From 4df8e16447d631151b9c350003c328bdd6c84012 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 1 Feb 2017 15:01:15 -0800 Subject: [PATCH 01/61] Start adding default hosts --- ansible/default-hosts/docks.js | 75 +++++++++++ ansible/default-hosts/hosts | 159 ++++++++++++++++++++++++ ansible/default-hosts/variables | 172 ++++++++++++++++++++++++++ ansible/group_vars/alpha-api-base.yml | 2 +- 4 files changed, 407 insertions(+), 1 deletion(-) create mode 100755 ansible/default-hosts/docks.js create mode 100644 ansible/default-hosts/hosts create mode 100644 ansible/default-hosts/variables diff --git a/ansible/default-hosts/docks.js b/ansible/default-hosts/docks.js new file mode 100755 index 00000000..29526a4c --- /dev/null +++ b/ansible/default-hosts/docks.js @@ -0,0 +1,75 @@ +#!/usr/bin/env node + +'use strict'; + +var aws = require('aws-sdk'); +var ec2 = new aws.EC2({ + accessKeyId: 'AKIAJ3RCYU6FCULAJP2Q', + secretAccessKey: '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', + region: 'us-west-2' +}); + +var params = { + Filters: [ + // Only search for docks in the cluster security group + { + Name: 'instance.group-id', + Values: ['sg-ec0da194'] // This script is the same for all environments + }, + // Only fetch instances that are tagged as docks + { + Name: 'tag:role', + Values: ['dock'] + }, + // Only fetch running instances + { + Name: 'instance-state-name', + Values: ['running'] + } + ] +}; + +ec2.describeInstances(params, function (err, data) { + if (err) { + console.error("An error occurred: ", err); + process.exit(1); + } + + // Get a set of instances from the describe response + var instances = []; + data.Reservations.forEach(function (res) { + res.Instances.forEach(function (instance) { + instances.push(instance); + }); + }); + + // Map the instances to their private ip addresses + // NOTE This will work locally because of the wilcard ssh proxy in the config + var hosts = instances.map(function (instance) { + return instance.PrivateIpAddress; + }); + + var hostVars = {}; + instances.forEach(function (instance) { + for (var i = 0; i < instance.Tags.length; i++) { + if (instance.Tags[i].Key === 'org') { + hostVars[instance.PrivateIpAddress] = { + host_tags: instance.Tags[i].Value + ',build,run' + }; + } + } + }); + + // Output the resulting JSON + // NOTE http://docs.ansible.com/ansible/developing_inventory.html + console.log(JSON.stringify( + { + docks: { + hosts: hosts + }, + _meta : { + hostvars : hostVars + } + } + )); +}); diff --git a/ansible/default-hosts/hosts b/ansible/default-hosts/hosts new file mode 100644 index 00000000..2ef19a71 --- /dev/null +++ b/ansible/default-hosts/hosts @@ -0,0 +1,159 @@ +[bastion] +dafault-bastion + +[hipache] +default-main httpsCheckForBackend80=false prependIncomingPort=true subDomainDepth=4 + +[userland] +default-main + +[mongodb] +default-main + +[api_group:children] +worker +api +socket-server + +[api] +default-main + +[big-poppa] +default-main + +[cream] +default-main + +[consul] +default-main + +[docker-listener] +default-main + +[vault] +default-main + +[worker] +default-main + +[navi] +default-main + +[ingress] +default-main + +[link] +default-main + +[mongo-navi] +default-main + +[charon] +default-main + +[khronos] +default-main + +[optimus] +default-main + +[detention] +default-main + +[palantiri] +default-main + +[rabbitmq] +default-main + +[web] +default-main + +[redis] +default-main + +[redis-slave] +default-main + +[sauron] +default-main + +[shiva] +default-main + +[socket-server] +default-main + +[socket-server-proxy] +default-main + +[registry] +default-main + +[swarm-manager] +default-main + +[metis] +default-main + +[drake] +default-main + +[pheidi] +default-main + +[github-varnish] +default-main + +[single-host-proxy] +default-main + +[docks] + +[dock] + +[prometheus] +default-main + +[bear-clone:children] +api +bastion +big-poppa +charon +consul +cream +dock +docker-listener +docks +drake +hipache +ingress +khronos +metis +mongodb +navi +optimus +pheidi +prometheus +rabbitmq +redis +redis-slave +registry +sauron +shiva +single-host-proxy +socket-server +socket-server-proxy +swarm-manager +userland +web +worker + +[local] +127.0.0.1 + +[ec2] +local + +[targets] +localhost ansible_connection=local bastion_name=default-bastion diff --git a/ansible/default-hosts/variables b/ansible/default-hosts/variables new file mode 100644 index 00000000..c1722bf3 --- /dev/null +++ b/ansible/default-hosts/variables @@ -0,0 +1,172 @@ +[api_group:vars] +api_aws_access_key_id=${ AWS_ACCESS_KEY_ID_1 } +api_aws_secret_access_key=${ AWS_SECRET_ACCESS_KEY_1 } +api_github_client_id=${ GITHUB_CLIEND_ID } +api_github_client_secret=${ GITHUB_CLIENT_SECRET } +api_github_deploy_keys_bucket=runnable.deploykeys.${ ENV } +api_mongo_auth=${ MONGO_USERNAME }:${ MONGO_PASSWORD } +api_mongo_database=${ ENV } +api_mongo_replset_name=${ ENV }-rs0 +api_s3_context_bucket=runnable.context.resources.${ ENV } + +[big-poppa:vars] +big_poppa_pg_pass=${ POSTGRES_PASSWORD } +big_poppa_pg_host=${ POSTGRES_HOST }:${ POSTGRES_PORT } +big_poppa_pg_port=${ POSTGRES_PORT } +big_poppa_pg_user=big_poppa +big_poppa_github_token=${ GITHUB_ACCESS_TOKEN } +big_poppa_mongo_auth=${ MONGO_USERNAME }:${ MONGO_PASSWORD } +big_poppa_mongo_database=${ MONGO_DATABASE_NAME } +big_poppa_mongo_replset_name=${ MONGO_DATABASE_NAME }-rs0 +big_poppa_pg_pool_min=10 +big_poppa_pg_pool_max=20 + +[cream:vars] +cream_hello_runnable_github_token=${ GITHUB_ACCESS_TOKEN } +cream_stripe_secret_key=${ STRIPE_SECRET_KEY } +cream_stripe_publishable_key=${ STRIPE_SECRET_KEY } + +[docks:vars] +docker_config=docks +docks_rollbar_key=${ ROLLBAR_TOKEN_DOCKS } + +[dock:vars] +docks_rollbar_key=${ ROLLBAR_TOKEN_DOCKS } + +[drake:vars] +drake_port=80 + +[khronos:vars] +khronos_mongo_auth=${ MONGO_USER }:${ MONGO_PASSWORD } +khronos_mongo_database=${ MONGO_DATABASE_NAME } +khronos_mongo_replset_name=${ MONGO_DATABASE_NAME } + +[metis:vars] + +[navi:vars] +navi_cookie_secret=${ COOKIE_SECRET } +_navi_proxy_port=65100 +_navi_proxy_ssl_port=65101 + +[optimus:vars] +optimus_aws_access_id=${ AWS_ACCESS_KEY_ID_1 } +optimus_aws_secret_id=${ AWS_SECRET_ACCESS_KEY_1 } +optimus_github_deploy_keys_bucket=runnable.deploykeys.${ ENV } + +[palantiri:vars] + +[pheidi:vars] +pheidi_mongo_auth=${ MONGO_USER }:${ MONGO_PASSWORD } +pheidi_mongo_database=${ MONGO_DATABASE } +pheidi_mongo_replset_name=${ MONGO_DATABASE } +pheidi_runnabot_tokens=${ GITHUB_ACCESS_TOKEN } + +[sauron:vars] + +[registry:vars] +registry_s3_access_key=AWS_ACCESS_KEY_ID_1 +registry_s3_secret_key=AWS_SECRET_ACCESS_KEY_1 +registry_s3_bucket=runnableimages.bear-clone +registry_s3_region=us-west-2 + +[shiva:vars] +aws_access_key_id=AWS_ACCESS_KEY_ID_1 +aws_secret_access_key=AWS_SECRET_ACCESS_KEY_1 +shiva_consult_hostname=10.4.0.148 +shiva_aws_region=us-west-2 +shiva_dock_security_groups=sg-ec0da194 +shiva_ssh_key_name=gamma-key +shiva_aws_instance_image_id=ami-278a3447 +shiva_aws_instance_image_name=bear-clone-dock-2.0.10 +shiva_aws_instance_type=t2.medium +shiva_dock_pool_asg_name=bear-clone-asg-dock-pool +shiva_aws_launch_configuration_name=bear-clone-lc-2.0.10.10 +shiva_aws_auto_scaling_group_subnets=subnet-9cb197f9 +shiva_aws_auto_scaling_group_max=29 +shiva_aws_auto_scaling_group_prefix=asg-bear-clone- + +[swarm-manager:vars] +aws_access_key=AWS_ACCESS_KEY_ID_1 +aws_secret_key=AWS_SECRET_ACCESS_KEY_1 +environment_name=bear-clone + +[vault:vars] +vault_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af +vault_aws_access_key_id=AWS_ACCESS_KEY_ID_1 +vault_aws_secret_key=AWS_SECRET_ACCESS_KEY_1/ +# vault_aws_access_key_id=AKIAIALSDNO3WSKPWOEA +# vault_aws_secret_key=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 +vault_aws_region=us-west-2 +vault_root_token=2865193c-8abc-9ffd-74eb-23e7fc593f5b +vault_unseal_tokens={'one':'d09b3002044f8746271cb987601849faa16b90ddfdc651e89f5df111926c873001', 'two': '4c702650257794387da65d5aa0cad24d2e9fde5c06f7eb240dedcf70d08c55d602', 'three': '6db4c9d33289452fc8e25b929d5273e4285fc2eb3b05708d95cafca5496fa7b403', 'four': '41c7c6251fa23e84197cf52b968b0b288c499b119159b83b97066fa343dc645a04', 'five': '600329a6085cef93ac38f3e3ab13aa818a8987a6acab23920f215c76da3f963805'} +_vault_port=65240 +_vault_ssl_port=65241 + +[bear-clone:vars] +ansible_ssh_private_key_file=~/.ssh/gamma.pem +bastion_sshd_port=60709 +datadog_tags=env:bear-clone +datadog_mongodb_user=datadog +datadog_mongodb_pwd= +domain=runnable.rocks +mongo_port=27017 +node_env=bear-clone +pg_user=astral +pg_pass=MgZQTuJcFZxM3aoJHtXn +pg_host=big-poppa-bear-clone.cnksgdqarobf.us-west-2.rds.amazonaws.com:32659 +rabbit_password=wKK7g7NWKpQXEeSzyWB7mIpxZIL8H2mDSf3Q6czR3Vk +rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM +registry_host=10.4.0.148 +_registry_port=65001 +_consul_api_port=65200 +_consul_https_port=65201 +_swarm_master_port=65250 +user_content_domain=runnable-beta.com +max_navi_port=65000 +_redis_port=65075 +_redis_tls_port=65076 +api_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af +vault_auth_token=f025895e-bfde-13d0-8913-0cea0c33cd4a +vault_token_01=1618e6c73c18a7b2fad20b915b62f09d46244b2a217980a93e6f12d11e4d324501 +vault_token_02=d3a0b4741e673cd93f17486478a03f78bc53c60c2345213477f1808ef339d31402 +vault_token_03=a5e9f76f14fc3de2e3e7258f5e3b943111428fdc657c3f07f9709005b00bee3d03 +vault_token_04=7a3fedd99659dfb1ca5dc7274880376f1df2d222e28dc1d008c8a3a0ba7b023404 +vault_token_05=0c76aec29cc2de8a16adaacc6e1b9c26b0e39bf2a4b4dfe38649b32bf9493f1d05 +# vault_auth_token=2865193c-8abc-9ffd-74eb-23e7fc593f5b +# vault_token_01=d09b3002044f8746271cb987601849faa16b90ddfdc651e89f5df111926c873001 +# vault_token_02=4c702650257794387da65d5aa0cad24d2e9fde5c06f7eb240dedcf70d08c55d602 +# vault_token_03=6db4c9d33289452fc8e25b929d5273e4285fc2eb3b05708d95cafca5496fa7b403 +# vault_token_04=41c7c6251fa23e84197cf52b968b0b288c499b119159b83b97066fa343dc645a04 +# vault_token_05=600329a6085cef93ac38f3e3ab13aa818a8987a6acab23920f215c76da3f963805 +github_domain=api.github.com +is_github_enterprise=false +github_protocol=https +proxy_container_image=runnable/sticky-nginx +proxy_container_image_version=v1.8.1 + +[ec2:vars] +env=bear-clone +aws_custid=437258487404 +bastion_sshd_port=60709 +region=us-west-2 +vpc_id=vpc-c53464a0 +sg_api=sg-3b0c7b5f +sg_app_services=sg-35d14052 +sg_bastion=sg-91eb81f5 +sg_consul=sg-899616ee +sg_dock=sg-577a0d33 +sg_dock_services=sg-12d14075 +sg_hipache=sg-e70c7883 +sg_mongo=sg-977a0df3 +sg_nat=sg-b595ffd1 +sg_navi=sg-45633421 +sg_rabbit=sg-44b7cb20 +sg_rds=sg-081e596c +sg_redis=sg-477b0c23 +sg_registry=sg-c8d140af +sg_userland=sg-12ce9876 +sg_web=sg-fe8bf49a + +[web:vars] +web_sift_public_key=eea9746dff +web_intercom_id=xs5g95pd diff --git a/ansible/group_vars/alpha-api-base.yml b/ansible/group_vars/alpha-api-base.yml index 84f9f9da..59246998 100644 --- a/ansible/group_vars/alpha-api-base.yml +++ b/ansible/group_vars/alpha-api-base.yml @@ -48,7 +48,7 @@ api_base_container_envs: >- -e GITHUB_PROTOCOL=http -e HELLO_RUNNABLE_GITHUB_TOKEN={{ api_hello_runnable_github_token }} -e KRAIN_PORT={{ krain_port }} - -e MIXPANEL_APP_ID={{ api_mixpanel_app_id }} + {% if api_mixpanel_app_id is defined %} -e MIXPANEL_APP_ID={{ api_mixpanel_app_id }} {% endif %} -e MONGO_REPLSET_NAME={{ api_mongo_replset_name }} -e MONGO=mongodb://{{ mongo_hosts }}/{{ api_mongo_database }} -e NAVI_HOST=http://{{ navi_host_address }}:{{ navi_http_port }} From 50e36c4ddd995a5144a76954ac6799b3c13b87e4 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 1 Feb 2017 16:25:48 -0800 Subject: [PATCH 02/61] Add default variables --- ansible/default-hosts/variables | 121 ++++++++++++-------------------- 1 file changed, 43 insertions(+), 78 deletions(-) diff --git a/ansible/default-hosts/variables b/ansible/default-hosts/variables index c1722bf3..bc0a4146 100644 --- a/ansible/default-hosts/variables +++ b/ansible/default-hosts/variables @@ -64,109 +64,74 @@ pheidi_runnabot_tokens=${ GITHUB_ACCESS_TOKEN } [sauron:vars] [registry:vars] -registry_s3_access_key=AWS_ACCESS_KEY_ID_1 -registry_s3_secret_key=AWS_SECRET_ACCESS_KEY_1 -registry_s3_bucket=runnableimages.bear-clone -registry_s3_region=us-west-2 +registry_s3_access_key=${ AWS_ACCESS_KEY_ID_1 } +registry_s3_secret_key=${ AWS_SECRET_ACCESS_KEY_1 } +registry_s3_bucket=runnableimages.${ ENV } +registry_s3_region=${ AWS_REGION } [shiva:vars] -aws_access_key_id=AWS_ACCESS_KEY_ID_1 -aws_secret_access_key=AWS_SECRET_ACCESS_KEY_1 -shiva_consult_hostname=10.4.0.148 -shiva_aws_region=us-west-2 -shiva_dock_security_groups=sg-ec0da194 -shiva_ssh_key_name=gamma-key -shiva_aws_instance_image_id=ami-278a3447 -shiva_aws_instance_image_name=bear-clone-dock-2.0.10 +aws_access_key_id=${ AWS_ACCESS_KEY_ID_1 } +aws_secret_access_key=${ AWS_ACCESS_KEY_ID_1 } +shiva_consult_hostname=${ MAIN_HOST_IP_ADDRESS } +shiva_aws_region=${ AWS_REGION } +shiva_dock_security_groups=${ AWS_DOCK_SG } +shiva_ssh_key_name=${ AWS_SSH_KEY_NAME } +shiva_aws_instance_image_id=${ AWS_DOCK_AMI_ID } +shiva_aws_instance_image_name=${ AWS_DOCK_AMI_NAME } shiva_aws_instance_type=t2.medium -shiva_dock_pool_asg_name=bear-clone-asg-dock-pool -shiva_aws_launch_configuration_name=bear-clone-lc-2.0.10.10 -shiva_aws_auto_scaling_group_subnets=subnet-9cb197f9 +shiva_dock_pool_asg_name=${ ENV }-asg-dock-pool +shiva_aws_launch_configuration_name=${ ENV }-lc-${ AWS_LC_VERSION } +shiva_aws_auto_scaling_group_subnets=${ AWS_ASG_SUBNET } shiva_aws_auto_scaling_group_max=29 -shiva_aws_auto_scaling_group_prefix=asg-bear-clone- +shiva_aws_auto_scaling_group_prefix=asg-${ ENV }- [swarm-manager:vars] -aws_access_key=AWS_ACCESS_KEY_ID_1 -aws_secret_key=AWS_SECRET_ACCESS_KEY_1 -environment_name=bear-clone +aws_access_key=${ AWS_ACCESS_KEY_ID_1 } +aws_secret_key=${ AWS_SECRET_ACCESS_KEY_1 } +environment_name=${ ENV } [vault:vars] -vault_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af -vault_aws_access_key_id=AWS_ACCESS_KEY_ID_1 -vault_aws_secret_key=AWS_SECRET_ACCESS_KEY_1/ -# vault_aws_access_key_id=AKIAIALSDNO3WSKPWOEA -# vault_aws_secret_key=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 -vault_aws_region=us-west-2 -vault_root_token=2865193c-8abc-9ffd-74eb-23e7fc593f5b -vault_unseal_tokens={'one':'d09b3002044f8746271cb987601849faa16b90ddfdc651e89f5df111926c873001', 'two': '4c702650257794387da65d5aa0cad24d2e9fde5c06f7eb240dedcf70d08c55d602', 'three': '6db4c9d33289452fc8e25b929d5273e4285fc2eb3b05708d95cafca5496fa7b403', 'four': '41c7c6251fa23e84197cf52b968b0b288c499b119159b83b97066fa343dc645a04', 'five': '600329a6085cef93ac38f3e3ab13aa818a8987a6acab23920f215c76da3f963805'} +vault_hello_runnable_github_token=${ GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE } +vault_aws_access_key_id=${ AWS_ACCESS_KEY_ID_1 } +vault_aws_secret_key=${ AWS_SECRET_ACCESS_KEY_1 } +vault_aws_region=${ AWS_REGION } +vault_root_token=${ LOCAL_VAULT_ROOT_TOKEN } +vault_unseal_tokens={'one':'${ LOCAL_VAULT_TOKEN_1 }', 'two': '${ LOCAL_VAULT_TOKEN_2 }', 'three': '${ LOCAL_VAULT_TOKEN_3 }', 'four': '${ LOCAL_VAULT_TOKEN_4 }', 'five': '${ LOCAL_VAULT_TOKEN_5 }'} _vault_port=65240 _vault_ssl_port=65241 -[bear-clone:vars] -ansible_ssh_private_key_file=~/.ssh/gamma.pem +[${ ENV }:vars] +ansible_ssh_private_key_file=~/.ssh/${ PEM_KEY_NAME } bastion_sshd_port=60709 -datadog_tags=env:bear-clone +datadog_tags=env:${ ENV } datadog_mongodb_user=datadog datadog_mongodb_pwd= -domain=runnable.rocks +domain=${ DOMAIN } mongo_port=27017 -node_env=bear-clone +node_env=${ ENV } pg_user=astral -pg_pass=MgZQTuJcFZxM3aoJHtXn -pg_host=big-poppa-bear-clone.cnksgdqarobf.us-west-2.rds.amazonaws.com:32659 -rabbit_password=wKK7g7NWKpQXEeSzyWB7mIpxZIL8H2mDSf3Q6czR3Vk -rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM -registry_host=10.4.0.148 +pg_pass=${ POSTGRES_PASSWORD } +pg_host=${ POSTGRES_HOST }:${ POSTGRES_PORT } +rabbit_password=${ RABBIT_PASSWORD } +rabbit_username=${ RABBIT_USERNAME } +registry_host=${ MAIN_HOST_IP_ADDRESS } _registry_port=65001 _consul_api_port=65200 _consul_https_port=65201 _swarm_master_port=65250 -user_content_domain=runnable-beta.com +user_content_domain=${ USER_CONTENT_DOMAIN } max_navi_port=65000 _redis_port=65075 _redis_tls_port=65076 -api_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af -vault_auth_token=f025895e-bfde-13d0-8913-0cea0c33cd4a -vault_token_01=1618e6c73c18a7b2fad20b915b62f09d46244b2a217980a93e6f12d11e4d324501 -vault_token_02=d3a0b4741e673cd93f17486478a03f78bc53c60c2345213477f1808ef339d31402 -vault_token_03=a5e9f76f14fc3de2e3e7258f5e3b943111428fdc657c3f07f9709005b00bee3d03 -vault_token_04=7a3fedd99659dfb1ca5dc7274880376f1df2d222e28dc1d008c8a3a0ba7b023404 -vault_token_05=0c76aec29cc2de8a16adaacc6e1b9c26b0e39bf2a4b4dfe38649b32bf9493f1d05 -# vault_auth_token=2865193c-8abc-9ffd-74eb-23e7fc593f5b -# vault_token_01=d09b3002044f8746271cb987601849faa16b90ddfdc651e89f5df111926c873001 -# vault_token_02=4c702650257794387da65d5aa0cad24d2e9fde5c06f7eb240dedcf70d08c55d602 -# vault_token_03=6db4c9d33289452fc8e25b929d5273e4285fc2eb3b05708d95cafca5496fa7b403 -# vault_token_04=41c7c6251fa23e84197cf52b968b0b288c499b119159b83b97066fa343dc645a04 -# vault_token_05=600329a6085cef93ac38f3e3ab13aa818a8987a6acab23920f215c76da3f963805 +api_hello_runnable_github_token=${ GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE } +vault_auth_token=${ REMOTE_VAULT_ROOT_TOKEN } +vault_token_01=${ REMOTE_VAULT_TOKEN_1 } +vault_token_02=${ REMOTE_VAULT_TOKEN_2 } +vault_token_03=${ REMOTE_VAULT_TOKEN_3 } +vault_token_04=${ REMOTE_VAULT_TOKEN_4 } +vault_token_05=${ REMOTE_VAULT_TOKEN_5 } github_domain=api.github.com is_github_enterprise=false github_protocol=https proxy_container_image=runnable/sticky-nginx proxy_container_image_version=v1.8.1 - -[ec2:vars] -env=bear-clone -aws_custid=437258487404 -bastion_sshd_port=60709 -region=us-west-2 -vpc_id=vpc-c53464a0 -sg_api=sg-3b0c7b5f -sg_app_services=sg-35d14052 -sg_bastion=sg-91eb81f5 -sg_consul=sg-899616ee -sg_dock=sg-577a0d33 -sg_dock_services=sg-12d14075 -sg_hipache=sg-e70c7883 -sg_mongo=sg-977a0df3 -sg_nat=sg-b595ffd1 -sg_navi=sg-45633421 -sg_rabbit=sg-44b7cb20 -sg_rds=sg-081e596c -sg_redis=sg-477b0c23 -sg_registry=sg-c8d140af -sg_userland=sg-12ce9876 -sg_web=sg-fe8bf49a - -[web:vars] -web_sift_public_key=eea9746dff -web_intercom_id=xs5g95pd From b74fc644215e83d364645095a63dc1b70cf6daef Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 1 Feb 2017 16:39:01 -0800 Subject: [PATCH 03/61] Add ENVs in other files --- ansible/default-hosts/docks.js | 8 ++++---- ansible/default-hosts/variables | 2 +- ansible/roles/docker_client/README.md | 2 +- ansible/roles/docker_client/scripts/genClientCert.sh | 12 +++++++----- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/ansible/default-hosts/docks.js b/ansible/default-hosts/docks.js index 29526a4c..bfc13839 100755 --- a/ansible/default-hosts/docks.js +++ b/ansible/default-hosts/docks.js @@ -4,9 +4,9 @@ var aws = require('aws-sdk'); var ec2 = new aws.EC2({ - accessKeyId: 'AKIAJ3RCYU6FCULAJP2Q', - secretAccessKey: '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', - region: 'us-west-2' + accessKeyId: '${ AWS_ACCESS_KEY_ID_1 }', + secretAccessKey: '${ AWS_SECRET_ACCESS_KEY_1 }', + region: '${ AWS_REGION }' }); var params = { @@ -14,7 +14,7 @@ var params = { // Only search for docks in the cluster security group { Name: 'instance.group-id', - Values: ['sg-ec0da194'] // This script is the same for all environments + Values: ['${ AWS_DOCK_SG }'] // This script is the same for all environments }, // Only fetch instances that are tagged as docks { diff --git a/ansible/default-hosts/variables b/ansible/default-hosts/variables index bc0a4146..98dd3806 100644 --- a/ansible/default-hosts/variables +++ b/ansible/default-hosts/variables @@ -24,7 +24,7 @@ big_poppa_pg_pool_max=20 [cream:vars] cream_hello_runnable_github_token=${ GITHUB_ACCESS_TOKEN } cream_stripe_secret_key=${ STRIPE_SECRET_KEY } -cream_stripe_publishable_key=${ STRIPE_SECRET_KEY } +cream_stripe_publishable_key=${ STRIPE_PUBLISHABLE_KEY } [docks:vars] docker_config=docks diff --git a/ansible/roles/docker_client/README.md b/ansible/roles/docker_client/README.md index 3b95b530..f6bf908d 100644 --- a/ansible/roles/docker_client/README.md +++ b/ansible/roles/docker_client/README.md @@ -7,7 +7,7 @@ Ansible Role to Install Docker Client Certs on Ubuntu Creating new docker client certs: 1. cd into this dir ```cd ``` 2. ensure you have ca-key.pem here `roles/docker_client/ca-key.pem` -3. run cert generator ```sudo ./scripts/genClientCert.sh ``` +3. run cert generator ```sudo ./scripts/genClientCert.sh ``` ## Author Information diff --git a/ansible/roles/docker_client/scripts/genClientCert.sh b/ansible/roles/docker_client/scripts/genClientCert.sh index 4c98ef21..b8693035 100755 --- a/ansible/roles/docker_client/scripts/genClientCert.sh +++ b/ansible/roles/docker_client/scripts/genClientCert.sh @@ -7,10 +7,12 @@ fi CLIENT=./files/certs/$1 echo 'WARN: hard coded alpha-api-old gamma-services and beta-services for SWARM' -# if [[ $2 = '' ]]; then -# echo 'script requires a client ip address' -# exit 1 -# fi +if [[ $2 = '' ]]; then + echo 'script requires a client ip address' + exit 1 +fi + +MAIN_HOST_IP_ADDRESS=$2 mkdir $CLIENT @@ -28,7 +30,7 @@ openssl req \ chmod 400 "$CLIENT/client.csr" echo extendedKeyUsage=clientAuth,serverAuth > "$CLIENT/extfile.cnf" -echo subjectAltName=IP:10.4.0.148,IP:127.0.0.1,DNS:localhost,DNS:swarm-staging-codenow.runnable-beta.com >> "$CLIENT/extfile.cnf" +echo subjectAltName=IP:${MAIN_HOST_IP_ADDRESS},IP:127.0.0.1,DNS:localhost >> "$CLIENT/extfile.cnf" # generate cert for client openssl x509 \ From 5ba8128c050418df449331c0639ec65c7a394642 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 1 Feb 2017 16:41:44 -0800 Subject: [PATCH 04/61] Change spacing --- ansible/default-hosts/docks.js | 8 +- ansible/default-hosts/variables | 150 ++++++++++++++++---------------- 2 files changed, 79 insertions(+), 79 deletions(-) diff --git a/ansible/default-hosts/docks.js b/ansible/default-hosts/docks.js index bfc13839..b2804306 100755 --- a/ansible/default-hosts/docks.js +++ b/ansible/default-hosts/docks.js @@ -4,9 +4,9 @@ var aws = require('aws-sdk'); var ec2 = new aws.EC2({ - accessKeyId: '${ AWS_ACCESS_KEY_ID_1 }', - secretAccessKey: '${ AWS_SECRET_ACCESS_KEY_1 }', - region: '${ AWS_REGION }' + accessKeyId: '${AWS_ACCESS_KEY_ID_1}', + secretAccessKey: '${AWS_SECRET_ACCESS_KEY_1}', + region: '${AWS_REGION}' }); var params = { @@ -14,7 +14,7 @@ var params = { // Only search for docks in the cluster security group { Name: 'instance.group-id', - Values: ['${ AWS_DOCK_SG }'] // This script is the same for all environments + Values: ['${AWS_DOCK_SG}'] // This script is the same for all environments }, // Only fetch instances that are tagged as docks { diff --git a/ansible/default-hosts/variables b/ansible/default-hosts/variables index 98dd3806..74879875 100644 --- a/ansible/default-hosts/variables +++ b/ansible/default-hosts/variables @@ -1,135 +1,135 @@ [api_group:vars] -api_aws_access_key_id=${ AWS_ACCESS_KEY_ID_1 } -api_aws_secret_access_key=${ AWS_SECRET_ACCESS_KEY_1 } -api_github_client_id=${ GITHUB_CLIEND_ID } -api_github_client_secret=${ GITHUB_CLIENT_SECRET } -api_github_deploy_keys_bucket=runnable.deploykeys.${ ENV } -api_mongo_auth=${ MONGO_USERNAME }:${ MONGO_PASSWORD } -api_mongo_database=${ ENV } -api_mongo_replset_name=${ ENV }-rs0 -api_s3_context_bucket=runnable.context.resources.${ ENV } +api_aws_access_key_id=${AWS_ACCESS_KEY_ID_1} +api_aws_secret_access_key=${AWS_SECRET_ACCESS_KEY_1} +api_github_client_id=${GITHUB_CLIEND_ID} +api_github_client_secret=${GITHUB_CLIENT_SECRET} +api_github_deploy_keys_bucket=runnable.deploykeys.${ENV} +api_mongo_auth=${MONGO_USERNAME}:${MONGO_PASSWORD} +api_mongo_database=${ENV} +api_mongo_replset_name=${ENV}-rs0 +api_s3_context_bucket=runnable.context.resources.${ENV} [big-poppa:vars] -big_poppa_pg_pass=${ POSTGRES_PASSWORD } -big_poppa_pg_host=${ POSTGRES_HOST }:${ POSTGRES_PORT } -big_poppa_pg_port=${ POSTGRES_PORT } +big_poppa_pg_pass=${POSTGRES_PASSWORD} +big_poppa_pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} +big_poppa_pg_port=${POSTGRES_PORT} big_poppa_pg_user=big_poppa -big_poppa_github_token=${ GITHUB_ACCESS_TOKEN } -big_poppa_mongo_auth=${ MONGO_USERNAME }:${ MONGO_PASSWORD } -big_poppa_mongo_database=${ MONGO_DATABASE_NAME } -big_poppa_mongo_replset_name=${ MONGO_DATABASE_NAME }-rs0 +big_poppa_github_token=${GITHUB_ACCESS_TOKEN} +big_poppa_mongo_auth=${MONGO_USERNAME}:${MONGO_PASSWORD} +big_poppa_mongo_database=${MONGO_DATABASE_NAME} +big_poppa_mongo_replset_name=${MONGO_DATABASE_NAME}-rs0 big_poppa_pg_pool_min=10 big_poppa_pg_pool_max=20 [cream:vars] -cream_hello_runnable_github_token=${ GITHUB_ACCESS_TOKEN } -cream_stripe_secret_key=${ STRIPE_SECRET_KEY } -cream_stripe_publishable_key=${ STRIPE_PUBLISHABLE_KEY } +cream_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN} +cream_stripe_secret_key=${STRIPE_SECRET_KEY} +cream_stripe_publishable_key=${STRIPE_PUBLISHABLE_KEY} [docks:vars] docker_config=docks -docks_rollbar_key=${ ROLLBAR_TOKEN_DOCKS } +docks_rollbar_key=${ROLLBAR_TOKEN_DOCKS} [dock:vars] -docks_rollbar_key=${ ROLLBAR_TOKEN_DOCKS } +docks_rollbar_key=${ROLLBAR_TOKEN_DOCKS} [drake:vars] drake_port=80 [khronos:vars] -khronos_mongo_auth=${ MONGO_USER }:${ MONGO_PASSWORD } -khronos_mongo_database=${ MONGO_DATABASE_NAME } -khronos_mongo_replset_name=${ MONGO_DATABASE_NAME } +khronos_mongo_auth=${MONGO_USER}:${MONGO_PASSWORD} +khronos_mongo_database=${MONGO_DATABASE_NAME} +khronos_mongo_replset_name=${MONGO_DATABASE_NAME} [metis:vars] [navi:vars] -navi_cookie_secret=${ COOKIE_SECRET } +navi_cookie_secret=${COOKIE_SECRET} _navi_proxy_port=65100 _navi_proxy_ssl_port=65101 [optimus:vars] -optimus_aws_access_id=${ AWS_ACCESS_KEY_ID_1 } -optimus_aws_secret_id=${ AWS_SECRET_ACCESS_KEY_1 } -optimus_github_deploy_keys_bucket=runnable.deploykeys.${ ENV } +optimus_aws_access_id=${AWS_ACCESS_KEY_ID_1} +optimus_aws_secret_id=${AWS_SECRET_ACCESS_KEY_1} +optimus_github_deploy_keys_bucket=runnable.deploykeys.${ENV} [palantiri:vars] [pheidi:vars] -pheidi_mongo_auth=${ MONGO_USER }:${ MONGO_PASSWORD } -pheidi_mongo_database=${ MONGO_DATABASE } -pheidi_mongo_replset_name=${ MONGO_DATABASE } -pheidi_runnabot_tokens=${ GITHUB_ACCESS_TOKEN } +pheidi_mongo_auth=${MONGO_USER}:${MONGO_PASSWORD} +pheidi_mongo_database=${MONGO_DATABASE} +pheidi_mongo_replset_name=${MONGO_DATABASE} +pheidi_runnabot_tokens=${GITHUB_ACCESS_TOKEN} [sauron:vars] [registry:vars] -registry_s3_access_key=${ AWS_ACCESS_KEY_ID_1 } -registry_s3_secret_key=${ AWS_SECRET_ACCESS_KEY_1 } -registry_s3_bucket=runnableimages.${ ENV } -registry_s3_region=${ AWS_REGION } +registry_s3_access_key=${AWS_ACCESS_KEY_ID_1} +registry_s3_secret_key=${AWS_SECRET_ACCESS_KEY_1} +registry_s3_bucket=runnableimages.${ENV} +registry_s3_region=${AWS_REGION} [shiva:vars] -aws_access_key_id=${ AWS_ACCESS_KEY_ID_1 } -aws_secret_access_key=${ AWS_ACCESS_KEY_ID_1 } -shiva_consult_hostname=${ MAIN_HOST_IP_ADDRESS } -shiva_aws_region=${ AWS_REGION } -shiva_dock_security_groups=${ AWS_DOCK_SG } -shiva_ssh_key_name=${ AWS_SSH_KEY_NAME } -shiva_aws_instance_image_id=${ AWS_DOCK_AMI_ID } -shiva_aws_instance_image_name=${ AWS_DOCK_AMI_NAME } +aws_access_key_id=${AWS_ACCESS_KEY_ID_1} +aws_secret_access_key=${AWS_ACCESS_KEY_ID_1} +shiva_consult_hostname=${MAIN_HOST_IP_ADDRESS} +shiva_aws_region=${AWS_REGION} +shiva_dock_security_groups=${AWS_DOCK_SG} +shiva_ssh_key_name=${AWS_SSH_KEY_NAME} +shiva_aws_instance_image_id=${AWS_DOCK_AMI_ID} +shiva_aws_instance_image_name=${AWS_DOCK_AMI_NAME} shiva_aws_instance_type=t2.medium -shiva_dock_pool_asg_name=${ ENV }-asg-dock-pool -shiva_aws_launch_configuration_name=${ ENV }-lc-${ AWS_LC_VERSION } -shiva_aws_auto_scaling_group_subnets=${ AWS_ASG_SUBNET } +shiva_dock_pool_asg_name=${ENV}-asg-dock-pool +shiva_aws_launch_configuration_name=${ENV}-lc-${AWS_LC_VERSION} +shiva_aws_auto_scaling_group_subnets=${AWS_ASG_SUBNET} shiva_aws_auto_scaling_group_max=29 -shiva_aws_auto_scaling_group_prefix=asg-${ ENV }- +shiva_aws_auto_scaling_group_prefix=asg-${ENV}- [swarm-manager:vars] -aws_access_key=${ AWS_ACCESS_KEY_ID_1 } -aws_secret_key=${ AWS_SECRET_ACCESS_KEY_1 } -environment_name=${ ENV } +aws_access_key=${AWS_ACCESS_KEY_ID_1} +aws_secret_key=${AWS_SECRET_ACCESS_KEY_1} +environment_name=${ENV} [vault:vars] -vault_hello_runnable_github_token=${ GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE } -vault_aws_access_key_id=${ AWS_ACCESS_KEY_ID_1 } -vault_aws_secret_key=${ AWS_SECRET_ACCESS_KEY_1 } -vault_aws_region=${ AWS_REGION } -vault_root_token=${ LOCAL_VAULT_ROOT_TOKEN } -vault_unseal_tokens={'one':'${ LOCAL_VAULT_TOKEN_1 }', 'two': '${ LOCAL_VAULT_TOKEN_2 }', 'three': '${ LOCAL_VAULT_TOKEN_3 }', 'four': '${ LOCAL_VAULT_TOKEN_4 }', 'five': '${ LOCAL_VAULT_TOKEN_5 }'} +vault_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE} +vault_aws_access_key_id=${AWS_ACCESS_KEY_ID_1} +vault_aws_secret_key=${AWS_SECRET_ACCESS_KEY_1} +vault_aws_region=${AWS_REGION} +vault_root_token=${LOCAL_VAULT_ROOT_TOKEN} +vault_unseal_tokens={'one':'${LOCAL_VAULT_TOKEN_1}', 'two': '${LOCAL_VAULT_TOKEN_2}', 'three': '${LOCAL_VAULT_TOKEN_3}', 'four': '${LOCAL_VAULT_TOKEN_4}', 'five': '${LOCAL_VAULT_TOKEN_5}'} _vault_port=65240 _vault_ssl_port=65241 -[${ ENV }:vars] -ansible_ssh_private_key_file=~/.ssh/${ PEM_KEY_NAME } +[${ENV}:vars] +ansible_ssh_private_key_file=~/.ssh/${PEM_KEY_NAME} bastion_sshd_port=60709 -datadog_tags=env:${ ENV } +datadog_tags=env:${ENV} datadog_mongodb_user=datadog datadog_mongodb_pwd= -domain=${ DOMAIN } +domain=${DOMAIN} mongo_port=27017 -node_env=${ ENV } +node_env=${ENV} pg_user=astral -pg_pass=${ POSTGRES_PASSWORD } -pg_host=${ POSTGRES_HOST }:${ POSTGRES_PORT } -rabbit_password=${ RABBIT_PASSWORD } -rabbit_username=${ RABBIT_USERNAME } -registry_host=${ MAIN_HOST_IP_ADDRESS } +pg_pass=${POSTGRES_PASSWORD} +pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} +rabbit_password=${RABBIT_PASSWORD} +rabbit_username=${RABBIT_USERNAME} +registry_host=${MAIN_HOST_IP_ADDRESS} _registry_port=65001 _consul_api_port=65200 _consul_https_port=65201 _swarm_master_port=65250 -user_content_domain=${ USER_CONTENT_DOMAIN } +user_content_domain=${USER_CONTENT_DOMAIN} max_navi_port=65000 _redis_port=65075 _redis_tls_port=65076 -api_hello_runnable_github_token=${ GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE } -vault_auth_token=${ REMOTE_VAULT_ROOT_TOKEN } -vault_token_01=${ REMOTE_VAULT_TOKEN_1 } -vault_token_02=${ REMOTE_VAULT_TOKEN_2 } -vault_token_03=${ REMOTE_VAULT_TOKEN_3 } -vault_token_04=${ REMOTE_VAULT_TOKEN_4 } -vault_token_05=${ REMOTE_VAULT_TOKEN_5 } +api_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE} +vault_auth_token=${REMOTE_VAULT_ROOT_TOKEN} +vault_token_01=${REMOTE_VAULT_TOKEN_1} +vault_token_02=${REMOTE_VAULT_TOKEN_2} +vault_token_03=${REMOTE_VAULT_TOKEN_3} +vault_token_04=${REMOTE_VAULT_TOKEN_4} +vault_token_05=${REMOTE_VAULT_TOKEN_5} github_domain=api.github.com is_github_enterprise=false github_protocol=https From ac326a90ee77c75535ac72ac1537f17371a50d7f Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 2 Feb 2017 11:11:00 -0800 Subject: [PATCH 05/61] Remove variable for IP address and change it with hosts --- ansible/bear-clone-hosts/variables | 1 - ansible/default-hosts/variables | 1 - ansible/group_vars/alpha-metis.yml | 2 +- ansible/group_vars/alpha-shiva.yml | 4 ++-- ansible/roles/base_ubuntu/tasks/main.yml | 2 +- ansible/roles/consul-services/tasks/main.yml | 2 +- ansible/roles/runnable-domain-proxy/templates/registry.tmpl | 6 +++--- 7 files changed, 8 insertions(+), 10 deletions(-) diff --git a/ansible/bear-clone-hosts/variables b/ansible/bear-clone-hosts/variables index fb4502eb..46252f44 100644 --- a/ansible/bear-clone-hosts/variables +++ b/ansible/bear-clone-hosts/variables @@ -117,7 +117,6 @@ pg_pass=MgZQTuJcFZxM3aoJHtXn pg_host=big-poppa-bear-clone.cnksgdqarobf.us-west-2.rds.amazonaws.com:32659 rabbit_password=wKK7g7NWKpQXEeSzyWB7mIpxZIL8H2mDSf3Q6czR3Vk rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM -registry_host=10.4.0.148 _registry_port=65001 _consul_api_port=65200 _consul_https_port=65201 diff --git a/ansible/default-hosts/variables b/ansible/default-hosts/variables index 74879875..15ce6255 100644 --- a/ansible/default-hosts/variables +++ b/ansible/default-hosts/variables @@ -114,7 +114,6 @@ pg_pass=${POSTGRES_PASSWORD} pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} rabbit_password=${RABBIT_PASSWORD} rabbit_username=${RABBIT_USERNAME} -registry_host=${MAIN_HOST_IP_ADDRESS} _registry_port=65001 _consul_api_port=65200 _consul_https_port=65201 diff --git a/ansible/group_vars/alpha-metis.yml b/ansible/group_vars/alpha-metis.yml index fe371c36..a0a4761f 100644 --- a/ansible/group_vars/alpha-metis.yml +++ b/ansible/group_vars/alpha-metis.yml @@ -27,7 +27,7 @@ container_envs: > -e REDIS_CACERT={{ redis_ca_cert_path }} -e REDIS_HOST={{ redis_host_address }} -e REDIS_PORT={{ redis_tls_port }} - -e REGISTRY_HOST={{ registry_host }} + -e REGISTRY_HOST={{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }} -e ROLLBAR_KEY={{ metis_rollbar_key }} -e DOCKER_PORT={{ docker_port }} diff --git a/ansible/group_vars/alpha-shiva.yml b/ansible/group_vars/alpha-shiva.yml index 24f3daa5..244d5b39 100644 --- a/ansible/group_vars/alpha-shiva.yml +++ b/ansible/group_vars/alpha-shiva.yml @@ -24,10 +24,10 @@ container_envs: > -e REDIS_CACERT={{ redis_ca_cert_path }} -e REDIS_PORT={{ redis_tls_port }} -e REDIS_IPADDRESS={{ redis_host_address }} - -e REGISTRY_HOST={{ registry_host }} + -e REGISTRY_HOST={{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }} {% if shiva_rollbar_token is defined %} -e ROLLBAR_KEY={{ shiva_rollbar_token }} {% endif %} -e DOCKER_PORT={{ docker_port }} - {% if shiva_consult_hostname is defined %} -e CONSUL_HOSTNAME={{ shiva_consult_hostname }} {% endif %} + {% if shiva_consult_hostname is defined %} -e CONSUL_HOSTNAME={{ hostvars[groups['dock'][0]]['ansible_default_ipv4']['address'] }} {% endif %} {% if shiva_aws_region is defined %} -e AWS_REGION={{ shiva_aws_region }} {% endif %} {% if shiva_dock_security_groups is defined %} -e AWS_DOCK_SECURITY_GROUPS={{ shiva_dock_security_groups }} {% endif %} {% if shiva_ssh_key_name is defined %} -e AWS_SSH_KEY_NAME={{ shiva_ssh_key_name }} {% endif %} diff --git a/ansible/roles/base_ubuntu/tasks/main.yml b/ansible/roles/base_ubuntu/tasks/main.yml index ee624a85..33f5ba32 100644 --- a/ansible/roles/base_ubuntu/tasks/main.yml +++ b/ansible/roles/base_ubuntu/tasks/main.yml @@ -4,6 +4,6 @@ when: dock is not defined lineinfile: dest=/etc/hosts - line="{{ registry_host }} registry.runnable.com" + line="{{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }} registry.runnable.com" state=present regexp=".+ registry\.runnable\.com" diff --git a/ansible/roles/consul-services/tasks/main.yml b/ansible/roles/consul-services/tasks/main.yml index 26458199..dc76654b 100644 --- a/ansible/roles/consul-services/tasks/main.yml +++ b/ansible/roles/consul-services/tasks/main.yml @@ -29,7 +29,7 @@ tags: ['master'] port: '{{ redis_port }}' - name: 'registry' - host_address: '{{ registry_host }}' + host_address: "{{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }}" tags: ['master'] port: '{{ registry_port }}' diff --git a/ansible/roles/runnable-domain-proxy/templates/registry.tmpl b/ansible/roles/runnable-domain-proxy/templates/registry.tmpl index c0500a16..769850b8 100644 --- a/ansible/roles/runnable-domain-proxy/templates/registry.tmpl +++ b/ansible/roles/runnable-domain-proxy/templates/registry.tmpl @@ -1,5 +1,5 @@ upstream docker-registry { - server {{ registry_host }}:{{ registry_port }}; + server {{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }}:{{ registry_port }}; } server { @@ -13,7 +13,7 @@ server { location / { auth_basic off; - proxy_pass http://{{ registry_host }}:{{ registry_port }}; + proxy_pass http://{{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }}:{{ registry_port }}; proxy_set_header Host $http_host; # required for docker client's sake proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP } @@ -25,7 +25,7 @@ server { return 404; } - proxy_pass http://{{ registry_host }}:{{ registry_port }}; + proxy_pass http://{{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }}:{{ registry_port }}; proxy_set_header Host $http_host; # required for docker client's sake proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; From 4c6ea19d6fd218ee9c2d67b4742cdd2bd35867e6 Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 2 Feb 2017 12:48:24 -0800 Subject: [PATCH 06/61] Fix vars --- ansible/default-hosts/variables | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/ansible/default-hosts/variables b/ansible/default-hosts/variables index 15ce6255..a5128c5d 100644 --- a/ansible/default-hosts/variables +++ b/ansible/default-hosts/variables @@ -16,8 +16,8 @@ big_poppa_pg_port=${POSTGRES_PORT} big_poppa_pg_user=big_poppa big_poppa_github_token=${GITHUB_ACCESS_TOKEN} big_poppa_mongo_auth=${MONGO_USERNAME}:${MONGO_PASSWORD} -big_poppa_mongo_database=${MONGO_DATABASE_NAME} -big_poppa_mongo_replset_name=${MONGO_DATABASE_NAME}-rs0 +big_poppa_mongo_database=${MONGO_DATABASE} +big_poppa_mongo_replset_name=${MONGO_DATABASE}-rs0 big_poppa_pg_pool_min=10 big_poppa_pg_pool_max=20 @@ -38,8 +38,8 @@ drake_port=80 [khronos:vars] khronos_mongo_auth=${MONGO_USER}:${MONGO_PASSWORD} -khronos_mongo_database=${MONGO_DATABASE_NAME} -khronos_mongo_replset_name=${MONGO_DATABASE_NAME} +khronos_mongo_database=${MONGO_DATABASE} +khronos_mongo_replset_name=${MONGO_DATABASE} [metis:vars] @@ -72,7 +72,6 @@ registry_s3_region=${AWS_REGION} [shiva:vars] aws_access_key_id=${AWS_ACCESS_KEY_ID_1} aws_secret_access_key=${AWS_ACCESS_KEY_ID_1} -shiva_consult_hostname=${MAIN_HOST_IP_ADDRESS} shiva_aws_region=${AWS_REGION} shiva_dock_security_groups=${AWS_DOCK_SG} shiva_ssh_key_name=${AWS_SSH_KEY_NAME} @@ -101,7 +100,6 @@ _vault_port=65240 _vault_ssl_port=65241 [${ENV}:vars] -ansible_ssh_private_key_file=~/.ssh/${PEM_KEY_NAME} bastion_sshd_port=60709 datadog_tags=env:${ENV} datadog_mongodb_user=datadog From 4add3a7bd6fa06f66b0a95318ce7bf86476303ae Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 10:56:04 -0800 Subject: [PATCH 07/61] Add values to consul --- ansible/group_vars/alpha-consul.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ansible/group_vars/alpha-consul.yml b/ansible/group_vars/alpha-consul.yml index b94c19c5..2a9e2c18 100644 --- a/ansible/group_vars/alpha-consul.yml +++ b/ansible/group_vars/alpha-consul.yml @@ -40,3 +40,7 @@ consul_seed: value: "{{ api_hostname }}" - key: api/url value: "{{ api_url }}" + - key: s3/bucket + value: "{{ registry_s3_bucket }}" + - key: s3/region + value: "{{ registry_s3_region }}" From 0b1cf470d61aab37e28a15155c0603dbc2f94a9c Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 10:56:51 -0800 Subject: [PATCH 08/61] Add rol for lets encrypt --- .../alpha-lets-encrypt-certs-generation.yml | 19 ++++++++++ ansible/lets-encrypt-certs-generation.yml | 11 ++++++ .../tasks/main.yml | 35 +++++++++++++++++++ .../templates/default | 13 +++++++ .../templates/proxy-nginx.conf | 29 +++++++++++++++ 5 files changed, 107 insertions(+) create mode 100644 ansible/group_vars/alpha-lets-encrypt-certs-generation.yml create mode 100644 ansible/lets-encrypt-certs-generation.yml create mode 100644 ansible/roles/lets-encrypt-certs-generation/tasks/main.yml create mode 100644 ansible/roles/lets-encrypt-certs-generation/templates/default create mode 100644 ansible/roles/lets-encrypt-certs-generation/templates/proxy-nginx.conf diff --git a/ansible/group_vars/alpha-lets-encrypt-certs-generation.yml b/ansible/group_vars/alpha-lets-encrypt-certs-generation.yml new file mode 100644 index 00000000..69ea09ba --- /dev/null +++ b/ansible/group_vars/alpha-lets-encrypt-certs-generation.yml @@ -0,0 +1,19 @@ +--- +name: nginx + +# used by consul template updater +target_container_name: nginx +target_updater_file_path: /etc/nginx/sites-enabled + +# used by container_kill_start +container_image: "{{ name }}" +container_tag: "1.10" + +restart_policy: always + +container_run_opts: > + -d + --name {{ name }} + -p 0.0.0.0:443:443 + -p 0.0.0.0:80:80 + -v /etc/ssl/certs/{{ domain }}:/etc/ssl/certs/{{ domain }}:ro diff --git a/ansible/lets-encrypt-certs-generation.yml b/ansible/lets-encrypt-certs-generation.yml new file mode 100644 index 00000000..eef0fe09 --- /dev/null +++ b/ansible/lets-encrypt-certs-generation.yml @@ -0,0 +1,11 @@ +--- +- hosts: userland + vars_files: + - group_vars/alpha-lets-encrypt-certs-generation.yml + roles: + - role: datadog + has_dd_integration: yes + + - role: lets-encrypt-certs-generation + + - role: container_kill_start diff --git a/ansible/roles/lets-encrypt-certs-generation/tasks/main.yml b/ansible/roles/lets-encrypt-certs-generation/tasks/main.yml new file mode 100644 index 00000000..7357ebd5 --- /dev/null +++ b/ansible/roles/lets-encrypt-certs-generation/tasks/main.yml @@ -0,0 +1,35 @@ +--- +- name: make sure cert directory is in place + tags: [ configure_proxy, certs ] + become: true + file: + dest: /etc/ssl/certs/{{ domain }} + state: directory + +- name: make sure nginx directory is in place + tags: [ configure_proxy, configure_files ] + become: true + file: + dest: /etc/nginx + state: directory + +- name: put nginx configuration in place + tags: [ configure_proxy, configure_files ] + become: yes + template: + src: proxy-nginx.conf + dest: /etc/nginx/nginx.conf + +- name: assert nginx sites-enabled directory + tags: [ configure_proxy, configure_files ] + become: yes + file: + state: directory + dest: /etc/nginx/sites-enabled + +- name: put lets-encrypt conf in place + tags: [ configure_proxy, configure_files ] + become: yes + template: + src: lets-encrypt.tmpl + dest: /etc/nginx/sites-enabled/lets-encrypt.conf diff --git a/ansible/roles/lets-encrypt-certs-generation/templates/default b/ansible/roles/lets-encrypt-certs-generation/templates/default new file mode 100644 index 00000000..61d40e80 --- /dev/null +++ b/ansible/roles/lets-encrypt-certs-generation/templates/default @@ -0,0 +1,13 @@ +server { + listen [::]:80 default_server; + server_name {{ domain }} *.{{ domain }}; + root /var/www/html; + + location ~ /.well-known { + allow all; + } + + location /test/ { + return 200 "Its alive"; + } +} diff --git a/ansible/roles/lets-encrypt-certs-generation/templates/proxy-nginx.conf b/ansible/roles/lets-encrypt-certs-generation/templates/proxy-nginx.conf new file mode 100644 index 00000000..dc663d03 --- /dev/null +++ b/ansible/roles/lets-encrypt-certs-generation/templates/proxy-nginx.conf @@ -0,0 +1,29 @@ +user www-data; +worker_processes 4; +pid /run/nginx.pid; + +events { + worker_connections 5000; +} + +http { + ## + # Basic Settings + ## + tcp_nodelay on; + keepalive_timeout 65; + server_tokens off; + + ## + # Logging Settings + ## + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/sites-enabled/*; +} From 3003d8233a3b26d60a22a0e89923bb627e8d023a Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 10:57:41 -0800 Subject: [PATCH 09/61] Split up single-host into parts --- ansible/single-host-part-1-setup.yml | 4 +++ ansible/single-host-part-1.yml | 3 ++ ansible/single-host-part-2.yml | 6 ++++ ansible/single-host-part-3.yml | 28 +++++++++++++++ ansible/single-host.yml | 52 ++-------------------------- 5 files changed, 44 insertions(+), 49 deletions(-) create mode 100644 ansible/single-host-part-1-setup.yml create mode 100644 ansible/single-host-part-1.yml create mode 100644 ansible/single-host-part-2.yml create mode 100644 ansible/single-host-part-3.yml diff --git a/ansible/single-host-part-1-setup.yml b/ansible/single-host-part-1-setup.yml new file mode 100644 index 00000000..d088bc78 --- /dev/null +++ b/ansible/single-host-part-1-setup.yml @@ -0,0 +1,4 @@ +# Initial values (Only run the first time) +- include: consul-values.yml -e write_values="true" # Only run the first time +- include: consul-services.yml # Only run the first time +- include: vault-values.yml -e write_values="true" diff --git a/ansible/single-host-part-1.yml b/ansible/single-host-part-1.yml new file mode 100644 index 00000000..cf21cd4e --- /dev/null +++ b/ansible/single-host-part-1.yml @@ -0,0 +1,3 @@ +## Service Discovery: +- include: consul.yml +- include: vault.yml diff --git a/ansible/single-host-part-2.yml b/ansible/single-host-part-2.yml new file mode 100644 index 00000000..e8b1a51f --- /dev/null +++ b/ansible/single-host-part-2.yml @@ -0,0 +1,6 @@ +# Databases +- include: mongo.yml +- include: rabbitmq.yml +- include: redis.yml +- include: redis-tls.yml # Only used by navi and shiva +- include: registry.yml diff --git a/ansible/single-host-part-3.yml b/ansible/single-host-part-3.yml new file mode 100644 index 00000000..69ff80b5 --- /dev/null +++ b/ansible/single-host-part-3.yml @@ -0,0 +1,28 @@ +# Docks Services +- include: swarm-manager.yml +- include: palantiri.yml git_branch="{{ palantiri_branch }}" -t deploy +- include: sauron.yml git_branch="{{ sauron_branch }}" -t deploy +- include: shiva.yml git_branch="{{ astral_branch }}" -t deploy +- include: khronos.yml git_branch="{{ khronos_branch }}" -t deploy +- include: docker-listener.yml git_branch="{{ docker_listener_branch }}" -t deploy + +## Proxies +- include: registrator-api.yml # Only one of these is neededi, so registrator-navi is not needed +- include: single-host-proxy.yml # API depends on NGINX to be running +- include: github-varnish.yml git_branch="{{ github_varnish_branch }}" -t deploy + +# Main +- include: big-poppa.yml git_branch="{{ big_poppa_branch }}" -t deploy +- include: api.yml git_branch="{{ api_branch }}" -t deploy +- include: cream.yml git_branch="{{ cream_branch }}" -t deploy # CREAM fails if big-poppa or API is down +- include: web.yml git_branch="{{ angular_branch }}" -t deploy # fucked + +# Networking services +- include: detention.yml git_branch="{{ detention_branch }}" -t deploy +- include: link.yml git_branch="{{ link_branch }}" -t deploy +- include: navi.yml git_branch="{{ navi_branch }}" -t deploy # Connects to Redis over tls port + +# Other +- include: optimus.yml git_branch="{{ optimus_branch }}" -t deploy +- include: drake.yml git_branch="{{ drake_branch }}" -t deploy +- include: pheidi.yml git_branch="{{ pheidi_branch }}" -t deploy diff --git a/ansible/single-host.yml b/ansible/single-host.yml index 1888688c..351eabb0 100644 --- a/ansible/single-host.yml +++ b/ansible/single-host.yml @@ -1,49 +1,3 @@ -## configure security group policy -- include: sg_configure.yml - -## Install Datadog Agent -# - include: datadog.yml - -## begin with databases: -- include: consul.yml -- include: vault.yml - -# Initial values (Only run the first time) -- include: consul-values.yml -e write_values="true" # Only run the first time -- include: consul-services.yml # Only run the first time -- include: vault-values.yml -e write_values="true" - -# Databases -- include: rabbitmq.yml -- include: redis.yml -- include: redis-tls.yml # Only used by navi and shiva -- include: registry.yml - -# Docks Services -- include: swarm-manager.yml -- include: palantiri.yml git_branch="{{ palantiri_branch }}" -t deploy -- include: sauron.yml git_branch="{{ sauron_branch }}" -t deploy -- include: shiva.yml git_branch="{{ astral_branch }}" -t deploy -- include: khronos.yml git_branch="{{ khronos_branch }}" -t deploy -- include: docker-listener.yml git_branch="{{ docker_listener_branch }}" -t deploy - -## Proxies -- include: registrator-api.yml # Only one of these is neededi, so registrator-navi is not needed -- include: single-host-proxy.yml # API depends on NGINX to be running -- include: github-varnish.yml git_branch="{{ github_varnish_branch }}" -t deploy - -# Main -- include: big-poppa.yml git_branch="{{ big_poppa_branch }}" -t deploy -- include: api.yml git_branch="{{ api_branch }}" -t deploy -- include: cream.yml git_branch="{{ cream_branch }}" -t deploy # CREAM fails if big-poppa or API is down -- include: web.yml git_branch="{{ angular_branch }}" -t deploy # fucked - -# Networking services -- include: detention.yml git_branch="{{ detention_branch }}" -t deploy -- include: link.yml git_branch="{{ link_branch }}" -t deploy -- include: navi.yml git_branch="{{ navi_branch }}" -t deploy # Connects to Redis over tls port - -# Other -- include: optimus.yml git_branch="{{ optimus_branch }}" -t deploy -- include: drake.yml git_branch="{{ drake_branch }}" -t deploy -- include: pheidi.yml git_branch="{{ pheidi_branch }}" -t deploy +- include: single-host-part-1.yml +- include: single-host-part-2.yml +- include: single-host-part-3.yml From e4a5a2da7902693cd3ddd5e44b6786db378834ee Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 13:52:23 -0800 Subject: [PATCH 10/61] Step 1: Add env, domain, and user_content_domain --- ansible/grizzly-hosts/docks.js | 75 +++++++++++++++ ansible/grizzly-hosts/hosts | 159 ++++++++++++++++++++++++++++++++ ansible/grizzly-hosts/variables | 134 +++++++++++++++++++++++++++ 3 files changed, 368 insertions(+) create mode 100755 ansible/grizzly-hosts/docks.js create mode 100644 ansible/grizzly-hosts/hosts create mode 100644 ansible/grizzly-hosts/variables diff --git a/ansible/grizzly-hosts/docks.js b/ansible/grizzly-hosts/docks.js new file mode 100755 index 00000000..b2804306 --- /dev/null +++ b/ansible/grizzly-hosts/docks.js @@ -0,0 +1,75 @@ +#!/usr/bin/env node + +'use strict'; + +var aws = require('aws-sdk'); +var ec2 = new aws.EC2({ + accessKeyId: '${AWS_ACCESS_KEY_ID_1}', + secretAccessKey: '${AWS_SECRET_ACCESS_KEY_1}', + region: '${AWS_REGION}' +}); + +var params = { + Filters: [ + // Only search for docks in the cluster security group + { + Name: 'instance.group-id', + Values: ['${AWS_DOCK_SG}'] // This script is the same for all environments + }, + // Only fetch instances that are tagged as docks + { + Name: 'tag:role', + Values: ['dock'] + }, + // Only fetch running instances + { + Name: 'instance-state-name', + Values: ['running'] + } + ] +}; + +ec2.describeInstances(params, function (err, data) { + if (err) { + console.error("An error occurred: ", err); + process.exit(1); + } + + // Get a set of instances from the describe response + var instances = []; + data.Reservations.forEach(function (res) { + res.Instances.forEach(function (instance) { + instances.push(instance); + }); + }); + + // Map the instances to their private ip addresses + // NOTE This will work locally because of the wilcard ssh proxy in the config + var hosts = instances.map(function (instance) { + return instance.PrivateIpAddress; + }); + + var hostVars = {}; + instances.forEach(function (instance) { + for (var i = 0; i < instance.Tags.length; i++) { + if (instance.Tags[i].Key === 'org') { + hostVars[instance.PrivateIpAddress] = { + host_tags: instance.Tags[i].Value + ',build,run' + }; + } + } + }); + + // Output the resulting JSON + // NOTE http://docs.ansible.com/ansible/developing_inventory.html + console.log(JSON.stringify( + { + docks: { + hosts: hosts + }, + _meta : { + hostvars : hostVars + } + } + )); +}); diff --git a/ansible/grizzly-hosts/hosts b/ansible/grizzly-hosts/hosts new file mode 100644 index 00000000..2ef19a71 --- /dev/null +++ b/ansible/grizzly-hosts/hosts @@ -0,0 +1,159 @@ +[bastion] +dafault-bastion + +[hipache] +default-main httpsCheckForBackend80=false prependIncomingPort=true subDomainDepth=4 + +[userland] +default-main + +[mongodb] +default-main + +[api_group:children] +worker +api +socket-server + +[api] +default-main + +[big-poppa] +default-main + +[cream] +default-main + +[consul] +default-main + +[docker-listener] +default-main + +[vault] +default-main + +[worker] +default-main + +[navi] +default-main + +[ingress] +default-main + +[link] +default-main + +[mongo-navi] +default-main + +[charon] +default-main + +[khronos] +default-main + +[optimus] +default-main + +[detention] +default-main + +[palantiri] +default-main + +[rabbitmq] +default-main + +[web] +default-main + +[redis] +default-main + +[redis-slave] +default-main + +[sauron] +default-main + +[shiva] +default-main + +[socket-server] +default-main + +[socket-server-proxy] +default-main + +[registry] +default-main + +[swarm-manager] +default-main + +[metis] +default-main + +[drake] +default-main + +[pheidi] +default-main + +[github-varnish] +default-main + +[single-host-proxy] +default-main + +[docks] + +[dock] + +[prometheus] +default-main + +[bear-clone:children] +api +bastion +big-poppa +charon +consul +cream +dock +docker-listener +docks +drake +hipache +ingress +khronos +metis +mongodb +navi +optimus +pheidi +prometheus +rabbitmq +redis +redis-slave +registry +sauron +shiva +single-host-proxy +socket-server +socket-server-proxy +swarm-manager +userland +web +worker + +[local] +127.0.0.1 + +[ec2] +local + +[targets] +localhost ansible_connection=local bastion_name=default-bastion diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables new file mode 100644 index 00000000..aa1e0e2e --- /dev/null +++ b/ansible/grizzly-hosts/variables @@ -0,0 +1,134 @@ +[api_group:vars] +api_aws_access_key_id=${AWS_ACCESS_KEY_ID_1} +api_aws_secret_access_key=${AWS_SECRET_ACCESS_KEY_1} +api_github_client_id=${GITHUB_CLIEND_ID} +api_github_client_secret=${GITHUB_CLIENT_SECRET} +api_github_deploy_keys_bucket=runnable.deploykeys.grizzly +api_mongo_auth=${MONGO_USERNAME}:${MONGO_PASSWORD} +api_mongo_database=grizzly +api_mongo_replset_name=grizzly-rs0 +api_s3_context_bucket=runnable.context.resources.grizzly + +[big-poppa:vars] +big_poppa_pg_pass=${POSTGRES_PASSWORD} +big_poppa_pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} +big_poppa_pg_port=${POSTGRES_PORT} +big_poppa_pg_user=big_poppa +big_poppa_github_token=${GITHUB_ACCESS_TOKEN} +big_poppa_mongo_auth=${MONGO_USERNAME}:${MONGO_PASSWORD} +big_poppa_mongo_database=${MONGO_DATABASE} +big_poppa_mongo_replset_name=${MONGO_DATABASE}-rs0 +big_poppa_pg_pool_min=10 +big_poppa_pg_pool_max=20 + +[cream:vars] +cream_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN} +cream_stripe_secret_key=${STRIPE_SECRET_KEY} +cream_stripe_publishable_key=${STRIPE_PUBLISHABLE_KEY} + +[docks:vars] +docker_config=docks +docks_rollbar_key=${ROLLBAR_TOKEN_DOCKS} + +[dock:vars] +docks_rollbar_key=${ROLLBAR_TOKEN_DOCKS} + +[drake:vars] +drake_port=80 + +[khronos:vars] +khronos_mongo_auth=${MONGO_USER}:${MONGO_PASSWORD} +khronos_mongo_database=${MONGO_DATABASE} +khronos_mongo_replset_name=${MONGO_DATABASE} + +[metis:vars] + +[navi:vars] +navi_cookie_secret=${COOKIE_SECRET} +_navi_proxy_port=65100 +_navi_proxy_ssl_port=65101 + +[optimus:vars] +optimus_aws_access_id=${AWS_ACCESS_KEY_ID_1} +optimus_aws_secret_id=${AWS_SECRET_ACCESS_KEY_1} +optimus_github_deploy_keys_bucket=runnable.deploykeys.grizzly + +[palantiri:vars] + +[pheidi:vars] +pheidi_mongo_auth=${MONGO_USER}:${MONGO_PASSWORD} +pheidi_mongo_database=${MONGO_DATABASE} +pheidi_mongo_replset_name=${MONGO_DATABASE} +pheidi_runnabot_tokens=${GITHUB_ACCESS_TOKEN} + +[sauron:vars] + +[registry:vars] +registry_s3_access_key=${AWS_ACCESS_KEY_ID_1} +registry_s3_secret_key=${AWS_SECRET_ACCESS_KEY_1} +registry_s3_bucket=runnableimages.grizzly +registry_s3_region=${AWS_REGION} + +[shiva:vars] +aws_access_key_id=${AWS_ACCESS_KEY_ID_1} +aws_secret_access_key=${AWS_ACCESS_KEY_ID_1} +shiva_aws_region=${AWS_REGION} +shiva_dock_security_groups=${AWS_DOCK_SG} +shiva_ssh_key_name=${AWS_SSH_KEY_NAME} +shiva_aws_instance_image_id=${AWS_DOCK_AMI_ID} +shiva_aws_instance_image_name=${AWS_DOCK_AMI_NAME} +shiva_aws_instance_type=t2.medium +shiva_dock_pool_asg_name=grizzly-asg-dock-pool +shiva_aws_launch_configuration_name=grizzly-lc-${AWS_LC_VERSION} +shiva_aws_auto_scaling_group_subnets=${AWS_ASG_SUBNET} +shiva_aws_auto_scaling_group_max=29 +shiva_aws_auto_scaling_group_prefix=asg-grizzly- + +[swarm-manager:vars] +aws_access_key=${AWS_ACCESS_KEY_ID_1} +aws_secret_key=${AWS_SECRET_ACCESS_KEY_1} +environment_name=grizzly + +[vault:vars] +vault_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE} +vault_aws_access_key_id=${AWS_ACCESS_KEY_ID_1} +vault_aws_secret_key=${AWS_SECRET_ACCESS_KEY_1} +vault_aws_region=${AWS_REGION} +vault_root_token=${LOCAL_VAULT_ROOT_TOKEN} +vault_unseal_tokens={'one':'${LOCAL_VAULT_TOKEN_1}', 'two': '${LOCAL_VAULT_TOKEN_2}', 'three': '${LOCAL_VAULT_TOKEN_3}', 'four': '${LOCAL_VAULT_TOKEN_4}', 'five': '${LOCAL_VAULT_TOKEN_5}'} +_vault_port=65240 +_vault_ssl_port=65241 + +[grizzly:vars] +bastion_sshd_port=60709 +datadog_tags=env:grizzly +datadog_mongodb_user=datadog +datadog_mongodb_pwd= +domain=runnablecloud.com +mongo_port=27017 +node_env=grizzly +pg_user=astral +pg_pass=${POSTGRES_PASSWORD} +pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} +rabbit_password=${RABBIT_PASSWORD} +rabbit_username=${RABBIT_USERNAME} +_registry_port=65001 +_consul_api_port=65200 +_consul_https_port=65201 +_swarm_master_port=65250 +user_content_domain=runnabae.com +max_navi_port=65000 +_redis_port=65075 +_redis_tls_port=65076 +api_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE} +vault_auth_token=${REMOTE_VAULT_ROOT_TOKEN} +vault_token_01=${REMOTE_VAULT_TOKEN_1} +vault_token_02=${REMOTE_VAULT_TOKEN_2} +vault_token_03=${REMOTE_VAULT_TOKEN_3} +vault_token_04=${REMOTE_VAULT_TOKEN_4} +vault_token_05=${REMOTE_VAULT_TOKEN_5} +github_domain=api.github.com +is_github_enterprise=false +github_protocol=https +proxy_container_image=runnable/sticky-nginx +proxy_container_image_version=v1.8.1 From 7cdd4d0bfbf9bae09e6854888f9e1e8a14b5900e Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 13:58:21 -0800 Subject: [PATCH 11/61] Step 3: Add access key, region, and ssh key name for AWS --- ansible/grizzly-hosts/docks.js | 6 +++--- ansible/grizzly-hosts/variables | 32 ++++++++++++++++---------------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/ansible/grizzly-hosts/docks.js b/ansible/grizzly-hosts/docks.js index b2804306..594bf885 100755 --- a/ansible/grizzly-hosts/docks.js +++ b/ansible/grizzly-hosts/docks.js @@ -4,9 +4,9 @@ var aws = require('aws-sdk'); var ec2 = new aws.EC2({ - accessKeyId: '${AWS_ACCESS_KEY_ID_1}', - secretAccessKey: '${AWS_SECRET_ACCESS_KEY_1}', - region: '${AWS_REGION}' + accessKeyId: 'AKIAIS2HMUM2REGVTVIQ', + secretAccessKey: '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', + region: 'us-west-2' }); var params = { diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index aa1e0e2e..ebc3f852 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -1,6 +1,6 @@ [api_group:vars] -api_aws_access_key_id=${AWS_ACCESS_KEY_ID_1} -api_aws_secret_access_key=${AWS_SECRET_ACCESS_KEY_1} +api_aws_access_key_id=AKIAIS2HMUM2REGVTVIQ +api_aws_secret_access_key=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 api_github_client_id=${GITHUB_CLIEND_ID} api_github_client_secret=${GITHUB_CLIENT_SECRET} api_github_deploy_keys_bucket=runnable.deploykeys.grizzly @@ -49,8 +49,8 @@ _navi_proxy_port=65100 _navi_proxy_ssl_port=65101 [optimus:vars] -optimus_aws_access_id=${AWS_ACCESS_KEY_ID_1} -optimus_aws_secret_id=${AWS_SECRET_ACCESS_KEY_1} +optimus_aws_access_id=AKIAIS2HMUM2REGVTVIQ +optimus_aws_secret_id=k7L6Ljvl46ThhZ6ed3VeN6lRG83p3kR/1QXVDYUA optimus_github_deploy_keys_bucket=runnable.deploykeys.grizzly [palantiri:vars] @@ -64,17 +64,17 @@ pheidi_runnabot_tokens=${GITHUB_ACCESS_TOKEN} [sauron:vars] [registry:vars] -registry_s3_access_key=${AWS_ACCESS_KEY_ID_1} -registry_s3_secret_key=${AWS_SECRET_ACCESS_KEY_1} +registry_s3_access_key=AKIAIS2HMUM2REGVTVIQ +registry_s3_secret_key=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 registry_s3_bucket=runnableimages.grizzly -registry_s3_region=${AWS_REGION} +registry_s3_region=us-west-2 [shiva:vars] -aws_access_key_id=${AWS_ACCESS_KEY_ID_1} -aws_secret_access_key=${AWS_ACCESS_KEY_ID_1} -shiva_aws_region=${AWS_REGION} +aws_access_key_id=AKIAIS2HMUM2REGVTVIQ +aws_secret_access_key=AKIAIS2HMUM2REGVTVIQ +shiva_aws_region=us-west-2 shiva_dock_security_groups=${AWS_DOCK_SG} -shiva_ssh_key_name=${AWS_SSH_KEY_NAME} +shiva_ssh_key_name=gamma-key shiva_aws_instance_image_id=${AWS_DOCK_AMI_ID} shiva_aws_instance_image_name=${AWS_DOCK_AMI_NAME} shiva_aws_instance_type=t2.medium @@ -85,15 +85,15 @@ shiva_aws_auto_scaling_group_max=29 shiva_aws_auto_scaling_group_prefix=asg-grizzly- [swarm-manager:vars] -aws_access_key=${AWS_ACCESS_KEY_ID_1} -aws_secret_key=${AWS_SECRET_ACCESS_KEY_1} +aws_access_key=AKIAIS2HMUM2REGVTVIQ +aws_secret_key=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 environment_name=grizzly [vault:vars] vault_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE} -vault_aws_access_key_id=${AWS_ACCESS_KEY_ID_1} -vault_aws_secret_key=${AWS_SECRET_ACCESS_KEY_1} -vault_aws_region=${AWS_REGION} +vault_aws_access_key_id=AKIAIS2HMUM2REGVTVIQ +vault_aws_secret_key=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 +vault_aws_region=us-west-2 vault_root_token=${LOCAL_VAULT_ROOT_TOKEN} vault_unseal_tokens={'one':'${LOCAL_VAULT_TOKEN_1}', 'two': '${LOCAL_VAULT_TOKEN_2}', 'three': '${LOCAL_VAULT_TOKEN_3}', 'four': '${LOCAL_VAULT_TOKEN_4}', 'five': '${LOCAL_VAULT_TOKEN_5}'} _vault_port=65240 From 5f03212fe6f8685e49040ddfc9bfd9f0ab714773 Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 15:11:15 -0800 Subject: [PATCH 12/61] Step 4 and Step 5: Fill in variables --- ansible/grizzly-hosts/variables | 42 ++++++++++++++++----------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index ebc3f852..6062f506 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -1,10 +1,10 @@ [api_group:vars] api_aws_access_key_id=AKIAIS2HMUM2REGVTVIQ api_aws_secret_access_key=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 -api_github_client_id=${GITHUB_CLIEND_ID} -api_github_client_secret=${GITHUB_CLIENT_SECRET} +api_github_client_id=fb6620cd05b411759d15 +api_github_client_secret=8a7ff50364ce874865cebabae3d61697801ec950 api_github_deploy_keys_bucket=runnable.deploykeys.grizzly -api_mongo_auth=${MONGO_USERNAME}:${MONGO_PASSWORD} +api_mongo_auth=nfE2OIeyTKWt4aGZWr1NSYTQb6WVN0dfp7U7vNKfRhY=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= api_mongo_database=grizzly api_mongo_replset_name=grizzly-rs0 api_s3_context_bucket=runnable.context.resources.grizzly @@ -14,17 +14,17 @@ big_poppa_pg_pass=${POSTGRES_PASSWORD} big_poppa_pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} big_poppa_pg_port=${POSTGRES_PORT} big_poppa_pg_user=big_poppa -big_poppa_github_token=${GITHUB_ACCESS_TOKEN} -big_poppa_mongo_auth=${MONGO_USERNAME}:${MONGO_PASSWORD} -big_poppa_mongo_database=${MONGO_DATABASE} -big_poppa_mongo_replset_name=${MONGO_DATABASE}-rs0 +big_poppa_github_token=5346739a35753d289b9ef52bd68328ad36897091 +big_poppa_mongo_auth=nfE2OIeyTKWt4aGZWr1NSYTQb6WVN0dfp7U7vNKfRhY=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= +big_poppa_mongo_database=grizzly +big_poppa_mongo_replset_name=grizzly-rs0 big_poppa_pg_pool_min=10 big_poppa_pg_pool_max=20 [cream:vars] -cream_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN} -cream_stripe_secret_key=${STRIPE_SECRET_KEY} -cream_stripe_publishable_key=${STRIPE_PUBLISHABLE_KEY} +cream_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 #Hello Runnable +cream_stripe_secret_key=sk_test_4De8Zdkfcyb29swkMmjZUMRh +cream_stripe_publishable_key=pk_test_sHr5tQaPtgwiE2cpW6dQkzi8 [docks:vars] docker_config=docks @@ -37,9 +37,9 @@ docks_rollbar_key=${ROLLBAR_TOKEN_DOCKS} drake_port=80 [khronos:vars] -khronos_mongo_auth=${MONGO_USER}:${MONGO_PASSWORD} -khronos_mongo_database=${MONGO_DATABASE} -khronos_mongo_replset_name=${MONGO_DATABASE} +khronos_mongo_auth=W2i3PLCITOqvPeEG9MGiQ6F3yAdwwUJGscb1FURHxuI=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= +khronos_mongo_database=grizzly +khronos_mongo_replset_name=grizzly [metis:vars] @@ -56,10 +56,10 @@ optimus_github_deploy_keys_bucket=runnable.deploykeys.grizzly [palantiri:vars] [pheidi:vars] -pheidi_mongo_auth=${MONGO_USER}:${MONGO_PASSWORD} -pheidi_mongo_database=${MONGO_DATABASE} -pheidi_mongo_replset_name=${MONGO_DATABASE} -pheidi_runnabot_tokens=${GITHUB_ACCESS_TOKEN} +pheidi_mongo_auth=W2i3PLCITOqvPeEG9MGiQ6F3yAdwwUJGscb1FURHxuI=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= +pheidi_mongo_database=grizzly +pheidi_mongo_replset_name=grizzly +pheidi_runnabot_tokens=5346739a35753d289b9ef52bd68328ad36897091 [sauron:vars] @@ -90,7 +90,7 @@ aws_secret_key=k7L6Ljvl46ThhZ6ed3VeN6lRG83p3kR/1QXVDYUA environment_name=grizzly [vault:vars] -vault_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE} +vault_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 #Hello Runnable vault_aws_access_key_id=AKIAIS2HMUM2REGVTVIQ vault_aws_secret_key=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 vault_aws_region=us-west-2 @@ -110,8 +110,8 @@ node_env=grizzly pg_user=astral pg_pass=${POSTGRES_PASSWORD} pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} -rabbit_password=${RABBIT_PASSWORD} -rabbit_username=${RABBIT_USERNAME} +rabbit_password=dkW4nGBvTM+iV+7yXNnXLE1XJ0WpKk84nuDt1TJS1V4= +rabbit_username=8NjWopyYRKClypDP6WuQXit3CKVhgksvm82ScQuL1ms= _registry_port=65001 _consul_api_port=65200 _consul_https_port=65201 @@ -120,7 +120,7 @@ user_content_domain=runnabae.com max_navi_port=65000 _redis_port=65075 _redis_tls_port=65076 -api_hello_runnable_github_token=${GITHUB_ACCESS_TOKEN_HELLO_RUNNABLE} +api_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 # HelloRunnable vault_auth_token=${REMOTE_VAULT_ROOT_TOKEN} vault_token_01=${REMOTE_VAULT_TOKEN_1} vault_token_02=${REMOTE_VAULT_TOKEN_2} From 0ab1bec8eff4d490266ca30a38d012607707aef0 Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 15:29:33 -0800 Subject: [PATCH 13/61] Step 6: Fill in MAIN_HOST_IP_ADDRESS and main host --- ansible/grizzly-hosts/hosts | 74 +++++++++---------- .../docker_client/scripts/genClientCert.sh | 2 +- ssh/config | 3 + 3 files changed, 41 insertions(+), 38 deletions(-) diff --git a/ansible/grizzly-hosts/hosts b/ansible/grizzly-hosts/hosts index 2ef19a71..5e5d492d 100644 --- a/ansible/grizzly-hosts/hosts +++ b/ansible/grizzly-hosts/hosts @@ -1,14 +1,14 @@ [bastion] -dafault-bastion +gamma-bastion [hipache] -default-main httpsCheckForBackend80=false prependIncomingPort=true subDomainDepth=4 +gamma-grizzly-main httpsCheckForBackend80=false prependIncomingPort=true subDomainDepth=4 [userland] -default-main +gamma-grizzly-main [mongodb] -default-main +gamma-grizzly-main [api_group:children] worker @@ -16,104 +16,104 @@ api socket-server [api] -default-main +gamma-grizzly-main [big-poppa] -default-main +gamma-grizzly-main [cream] -default-main +gamma-grizzly-main [consul] -default-main +gamma-grizzly-main [docker-listener] -default-main +gamma-grizzly-main [vault] -default-main +gamma-grizzly-main [worker] -default-main +gamma-grizzly-main [navi] -default-main +gamma-grizzly-main [ingress] -default-main +gamma-grizzly-main [link] -default-main +gamma-grizzly-main [mongo-navi] -default-main +gamma-grizzly-main [charon] -default-main +gamma-grizzly-main [khronos] -default-main +gamma-grizzly-main [optimus] -default-main +gamma-grizzly-main [detention] -default-main +gamma-grizzly-main [palantiri] -default-main +gamma-grizzly-main [rabbitmq] -default-main +gamma-grizzly-main [web] -default-main +gamma-grizzly-main [redis] -default-main +gamma-grizzly-main [redis-slave] -default-main +gamma-grizzly-main [sauron] -default-main +gamma-grizzly-main [shiva] -default-main +gamma-grizzly-main [socket-server] -default-main +gamma-grizzly-main [socket-server-proxy] -default-main +gamma-grizzly-main [registry] -default-main +gamma-grizzly-main [swarm-manager] -default-main +gamma-grizzly-main [metis] -default-main +gamma-grizzly-main [drake] -default-main +gamma-grizzly-main [pheidi] -default-main +gamma-grizzly-main [github-varnish] -default-main +gamma-grizzly-main [single-host-proxy] -default-main +gamma-grizzly-main [docks] [dock] [prometheus] -default-main +gamma-grizzly-main [bear-clone:children] api @@ -156,4 +156,4 @@ worker local [targets] -localhost ansible_connection=local bastion_name=default-bastion +localhost ansible_connection=local bastion_name=gamma-bastion diff --git a/ansible/roles/docker_client/scripts/genClientCert.sh b/ansible/roles/docker_client/scripts/genClientCert.sh index 1d951211..b268e386 100755 --- a/ansible/roles/docker_client/scripts/genClientCert.sh +++ b/ansible/roles/docker_client/scripts/genClientCert.sh @@ -31,7 +31,7 @@ chmod 400 "$CLIENT/client.csr" echo extendedKeyUsage=clientAuth,serverAuth > "$CLIENT/extfile.cnf" echo subjectAltName=IP:127.0.0.1,DNS:localhost >> "$CLIENT/extfile.cnf" -echo subjectAltName=IP:${MAIN_HOST_IP_ADDRESS},IP:10.4.0.148,IP:10.8.4.40,IP:10.12.12.136,IP:10.8.5.63,IP:10.8.6.59,IP:10.4.6.251,IP:127.0.0.1,DNS:localhost,DNS:swarm-staging-codenow.runnableapp.com >> "$CLIENT/extfile.cnf" +echo subjectAltName=IP:10.4.0.213,IP:10.4.0.148,IP:10.8.4.40,IP:10.12.12.136,IP:10.8.5.63,IP:10.8.6.59,IP:10.4.6.251,IP:127.0.0.1,DNS:localhost,DNS:swarm-staging-codenow.runnableapp.com >> "$CLIENT/extfile.cnf" # generate cert for client openssl x509 \ diff --git a/ssh/config b/ssh/config index 9686e824..cd3a5eb2 100644 --- a/ssh/config +++ b/ssh/config @@ -123,6 +123,9 @@ Host gamma-bear-clone-main Host gamma-bear-clone-dock ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.248.1.58 22 +Host gamma-grizzly-main + ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.4.0.213 22 + ################################################################################ # Delta ################################################################################ From 9f5d2243d3781e811711a2afda9fac920e6637a1 Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 16:25:30 -0800 Subject: [PATCH 14/61] Change IP address to new host --- ansible/roles/docker_client/scripts/genClientCert.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/docker_client/scripts/genClientCert.sh b/ansible/roles/docker_client/scripts/genClientCert.sh index b268e386..81b5eccd 100755 --- a/ansible/roles/docker_client/scripts/genClientCert.sh +++ b/ansible/roles/docker_client/scripts/genClientCert.sh @@ -31,7 +31,7 @@ chmod 400 "$CLIENT/client.csr" echo extendedKeyUsage=clientAuth,serverAuth > "$CLIENT/extfile.cnf" echo subjectAltName=IP:127.0.0.1,DNS:localhost >> "$CLIENT/extfile.cnf" -echo subjectAltName=IP:10.4.0.213,IP:10.4.0.148,IP:10.8.4.40,IP:10.12.12.136,IP:10.8.5.63,IP:10.8.6.59,IP:10.4.6.251,IP:127.0.0.1,DNS:localhost,DNS:swarm-staging-codenow.runnableapp.com >> "$CLIENT/extfile.cnf" +echo subjectAltName=IP:10.4.0.221,IP:10.4.0.148,IP:10.8.4.40,IP:10.12.12.136,IP:10.8.5.63,IP:10.8.6.59,IP:10.4.6.251,IP:127.0.0.1,DNS:localhost,DNS:swarm-staging-codenow.runnableapp.com >> "$CLIENT/extfile.cnf" # generate cert for client openssl x509 \ From 6d0c4b85706fdf9f04faae19f80689fa3da6dddb Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 16:27:36 -0800 Subject: [PATCH 15/61] Step 8: Add RDS database --- ansible/grizzly-hosts/variables | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 6062f506..1738a178 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -10,10 +10,10 @@ api_mongo_replset_name=grizzly-rs0 api_s3_context_bucket=runnable.context.resources.grizzly [big-poppa:vars] -big_poppa_pg_pass=${POSTGRES_PASSWORD} -big_poppa_pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} -big_poppa_pg_port=${POSTGRES_PORT} -big_poppa_pg_user=big_poppa +big_poppa_pg_pass=790e5214041d4ff4b0dadbb63cfcc66d +big_poppa_pg_host=grizzly.cnksgdqarobf.us-west-2.rds.amazonaws.com:5432 +big_poppa_pg_port=5432 +big_poppa_pg_user=e1058667bd5f4e50 big_poppa_github_token=5346739a35753d289b9ef52bd68328ad36897091 big_poppa_mongo_auth=nfE2OIeyTKWt4aGZWr1NSYTQb6WVN0dfp7U7vNKfRhY=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= big_poppa_mongo_database=grizzly @@ -107,9 +107,9 @@ datadog_mongodb_pwd= domain=runnablecloud.com mongo_port=27017 node_env=grizzly -pg_user=astral -pg_pass=${POSTGRES_PASSWORD} -pg_host=${POSTGRES_HOST}:${POSTGRES_PORT} +pg_user=e1058667bd5f4e50 +pg_pass=790e5214041d4ff4b0dadbb63cfcc66d +pg_host=grizzly.cnksgdqarobf.us-west-2.rds.amazonaws.com:5432 rabbit_password=dkW4nGBvTM+iV+7yXNnXLE1XJ0WpKk84nuDt1TJS1V4= rabbit_username=8NjWopyYRKClypDP6WuQXit3CKVhgksvm82ScQuL1ms= _registry_port=65001 From 5ea88629cac718db585eb8b613bb53b58b54c1dd Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 16:50:34 -0800 Subject: [PATCH 16/61] Fix script for base (step 6) --- ansible/base.yml | 2 ++ ansible/roles/base_ubuntu/tasks/main.yml | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ansible/base.yml b/ansible/base.yml index 6ee8aead..d0bc4734 100644 --- a/ansible/base.yml +++ b/ansible/base.yml @@ -1,4 +1,6 @@ --- +- hosts: registry + - hosts: localhost connection: local tasks: diff --git a/ansible/roles/base_ubuntu/tasks/main.yml b/ansible/roles/base_ubuntu/tasks/main.yml index 33f5ba32..1859b31c 100644 --- a/ansible/roles/base_ubuntu/tasks/main.yml +++ b/ansible/roles/base_ubuntu/tasks/main.yml @@ -4,6 +4,6 @@ when: dock is not defined lineinfile: dest=/etc/hosts - line="{{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }} registry.runnable.com" + line="{{ registry_address }} registry.runnable.com" state=present regexp=".+ registry\.runnable\.com" From d0fd72604331e7288b5f48bc3a3c5cedb395a7aa Mon Sep 17 00:00:00 2001 From: thejsj Date: Fri, 3 Feb 2017 17:01:54 -0800 Subject: [PATCH 17/61] Step 6 Fix: Fix IP address and children --- ansible/grizzly-hosts/hosts | 2 +- ssh/config | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/grizzly-hosts/hosts b/ansible/grizzly-hosts/hosts index 5e5d492d..0c4f119b 100644 --- a/ansible/grizzly-hosts/hosts +++ b/ansible/grizzly-hosts/hosts @@ -115,7 +115,7 @@ gamma-grizzly-main [prometheus] gamma-grizzly-main -[bear-clone:children] +[grizzly:children] api bastion big-poppa diff --git a/ssh/config b/ssh/config index cd3a5eb2..ccc1341c 100644 --- a/ssh/config +++ b/ssh/config @@ -124,7 +124,7 @@ Host gamma-bear-clone-dock ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.248.1.58 22 Host gamma-grizzly-main - ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.4.0.213 22 + ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.4.0.221 22 ################################################################################ # Delta From bf6a1cbc4fd9ee6d1d6683fdde48ef1372d3626f Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 11:14:46 -0800 Subject: [PATCH 18/61] Fix letsencrypt cert generation stuff --- .../alpha-lets-encrypt-certs-generation.yml | 8 +++++--- ansible/lets-encrypt-certs-generation.yml | 3 --- .../container_kill_start/files/findTagRunning.sh | 1 - .../lets-encrypt-certs-generation/tasks/main.yml | 4 ++-- .../templates/default | 12 ++---------- .../templates/default.conf | 14 ++++++++++++++ 6 files changed, 23 insertions(+), 19 deletions(-) create mode 100644 ansible/roles/lets-encrypt-certs-generation/templates/default.conf diff --git a/ansible/group_vars/alpha-lets-encrypt-certs-generation.yml b/ansible/group_vars/alpha-lets-encrypt-certs-generation.yml index 69ea09ba..6b405052 100644 --- a/ansible/group_vars/alpha-lets-encrypt-certs-generation.yml +++ b/ansible/group_vars/alpha-lets-encrypt-certs-generation.yml @@ -13,7 +13,9 @@ restart_policy: always container_run_opts: > -d - --name {{ name }} - -p 0.0.0.0:443:443 - -p 0.0.0.0:80:80 + --name "{{ name }}" + -p 80:80 + -v {{ target_updater_file_path }}:/etc/nginx/sites-enabled + -v /etc/nginx/nginx.conf:/etc/nginx/nginx.conf:ro + -v /var/www/html:/var/www/html -v /etc/ssl/certs/{{ domain }}:/etc/ssl/certs/{{ domain }}:ro diff --git a/ansible/lets-encrypt-certs-generation.yml b/ansible/lets-encrypt-certs-generation.yml index eef0fe09..1459fc02 100644 --- a/ansible/lets-encrypt-certs-generation.yml +++ b/ansible/lets-encrypt-certs-generation.yml @@ -3,9 +3,6 @@ vars_files: - group_vars/alpha-lets-encrypt-certs-generation.yml roles: - - role: datadog - has_dd_integration: yes - - role: lets-encrypt-certs-generation - role: container_kill_start diff --git a/ansible/roles/container_kill_start/files/findTagRunning.sh b/ansible/roles/container_kill_start/files/findTagRunning.sh index 27a7243e..3c977cb2 100755 --- a/ansible/roles/container_kill_start/files/findTagRunning.sh +++ b/ansible/roles/container_kill_start/files/findTagRunning.sh @@ -5,7 +5,6 @@ CONTAINER_NAME="$2" CONTAINERS=`docker ps -a | grep -v '^CONTAINER' | awk '{print $1}'` if [ "" = "${CONTAINERS}" ] ; then - echo "this is 0" exit 0 else for container in ${CONTAINERS} ; do diff --git a/ansible/roles/lets-encrypt-certs-generation/tasks/main.yml b/ansible/roles/lets-encrypt-certs-generation/tasks/main.yml index 7357ebd5..a0195190 100644 --- a/ansible/roles/lets-encrypt-certs-generation/tasks/main.yml +++ b/ansible/roles/lets-encrypt-certs-generation/tasks/main.yml @@ -31,5 +31,5 @@ tags: [ configure_proxy, configure_files ] become: yes template: - src: lets-encrypt.tmpl - dest: /etc/nginx/sites-enabled/lets-encrypt.conf + src: default.conf + dest: /etc/nginx/sites-enabled/ diff --git a/ansible/roles/lets-encrypt-certs-generation/templates/default b/ansible/roles/lets-encrypt-certs-generation/templates/default index 61d40e80..47263454 100644 --- a/ansible/roles/lets-encrypt-certs-generation/templates/default +++ b/ansible/roles/lets-encrypt-certs-generation/templates/default @@ -1,13 +1,5 @@ server { listen [::]:80 default_server; - server_name {{ domain }} *.{{ domain }}; - root /var/www/html; - - location ~ /.well-known { - allow all; - } - - location /test/ { - return 200 "Its alive"; - } + server_name _; + return 200 "Its alive"; } diff --git a/ansible/roles/lets-encrypt-certs-generation/templates/default.conf b/ansible/roles/lets-encrypt-certs-generation/templates/default.conf new file mode 100644 index 00000000..54554361 --- /dev/null +++ b/ansible/roles/lets-encrypt-certs-generation/templates/default.conf @@ -0,0 +1,14 @@ +server { + listen 80; + server_name {{ domain }} *.{{ domain }}; + index index.html index.htm; + root /var/www/html; + + location ~ /.well-known { + allow all; + } + + location /test { + return 200 "Its alive"; + } +} From 32b03ea90bf660d19991125b474345f7ef9b3f01 Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 12:55:46 -0800 Subject: [PATCH 19/61] Step 11: Adding credentials for local vault --- ansible/grizzly-hosts/variables | 4 ++-- ansible/grizzly-hosts/vault.hcl | 13 +++++++++++++ 2 files changed, 15 insertions(+), 2 deletions(-) create mode 100644 ansible/grizzly-hosts/vault.hcl diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 1738a178..be1840a2 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -94,8 +94,8 @@ vault_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 #Hell vault_aws_access_key_id=AKIAIS2HMUM2REGVTVIQ vault_aws_secret_key=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 vault_aws_region=us-west-2 -vault_root_token=${LOCAL_VAULT_ROOT_TOKEN} -vault_unseal_tokens={'one':'${LOCAL_VAULT_TOKEN_1}', 'two': '${LOCAL_VAULT_TOKEN_2}', 'three': '${LOCAL_VAULT_TOKEN_3}', 'four': '${LOCAL_VAULT_TOKEN_4}', 'five': '${LOCAL_VAULT_TOKEN_5}'} +vault_root_token=1ca30253-c3d3-9a90-5399-31844b339fce +vault_unseal_tokens={'one':'d8a1906386b875439b744211699362625f07f4d3ade1376b9e2f9ab62347f54d01', 'two': '6e6ff3355f7be3ad1da095a3b8334e7a6c994694774a4545f53bfba99f5c92ee02', 'three': '400830bae75f5663f66abba8b5faa62e867c98173ed484ee321f5165c6b8ff9903', 'four': 'e008fc18d4c3d5671cf027f9f2252513448af38add5d23dcfe909b9cecf6e16104', 'five': 'ce6f3f976ce760a9f73a09f2ffeccd47ae6f2d0994c3e27739b43150b5128c1605'} _vault_port=65240 _vault_ssl_port=65241 diff --git a/ansible/grizzly-hosts/vault.hcl b/ansible/grizzly-hosts/vault.hcl new file mode 100644 index 00000000..64e06263 --- /dev/null +++ b/ansible/grizzly-hosts/vault.hcl @@ -0,0 +1,13 @@ +disable_mlock = true + +backend "s3" { + bucket = "runnable.vault.grizzly" + access_key = "AKIAIS2HMUM2REGVTVIQ" + secret_key = "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" + region = "us-west-2" +} + +listener "tcp" { + address = "127.0.0.1:31836" + tls_disable = 1 +} From 72e180254dec487540ba982ef1c96ae9da0ea5e0 Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 14:02:02 -0800 Subject: [PATCH 20/61] Fix template --- ansible/roles/local-vault/templates/vault.hcl.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/local-vault/templates/vault.hcl.j2 b/ansible/roles/local-vault/templates/vault.hcl.j2 index 49b5bbf5..56f9cd4d 100644 --- a/ansible/roles/local-vault/templates/vault.hcl.j2 +++ b/ansible/roles/local-vault/templates/vault.hcl.j2 @@ -1,7 +1,7 @@ disable_mlock = true backend "s3" { - bucket = "runnable.vault.bear-clone" + bucket = "runnable.vault.{{ environment_name }}" access_key = "{{ vault_aws_access_key }}" secret_key = "{{ vault_aws_secret_key }}" region = "us-west-2" From 1f3ae307041e1743998dbbc8edec2ee6290ab80f Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 14:02:31 -0800 Subject: [PATCH 21/61] Delete unnecesary file --- ansible/grizzly-hosts/vault.hcl | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 ansible/grizzly-hosts/vault.hcl diff --git a/ansible/grizzly-hosts/vault.hcl b/ansible/grizzly-hosts/vault.hcl deleted file mode 100644 index 64e06263..00000000 --- a/ansible/grizzly-hosts/vault.hcl +++ /dev/null @@ -1,13 +0,0 @@ -disable_mlock = true - -backend "s3" { - bucket = "runnable.vault.grizzly" - access_key = "AKIAIS2HMUM2REGVTVIQ" - secret_key = "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" - region = "us-west-2" -} - -listener "tcp" { - address = "127.0.0.1:31836" - tls_disable = 1 -} From c21dc9b89f0bde38fd75b6ab09c3de19630264a6 Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 14:07:27 -0800 Subject: [PATCH 22/61] Fix genClientCert to take two arguments --- ansible/roles/docker_client/scripts/genClientCert.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/docker_client/scripts/genClientCert.sh b/ansible/roles/docker_client/scripts/genClientCert.sh index 81b5eccd..1d951211 100755 --- a/ansible/roles/docker_client/scripts/genClientCert.sh +++ b/ansible/roles/docker_client/scripts/genClientCert.sh @@ -31,7 +31,7 @@ chmod 400 "$CLIENT/client.csr" echo extendedKeyUsage=clientAuth,serverAuth > "$CLIENT/extfile.cnf" echo subjectAltName=IP:127.0.0.1,DNS:localhost >> "$CLIENT/extfile.cnf" -echo subjectAltName=IP:10.4.0.221,IP:10.4.0.148,IP:10.8.4.40,IP:10.12.12.136,IP:10.8.5.63,IP:10.8.6.59,IP:10.4.6.251,IP:127.0.0.1,DNS:localhost,DNS:swarm-staging-codenow.runnableapp.com >> "$CLIENT/extfile.cnf" +echo subjectAltName=IP:${MAIN_HOST_IP_ADDRESS},IP:10.4.0.148,IP:10.8.4.40,IP:10.12.12.136,IP:10.8.5.63,IP:10.8.6.59,IP:10.4.6.251,IP:127.0.0.1,DNS:localhost,DNS:swarm-staging-codenow.runnableapp.com >> "$CLIENT/extfile.cnf" # generate cert for client openssl x509 \ From f587a956782e6499582f021a189f4b40b0d5bbaf Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 14:07:43 -0800 Subject: [PATCH 23/61] Step 13: Generate docker client certs --- .../docker_client/files/certs/api/cert.pem | 36 ++++++------- .../docker_client/files/certs/api/key.pem | 50 +++++++++---------- .../files/certs/docker-listener/cert.pem | 36 ++++++------- .../files/certs/docker-listener/key.pem | 50 +++++++++---------- .../files/certs/khronos/cert.pem | 36 ++++++------- .../docker_client/files/certs/khronos/key.pem | 50 +++++++++---------- .../files/certs/palantiri/cert.pem | 36 ++++++------- .../files/certs/palantiri/key.pem | 50 +++++++++---------- .../docker_client/files/certs/sauron/cert.pem | 36 ++++++------- .../docker_client/files/certs/sauron/key.pem | 50 +++++++++---------- .../files/certs/swarm-manager/cert.pem | 36 ++++++------- .../files/certs/swarm-manager/key.pem | 50 +++++++++---------- 12 files changed, 258 insertions(+), 258 deletions(-) diff --git a/ansible/roles/docker_client/files/certs/api/cert.pem b/ansible/roles/docker_client/files/certs/api/cert.pem index a6e652a4..3b5590ad 100644 --- a/ansible/roles/docker_client/files/certs/api/cert.pem +++ b/ansible/roles/docker_client/files/certs/api/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3KMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FmMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 -MDUyMjAxMDI0N1oXDTE3MDUyMjAxMDI0N1owETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k3kbA7xGxxoP28GiT1fctTX -Msax59ADfdFVxG3OnzLo53vGwx6Ge1B2R42fdfUD7yuPwn1s2BhaHKSbh8BvJwAu -JOyMTO5gGmRnqR/r7PiWwY3Ef2EMT6mMNIpXLGdSn0V6f7hgyu/oJgzpJb8O3DT2 -+tZdoKQVFBhrrXMj8qftroZRciiiArddNgfd9OrVw0O4DOyvtyhOVjVpe0mg1n/r -c3zweOKSRpY1/TnpSa/WN3MCLFIIyFJDVQvWe/I1bpdCf0xYaxnOefiq6HFMgu6S -9OStkbimQphRVVy8toa6uLt38oqKX1MC0//8O+eZjGKZAF8CMmx/5qgXIKh+LwID -AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE -WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv -c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI -hvcNAQELBQADggEBAC3aYEO6zq4/pYZMSR+EBRwxr0E64ck5swBhXF/xq9nKqhvS -Xh5Y+rPbzwnNefSsAsEYkgsJnENTgPfvrpbt60txx+MmY0OPf0UHX4eQFdpzfFBG -C1jT+3Vo2Kr9z8x0OgFvfxRfHgKYQWjDgdqyFGZ4jz7iq6bhpR5FiVUfJ0y3nmmz -NXwS+QJzgyKhs7OjiZhyPElGTSUUi5KBBOk2cpzB3FworYTbZ3gIcgr1IFD/tH4M -PnjD5YTZtmZvpPaCVwXucOCOWAXqhvbYYpWypZApFL0NgFYYRbirEJSmUFqondDJ -jUANI0fuk4JqUOZzqyTM2Xtan8hVZtoipIXWjoI= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 +MDIwNjIyMDQ1M1oXDTE4MDIwNjIyMDQ1M1owETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZQ5qGRDPV3knP9VwYCtS7BZ +TKEMFsu67PI/FYiOrXXYK1dScGAK5bHawEK2tH6Jb0RjU8/0QHr1H4a9zfw3fO+i +Q8OZla/FUn+R3gYTXVQ3qqaHyxZSc8fnubb+zPz+vK0rQxxHc2uIlxAhJBDcQLU0 +vqLdFnCbstBB96qaxEVA2mNRuye6Hkgt+utq4a17y/gb3zUcAFGRxAqy1hCjPcu8 +5mfe1BJN9e3xzpDvCujoEaHn2YR2Yc0H3EG8C2UKi9WnAxBEcnqf+zPe7lOlIiIE +Ckg11edu8asUKj2jKVlVMPguMDjUOq/Fan3gUHqIUwPIMNlk2/MXhMSkCKjrfwID +AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE +ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAH7Erm8O6gkPfF4p0IwxAxrETo0LgPh9 +VNs6MyDvpHPyHZH49TMIZwJ8ykZGbFYeZFKG6cHYzfqGdA69X2zFuXbUzgE0Lvk2 +yYz94x8oNUEJ+r7MB4t5F2km2aKDtbLeAiOBQYq7WfPMibE7+F0+AfZ/jp+BZBQX +otoynTiESa+9dr0f6m0utEQSz0lB7b1EhFv7z8Qx3Y3NONW7a8ymyJD8JdYLko8Q +MwHjE6MJNCgUaonQe412pd4KKOSgn7jphGn38tqWPfnZYgRCHl8gdHR3JG5WYh/w +h4eqBzi/dd0eqw2HfsrL3cWSxNu1zTchrQS+7Xpri7mVoxbhdPSaFCY= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/api/key.pem b/ansible/roles/docker_client/files/certs/api/key.pem index 7f33350f..24ed49b9 100644 --- a/ansible/roles/docker_client/files/certs/api/key.pem +++ b/ansible/roles/docker_client/files/certs/api/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA2k3kbA7xGxxoP28GiT1fctTXMsax59ADfdFVxG3OnzLo53vG -wx6Ge1B2R42fdfUD7yuPwn1s2BhaHKSbh8BvJwAuJOyMTO5gGmRnqR/r7PiWwY3E -f2EMT6mMNIpXLGdSn0V6f7hgyu/oJgzpJb8O3DT2+tZdoKQVFBhrrXMj8qftroZR -ciiiArddNgfd9OrVw0O4DOyvtyhOVjVpe0mg1n/rc3zweOKSRpY1/TnpSa/WN3MC -LFIIyFJDVQvWe/I1bpdCf0xYaxnOefiq6HFMgu6S9OStkbimQphRVVy8toa6uLt3 -8oqKX1MC0//8O+eZjGKZAF8CMmx/5qgXIKh+LwIDAQABAoIBAQC5KgBpt3LCcCHs -TBvbJHdlSysNIoOcAFA10+1Po2PynJf4YICC181xoxnwLyvmPWCM6QITEZfU4zLr -wKM7Tfn5tqltIEcQqdBSEn/qb+0JHwGgQsM81/A9Ua5ekkjGnQzzk1cIJjfTahIa -1DCdl6TfGv2yXUklDIfkd6I9iMAg/MWVrGB84g3P/39tWM+hmUCtJSHo7v8zoxNV -xKO23kcKCEkYObeFZdEkgPRzKIOzm1wEJeN7BVQ3yMgpr39KA+We4sl2LHWXHelI -8MO5kwQh4nZgJ0gxilWjf+DUizt1pVbNWVgox3ogHIZA2gV2Kt4BP6MokVTxD73A -3IWx1idBAoGBAPhCXpHdrXdLbCSmXH/B5uNsUo8MZNwAbfd/WYfvji0Z5raQUdYG -qmp36Z9qUwTL3a+KZMv0V81rI6vTZO/KEyDq5S7IMYrAr4a8V8jmqaohPqqj64Yp -Ppq0a73CaUZ19L5kWfhzLWsbHUVqG6PFqTqOlwEtwkLn9pyN6SR19NonAoGBAOEc -a0oChJYMD/ZjYjZ0HK0HIgSEvFOxQ8Qzy1BCf6XgvnoOiZZHIDunnIn0a2bbqbyS -aN1LjjaWd6tMRM21aXsIxM9QENtkNs83QSUDPat1iIWMSDKo4lmZBGqok8gvlQqh -avWo9em3wRE5VRKptgjfHclpaATIftikIjCWkWi5AoGACw+p9wXRfMc3gkqHRIn3 -J5rj8suykrrSK3zZGF1sEEZfKTM08jxJy4ScPCYYnNYYgoHAC/ZPEy/63uUEUkrG -n2jX3UW+L1h2eaJapvDgDlx81k2HaOrdhzcStdm7pxAKX5FJEPDQzTzgCP+5S4q7 -B4ji4YKQbTq4mjEYei9nQXECgYEAti6YyfHVudWTSZVPE8DOwF3Icx21iIoqzOwZ -/B+FTQrhPMjtItj3RjA1KRTNoxXdfcaD5azTMGx/9vsnp8/MyQzkst8adWPaU8Nl -Dn5b95qMXYCVoaI6ZcbH40YBK/8OQOc4OA6AzqCvOLBMoGkG8JEZezq6OzzEI7Ja -FTaWAckCgYAGHGGukuxyp9T4awqH6iAHd1LhZHLseGouwiF1MZpHVO+H8XKhYJoi -1Xd4FXDYClHzoLiTbPmiiRee1g3hgvrvOl1JqHmS8zNNJCY0Skx1wIBKGIywJEZb -GgrXeEVtylz0b0ifA8LHJmUiIEnkcuSWwRrPeWpfowsVOIXEbHu+/w== +MIIEowIBAAKCAQEAvZQ5qGRDPV3knP9VwYCtS7BZTKEMFsu67PI/FYiOrXXYK1dS +cGAK5bHawEK2tH6Jb0RjU8/0QHr1H4a9zfw3fO+iQ8OZla/FUn+R3gYTXVQ3qqaH +yxZSc8fnubb+zPz+vK0rQxxHc2uIlxAhJBDcQLU0vqLdFnCbstBB96qaxEVA2mNR +uye6Hkgt+utq4a17y/gb3zUcAFGRxAqy1hCjPcu85mfe1BJN9e3xzpDvCujoEaHn +2YR2Yc0H3EG8C2UKi9WnAxBEcnqf+zPe7lOlIiIECkg11edu8asUKj2jKVlVMPgu +MDjUOq/Fan3gUHqIUwPIMNlk2/MXhMSkCKjrfwIDAQABAoIBAC16o6Jb+y17mt52 ++rGjFu+zbJjPgcDuOveg3bVivyepv6QWHLbMs5CK7Dl3R7FhMcM5msJ+ftABL1DS +2DHUMdONAVZUVEHumt3BsNKcjoSzMW+E58q2ni0cZeDNn665err0qA4/eHyd7XSf +7/NhABWd4vtgwr0hYpixEUJC8UHoGXP0c6NFX3yA22UcbLjyUNwmZP6nGXHEbX3S +FqQIla2OwZjNNfpycqQIzeOuh1bN/MRsd9qant5RoO/l9lL+72mls743lxy0mPsH +9rixwXNa2RNt069NjqUlAX0IuhOGP5KfedvA6YJXoPxRUh1W6rlgo9TN9nXVhet7 +pW3kXyECgYEA5G25bOdS6lqS3x988RhqBkXNvTxwfZBUMEJ3IBSDmHWBNazfkkdP +nKEe3I7B8f1uFX/RUJSLr6VNFTGjIH4Pu+aCJqpUtLGmQLlwXLsaxAT7xAcqwJKk +AFXOJjQNFiY7wwlJgzQstjxrc74jEMYqDKrAyVg8R4fKEbMA3HTZwXkCgYEA1HYT +pElYTNG9D3O2WeobA/WeMAy0AjzUt93f9xbi00FdIxeNmDSyEQB48pdfCwjEyVjF +nJe/FAhFu3mgO3eftqbOWX80KepCDxX614tewET4+f26HTgKYKjDx0XXmHBNr3M3 +y3cZ3zfsJEcBP2SmyA1KkEtQXm5gQiXCVPQDDrcCgYEAwgQwKj+QPV0QwlKMXHrQ +EuPXC5P6N6wO1a6eX7EM1MF5LY3Xlvbat75h6BOYx2Dpz3jw3/BLdLSB9C5kz4RC ++OWgRhcGOzNocjEPLrP81+EjtiwgM9BZW6+FmQ080ENJHy8UMUxvbZmD6prkTasC +rB+b/2fiSx8akk3nvVfCXIECgYAdOoFJQK3dI52W2pxjkklVKh0xDw5UoHnDMcr1 ++zgJSBzADyVzoww8OoxpE1oH8pTf/k5xVI78+oZdXEYm6DYYsqoAtfc/LPMZkDSK +IqpOWS7HdZh9HJCQ66bDa2BVoF2PnZI3c5MjmlXqR7psNjSboPh5EWNlGlozv24U +sd0Z0QKBgAatiEaLbvEreGs8xQtZSVY8mhP3GqekajDfrPW24wn/dRsrgq2s6WBj +hYW8cUFyIpieWC13wcW7WQr9iIVtOYDX9xSoxouInj3Qv+fq+QVIyrqs4X4KBEfp +Sj3Ugt4r+CISjh1lIWl/8hNAW/f9KV+fGmvm01QiInnAAOba5IQK -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/docker-listener/cert.pem b/ansible/roles/docker_client/files/certs/docker-listener/cert.pem index 2d06f70b..efa105b6 100644 --- a/ansible/roles/docker_client/files/certs/docker-listener/cert.pem +++ b/ansible/roles/docker_client/files/certs/docker-listener/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3NMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FtMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 -MDUyMjAxMTQ0NFoXDTE3MDUyMjAxMTQ0NFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH5qoWShLw++mR2eZGh3W//j -qfYvL8ihli92GDu9n0Vo0FPe9Wbe2mJ763LvRS+r3DMNjE28seiy7ReIbmRCcgWy -yymY9O0pVA6ovxID/Q6eMPcoXMI+dvMfFAvbNV7tkbSbnrnfoTjtKsIlYCzrYYOh -GEnF2/IJnSNiFa1+WHP/XliCcD0sHfN4StGsycaFDXs6nqqYhX/+ojR7RlyNVeJ+ -z1pkSBpiQJkv5KxowIl7c3fDBISk+U2yyxd5tuvA4e/8Eg79iRxGAIwI6HaJvD4V -zdg0L2cwHLmzcqkKeiX1Co17EMPBAPWzVoFg/ngF5ds/3k1XB614lqfMw2lqOQID -AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE -WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv -c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI -hvcNAQELBQADggEBABKM+cHuBZdkNitpMj/2hRnK/TOsyQ+BAP0OkKWIuOSoQTM8 -GTTeCdwwTbZJnI4l5HhSq3tu0YAKAFj8qMr50os3dgxuDcla4XxRRjM9tCD1SieB -DB7jNf71V45Z8Iw7L0xCViHpyZJEiz18aAILLExdDqyDpBCLQYGuyAcinuqXa1uY -mjFlJCVWz5LMdZwqskaMs/iXexNRr0t9EgDqOvXSfNnTVMoUOS5Qyts0H5cJX1xp -RL1hKsK6aIT40ro2lfp2Qfsn5fUjmKMFyGUSXhrKW2vR35REBEJMpdA/ycKvTh6i -HpUkjKAYolWteVI6z0/O05ReDJ+r7zCgg1AZmF8= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 +MDIwNjIyMDYxNVoXDTE4MDIwNjIyMDYxNVowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT13XdTL6SW/RAxBNo+uzqpC +B/rTof5ZtkY53fiNqG3BusDEwUSGdlwLYfzRSar9ATEHXa+eDgQq9sk5qd1iwWnm +pyYoRPi2o+ablGUmYmghE75JWQ1mt33GHfnzDti1EL19tLKmmfteB42r+hnO2lMT +4vvegoi7AzoLB5sE32DwoOPATb8ACQyOlP4+ovkJk424u+ydmhrVsTtHrcr24Tvk +wvTt1uH0h3AssFWEmZjAlAAP3Y/cJVFc+6a/uqndwrs/CG3H7RDmYn8FgC4FR6I3 +dPguJ0HAy1SdBxCulQxGEAWA0O5CLU0xOz9EqiPWvRBbZMyta7IHXSGg1mIWcwID +AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE +ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw +cC5jb20wDQYJKoZIhvcNAQELBQADggEBADduwnLRxcIdmch7W1ClcIxzHGJJUbr+ +LrLZeZ0GzF1DK8hY8XBGm+C5Gf7kGr5fTTInO9EuVs9FPftJYO/1UC1V1fTBwLcV +79xX1I4XrjnJa8MumEzBdWtcL2z4r3xncItXEVJRLhKeb4mPHv1aM0ufoDlU2nS4 +I/GW6vMOmq59rA0ieA7J/Ssa46ew1tavix7oO5f6/cRPTRuBn7nNswistPy4LUDn +WFZhPUfaiC9nItTAgXijfh8XlljcGpbVNNHGfqi0vANrFrDnQvK+mR9VjMpjNkEO +7lxumVtRInkd+IGon9YUGxdxL3CNMZ+f57UZNv1JfA24bl1ExqZfG+g= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/docker-listener/key.pem b/ansible/roles/docker_client/files/certs/docker-listener/key.pem index 372e988c..ad8061c8 100644 --- a/ansible/roles/docker_client/files/certs/docker-listener/key.pem +++ b/ansible/roles/docker_client/files/certs/docker-listener/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAnH5qoWShLw++mR2eZGh3W//jqfYvL8ihli92GDu9n0Vo0FPe -9Wbe2mJ763LvRS+r3DMNjE28seiy7ReIbmRCcgWyyymY9O0pVA6ovxID/Q6eMPco -XMI+dvMfFAvbNV7tkbSbnrnfoTjtKsIlYCzrYYOhGEnF2/IJnSNiFa1+WHP/XliC -cD0sHfN4StGsycaFDXs6nqqYhX/+ojR7RlyNVeJ+z1pkSBpiQJkv5KxowIl7c3fD -BISk+U2yyxd5tuvA4e/8Eg79iRxGAIwI6HaJvD4Vzdg0L2cwHLmzcqkKeiX1Co17 -EMPBAPWzVoFg/ngF5ds/3k1XB614lqfMw2lqOQIDAQABAoIBAH6iLVb8PxH+A5WT -SiCmCDACGQ/njrdz+o21SjLB5OeFGxO5Sqn53EuLdgtIriWmNcOx7DykixTL4D3K -1TO/HaV2xv9vYb6QSukiE5rJ0UBtG8Uzuw2UgUdv5K4sCe5eKo/FPkhq0HN9xSzc -fbIdpzr5cNpemCUq7myhvTUddyfLMdcRrQX2J2Msxq7tjPYmXrgx29/fN7iY6jAw -gu94XD2Tcjd/OExiGAZrEklosiskaoN5o5ksTzAXfmKamYa+kF5C3GELru2Vve3s -QNRCZaKFivN/T+NJZBHwmqk8pdq+/MkXQPACmFRJx6PEjhmJSo4MUsjdfrE9m5mc -2/mcMaECgYEAy4+q1wudK8DfqrXx9uhoCoZP2Y76C3aMTAQ6cfbXX045W3xA4GtC -9aD6rq8bH678rH8qppwAEGG4W86oyG9ivRPtolnfTFUCw+MDLu74620L3A2e1mZY -Tck7CIWu5qr8qgCoDt3v4wMU0Rd79gCnlRWXjTm+/MxcnPCcxFFhVDMCgYEAxM7G -+7h9BrDIEFWirMmGinIUxJJvmOBgFeYuAFnuZX7gZtCj9lkkVJm7941o1bxxPxA9 -oSn+2Alvp+GMo+k6qa9ocbicXSoJT248bp0P0VbAAVMd5HkcwEmWAmz2DP0h15Hj -1Fr5NZVKSt/sRLrkTy4mk2ApcfztPQJC2RF8O+MCgYBPgwOpUgkHcSQsqzsjRa52 -BfaktVtoJNsySiiGIXQI7yYqXQN+ZYdXKJUirJU8r/5UZqvDPoYr3+/CNJvrBs8b -qfAVjWNSjpYw67hvmbqzQvnx74QOnRV69NJRRt6FjV56DR2YCQrNsoNsFO8/rQvI -iRGUgWzfk/fM+ZNSf7MzzwKBgHBPK8BEFJz3zwN7Svzdd/iTh4RxqFuOV2bH1yJ+ -L4wd7kLd92NClXftzxVCzjuCcQGy6+iHhZWVNPGRxedX1hE1Nx4GYrzLm0qHttbM -rFUi8ykOXHWgI6cblw5FTdg1r9VLvL7XN3W7fwzhYfwKxvTkekEJ1DznQB7bpngn -AUVPAoGBAMFiKdaONJnzRUIPM0ObJBGSarHUsGFXacf9j/FRQWpIphR5pqpdA6Qw -ctsSk9Sh5vjp9nBP0vaiA3vq93mvB6dbt/aeZIYGHn2A93Yes8URa1BU8+QPOJgS -ZrLLBn8mYnzRzzjKdcpI5zL3oZfsD25yyqe9kENNAh2FurB2zDkB +MIIEpAIBAAKCAQEAyT13XdTL6SW/RAxBNo+uzqpCB/rTof5ZtkY53fiNqG3BusDE +wUSGdlwLYfzRSar9ATEHXa+eDgQq9sk5qd1iwWnmpyYoRPi2o+ablGUmYmghE75J +WQ1mt33GHfnzDti1EL19tLKmmfteB42r+hnO2lMT4vvegoi7AzoLB5sE32DwoOPA +Tb8ACQyOlP4+ovkJk424u+ydmhrVsTtHrcr24TvkwvTt1uH0h3AssFWEmZjAlAAP +3Y/cJVFc+6a/uqndwrs/CG3H7RDmYn8FgC4FR6I3dPguJ0HAy1SdBxCulQxGEAWA +0O5CLU0xOz9EqiPWvRBbZMyta7IHXSGg1mIWcwIDAQABAoIBACbM7yLsUJSXbpVU +N46pjW7TbP/U4NEvFWULjUS7E7UR1HSJjmYlLDfN73PpJwEpMrb0GRN7NOJG83G5 +wqB5yvy3yn0X4lPKEIzxfbXS+t+mbBo+ai39Y3ylh3loI/EM33xmzMH2YCD4Ulzq +d+o056k4s3DkVzab3lL08gN5ZCsdUhl2SVE9Q0iXV6/K20tItOF5e43+BqlZREYg +MkmhiHbKx4IU65wX4bNHggt2gAWIxupXF5r2hKik/31OyJzQqWMjQlmAyDYKoVjg +g0FnBGyP2LyhTW0swAIS9Hr+X6LtIH2B8Fqcf/Oy9ICFNNHkGJUMokrFUBf6x/K6 +AfdZjKECgYEA8OtcS+MAfDT/1TFm9cmyKAe2bSpqkS8V6+YyyM6kbcqmSjMa1QqN +coRjTuostgbmRg7RB41bq1XWRdEk11XJg/TDOGwvh1l3nFH7jQMmAQO7JL7kjz3K +jLiof59NdUtMAJWgG0t/akXG0tzN1+W1y0W+kHNbnS2oLmKaybKfjncCgYEA1dZC +wk3sXz4TXRqa3mbui8N3Z/FDZITz8YEJIrGxEYzVqJBpGF9YCYZjjOsu0G+sJgPj +D2cs/GVJfgm40Bc3QqG1dpb+Rz7bL5MwzxRdZN8V4w0SChNRfyNjIO54skB/Sl46 +ANxJ60S9trYXhrfE8uNmY8seWKoV17uFNKFhCuUCgYEAoLficp2VDUcuBENYtE9B +koLSqDDLtt76eMywxFVWTAgMtyMwmz7W7bZzqYl/Gk+v/ryTpb4fkUVKFHlZYm3Q +aT83nMRPULPWn2nxrjiTecnLZtASGZzXKtllTv4u5ji9Ewa+MHdFINg7sx+qEoUj +qd91KVhLnad/srIFINkQqDECgYB16aICVsmicy5mRodjX8rmUrCDJmyM/yss3oRV +FzqWfNxMCOWKxPhcuDgoun6j/RAmHjqUgcYynv95eo7oYATevyC69ePdEXH3t+hQ +J+CgAMum2cw6thBYVQESZa00TZBjR7YgR1iTXOJn39z1Mlxtuqr5GEXxikhlH0gC +j4JdaQKBgQDAX6bam2e7KBs5OLxMXpI/u2og/O7/YsPqITeNbboacfem18wFYqqA +5mHr3uJ1x+9sSjwzQT8Hv3i4oO2IcWEjRwZX31hpJNhR2MrAtMY1R0fuEuM+aZKW +8CYRbXi+LQuqBE2ZxrBtIbpkeAhARwp1rqUxTZVTpLctFYYHXX5Alw== -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/khronos/cert.pem b/ansible/roles/docker_client/files/certs/khronos/cert.pem index 6b4c5d8a..b6ecc5b7 100644 --- a/ansible/roles/docker_client/files/certs/khronos/cert.pem +++ b/ansible/roles/docker_client/files/certs/khronos/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3RMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FqMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 -MDUyMjAxMzI0MVoXDTE3MDUyMjAxMzI0MVowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5VkdXxdEcgJNR5r07lsFfsk -WGMZzmXMfJ2CbYthcFsZ6kpXHz9dagQdr7Td4JrtyzluQ492xsdWJNqfZ+X+fdIA -fZRXpZzOgv8GpaFf2TPckFDB4Knm/7DTDdjBZH0uf/Vw0PNc+xFZaDB2JaujsDSj -Q4ncMIEcYMngf9Au5RAJr9QkMM5WuE1NNcihHb/SYs4HNI2ndf/WY8dAjcEtt3dv -0MdAR2gbW+hmWlxKw7UdpcfSaMv/fjtABRyeEmNQkuUjvPFmllYJ7DnSaV8eYsJe -ahp/3IAF/zJIG7PYnng9lIKmULo0SwUh87ZJV2BT9NA+WVgtyCITx5OldctVQQID -AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE -WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv -c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI -hvcNAQELBQADggEBAEAkWi8L5bgZ4awj2dW7oEpaFI3Ypt/ROIbrENPcXvLKNf92 -JfpfttMR7Nz7kAZEDgFKS4k4aLN8pX/RKYmPI/QluYuJsrRykrnB1FDAKO4NwEu0 -yHtMW3ZtSAZ8fQeU6bpgA1u1EdYGGe4JOORkR0rfuvqwRwBhAhMQo7HowhbyvfhT -+IM6XZGlhyPZeE/6fm1qJCr1hH8kEZk/68ljnLoBfCqXWtFvwDlrZU/p+1dLQQOZ -Qssomi0tEMJdPqn0l/vyk29A43iRPSpwJjdRqe4A7sp7UB13Le3/EKvDRFkGcu7b -GmMd5RhD/7AsWBPdHSgDThFANEfL4CU8vj9zsyA= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 +MDIwNjIyMDUzOFoXDTE4MDIwNjIyMDUzOFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+mbY5+Yj7x+NZo8D0jS/j/cl +4RRXHprmsXk0Kd8i5oXW2yY+G8DaUOxq+iiDUJYVzU32bAFbeVMG5OjYdNwjvluj +Xe7HXg7GRT1BEJwtbPM7sidMLDvkXbNMFR8EdOj9Qlv/one8NsFqi60U+Qu0MLrR +Ur89ZwmwlKagON11s6IB7RocxJ/khYzlZeWA+DilShyE4qc0ccLL9Ysod/zeMqdi +SL+nWUwHxed/M5MqMxbncpMggDjIyCEX+Ym0xFmaFNvbtG3O7Ao2Aw5LLo0ZhAIe +uTMSYEPW5Isx6V3e+f4T1yIE00lvZXHfkwquo2K64H1XTrVVEVye/teorrVjKQID +AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE +ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAFaUCPsaKpaImViAo1s7YEN1vXqciALU +4dGQ6gpXKir8F52qro7Wr0SLEyvRpefeg7xYPU0kDx0XnfysmoMoJmZ4V/vlAtxZ +6kuvxYK5xssTP9TgIrzAMsTM5at+Sf1ZZNaz5/u7a2fh5mZDTEet+XmALHBjfXi1 ++LG0yyr4QYtKzYqT/trKnsJ4wDv2cR0+u6/Zx+vkXQTsATXF2EuGxmssoG1F7AFl +tC+08HjFxuQSFw3KvRXzCr4EOJeBc+hiJVUOCU3cALeEa0LyOlwrHZUR+smO8Qpn +L5soJY5yS+JDbcRngNmTYVpfu9SMYJLrShCIiakToejp+VglfDO4aZk= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/khronos/key.pem b/ansible/roles/docker_client/files/certs/khronos/key.pem index 7739e6e0..67c07bf5 100644 --- a/ansible/roles/docker_client/files/certs/khronos/key.pem +++ b/ansible/roles/docker_client/files/certs/khronos/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAt5VkdXxdEcgJNR5r07lsFfskWGMZzmXMfJ2CbYthcFsZ6kpX -Hz9dagQdr7Td4JrtyzluQ492xsdWJNqfZ+X+fdIAfZRXpZzOgv8GpaFf2TPckFDB -4Knm/7DTDdjBZH0uf/Vw0PNc+xFZaDB2JaujsDSjQ4ncMIEcYMngf9Au5RAJr9Qk -MM5WuE1NNcihHb/SYs4HNI2ndf/WY8dAjcEtt3dv0MdAR2gbW+hmWlxKw7UdpcfS -aMv/fjtABRyeEmNQkuUjvPFmllYJ7DnSaV8eYsJeahp/3IAF/zJIG7PYnng9lIKm -ULo0SwUh87ZJV2BT9NA+WVgtyCITx5OldctVQQIDAQABAoIBAGuJOehL6eSBjUst -P7Is2jBiBR81JaeuH8MbLIxoabI72wlPdIscPebc9Fq5EoL/na0+PeWbQtMbbs11 -toxQv+sJuTnWTCT5nkpDgqxAw/liFKAAfiDQxTwfYvGod1gar8NKjUQIWf3DYuDS -ClL0oJSVsNDeDznmVy4m8rdLxjxsUitkwciZnF6FbJZFm/Ki2IOfugGh7zwBu3N2 -ivGwCtwoj/YqmCzgtZMu93bb7ZO2p2kka+tqLi1wGaVZlEdltURm3MBv+I8LAG+r -mrJAP33Wig4c7/OlZ6RYg7KdZ+efDU813atC9cZdjJFVhrN5vBqYcSOravqDIvSJ -PcL40WUCgYEA8O9Wb6DrIv+QZ3/pBX7uJCSFuomF2X6x0RMTTYlht/TaOba/wu8E -ROqicGNm61LDDrDl0JVopyN+BCDKaPFaUucsTwOxw1yIF0tD4pdsw2XKI/NvjYKE -qf1+cKUGbeSb9Jx/kW15iOlYpkmPkVwyitTjMESFreuvunLkxwpF+VsCgYEAwxAH -E6q7iZytifI5CDQEOjoXy3LciHW4oNTykIOVL2DzMfZZQee0hIvglmKX5zPVShMq -fMueVozAbXn2ZaSiBg1t2uj6OXLgiVxcW2YHjMS9cFx+X5y7YRAm+yO9WDvfEPiT -4/rBUcRcII17fv3SyEn3vWXBTAAEHvTNDH+aUpMCgYAKIcZ8w0OgISctcw+Vj5Ts -KC0HfykF0HIh3K9/HzvgxIc4zhqaU/rV+xgBqex2EPDq+T1w3Beej7uI6OgaKawm -uFoAqKMdGBMRB7U/HicQwIMTp/UU+lwh2esrSYVPscFtM/eZYgUuYMG9nHJRJpNp -izJSoU8N1U96g8JjLGds6QKBgQCMvB+e/OvZ2YULpgun83+pUwif7PtYKTdQMtPf -mFAmothUD91OQ5Jmn1Umq3PVh/w3OaTJ7U8MOvkLA5fWtfWAUGgWLUl78Xo3IMAx -4WdJFRlo3BMBgN9gpHq7b4nJA0lpwS9SqTSZfgbKJcoYUaGmiFeJ+sR/xPM0MoNO -pTH+qQKBgGVIPtAAA2/o8QcBv1utAh2LU49dt7+2/cIgM9z1USoCiEdxh0PQXc37 -/GAKFPGWSc9wUjG50Ucz3ADoGMieT3OcGtNx6ZB+FSDWvO9XJ8gs5qX5BB3y4qfs -/tXJUgJ1tYVrUs+zg79UXidQfUX3sXEUG0pXtIZJ/a6Cg/t43it0 +MIIEpAIBAAKCAQEA+mbY5+Yj7x+NZo8D0jS/j/cl4RRXHprmsXk0Kd8i5oXW2yY+ +G8DaUOxq+iiDUJYVzU32bAFbeVMG5OjYdNwjvlujXe7HXg7GRT1BEJwtbPM7sidM +LDvkXbNMFR8EdOj9Qlv/one8NsFqi60U+Qu0MLrRUr89ZwmwlKagON11s6IB7Roc +xJ/khYzlZeWA+DilShyE4qc0ccLL9Ysod/zeMqdiSL+nWUwHxed/M5MqMxbncpMg +gDjIyCEX+Ym0xFmaFNvbtG3O7Ao2Aw5LLo0ZhAIeuTMSYEPW5Isx6V3e+f4T1yIE +00lvZXHfkwquo2K64H1XTrVVEVye/teorrVjKQIDAQABAoIBAQCkaVksUrDvdkEq +wOaaY+YPyhBGDEvznXOxvcphX9CTmfdsJ10KbgMqtUC8hlNKW3FvPyx42B9OtxRE +wxo1CMIzYAoRSBIBkSPgHIsXM+Sjr8VXgXQDa0PTvkFLcPVFKiH4K13bOFENhsvF +cFzf9S5X/KIqecUAXZ1izVFQZSC+U2oBUdQIW3lSvO3LVhNII6Tq6TM/U8ce8QPL +g9/gqASCaXVWGRABxMfPYCVLjotoaj4uXD+le/3Zclbj8BpUt5U6hsv1+rUilwRc +IptaOwLXZPHrXZgLFkibObqckpdm8Qko++UVvPivaUAtG1V/2ymALPTBpaw9Ln9q +A9ivhWIxAoGBAP6PesFgx1ro3r0nT3brEOV2m1C5oxSMd7yKjd8b484ePrG9E8s/ +qa1vKOlkQmqYQUULBrm7bUzlSEvzEY429k3Y0paH+YM7iQr+LcBxYx8tZaoWsNuj +pTtTNCLVNNrInbIC4prbUolDLpJc7gisUqtOSHeH+EG7dFWKZFVmOnklAoGBAPvR +WOkRsLo3OiOB4NW6Fkg548TmrrEBF883iu3ANi7jWJk6NOGQAC+oik/A+pMTRzN4 +3S+CGbzazvFuo83ha7vslBwW/dWjQr/U1+4471YRDew92eD4FffiZuD4fUHXXMzU +zn3lCKSVUh+e2z7B2uiXB1PUaEOxCGcypRSL8Ay1AoGBAO218EzKYf8rvGvoXJVQ +1ztf8ZOFdptGvL1MqUTx113v8l2pkeVXcsxpJEwl+rttqG2f6UzhkCSha0y5E+i4 +vHJfie9V1JNOsh+Y0gKGH6jKjMgzXj4MZ8ypWuM4M54mftPvS8qOClnxaXj13LYu +rRgZByTPzO0c7nq+vAjfaLUdAoGAVlt93Tf23nWQF5szyrftakmIBf+CSytvyd1n +ZI91RXEr8ihW+D/VAIMRI7avd/61fT5mxCMexnhXXc6umC1FMAY66MMtu7Uob/cD +MiwOT/q7RpgTfyY1CnR3CZHOCuVbatdUFTKVWzPmHPfygjwi4X7hwWrncsdkdVeV +60zuPr0CgYByCvvz+XfcQJGeHD02vTb1ab7pnob7i4Nh4DD5ft6WhdHBYkUmM3YX +t/tGR7ABK/p12DYJovbAD9uGjXQ62obKyZ92ByJ1Nzeyv4/YST9yDdP8ap1eNBnu +ZNu++srcAhsAlm+wfG4uuLrIZNePEgtJfkZ7jz6VgdgBzyjlgY6Ayw== -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/palantiri/cert.pem b/ansible/roles/docker_client/files/certs/palantiri/cert.pem index 766051bc..d29eb191 100644 --- a/ansible/roles/docker_client/files/certs/palantiri/cert.pem +++ b/ansible/roles/docker_client/files/certs/palantiri/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3QMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FrMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 -MDUyMjAxMzIyM1oXDTE3MDUyMjAxMzIyM1owETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEra9ZEnGFAKb7p1g21tud9W -IBQps5/GYU51/+oSukrn6+U6fFNHdiOQ8E677odvWYMMGwaJ3ImHH0KfwcjNnHsQ -ooJfOApL0X/6HbCgrxs/721YU02odjmGsFO8ReavPy1suqbXhUR0UNHgcPRCgp9p -c8FznBF/2c0e9KcHiD26BCiJeapoxiQTHilnh4UCews9DorP4Zenfa7dBRdqbre3 -YYEa7t+oKmv0w302p0Bxv94U4sc5yTxQjwzh1Rf7GsbIZR8xyh3mbIREilOzrsgn -yYbWF+5ofxBNbNQkPssjnJDZlFB8Gqwotlko02mRAeiOSCmfWqCfjBxcT1ByBwID -AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE -WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv -c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI -hvcNAQELBQADggEBAJa8HURp0+0cx6eg1PfYwbpzHJtQPoYtj/Am36sPd73NeSJU -k7ksiWtQtoX3HAu2WK946BXMA9UF/ZB0+icvVgfl45nVYQQinM+nJT/LCcVfHglx -t/rMFcTARMxdu0bDNFAxzWf5CuEC3liMI+/uM3ySlvmddsRfJJnRxs3/rXDjvHu5 -Bqxk2Es1r79IT5V06N6a68hyecZ+CGMEy1fqHz4nsTzni5WEligtxTD8DHY9kI7j -6TLl4dY5hW0KURqNwnTTasuKoippvGA/5gNRhd7gcvBjNGmKLQKP5ltH3cF9jYaU -UKzjY2BQL6HCjYxCB0EtxfwFTMCTaDuYyt8hym0= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 +MDIwNjIyMDU1NFoXDTE4MDIwNjIyMDU1NFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWfk5aGWXI5h5bK+SsnhWcA0 +l6GY23+LvRHz7nUmlV6g++MjKfxHYviFgmgA8FqYdNg63chq96CLAQEfhJdDaNAJ +Or1TyEECKDagA8iKj2eXlw5Z98kOOCivFqljd+Nv7Xoo0gsPf/ET9sQnvC9zKPQz +/SfGdB0tP1NHpJllMCuJDw3MF8kLCp6RPMS4WC3EowReaczVUljZ39N5iBANgi/R +TTSJHNf1wwVdtXsOZGEgrO68i+fx+2z2e7kzknpKb3AZGa9HqXcL2KXAaLUPEyTz +PUWSqu2dwAe1BgiLkEM3AupVNQsD/Wv5sJU0E7ZBNVhjm+bFfXaaKcgZdv0zDwID +AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE +ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAFMdYeQNfmUkj9K8bvVQCd9rptiHSE1x +r020q/PTzEUkVQ0RLO0MIESlKQRgm7bAcogcnDNe3fZIDeiXJTZ86v+9b6GfUOj+ +XP5Qxtbola6LYRXX538ISSZ1oiJDrcTVyr7vBfT+sVM/LmVu56ts2hTBg2F0Mj8D +jidD0r8kt1OLqMXtmEEQTDplJ+xZk8uHhu1XlihaQMaPIEwXVLTQk37jY90CurrB +ldK6XjmrKKfNFXZDF8J92oxQRK6CGKhOQzNcAUzKsyIY9+APLGpXCZlUKxzPwULv +7Vp0vtfOAry1D60SPFiZ7b2rUBBk7OpwNVs8t6hRIv743aVJs7Y7dgA= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/palantiri/key.pem b/ansible/roles/docker_client/files/certs/palantiri/key.pem index d43d47b9..a1b3c4c7 100644 --- a/ansible/roles/docker_client/files/certs/palantiri/key.pem +++ b/ansible/roles/docker_client/files/certs/palantiri/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAxEra9ZEnGFAKb7p1g21tud9WIBQps5/GYU51/+oSukrn6+U6 -fFNHdiOQ8E677odvWYMMGwaJ3ImHH0KfwcjNnHsQooJfOApL0X/6HbCgrxs/721Y -U02odjmGsFO8ReavPy1suqbXhUR0UNHgcPRCgp9pc8FznBF/2c0e9KcHiD26BCiJ -eapoxiQTHilnh4UCews9DorP4Zenfa7dBRdqbre3YYEa7t+oKmv0w302p0Bxv94U -4sc5yTxQjwzh1Rf7GsbIZR8xyh3mbIREilOzrsgnyYbWF+5ofxBNbNQkPssjnJDZ -lFB8Gqwotlko02mRAeiOSCmfWqCfjBxcT1ByBwIDAQABAoIBABp3DTZ2r5Kzl/Sg -ax+hLV4WIoKItWamcBTGg1pRsNy1JLfFXDFO+R+QhAYiV2w9jmG/LW6nXwcA89rf -HLL/49jpLsD6WuQvXzGL06kVG1UAk4owb+wrWD84WlSDtaqnA5G9Ch/QRtaM+DG9 -WklgZWc/HvSgbHnqUhaHdVj+/CD+FPBipYYm5tEDX0066wH1jhK01rH+BPzTgY5Q -LI0n8aE+HQwj1xOP/1xfX8lYr3nC6wyPgB4RB7O7eSF0l+rvkn3dkOzN0TjRO8wM -bCGKcXPVZNIYE54jigbcDVtKbrACbqBS9hJ9TOFVQg+AgRX39bM2x/qZNCQFNLqA -e4Bn2cECgYEA8MJ76VvACZ/pyyZf5k1exQHfoVNohPQvkX0qVmYsK5opV07MtyTu -KpwxxARFPvRTfUaT81MpHQYoA2wnHI5oByxDR8hWfMpPristGpny2wVUy3CukQV2 -NuZEf2/4JuWSoGuoPtJ265x/LdbLZN3sHrARMdG6jvkbpR3oYd0B5gkCgYEA0LfH -G90e9RzkoS93N2FNwe1wZ/ZVMp+/DMtGNc6mrIsW8VVQv1vgBbcOnIDbO2xlOY8e -a80Bfoz7l4KwMJp9f+J1oXTWq8SDzQUv/Oq9s/mQUGzeIW4L8rcZVBdJy61S+Yzh -AJUEzzqM1pPrYx6Zu7OjWaQtCyFkvT/P6FeOG48CgYBf7++2fpQYgbuE8ya1u9Du -yh9VxsnYaQFnhSvQv+gL++NLYiAbPsEVA6alCFqbinqWagBcrp+sbB6XtoojS+/S -I+YvfXpRQcDck2Hmvr/SXN58LsuxCC8iE0HqUjDdNw/lkuC5H965ZmQbXQMxj2ke -lWRUqNEhVcyZUECgdpPiGQKBgQC3fDiQKE4k0ae0g9PcXbBMAf7FhmrTvFfqWXF5 -sBgaq5QZyRTZhV1l6M3xi94vWVWLymPGBU2BAVPUmFFoCQi3OlCLBfoKuxHbVOoh -AASRiZ3y9iI5ZVMfpxOfN3Hqmo7NT6omJts5ipFxukw+sRIZTw0VqxzmIg87yDNw -YDhPxQKBgGDgwTfGJinjEp/c0AKFll+fMZF2Y9LbY4eF8JPsfTtauiirdiMNQtVS -QFWsOAjpcrwNyO1vn66j8F+aTeJ+6dfguuKtjaGGM5CATeuxHhasrME2Kn6JIOsL -BKF22VBdXZ6BgrXY95M/Of+RwHsGEyt5LxDTICxYEAK5iJGTTPiV +MIIEpAIBAAKCAQEAyWfk5aGWXI5h5bK+SsnhWcA0l6GY23+LvRHz7nUmlV6g++Mj +KfxHYviFgmgA8FqYdNg63chq96CLAQEfhJdDaNAJOr1TyEECKDagA8iKj2eXlw5Z +98kOOCivFqljd+Nv7Xoo0gsPf/ET9sQnvC9zKPQz/SfGdB0tP1NHpJllMCuJDw3M +F8kLCp6RPMS4WC3EowReaczVUljZ39N5iBANgi/RTTSJHNf1wwVdtXsOZGEgrO68 +i+fx+2z2e7kzknpKb3AZGa9HqXcL2KXAaLUPEyTzPUWSqu2dwAe1BgiLkEM3AupV +NQsD/Wv5sJU0E7ZBNVhjm+bFfXaaKcgZdv0zDwIDAQABAoIBAFTuDsQWo8Vb9URb +X4tCHlkuh/75EfBdlJuiGm8Pz7llMhWF7qohzCicDBC1ss+oJGoBVLF5dkH93SAL +TTMoZjCoqXuvosjrQPGcN1XhFyzpzi7QyneGvQxJe6veuicwLV7DCLuqFlspWfXR +OcBNcg5vDA1Q3IrSUuZFRAzQ8q6grHtfQ2iTo9Z5jxpWOBFP480LjC/OkqlSmHNH +/KDPhaCzv3sDSNlUeuw0qb28GlsK2bwCrvzdtfHb1fZoCYjXdgbMfKcb+CvcorQ5 +cnBlE5VWduc/yI1rOKfG6QXZZgHqWHoIlu/E4enPGvpxxu+IHWZjPl3uTJVSrtJM +fKuGeSECgYEA/Yto9F5ftCSGfYaa5qIoZz41cilqhy1MaHlDyADbFlGLpt39CGH/ +qsjWk58Wgvl7c2hSOGCSuunK+9Rk+gPcNf6TDMpLZg59sXQrQYz7/BRpkHghkttO +nhUnAZbz2xD2uGHTzX1o94SQDwcJ23hOgQYf/EfrwuTtQoNNAfX+u9UCgYEAy1s4 +qKsUq1LCBmkUo7uBVZEhPlSD7Tb4ffG6kJSeZWvD6yjA0q+ICJJdH/RS6A7rj6LV +ZvBDg8XXtTIAE+cqTKEoTtx7kJvbGA83xncEXchuILm9jJoLXB/SR6Osf1WJY0fR +MdymlzYK94FfKoA3krJ03gkNjOsr95l7SWCUmVMCgYEAspqABpRsamPIcaheedUF +DSVfVNoj9rFMP9QckUk5DBHJhHSgCEWwakgsD7VjkEPaWMPGF3zAH/cNTDSkJRKP +D2ITiFEAqBXRKS4iQnzkDQD8FA7r552hVe6kmZQSl+DtS5luMDUFukahjFRy9y1a +b702zuqDA7lsAQypNJZrKTkCgYBFGiRwvGHzrdWc1AxdbxQN/ZksUw/Zhfp+4aui +Ab6pfCtBN8H+VgOF1iaq+x1JGfjWAGE/75khqBMa0XjRSpZHH+RQl/+tLikPTeyI +Fl13eOpjWHqe0qHVlkKgcW/mfSyIfhkKNo6th4HGhUHPcW5w/Q9VfAIMxsVUB+Wr +E5SrXQKBgQDkAHqpfi+a7WhTf2pe0yDs7rg99rT1Cm8e95dlYz+FaW0QM0GIt3I4 +opG1dVLDMM2q/EW0Ff7kvFKtrrcqLAC/DLiQ6kQ09UceabgMZsSjn0l7FEY7Cxvx +Vi01TMTmrgFcgG3LX2xrbZThvKSfkAYA1qlY5o5r7hQ2HsRbwL2UqQ== -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/sauron/cert.pem b/ansible/roles/docker_client/files/certs/sauron/cert.pem index 8097df91..f5abafc8 100644 --- a/ansible/roles/docker_client/files/certs/sauron/cert.pem +++ b/ansible/roles/docker_client/files/certs/sauron/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3OMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FuMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 -MDUyMjAxMTcyNFoXDTE3MDUyMjAxMTcyNFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PMfE+VNxIAI234KT1xKncmu -+mwAmKkMg+HU0Ii6Ek2VkIsdVhRenUfbb5u+ijP/Att1QSyA+aynnLOh4lDL8okW -AJl52PFq1yMFSd5VYQ3ag9UYFvD5Vvl/vliyfbTMwlx572z9sqCBQPBHmog+J21S -ZnC4ztBM2NKCO6PKuchY95fHTkgmHwS2+Xbt3PFsiU+pr4Ch2m9fWj9vc+tJtmK+ -r8sosO5qcRuP/OwaLqCo34UEHHriCGyzK4FlhYHqeERkAOm+p6ruawkhooF9tmkw -kkQpyh39BkKl6N3spS8CWeGlBZebYCbr00d0yhHnpvdQW5nuTyLEdYiZqq6AiwID -AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE -WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv -c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI -hvcNAQELBQADggEBAH91usWaOqOUYpNyLnDTTnxC6yyClMBuxLn93qDZcWv2cJhz -MVOAgWm2BZjj4BZyGvAIocNoFXb2MhZZzbLCN1VaI5Rq5TnTo9jfrWHdyobdFYc/ -DzigDM/iV60LomxnDaWs2iBNhIwVKlNu5M/h4VY/r8tMFOtgWbQrYVsKq91GbLoI -iGs/OyNa7m5fBOvMhXSqU2NlipyrbbhYijlg5yEt50ry+rjl+d1JS7Wtn32akRhf -DF/bF9LdZHV6BC+PubUr2tMDAT+qXua2q5aXLTYTsBB2DL6lhLROoIYK5igLAbno -yWzL9xCJBgvLQJwfgxvQ6HrQ85G5ONA756J3iY4= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 +MDIwNjIyMDY0MVoXDTE4MDIwNjIyMDY0MVowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoBcRWbsKwAjhJVfob1vM6Qm +/B1ejNFq3cEzRkcAA2jNRw7xMlrRY4IJFaCoIi6R5DRTj9d2QHEtL+NueRmvITZ2 +9PPleCrhqMF4LjAsC/Ln+RDbrTOPu//utjYRv21Ujwm/76GH/GByMqceqMQVrVIh ++yX6CzZMTHGXwQ91JmRzhr94gLwTNOSYnFLFyQJYe9jzh8BaNs9xdnwMCdWBqypw +sHaeUHHzK2oESIjPENmhw+BnHr1rnmSMV3GZ2LYqXPw9UWkhqM7SGAeZT7mDKUyO +B8a9Z0Yct5Akhvj4qzcrmsFrYhtobYcWfvzJGslDi2oj0HHVwrTGdQkNDj3k9QID +AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE +ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAJON5JNVDkFKkBdJXn99WCKVVnEbfA0c +9bM6OGh+S8dgHL9HAgGHubcpPAo1s0ffyEd2kB9WRrO5u2wK/8DkjUVs9zMQg9hs +h6pf5NWG95F3iCyVVGpM3Q0ah8r5LipLhFSyR9yydrjtoWJjjg1scbPsaYUj2TTz +wmVJk+8XM5MTZnqKxfNBpVqB4lY2E5QTAi8m56W7IgjaGwwZ3vJn/IqdON3muMAw +pp8PUSBUKDj/Mq1pde53lm7aQL7LRh/H6hb70rxzTs2oSJAuogB+LvBFKgcCYEOg +wb2QVLviZQ8ngnfvQpmvAuDFdUMcYMpEUPfnqCLD5iGO6uS+njpDkpA= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/sauron/key.pem b/ansible/roles/docker_client/files/certs/sauron/key.pem index a17cbcd6..c45c5fe6 100644 --- a/ansible/roles/docker_client/files/certs/sauron/key.pem +++ b/ansible/roles/docker_client/files/certs/sauron/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA1PMfE+VNxIAI234KT1xKncmu+mwAmKkMg+HU0Ii6Ek2VkIsd -VhRenUfbb5u+ijP/Att1QSyA+aynnLOh4lDL8okWAJl52PFq1yMFSd5VYQ3ag9UY -FvD5Vvl/vliyfbTMwlx572z9sqCBQPBHmog+J21SZnC4ztBM2NKCO6PKuchY95fH -TkgmHwS2+Xbt3PFsiU+pr4Ch2m9fWj9vc+tJtmK+r8sosO5qcRuP/OwaLqCo34UE -HHriCGyzK4FlhYHqeERkAOm+p6ruawkhooF9tmkwkkQpyh39BkKl6N3spS8CWeGl -BZebYCbr00d0yhHnpvdQW5nuTyLEdYiZqq6AiwIDAQABAoIBAQCyMsjc41QSjXnc -AzspcffW1oEgeeR922jnq8FkyCW9T0NLc76W2/DY+Nq+KLxn9l79yxvx8AX16O9S -CFf9hNNGIEVTNxtp2Ywof9vbFrynvOoQy++eswRULfEiHiMvYm6+bphzLOeX5QyE -hQ3GWSB56de8dbORDWphPrdQpR3uHBugsebsv24TDDVBD8WBeWir9CLTqTgxxDmP -FGIBPr9v6zGy0gn/wPeOJSNK8/Bx01jMUZ/8TsTEiHqE/jFXdEUbkem8ntgqMM6u -epG2K30n198D+AJpH661O4IgdHFYE5zx3UVV+oouNRcN3w477JZm19Ntc8orii+E -iBvBrMDRAoGBAPz0kU8BjX30+qt4lQwCXbVvNc2b7riozkVSOGIRuTF91QdfqarQ -OB5MvVdWqWtcIyZkCrhAaHJCOPXIcqTuy0BimYEQaiBCRlCxGPs/QCmqXtjdS5HL -3T/EqFAEfCNGTbMi3Nl9Kzd3Q7zD3jx3iMMBgbucz8hVA78IJsj1PFH3AoGBANeD -SMG0d9YAVZu/JekOKblWEjW9TlHRGnZbgAzJrkS0EvXAYxT9YzOjsoItvMpC9gFg -qbsM+FGtsuidW2hsCnhhiSPxYfk6yep/tES+oSVaF9kALSczZHf1+yIbImpWhR8z -6KtwhigZsvB1W9Aqmik22KvO72G4fPHiRPms/qENAoGAUmTLTAPCdcutNtsxGVdP -9MBDszReftGlVpkgenkxbHiDQkKbvmLSVLREXEWDK9A4NtIRV9DK9KSzbwOarDSI -CfHT9GFHYDiWNMRq0bPZj3jKKjNy4QuZhqLk/CNp2AeXWYk6jLEjuY5khwD5y5JX -/sTn4BeE6skeTkQ2dfDDdCMCgYBnOFT3mdUvpTdbgkDJD+SCBSxxmrrRSwKOn6KD -/XC/LTRLihqqqfYCfKv516gtg8bJwB9rHHouvLAM45ktOVoGcEi781fGhBbDfui7 -aEZMWotDfucheGbtYd4nZrGkFs5ptHYC7sECodRngP45hL4TcVZza4iR2EfXnlUE -9It8XQKBgDZYL7xChu23zLI15iqPYrtO0SC3+wRoepva41Anf6nWdE+CZUXRBAYV -QydtW8orDrC3vW5RAT20zunfq7a3ddinrYXgVX8Vs88i1DExmrxUrocJ9muB2jtl -RRl4h7W2T5dfpanuf7uR/MkEHRIaoBhRSTzlLKR1Hb/DclBhY3aV +MIIEowIBAAKCAQEAzoBcRWbsKwAjhJVfob1vM6Qm/B1ejNFq3cEzRkcAA2jNRw7x +MlrRY4IJFaCoIi6R5DRTj9d2QHEtL+NueRmvITZ29PPleCrhqMF4LjAsC/Ln+RDb +rTOPu//utjYRv21Ujwm/76GH/GByMqceqMQVrVIh+yX6CzZMTHGXwQ91JmRzhr94 +gLwTNOSYnFLFyQJYe9jzh8BaNs9xdnwMCdWBqypwsHaeUHHzK2oESIjPENmhw+Bn +Hr1rnmSMV3GZ2LYqXPw9UWkhqM7SGAeZT7mDKUyOB8a9Z0Yct5Akhvj4qzcrmsFr +YhtobYcWfvzJGslDi2oj0HHVwrTGdQkNDj3k9QIDAQABAoIBAHnW6ppYW8gTUOGN +cNtxdgc2N3pRqdPUTAWDVMmGYs+gKl5expk7VIgt1UZZgFqKt7G53gPk0PS80jiL +LEdvjBFAnXdx4FbCllqHrG00Jwj1zUD7XWIYJhp6q1H/HQGhdF7hFcpBuIaEMV0J +leFlsJSO/VW91oZ/Bw2jiDJ0+F4pngcDFt1BCXLjKO6qNBD10+InjLb8+i23yKM3 +9Y3eC99L0QdjVh1wxius9OJ6Ej66swTwEXHOq5pUxfpsWcn0nOOdbsaUZwc79uk8 +/v9GScQhbUmSE/2vGJEo/VehCR38jOr+NjtCYg+DOFP/p20iqcWp8ILSpU+3oB1W +cVOEDgECgYEA/fCmWDUPQFajnMD/mNOEEAYHvMqhbuCc2WSgKlru+1b2RSq4zU23 +Tchfw0kr/8S2hh6US50AqAxyHzPZ8ugKfF7m9dgwVf43ZRzJpSxGV30iVtNoYDBi +JpOfP2sMpKnpIYasN485+IBpTkkUGSVIu2CtvGTBqHaVNJc5kIyoN1UCgYEA0C0y +N/EODBHIknJo2J6sWxqC96subg9K8RT0DewaSQO6PtU80DzPphKKgHOmtz8g2G/q +esarOT+xHrtKnXHA88VKaZUBuqrc7SVE8X0OUiJ2811d4IoaO/9wTxyfVym0gT/x +SPJPfK2NKm/Z8NWT3vIeoyHV/fwx5XaYBAb9tyECgYEApNAWtnMhhel1YRymB2No +eBnh1bdR1Su0wSedCEBikQAc8EFNFfqVuMcO2ClahDMBH8UjDHxG28rQGs5Fa3EM +tTHHBtKcdIN9IoPvn+M/eDMAIYguWxer7EutdLSezRR1+ct1ZM3xmwaE0kl94OAg +93RE7lwakKL+Ldbkhpuz5c0CgYA6y+kZH75F7mfl5OZz+CzZ9lzzMqgEcdFK0g40 +OHEcGi9qO7PXZLWJREdWDFQUAYJ3XvStBJurqa+O7HsgiNZkg16G/4zjegq3+ATG +5/k5fX53MfGnz5mlRHol/gGLDr5qmvK9FaMZpbLvP3Qgr1H6cAvzK0VTXP2Cv8Ij +sQ3LwQKBgAgBogQGYsDbO2OyWEwlIL4fj16o5R/5d4mRaEvHmKnmyD9u/qHO1x0f +sUx9MMMipNEPldiZHiwIxGu+FKxIaolPvwGrxSOTPVo3+tQh5A2pQtDHxxAVnNBH +HE6TliThXfRhqVzp/Xg50oQ8W7hEFHWYFOTxj/JevzWLfOrpZmP5 -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem b/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem index 5c3f9506..f5583cc9 100644 --- a/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem +++ b/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3IMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FvMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 -MDUyMjAwMTUxMloXDTE3MDUyMjAwMTUxMlowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUuwLJTfkFxf/hwel4mpQiZI -nHWtB56EceQFO2uwnRPRJ0STkJuigwCOnTX6CCSFwIv6X0wcqf+kf//LnQe6Zq0g -Cn9Vaz0yGJlLmREjvF3ub5hNcCujCVbB1IIet1XVQGwpAVwvBtokoAfnJWD36oec -qJNy8loL2KU9vJa1ISKduNgPJWc9eiUzOvgDAtwa+VQ9BZ52FJsgEVEjWKBtIYgb -cw2UkN+uruFRWJDUDKhq3rNZcpx9r4uxU291T6t2SfTx7eG9x/ciO1UQk9FTSXvf -x+QRCBfu3TqzEA1dps8/p+u+yotuz+L3a70hY5AN2YcfcfE3P1Fnluaz7XVKTwID -AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE -WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv -c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI -hvcNAQELBQADggEBAHFsocmzGWjBN4lSau7Rt7kQQV5nux/qJJgYVxptDnzXXQ8t -Vn68RFEYmWmm3E6gLjIxKARxwEISRl3yLStvjP6MFmp7j3mKkSNCt1Gptkd9QR0t -SfTIisKvgVZNXC2HRQ6KSYQJXgVhgc63AOXhTTPNS8u3KMwDWZs2j0wZZiYr7Vln -9t1gZ3koA1gsQfdUc1J6Nbgi9neawNXmjsAihNNCEYjDFSKIkxcOtl0PtqJMwuYF -OQP8oI0E3HEtOlnqfSsqxYvPsrLL696ywg9oa+bahqKrFKL0Nx6AaUTfcpERO5oj -gKgQODbKNn7xZYbJo0VeN6ujfmcvNJGs1AtOJ1c= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 +MDIwNjIyMDY1MVoXDTE4MDIwNjIyMDY1MVowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9x4raqsne7pakh6tMP823R76 +pqILYKehpp6ApLuPvKS90N2buqww2qaai2+Iy+Pj8/OcoTU66VP5kD2g1ktYla9r +Y2ERLzU2Ls3j7bqBJh4bs2LBF/bnMdMta/a2lUiLODtUwSmXwSI1JD+YqAqka4zk +4QvHAKGVIVktV3pmiuYZK2aMXnjpkmodR/QM99IdwLjpOcaXNqZ8fW+lUpsZJWTJ +b3MLawtxn+h6RuyFhWU02wV/B0WJKSKt+bfAeqNUZG+rvhf5yRvZSMtuxzh7Y+gS +hXzliocP+wIhZO/MnkTSd1o3ov9d3PG8Jt+ZJQeNTPxqNgE2NEps/oK2VECpLwID +AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE +ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw +cC5jb20wDQYJKoZIhvcNAQELBQADggEBADYd0e7hE7YZ42Cm/UZUL76Qs2TYuYPf +pNUfiwxY5PuH+zD6zCyGGY8e7oKOQ0tYTsULIjUL6uQ7kKa64R/QX9qEQV2UcQ0G +RVGL9ythIgaxTN7icuxeXeD9olJtKzEbevzVS1pxasW/HNHQf95kQZlz9DwQ/OOf ++Qq04x4TiFoK3Z6uYxg11ACv2kzTpD0Q+CwrgXRhgItC7da/VklGMIiQcu2Swrvc +srezUlLXdsZHn3R3BIKBRPlol5oFpX6eVsugaqLxOQ9Bnjc57KCklc6E/cNc9FtC +1uN13z9zh30rOPQn1Ye1wlkAIiDrr0Luo7R64k5k/h+wYxxpEQSW97E= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/swarm-manager/key.pem b/ansible/roles/docker_client/files/certs/swarm-manager/key.pem index 37ca2fdd..d14261de 100644 --- a/ansible/roles/docker_client/files/certs/swarm-manager/key.pem +++ b/ansible/roles/docker_client/files/certs/swarm-manager/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAwUuwLJTfkFxf/hwel4mpQiZInHWtB56EceQFO2uwnRPRJ0ST -kJuigwCOnTX6CCSFwIv6X0wcqf+kf//LnQe6Zq0gCn9Vaz0yGJlLmREjvF3ub5hN -cCujCVbB1IIet1XVQGwpAVwvBtokoAfnJWD36oecqJNy8loL2KU9vJa1ISKduNgP -JWc9eiUzOvgDAtwa+VQ9BZ52FJsgEVEjWKBtIYgbcw2UkN+uruFRWJDUDKhq3rNZ -cpx9r4uxU291T6t2SfTx7eG9x/ciO1UQk9FTSXvfx+QRCBfu3TqzEA1dps8/p+u+ -yotuz+L3a70hY5AN2YcfcfE3P1Fnluaz7XVKTwIDAQABAoIBAQDBPJZR6z6YhhCc -66WVntRrwfQDHg0tucX0SZ0Fa0IztfT4ybCv9zb+udbYyXY9H63q8MUK8f8R3/Sm -1aTLRkeNj/OhKuzM+W+UcePGkQDltg3A2ERKKAWkN2wssyxb4d3/umE/79U/h2Ln -7R6iGo+dkZcGW+mk6GpBWegfGZbYGJMg4UsLffTRLHuD3sWJDFtIHdU21H3+SUoB -L4WnoVTaINaO7je3nyjKc6aiiLZt8hwNlfwiow/KUcJ7lfwa3OeDe5KgX/IKCvTD -LvbJ4MPbM3ByXgTdt89cG5f7y9njvJwGAxjvV11e8PV7iEDzaN/7+jqtIuaKw4UT -JMjE9vXhAoGBAOR5eDiGL3/bbkUCAyonh0haZJ5CSeYFpiykgFi1XHZWkrkZVsH6 -MEOvsvXI/v7B9pc4+QBHIHNxMd03BpvhTpThRDFdx5q+hbdYV62LW9wePHzYGrTU -CbD/KFXR+Qf9ugT2HGPI99fjI+Al/hZUR2BaTK4UGJnY0NKRal8B+zBRAoGBANiV -Pso+g4/wMa2kz5CvJ6bwOInYHWYkETw7vp9y6GODkWU+KQBqPz5CP+TGkZFO/ZtF -2TG876NlViwJlvwqF83n2xqY1jaU58XdmkK0N6jY9/v9VuZ5lLnFWZNvti78n+46 -g2FrnSjsRrnqU4WYtw1LfGObdZxfwwUdJDp3w8ifAoGAMttHA237DL7PYNT911hN -KLHWS9P9lxIS10UWvKhCGKVUq5cUVMFYFPj7IPLIr/SE60xnQMSUWJ4Nt2wUMIaK -c2FhSIvTboKSSSmE+sBWhjzEwhVofG/maFujotbGVB0KVyhhUWTeplONHMvYLyg7 -axsujmEyyKwWb4im4NcUDsECgYEAwrqNVfGXAFeJkwJXzVJuaF4bt3QkGq3bATkG -Tv5ViwPEOi8FVmYwrp2KLPuL7gYDZxQKD/o7y8FVFQsaQWbnOC56hRNdpn2DVhfE -lqzKTnmlnV9OPrKZ0d1qiHEscFqawOrDLVhAWYb2oDnbFocULlPsZvJjcFF5WqO0 -6wy7bykCgYAU+YNnB35TiIsdXLjauZ68DtPslVY7dRRiyu1Ynob3JZImHdP0CQ34 -4tdHwSF2osx3EG0hOCMpVrHqjzzMIeGj9637m+6u/St9J71CL4AZQr83veSYpN8R -Av+YuAPiinJUEGCYC8su1fVQ9KAKvF36mo5PLC9/PHiZXi4v8YXsjw== +MIIEpAIBAAKCAQEA9x4raqsne7pakh6tMP823R76pqILYKehpp6ApLuPvKS90N2b +uqww2qaai2+Iy+Pj8/OcoTU66VP5kD2g1ktYla9rY2ERLzU2Ls3j7bqBJh4bs2LB +F/bnMdMta/a2lUiLODtUwSmXwSI1JD+YqAqka4zk4QvHAKGVIVktV3pmiuYZK2aM +XnjpkmodR/QM99IdwLjpOcaXNqZ8fW+lUpsZJWTJb3MLawtxn+h6RuyFhWU02wV/ +B0WJKSKt+bfAeqNUZG+rvhf5yRvZSMtuxzh7Y+gShXzliocP+wIhZO/MnkTSd1o3 +ov9d3PG8Jt+ZJQeNTPxqNgE2NEps/oK2VECpLwIDAQABAoIBAQDUw2sKOjaSds6I +RFVFfFdWZtfUJGy7WVj6xjlom/yTpRuw+zybqqmdeBhTuUIEmj+nyLWwrs38Gssi +f409ND4fEpvZQrey95OhFLAL/Ko5kW60MnCiG3jPE01mSVLGkWEclyjP7umz5anv +fboH5LHPz804XhWG25g00D0TtlUXfHhG+HQvbHkuqcjoTGKAdXDQrmBLWy3z02S9 +CFMOS8KhMIRYoQ7TVOiBnBXNsh2aCGIZSxI8Ndb1+yDa9tD/Qbvs5/opVCfbegPb +vroiDn3kH6SK1l3IEsJrGMvrqdAvbNvocI0qDkkrCTt2nMh98bM84/PhyQEL/T60 +AYTKXQCRAoGBAP5syrzMswCVNbHt4lpiGt6l4lS3nczJ9Nx7d/Ox5glITA82BDn7 +9+iygAruaRfb4otAqN6LmKENH93Nx4lhWBQX1IjWGCrr8x9ZTyFp4ZkxEj1Bckda +2i3IQ6urQ8/bMmVvUDb0cpawPJaEqAIWltZa/Wp1Dq1nFw5CHcACK511AoGBAPil +zCakeKTI9ls1iDK9YwkbHTTVzea6+gy/HaY4Gba6I5Tz8rxmI8luTuBqb0BYxYJC +o8k4AvLRPgHOGSgSfDnx1PMwq41aPg/Y/SayjITtBfnNzipNZhQISDItdtVikSnC +3f8SsPMomGhtRS16pRVbF8ay2gpTdKvZRn9q7WOTAoGBALuHEpPASTvnvrEMBqfZ +4bY0DLOmty/Ht6x/cPV1LXmwCSe5B7p5ZsvkLY5hFaMZVkyPdyi5OeGTG+bPkwBG +eLYurl/BdgTE7ukvWazmLvtL+QafY40GgQP3tTEmRhBBn062kig/WuqIsc+7rV4E +ql8Kp/i8mPnkn1DKGMV6lA01AoGASUj0pt8K/+aLVc6tWecf7WskbJInob2yPVeG +8ZrPWV/7ZMeR351rJs9wSAyWxaxkakQh6gisNc0eLYIFQB5SpvF0BkluBrd2W01l +L6aoa/VAMaRLA4TUdUsLnF5yC+qFRn282JU1ujVY1k5+eS0Qwv6aP2IviaOXW58q +fBuT5CkCgYACa3+Bk0AxWhBx4ZARuF3ntTdoQ+GSab5pGPUBQNAPZ9lZWAkRTq10 +vXKHFCACSMzjR/nXPPaeLFQA3az2Mo8Aaf8P02p8o910+xo9ieZpmJ630SORlbMM +qFD6KW3D6cwscU/sHI/6sRUMJC+iNS7j4JCltbJv481L9S9SKe2Akg== -----END RSA PRIVATE KEY----- From df015a173f26506dcb24191b500f76fb417aa449 Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 14:30:12 -0800 Subject: [PATCH 24/61] Step 14: Fill in security group and subnet for dock --- ansible/grizzly-hosts/docks.js | 2 +- ansible/grizzly-hosts/variables | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/grizzly-hosts/docks.js b/ansible/grizzly-hosts/docks.js index 594bf885..5bb4c07e 100755 --- a/ansible/grizzly-hosts/docks.js +++ b/ansible/grizzly-hosts/docks.js @@ -14,7 +14,7 @@ var params = { // Only search for docks in the cluster security group { Name: 'instance.group-id', - Values: ['${AWS_DOCK_SG}'] // This script is the same for all environments + Values: ['sg-ec0da194'] // This script is the same for all environments }, // Only fetch instances that are tagged as docks { diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index be1840a2..7e97311b 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -73,14 +73,14 @@ registry_s3_region=us-west-2 aws_access_key_id=AKIAIS2HMUM2REGVTVIQ aws_secret_access_key=AKIAIS2HMUM2REGVTVIQ shiva_aws_region=us-west-2 -shiva_dock_security_groups=${AWS_DOCK_SG} +shiva_dock_security_groups=sg-ec0da194 shiva_ssh_key_name=gamma-key shiva_aws_instance_image_id=${AWS_DOCK_AMI_ID} shiva_aws_instance_image_name=${AWS_DOCK_AMI_NAME} shiva_aws_instance_type=t2.medium shiva_dock_pool_asg_name=grizzly-asg-dock-pool shiva_aws_launch_configuration_name=grizzly-lc-${AWS_LC_VERSION} -shiva_aws_auto_scaling_group_subnets=${AWS_ASG_SUBNET} +shiva_aws_auto_scaling_group_subnets=subnet-b8be98dd shiva_aws_auto_scaling_group_max=29 shiva_aws_auto_scaling_group_prefix=asg-grizzly- From 1676303e7e16e57ceb243f545d2cf6661f8ca160 Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 16:39:20 -0800 Subject: [PATCH 25/61] Step 19: Add keys and auth token for vault --- ansible/grizzly-hosts/variables | 13 +++++++------ ansible/roles/local-vault/templates/vault.hcl.j2 | 2 +- ansible/vault.yml | 4 ++++ 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 7e97311b..3d1e31cb 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -121,14 +121,15 @@ max_navi_port=65000 _redis_port=65075 _redis_tls_port=65076 api_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 # HelloRunnable -vault_auth_token=${REMOTE_VAULT_ROOT_TOKEN} -vault_token_01=${REMOTE_VAULT_TOKEN_1} -vault_token_02=${REMOTE_VAULT_TOKEN_2} -vault_token_03=${REMOTE_VAULT_TOKEN_3} -vault_token_04=${REMOTE_VAULT_TOKEN_4} -vault_token_05=${REMOTE_VAULT_TOKEN_5} +vault_auth_token=2c7d2b93-5fcd-6e14-d8ad-2a1efd18f3d4 +vault_token_01=6506bd2cb9f04083f8a8f2d6bb74317d589367b978ac2e1941c00ed113bf0ad501 +vault_token_02=af7c30392c23b315cbadca2ecaf38c6cb98e26a951fb247e396b1a6264e6787a02 +vault_token_03=e0506e43989cacb99d72d32afbbff7d8ca8dd9b250e4f766830ecbd4016403fe03 +vault_token_04=57bef9d21cb3f9a46d3fe5cc82e21deddfcc884081e0dfd8e632a5be1fadb2e704 +vault_token_05=1892a7a8a80ce6083be0fcc8b3ae6659accf775b80ff0cc05c5774087a2fc96305 github_domain=api.github.com is_github_enterprise=false github_protocol=https proxy_container_image=runnable/sticky-nginx proxy_container_image_version=v1.8.1 +charon_api_token=ebb1ef52e73a03899a31f067507f68e843d52f27 # Hello Runnable diff --git a/ansible/roles/local-vault/templates/vault.hcl.j2 b/ansible/roles/local-vault/templates/vault.hcl.j2 index 56f9cd4d..959b956d 100644 --- a/ansible/roles/local-vault/templates/vault.hcl.j2 +++ b/ansible/roles/local-vault/templates/vault.hcl.j2 @@ -2,7 +2,7 @@ disable_mlock = true backend "s3" { bucket = "runnable.vault.{{ environment_name }}" - access_key = "{{ vault_aws_access_key }}" + access_key = "{{ vault_aws_access_key_id }}" secret_key = "{{ vault_aws_secret_key }}" region = "us-west-2" } diff --git a/ansible/vault.yml b/ansible/vault.yml index c0c5a4f2..7e1bb165 100644 --- a/ansible/vault.yml +++ b/ansible/vault.yml @@ -9,6 +9,10 @@ - { role: container_kill_start } tasks: + - name: make sure httplib2 is installed + become: true + apt: package=python-httplib2 state=present + - name: get seal status tags: [ deploy ] uri: From 0bb471eea86f2e2cdfbe9f029be68609ff3e105f Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 17:22:57 -0800 Subject: [PATCH 26/61] BUG: Fix pulling of swarm image --- ansible/dock.yml | 2 +- ansible/grizzly-hosts/variables | 1 + ansible/group_vars/alpha-swarm-daemon.yml | 4 ++-- ansible/group_vars/alpha-swarm-manager.yml | 4 ++-- ansible/roles/dock-images/tasks/main.yml | 3 +-- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ansible/dock.yml b/ansible/dock.yml index 9eea4fb6..c43aa36f 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -16,7 +16,7 @@ - include: krain.yml git_branch="v0.3.0" - hosts: "{{ dock }}" - tasks: + tasks: - name: remove datadog agent become: true apt: diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 3d1e31cb..d9de89d5 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -133,3 +133,4 @@ github_protocol=https proxy_container_image=runnable/sticky-nginx proxy_container_image_version=v1.8.1 charon_api_token=ebb1ef52e73a03899a31f067507f68e843d52f27 # Hello Runnable +swarm_version=v1.2.3-0 diff --git a/ansible/group_vars/alpha-swarm-daemon.yml b/ansible/group_vars/alpha-swarm-daemon.yml index 643d73f3..8a5cc923 100644 --- a/ansible/group_vars/alpha-swarm-daemon.yml +++ b/ansible/group_vars/alpha-swarm-daemon.yml @@ -1,8 +1,8 @@ name: "swarm-deamon" # container_kill_start settings -container_image: swarm -container_tag: 1.2.3 +container_image: runnable/swarm +container_tag: "{ swarm_version }" container_run_opts: > --name {{ swarm_container_name }} diff --git a/ansible/group_vars/alpha-swarm-manager.yml b/ansible/group_vars/alpha-swarm-manager.yml index 84e0ef8b..248a17dc 100644 --- a/ansible/group_vars/alpha-swarm-manager.yml +++ b/ansible/group_vars/alpha-swarm-manager.yml @@ -1,8 +1,8 @@ name: "swarm-manager" # container_kill_start settings -container_image: swarm -container_tag: 1.2.3-0 +container_image: runnable/swarm +container_tag: "{ swarm_version }" memory_hard_limit: 10g diff --git a/ansible/roles/dock-images/tasks/main.yml b/ansible/roles/dock-images/tasks/main.yml index 1c284621..75487a68 100644 --- a/ansible/roles/dock-images/tasks/main.yml +++ b/ansible/roles/dock-images/tasks/main.yml @@ -17,8 +17,7 @@ become: true command: docker pull {{ item }} with_items: - - "registry.runnable.com/runnable/image-builder:v4.2.3" - - "swarm:1.2.5" + - "runnable/swarm:{{ swarm_version }}" - "registry:2.3.1" - "google/cadvisor:v0.24.1" - "prom/node-exporter:v0.13.0" From d79872affa1e67f4996319794f1bc6eb93998db5 Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 17:29:30 -0800 Subject: [PATCH 27/61] Styep 15: Create AMI for docks --- ansible/grizzly-hosts/variables | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index d9de89d5..0afec41a 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -75,8 +75,8 @@ aws_secret_access_key=AKIAIS2HMUM2REGVTVIQ shiva_aws_region=us-west-2 shiva_dock_security_groups=sg-ec0da194 shiva_ssh_key_name=gamma-key -shiva_aws_instance_image_id=${AWS_DOCK_AMI_ID} -shiva_aws_instance_image_name=${AWS_DOCK_AMI_NAME} +shiva_aws_instance_image_id=ami-9add58fa +shiva_aws_instance_image_name=grizzly-dock-2.0.11 shiva_aws_instance_type=t2.medium shiva_dock_pool_asg_name=grizzly-asg-dock-pool shiva_aws_launch_configuration_name=grizzly-lc-${AWS_LC_VERSION} From 9e8b8f51e0deaa75e3bdfbfa9bebc917085df400 Mon Sep 17 00:00:00 2001 From: thejsj Date: Mon, 6 Feb 2017 17:33:30 -0800 Subject: [PATCH 28/61] Setp 16: Add LC Version for dock pool --- ansible/grizzly-hosts/variables | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 0afec41a..41ce2ac2 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -79,7 +79,7 @@ shiva_aws_instance_image_id=ami-9add58fa shiva_aws_instance_image_name=grizzly-dock-2.0.11 shiva_aws_instance_type=t2.medium shiva_dock_pool_asg_name=grizzly-asg-dock-pool -shiva_aws_launch_configuration_name=grizzly-lc-${AWS_LC_VERSION} +shiva_aws_launch_configuration_name=grizzly-lc-2.0.11 shiva_aws_auto_scaling_group_subnets=subnet-b8be98dd shiva_aws_auto_scaling_group_max=29 shiva_aws_auto_scaling_group_prefix=asg-grizzly- From 5979fa90c5e364b83eb85cf0c9e23191a6669fe6 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 10:56:01 -0800 Subject: [PATCH 29/61] Bug: Assert mongo group and user exist --- ansible/roles/mongo-server/tasks/main.