EOX GitLab Instance

Commit 8ce3aa4f authored by Karl Grube's avatar Karl Grube
Browse files

used files for certificate values instead of saving directly in

provisioning file
parent 2d7debfa
......@@ -34,16 +34,6 @@
dest: /etc/nginx/sites-enabled/grafana
notify: reload nginx
- name: slurp tls_client_cert
slurp:
path: /etc/ssl/grafana_client/{{fqdn}}.crt
register: tls_client_cert_data
tags: provisioning
- name: slurp tls_client_key
slurp:
path: /etc/ssl/grafana_client/{{fqdn}}.key
register: tls_client_key_data
tags: provisioning
- name: prometheus template
template:
src: prometheus_datasource.yaml.j2
......
......@@ -3,14 +3,11 @@ datasources:
- name: {{prometheus_server}}
type: prometheus
url: https://{{prometheus_server}}
editable: true
editable: false
secureJsonData:
tlsCACert: |
{{(lookup('file',root_ca_crt))|regex_replace('\n','\n ',)}}
tlsClientCert: |
{{(tls_client_cert_data['content'] |b64decode)|regex_replace('\n','\n ',)}}
tlsClientKey: |
{{(tls_client_key_data['content'] |b64decode)|regex_replace('\n','\n ',)}}
tlsCACert: $__file{/etc/ssl/grafana_client/root.ca.crt}
tlsClientCert: $__file{/etc/ssl/grafana_client/{{fqdn}}.crt}
tlsClientKey: $__file{/etc/ssl/grafana_client/{{fqdn}}.key}
jsonData:
tlsAuth: true
tlsAuthWithCACert: true
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment