvm-prometheus
+        name: foo
+      cert:
+        common_name: consumer
+        organization_name: "spreadspace"
+        organizational_unit_name: "ansible"
+        san_extra:
+        - "IP:192.168.32.43"
+        extended_key_usage:
+        - clientAuth
+        extended_key_usage_critical: yes
+        create_subject_key_identifier: yes
+        not_after: +100w
+  foo-producer:
+    certificate_provider: managed-ca
+    certificate_config:
+      ca:
+        host: ch-testvm-prometheus
+        name: foo
+      cert:
+        common_name: producer
+        organization_name: "spreadspace"
+        organizational_unit_name: "ansible"
+        san_extra:
+        - "IP:192.168.32.43"
+        extended_key_usage:
+        - clientAuth
+        extended_key_usage_critical: yes
+        create_subject_key_identifier: yes
+        not_after: +100w
-- 
cgit v1.2.3