ansible-role-zuul-registry/defaults/main.yaml
Paul Belanger d940e20ce1 chmod 0640 /etc/zuul-registry/registry.yaml
No need for this to be world readable, we have password inside it.

Change-Id: Icc4cfae2bdc6c2b4f70f7fd570e90ce86d5a867c
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2020-11-24 11:15:30 -05:00

81 lines
3.0 KiB
YAML

# Copyright 2015 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# tasks/main.yaml
zuul_registry_task_manager:
- pre
- install
- config
- service
# tasks/config.yaml
zuul_registry_user_name: zuul-registry
zuul_registry_user_group: zuul-registry
zuul_registry_user_home: /var/lib/zuul-registry
zuul_registry_user_home_mode: 0755
# zuul_registry_user_shell:
zuul_registry_file_registry_yaml_dest: /etc/zuul-registry/registry.yaml
zuul_registry_file_registry_yaml_group: "{{ zuul_registry_user_group }}"
zuul_registry_file_registry_yaml_mode: 0640
zuul_registry_file_registry_yaml_owner: "{{ zuul_registry_user_name }}"
zuul_registry_file_registry_yaml_src: etc/zuul-registry/registry.yaml
zuul_registry_file_ssl_cert_content:
zuul_registry_file_ssl_cert_dest: /etc/zuul-registry/ssl/cert.pem
zuul_registry_file_ssl_cert_group: "{{ zuul_registry_user_group }}"
zuul_registry_file_ssl_cert_mode: 0644
zuul_registry_file_ssl_cert_owner: "{{ zuul_registry_user_name }}"
zuul_registry_file_ssl_cert_src: etc/zuul-registry/ssl/cert.pem
zuul_registry_file_ssl_key_content:
zuul_registry_file_ssl_key_dest: /etc/zuul-registry/ssl/cert.key
zuul_registry_file_ssl_key_group: "{{ zuul_registry_user_group }}"
zuul_registry_file_ssl_key_mode: 0600
zuul_registry_file_ssl_key_owner: "{{ zuul_registry_user_name }}"
zuul_registry_file_ssl_key_src: etc/zuul-registry/ssl/cert.key
# tasks/install.yaml
zuul_registry_git_dest: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry"
zuul_registry_git_uri: https://opendev.org/zuul/zuul-registry
zuul_registry_git_version: master
# zuul_registry_git_refspec:
# zuul_registry_git_update:
zuul_registry_install_method: pip
zuul_registry_pip_name: zuul-registry
# zuul_registry_pip_executable:
# zuul_registry_pip_editable:
# zuul_registry_pip_extra_args:
# zuul_registry_pip_version:
# zuul_registry_pip_virtualenv_python:
# zuul_registry_pip_virtualenv:
# zuul_registry_pip_virtualenv_symlink:
# tasks/service.yaml
zuul_registry_file_zuul_registry_service_manage: true
zuul_registry_file_zuul_registry_service_group: root
zuul_registry_file_zuul_registry_service_owner: root
zuul_registry_file_zuul_registry_service_config_manage: true
zuul_registry_file_zuul_registry_service_config_group: root
zuul_registry_file_zuul_registry_service_config_owner: root
zuul_registry_service_zuul_registry_daemon_reload: true
zuul_registry_service_zuul_registry_enabled: true
zuul_registry_service_zuul_registry_manage: true
zuul_registry_service_zuul_registry_name: zuul-registry
zuul_registry_service_zuul_registry_state: started