diff options
-rw-r--r-- | ick-cluster.yml | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/ick-cluster.yml b/ick-cluster.yml index 3121ee8..b23c43c 100644 --- a/ick-cluster.yml +++ b/ick-cluster.yml @@ -38,3 +38,52 @@ - ick-controller vars: hostname: controller + +- hosts: qvisqve + remote_user: root + become: yes + roles: + - sane_debian_system + - letsencrypt + - haproxy + - qvisqve + vars: + letsencrypt_domain: "{{ qvisqve_domain }}" + qvisqve_token_public_key: "{{ lookup('pipe', 'pass show ick2/token_key.pub') }}" + qvisqve_token_private_key: "{{ lookup('pipe', 'pass show ick2/token_key') }}" + qvisqve_client_hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}" + qvisqve_client_salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}" + qvisqve_clients: + liw: + allowed_scopes: + - uapi_version_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 + worker1: + allowed_scopes: + - uapi_version_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 + worker2: + allowed_scopes: + - uapi_version_get + client_secret: + hash: "{{ lookup('pipe', 'pass show ick2/worker2_hash') }}" + salt: "{{ lookup('pipe', 'pass show ick2/worker2_salt') }}" + N: 16384 + key_len: 128 + p: 1 + r: 8 + version: 1 |