Consolidate etcd certs roles

This is a part of the etcd_ like role consolidationi into an action-based role.
As part of the consilidation some roles have been removed and some replaced by
include_role module. Resulting in reorder and shift of role dependencies
from a role into a play.

4 files changed, 0 insertions, 177 deletions

diff --git a/roles/etcd_ca/README.md b/roles/etcd_ca/README.md
deleted file mode 100644
index 60a880e30..000000000
--- a/roles/etcd_ca/README.md
+++ /dev/null
@@ -1,34 +0,0 @@
-etcd_ca
-========================
-
-TODO
-
-Requirements
-------------
-
-TODO
-
-Role Variables
---------------
-
-TODO
-
-Dependencies
-------------
-
-TODO
-
-Example Playbook
-----------------
-
-TODO
-
-License
--------
-
-Apache License Version 2.0
-
-Author Information
-------------------
-
-Scott Dodson (sdodson@redhat.com)
diff --git a/roles/etcd_ca/meta/main.yml b/roles/etcd_ca/meta/main.yml
deleted file mode 100644
index e3e2f7781..000000000
--- a/roles/etcd_ca/meta/main.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-galaxy_info:
-  author: Jason DeTiberus
-  description: Etcd CA
-  company: Red Hat, Inc.
-  license: Apache License, Version 2.0
-  min_ansible_version: 2.1
-  platforms:
-  - name: EL
-    versions:
-    - 7
-  categories:
-  - cloud
-  - system
-dependencies:
-- role: etcd_common
diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml
deleted file mode 100644
index b4dea4a07..000000000
--- a/roles/etcd_ca/tasks/main.yml
+++ /dev/null
@@ -1,76 +0,0 @@
----
-- name: Install openssl
-  package: name=openssl state=present
-  when: not etcd_is_atomic | bool
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- file:
-    path: "{{ item }}"
-    state: directory
-    mode: 0700
-    owner: root
-    group: root
-  with_items:
-  - "{{ etcd_ca_new_certs_dir }}"
-  - "{{ etcd_ca_crl_dir }}"
-  - "{{ etcd_ca_dir }}/fragments"
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- command: cp /etc/pki/tls/openssl.cnf ./
-  args:
-    chdir: "{{ etcd_ca_dir }}/fragments"
-    creates: "{{ etcd_ca_dir }}/fragments/openssl.cnf"
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- template:
-    dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf"
-    src: openssl_append.j2
-    backup: true
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- assemble:
-    src: "{{ etcd_ca_dir }}/fragments"
-    dest: "{{ etcd_openssl_conf }}"
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- name: Check etcd_ca_db exist
-  stat: path="{{ etcd_ca_db }}"
-  register: etcd_ca_db_check
-  changed_when: false
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- name: Touch etcd_ca_db file
-  file:
-    path: "{{ etcd_ca_db }}"
-    state: touch
-  when: etcd_ca_db_check.stat.isreg is not defined
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- copy:
-    dest: "{{ etcd_ca_serial }}"
-    content: "01"
-    force: no
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
-
-- name: Create etcd CA certificate
-  command: >
-    openssl req -config {{ etcd_openssl_conf }} -newkey rsa:4096
-    -keyout {{ etcd_ca_key }} -new -out {{ etcd_ca_cert }}
-    -x509 -extensions {{ etcd_ca_exts_self }} -batch -nodes
-    -days {{ etcd_ca_default_days }}
-    -subj /CN=etcd-signer@{{ ansible_date_time.epoch }}
-  args:
-    chdir: "{{ etcd_ca_dir }}"
-    creates: "{{ etcd_ca_cert }}"
-  environment:
-    SAN: 'etcd-signer'
-  delegate_to: "{{ etcd_ca_host }}"
-  run_once: true
diff --git a/roles/etcd_ca/templates/openssl_append.j2 b/roles/etcd_ca/templates/openssl_append.j2
deleted file mode 100644
index f28316fc2..000000000
--- a/roles/etcd_ca/templates/openssl_append.j2
+++ /dev/null
@@ -1,51 +0,0 @@
-
-[ {{ etcd_req_ext }} ]
-basicConstraints = critical,CA:FALSE
-keyUsage         = digitalSignature,keyEncipherment
-subjectAltName   = ${ENV::SAN}
-
-[ {{ etcd_ca_name }} ]
-dir             = {{ etcd_ca_dir }}
-crl_dir         = {{ etcd_ca_crl_dir }}
-database        = {{ etcd_ca_db }}
-new_certs_dir   = {{ etcd_ca_new_certs_dir }}
-certificate     = {{ etcd_ca_cert }}
-serial          = {{ etcd_ca_serial }}
-private_key     = {{ etcd_ca_key }}
-crl_number      = {{ etcd_ca_crl_number }}
-x509_extensions = {{ etcd_ca_exts_client }}
-default_days    = {{ etcd_ca_default_days }}
-default_md      = sha256
-preserve        = no
-name_opt        = ca_default
-cert_opt        = ca_default
-policy          = policy_anything
-unique_subject  = no
-copy_extensions = copy
-
-[ {{ etcd_ca_exts_self }} ]
-authorityKeyIdentifier = keyid,issuer
-basicConstraints       = critical,CA:TRUE,pathlen:0
-keyUsage               = critical,digitalSignature,keyEncipherment,keyCertSign
-subjectKeyIdentifier   = hash
-
-[ {{ etcd_ca_exts_peer }} ]
-authorityKeyIdentifier = keyid,issuer:always
-basicConstraints       = critical,CA:FALSE
-extendedKeyUsage       = clientAuth,serverAuth
-keyUsage               = digitalSignature,keyEncipherment
-subjectKeyIdentifier   = hash
-
-[ {{ etcd_ca_exts_server }} ]
-authorityKeyIdentifier = keyid,issuer:always
-basicConstraints       = critical,CA:FALSE
-extendedKeyUsage       = serverAuth
-keyUsage               = digitalSignature,keyEncipherment
-subjectKeyIdentifier   = hash
-
-[ {{ etcd_ca_exts_client }} ]
-authorityKeyIdentifier = keyid,issuer:always
-basicConstraints       = critical,CA:FALSE
-extendedKeyUsage       = clientAuth
-keyUsage               = digitalSignature,keyEncipherment
-subjectKeyIdentifier   = hash