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/ansible/roles/mongo-server/tasks/main.yml b/ansible/roles/mongo-server/tasks/main.yml index 9368e698..aedba96d 100644 --- a/ansible/roles/mongo-server/tasks/main.yml +++ b/ansible/roles/mongo-server/tasks/main.yml @@ -1,4 +1,20 @@ --- +- name: assert necessary groups + tags: [ tls ] + become: true + group: + name: mongodb + state: present + +- name: assert necessary users + tags: [ tls ] + become: true + user: + name: mongodb + shell: /bin/bash + groups: mongodb + append: yes + - name: make folder for certificates tags: [ tls ] become: true From b56c40bac0b00c0e5f900677a375463d30cb3af7 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 10:58:58 -0800 Subject: [PATCH 30/61] Step 4: Fill in Cookie for navi --- ansible/grizzly-hosts/variables | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 41ce2ac2..a24f6509 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -44,7 +44,7 @@ khronos_mongo_replset_name=grizzly [metis:vars] [navi:vars] -navi_cookie_secret=${COOKIE_SECRET} +navi_cookie_secret=17578a96-8610-4db0-83ea-7b4491e8c1a5 _navi_proxy_port=65100 _navi_proxy_ssl_port=65101 From 18a041d959ac3e4c39da80a7b266d0ebafe94f54 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 10:59:14 -0800 Subject: [PATCH 31/61] Bug: Fix mongo ports --- ansible/group_vars/alpha-mongo-navi.yml | 2 +- ansible/group_vars/alpha-mongo.yml | 2 +- ansible/roles/datadog/templates/mongo.yaml.j2 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/group_vars/alpha-mongo-navi.yml b/ansible/group_vars/alpha-mongo-navi.yml index 9d9cf42d..00765326 100644 --- a/ansible/group_vars/alpha-mongo-navi.yml +++ b/ansible/group_vars/alpha-mongo-navi.yml @@ -9,5 +9,5 @@ container_tag: latest container_run_opts: > -h {{ name }} -d - -p 27017:27017 + -p {{ navi_mongo_port }}:27017 -v {{ db_path }}:/data/db:rw diff --git a/ansible/group_vars/alpha-mongo.yml b/ansible/group_vars/alpha-mongo.yml index 06227dc4..9ef943bc 100644 --- a/ansible/group_vars/alpha-mongo.yml +++ b/ansible/group_vars/alpha-mongo.yml @@ -6,7 +6,7 @@ db_path: /opt/mongodb/db # container_kill_start settings container_image: mongo container_tag: latest -container_run_opts: -d --name mongodb -p 27017:27017 -v {{ db_path }}:/data/db:rw +container_run_opts: -d --name mongodb -p {{ mongo_port }}:27017 -v {{ db_path }}:/data/db:rw # do not monitor docker-daemon for mongo, as there is none no_datadog_docker_monitoring: true diff --git a/ansible/roles/datadog/templates/mongo.yaml.j2 b/ansible/roles/datadog/templates/mongo.yaml.j2 index 03a1b1b2..21bcc99b 100644 --- a/ansible/roles/datadog/templates/mongo.yaml.j2 +++ b/ansible/roles/datadog/templates/mongo.yaml.j2 @@ -1,4 +1,4 @@ init_config: instances: - - server: mongodb://{{ datadog_mongodb_user }}:{{ datadog_mongodb_pwd }}@localhost:27017 + - server: mongodb://{{ datadog_mongodb_user }}:{{ datadog_mongodb_pwd }}@localhost:{{ mongo_port }} From 76fc36e53c8649dcf38caf0b0a0301b248b9b701 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 15:22:11 -0800 Subject: [PATCH 32/61] Bug: Fix problem with swarm_version template string --- ansible/group_vars/alpha-swarm-daemon.yml | 2 +- ansible/group_vars/alpha-swarm-manager.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/group_vars/alpha-swarm-daemon.yml b/ansible/group_vars/alpha-swarm-daemon.yml index 8a5cc923..61dc5f71 100644 --- a/ansible/group_vars/alpha-swarm-daemon.yml +++ b/ansible/group_vars/alpha-swarm-daemon.yml @@ -2,7 +2,7 @@ name: "swarm-deamon" # container_kill_start settings container_image: runnable/swarm -container_tag: "{ swarm_version }" +container_tag: "{{ swarm_version }}" container_run_opts: > --name {{ swarm_container_name }} diff --git a/ansible/group_vars/alpha-swarm-manager.yml b/ansible/group_vars/alpha-swarm-manager.yml index 248a17dc..9ed91bf1 100644 --- a/ansible/group_vars/alpha-swarm-manager.yml +++ b/ansible/group_vars/alpha-swarm-manager.yml @@ -2,7 +2,7 @@ name: "swarm-manager" # container_kill_start settings container_image: runnable/swarm -container_tag: "{ swarm_version }" +container_tag: "{{ swarm_version }}" memory_hard_limit: 10g From 7f88c08d14fcbcbff81e57eb14c74526556f25f5 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 15:22:51 -0800 Subject: [PATCH 33/61] Bug: Fix node base Dockerfile --- ansible/roles/builder/templates/basic_node/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ansible/roles/builder/templates/basic_node/Dockerfile b/ansible/roles/builder/templates/basic_node/Dockerfile index 594ddb5f..73f84cf7 100644 --- a/ansible/roles/builder/templates/basic_node/Dockerfile +++ b/ansible/roles/builder/templates/basic_node/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.runnable.com/runnable/{{ base_dockerfile }}:latest +FROM node:latest {% if hosted_ports is defined %} # Expose port to Host @@ -16,6 +16,7 @@ ENV {{ env }} RUN npm install -g n@2.1.0 RUN n {{ node_version }} && npm install -g npm@{{ npm_version }} +WORKDIR /{{ name }} {% if dockerfile_pre_install_commands is defined %} {% for command in dockerfile_pre_install_commands %} RUN {{ command }} From 1c5c579033a26878caa9862851e423e1d0d1680f Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 15:29:37 -0800 Subject: [PATCH 34/61] Redo Step 6: Add new main host IP address --- ssh/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh/config b/ssh/config index ccc1341c..ebad9b5f 100644 --- a/ssh/config +++ b/ssh/config @@ -124,7 +124,7 @@ Host gamma-bear-clone-dock ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.248.1.58 22 Host gamma-grizzly-main - ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.4.0.221 22 + ProxyCommand ssh -q ubuntu@gamma-bastion nc 10.4.0.26 22 ################################################################################ # Delta From e155639da8016efae88925d4baf2f2555e4cae6a Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 15:40:05 -0800 Subject: [PATCH 35/61] Redo Step 13: Generate new certs for docker client --- .../docker_client/files/certs/api/cert.pem | 30 +++++------ .../docker_client/files/certs/api/key.pem | 50 +++++++++---------- .../files/certs/docker-listener/cert.pem | 30 +++++------ .../files/certs/docker-listener/key.pem | 50 +++++++++---------- .../files/certs/khronos/cert.pem | 30 +++++------ .../docker_client/files/certs/khronos/key.pem | 50 +++++++++---------- .../files/certs/palantiri/cert.pem | 30 +++++------ .../files/certs/palantiri/key.pem | 50 +++++++++---------- .../docker_client/files/certs/sauron/cert.pem | 30 +++++------ .../docker_client/files/certs/sauron/key.pem | 50 +++++++++---------- .../files/certs/swarm-manager/cert.pem | 30 +++++------ .../files/certs/swarm-manager/key.pem | 50 +++++++++---------- 12 files changed, 240 insertions(+), 240 deletions(-) diff --git a/ansible/roles/docker_client/files/certs/api/cert.pem b/ansible/roles/docker_client/files/certs/api/cert.pem index 3b5590ad..de3614fc 100644 --- a/ansible/roles/docker_client/files/certs/api/cert.pem +++ b/ansible/roles/docker_client/files/certs/api/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FmMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FwMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNjIyMDQ1M1oXDTE4MDIwNjIyMDQ1M1owETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZQ5qGRDPV3knP9VwYCtS7BZ -TKEMFsu67PI/FYiOrXXYK1dScGAK5bHawEK2tH6Jb0RjU8/0QHr1H4a9zfw3fO+i -Q8OZla/FUn+R3gYTXVQ3qqaHyxZSc8fnubb+zPz+vK0rQxxHc2uIlxAhJBDcQLU0 -vqLdFnCbstBB96qaxEVA2mNRuye6Hkgt+utq4a17y/gb3zUcAFGRxAqy1hCjPcu8 -5mfe1BJN9e3xzpDvCujoEaHn2YR2Yc0H3EG8C2UKi9WnAxBEcnqf+zPe7lOlIiIE -Ckg11edu8asUKj2jKVlVMPguMDjUOq/Fan3gUHqIUwPIMNlk2/MXhMSkCKjrfwID +MDIwNzIzMzgxNFoXDTE4MDIwNzIzMzgxNFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnHUhF9uVYAJvvW+NfvA4dVL +reakqOnKQvhFFMsAIHJ4YMtTj4R7zNV1WMtI/lL4CpurJEPbnPXUUTWCqKvxGk+T +xhGNNx0UaDpjqWc793GjJL9fTNEFAnjAzrXFetzBPujxG3NpBZ8zKwiE+qTFKqJd +fGl2zObYLB+msjoKnaXdV9dIEaZIBPP4pbCaEGlEBBheBCmQ/cXLG7BvT+BOnNOv +dNEJdX9hgDfJ333Jc1v/pmx6//17FQm51g1pOYOtPHhC0mkxuobkQgyKHYP4kb7x +FHOvhmotmk7QiP+F3c6K8oZ0Z48kpiHr5GmaemwEovJQJGaJ8oupBfT+NnRrLQID AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAH7Erm8O6gkPfF4p0IwxAxrETo0LgPh9 -VNs6MyDvpHPyHZH49TMIZwJ8ykZGbFYeZFKG6cHYzfqGdA69X2zFuXbUzgE0Lvk2 -yYz94x8oNUEJ+r7MB4t5F2km2aKDtbLeAiOBQYq7WfPMibE7+F0+AfZ/jp+BZBQX -otoynTiESa+9dr0f6m0utEQSz0lB7b1EhFv7z8Qx3Y3NONW7a8ymyJD8JdYLko8Q -MwHjE6MJNCgUaonQe412pd4KKOSgn7jphGn38tqWPfnZYgRCHl8gdHR3JG5WYh/w -h4eqBzi/dd0eqw2HfsrL3cWSxNu1zTchrQS+7Xpri7mVoxbhdPSaFCY= +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAItVFo3OkpYmCnMSd0/WeqV+fjm3lLOk +T+v+WrvmjoikRGQCflRFdlIwk9Sg4c+eqN0iBJtt++ZjzM6rHksab8xQVnXjbjEI +wHeMTxGTWJZAe2KTQyc2nLsHbtzglBXlinj0opiL99uUq2NMy/7f6wlMcCDyhu9r +HltgRwTC924OL61gFFJkL3ehsafT/k9oH0+1MEuLaVGcmARBfhwX3aJM8QYE2nlk +xSnH7MeP6z4Ti57T8oLA5d5+o8IdAQkmDCvnYJxMgHzOMRkAVo9hzlbvM82YMygE ++Pm4lwFHGC0+xRAGGvbxilIIAn1ezrbpEivud1henxLKyAmh9o2g0vY= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/api/key.pem b/ansible/roles/docker_client/files/certs/api/key.pem index 24ed49b9..3ae31fac 100644 --- a/ansible/roles/docker_client/files/certs/api/key.pem +++ b/ansible/roles/docker_client/files/certs/api/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAvZQ5qGRDPV3knP9VwYCtS7BZTKEMFsu67PI/FYiOrXXYK1dS -cGAK5bHawEK2tH6Jb0RjU8/0QHr1H4a9zfw3fO+iQ8OZla/FUn+R3gYTXVQ3qqaH -yxZSc8fnubb+zPz+vK0rQxxHc2uIlxAhJBDcQLU0vqLdFnCbstBB96qaxEVA2mNR -uye6Hkgt+utq4a17y/gb3zUcAFGRxAqy1hCjPcu85mfe1BJN9e3xzpDvCujoEaHn -2YR2Yc0H3EG8C2UKi9WnAxBEcnqf+zPe7lOlIiIECkg11edu8asUKj2jKVlVMPgu -MDjUOq/Fan3gUHqIUwPIMNlk2/MXhMSkCKjrfwIDAQABAoIBAC16o6Jb+y17mt52 -+rGjFu+zbJjPgcDuOveg3bVivyepv6QWHLbMs5CK7Dl3R7FhMcM5msJ+ftABL1DS -2DHUMdONAVZUVEHumt3BsNKcjoSzMW+E58q2ni0cZeDNn665err0qA4/eHyd7XSf -7/NhABWd4vtgwr0hYpixEUJC8UHoGXP0c6NFX3yA22UcbLjyUNwmZP6nGXHEbX3S -FqQIla2OwZjNNfpycqQIzeOuh1bN/MRsd9qant5RoO/l9lL+72mls743lxy0mPsH -9rixwXNa2RNt069NjqUlAX0IuhOGP5KfedvA6YJXoPxRUh1W6rlgo9TN9nXVhet7 -pW3kXyECgYEA5G25bOdS6lqS3x988RhqBkXNvTxwfZBUMEJ3IBSDmHWBNazfkkdP -nKEe3I7B8f1uFX/RUJSLr6VNFTGjIH4Pu+aCJqpUtLGmQLlwXLsaxAT7xAcqwJKk -AFXOJjQNFiY7wwlJgzQstjxrc74jEMYqDKrAyVg8R4fKEbMA3HTZwXkCgYEA1HYT -pElYTNG9D3O2WeobA/WeMAy0AjzUt93f9xbi00FdIxeNmDSyEQB48pdfCwjEyVjF -nJe/FAhFu3mgO3eftqbOWX80KepCDxX614tewET4+f26HTgKYKjDx0XXmHBNr3M3 -y3cZ3zfsJEcBP2SmyA1KkEtQXm5gQiXCVPQDDrcCgYEAwgQwKj+QPV0QwlKMXHrQ -EuPXC5P6N6wO1a6eX7EM1MF5LY3Xlvbat75h6BOYx2Dpz3jw3/BLdLSB9C5kz4RC -+OWgRhcGOzNocjEPLrP81+EjtiwgM9BZW6+FmQ080ENJHy8UMUxvbZmD6prkTasC -rB+b/2fiSx8akk3nvVfCXIECgYAdOoFJQK3dI52W2pxjkklVKh0xDw5UoHnDMcr1 -+zgJSBzADyVzoww8OoxpE1oH8pTf/k5xVI78+oZdXEYm6DYYsqoAtfc/LPMZkDSK -IqpOWS7HdZh9HJCQ66bDa2BVoF2PnZI3c5MjmlXqR7psNjSboPh5EWNlGlozv24U -sd0Z0QKBgAatiEaLbvEreGs8xQtZSVY8mhP3GqekajDfrPW24wn/dRsrgq2s6WBj -hYW8cUFyIpieWC13wcW7WQr9iIVtOYDX9xSoxouInj3Qv+fq+QVIyrqs4X4KBEfp -Sj3Ugt4r+CISjh1lIWl/8hNAW/f9KV+fGmvm01QiInnAAOba5IQK +MIIEogIBAAKCAQEAxnHUhF9uVYAJvvW+NfvA4dVLreakqOnKQvhFFMsAIHJ4YMtT +j4R7zNV1WMtI/lL4CpurJEPbnPXUUTWCqKvxGk+TxhGNNx0UaDpjqWc793GjJL9f +TNEFAnjAzrXFetzBPujxG3NpBZ8zKwiE+qTFKqJdfGl2zObYLB+msjoKnaXdV9dI +EaZIBPP4pbCaEGlEBBheBCmQ/cXLG7BvT+BOnNOvdNEJdX9hgDfJ333Jc1v/pmx6 +//17FQm51g1pOYOtPHhC0mkxuobkQgyKHYP4kb7xFHOvhmotmk7QiP+F3c6K8oZ0 +Z48kpiHr5GmaemwEovJQJGaJ8oupBfT+NnRrLQIDAQABAoIBAD9mWqk3+/4g+/wg +cva4SfVcueMDTxQQLWib/SYZfR7gs4jpLPcrMopMoEMQH2/xfgGVnmXlsCJDf+O6 +HtZYqJzpU6LyNJWpGr35+aFDtCroCWFSKtZV6S3S+naQKFmKccrxjSZiBume5TAY +drPFNKDcYtW+tA/eqK3gJtfGJ2IZ7KxBQrBTr9ZsxgUoX0GES/CM1Rw62AQrla03 +doLqkXGHo1Aaf7mmIUjE/1LWPAUUmpeVKQlep9xaupADMl8zePnve+jR4l64N+3Y +Kvpta1oUsILyMrtc74b+cFWOIBu2CUAJ6awSzxp/0p7tU7EtrG8+kUbPD7+pTU8f +7+5cm1kCgYEA/0SBzoZnQIpcMYgGsuOr8qDAXDHLJiMd2PqS53Vjgxy6iJshb7O2 +zZw4sgPK2MK9krPPd/8CDvF2KfgwXrsOF7K6SOhalovu0DfGjCwn33ltYFrXpB6U +ln5tYPa1OzEvz/7b3afp3njJU3NunXosrx0Mse9x7xQWXKO0/cso/XsCgYEAxwOW +PVhnTTGE98dKVccX3+QBvZWgtPWPM3uaPrviJhkc4f5RrZxyAIyleKVSEiAw4SWT +o3u9nUDEKeNRxo7rDgznNMTwkCuzjkGV0kli386wjv5KLeoTa+BpNTnvc852IFVq +c6iUlStUYDbhYNZE48F6HZdHB5pw7xC7gGc6lXcCgYAK2fyyrOACzF7y9Bdkz2zl +2ZOT18INEv0X1j8ce88JKdV8LSwUtY0V3IhEeQjMgirQ67fsH/kUbYtaaWSVAlqt +AzoME2SWdchnLZfRKadgRqcxq2rzXSFv7Fv1/UbjB0pDC1CJcbPtczELzSJsq17u +6ss5XTZ4tV/l/EebamGJtQKBgD3Ws3xkV9T4qiSD3GlC7/w10QSj1cfk9ZY9tfQA +VYkZDIx8hcy4bAQXr+MJG7NeJVIQZwvJi2Wtlkadx+82wXsgL0eKWmWx7p0pa/Bn +tT1t8Ba+lTYnIdnHZWmQkwMdCD+LywQdQe4IBLPQ2b9JVSagG93N/9gw+R6PyHNh +oCaJAoGAZvpGm5cq4BPOIMIbG6A8WuMwRLv63hktXoS4tx8NewFrWHu0mKrABsGg +Z1d6n26w5TEFE3HMcg5DqSLQz0nCPGjjsq9yJjNJFkRRVD3onKZkIZRUE6o48NBL +F0mJvQGXY8XnNDkaD1oE5PGHFsG3iqAHlpui1L8b2fGzteTMHI8= -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/docker-listener/cert.pem b/ansible/roles/docker_client/files/certs/docker-listener/cert.pem index efa105b6..80b5c68d 100644 --- a/ansible/roles/docker_client/files/certs/docker-listener/cert.pem +++ b/ansible/roles/docker_client/files/certs/docker-listener/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FtMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F3MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNjIyMDYxNVoXDTE4MDIwNjIyMDYxNVowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT13XdTL6SW/RAxBNo+uzqpC -B/rTof5ZtkY53fiNqG3BusDEwUSGdlwLYfzRSar9ATEHXa+eDgQq9sk5qd1iwWnm -pyYoRPi2o+ablGUmYmghE75JWQ1mt33GHfnzDti1EL19tLKmmfteB42r+hnO2lMT -4vvegoi7AzoLB5sE32DwoOPATb8ACQyOlP4+ovkJk424u+ydmhrVsTtHrcr24Tvk -wvTt1uH0h3AssFWEmZjAlAAP3Y/cJVFc+6a/uqndwrs/CG3H7RDmYn8FgC4FR6I3 -dPguJ0HAy1SdBxCulQxGEAWA0O5CLU0xOz9EqiPWvRBbZMyta7IHXSGg1mIWcwID +MDIwNzIzMzkwNFoXDTE4MDIwNzIzMzkwNFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprzLOS7Fa0ZNLfLPc+4k8lCG +uIil0hXaP0ls+mami8lGOXjG8QC64dJAscGy7RRNt8Hfa4xIjysDgrlxOXhjhtBB +qAkdfzOGvw8BU1BmiryV0JhogCKUJcKQGAJNyPt5djPJ80Um6VfwEzum42qp6gSm +4P5tFsyXKFUSLifTfjjTMN5CGaKPnjy7Og2HecLbalb8Cr2aKw8L2oAtzdbx3d7t ++4J9zki7O0XBiegsG7h290IlV+MiDXkIRuMqkVysDLsQ6gd+TxTXs5adPXR1oC1g +8fk5ZB51JwQbdWsmHEDGGVyDqkUDG0szVlsAIkvGs5iXaZ0+xCs6cyPXKRCd7wID AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBADduwnLRxcIdmch7W1ClcIxzHGJJUbr+ -LrLZeZ0GzF1DK8hY8XBGm+C5Gf7kGr5fTTInO9EuVs9FPftJYO/1UC1V1fTBwLcV -79xX1I4XrjnJa8MumEzBdWtcL2z4r3xncItXEVJRLhKeb4mPHv1aM0ufoDlU2nS4 -I/GW6vMOmq59rA0ieA7J/Ssa46ew1tavix7oO5f6/cRPTRuBn7nNswistPy4LUDn -WFZhPUfaiC9nItTAgXijfh8XlljcGpbVNNHGfqi0vANrFrDnQvK+mR9VjMpjNkEO -7lxumVtRInkd+IGon9YUGxdxL3CNMZ+f57UZNv1JfA24bl1ExqZfG+g= +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAEbaKgrdEcFu8szkU2TkgPelJ8ad7SVl +07EPN8g8WoZE7OY25ZEBkwX7La/MaZex1St9+pLxkj+uh/lBGSLKmHKsQWf40NT1 +2U0UhgU8x+/KLUPThU6kyXSQplKY91UH4tTG5rYxvJYDAvSV5/rqZw0Y8k8ObnfU +JR2pSoT3ucA9p2JGkR8YFFxmzhuid0YohkOwS9M0zC12WynKOYe3n8aguGF8ZeN1 +mTJfQZWNaHZvHwtPpdVIy8+C7a6JAwdF/+FkO65tE5BciUCt1w+zJbScVV2KLjna +WZBedzSZUBMlZnS4v1B6d852TxM3tondxXN8tfrGqkOC82TzCDgxA7I= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/docker-listener/key.pem b/ansible/roles/docker_client/files/certs/docker-listener/key.pem index ad8061c8..bfa8a6b9 100644 --- a/ansible/roles/docker_client/files/certs/docker-listener/key.pem +++ b/ansible/roles/docker_client/files/certs/docker-listener/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAyT13XdTL6SW/RAxBNo+uzqpCB/rTof5ZtkY53fiNqG3BusDE -wUSGdlwLYfzRSar9ATEHXa+eDgQq9sk5qd1iwWnmpyYoRPi2o+ablGUmYmghE75J -WQ1mt33GHfnzDti1EL19tLKmmfteB42r+hnO2lMT4vvegoi7AzoLB5sE32DwoOPA -Tb8ACQyOlP4+ovkJk424u+ydmhrVsTtHrcr24TvkwvTt1uH0h3AssFWEmZjAlAAP -3Y/cJVFc+6a/uqndwrs/CG3H7RDmYn8FgC4FR6I3dPguJ0HAy1SdBxCulQxGEAWA -0O5CLU0xOz9EqiPWvRBbZMyta7IHXSGg1mIWcwIDAQABAoIBACbM7yLsUJSXbpVU -N46pjW7TbP/U4NEvFWULjUS7E7UR1HSJjmYlLDfN73PpJwEpMrb0GRN7NOJG83G5 -wqB5yvy3yn0X4lPKEIzxfbXS+t+mbBo+ai39Y3ylh3loI/EM33xmzMH2YCD4Ulzq -d+o056k4s3DkVzab3lL08gN5ZCsdUhl2SVE9Q0iXV6/K20tItOF5e43+BqlZREYg -MkmhiHbKx4IU65wX4bNHggt2gAWIxupXF5r2hKik/31OyJzQqWMjQlmAyDYKoVjg -g0FnBGyP2LyhTW0swAIS9Hr+X6LtIH2B8Fqcf/Oy9ICFNNHkGJUMokrFUBf6x/K6 -AfdZjKECgYEA8OtcS+MAfDT/1TFm9cmyKAe2bSpqkS8V6+YyyM6kbcqmSjMa1QqN -coRjTuostgbmRg7RB41bq1XWRdEk11XJg/TDOGwvh1l3nFH7jQMmAQO7JL7kjz3K -jLiof59NdUtMAJWgG0t/akXG0tzN1+W1y0W+kHNbnS2oLmKaybKfjncCgYEA1dZC -wk3sXz4TXRqa3mbui8N3Z/FDZITz8YEJIrGxEYzVqJBpGF9YCYZjjOsu0G+sJgPj -D2cs/GVJfgm40Bc3QqG1dpb+Rz7bL5MwzxRdZN8V4w0SChNRfyNjIO54skB/Sl46 -ANxJ60S9trYXhrfE8uNmY8seWKoV17uFNKFhCuUCgYEAoLficp2VDUcuBENYtE9B -koLSqDDLtt76eMywxFVWTAgMtyMwmz7W7bZzqYl/Gk+v/ryTpb4fkUVKFHlZYm3Q -aT83nMRPULPWn2nxrjiTecnLZtASGZzXKtllTv4u5ji9Ewa+MHdFINg7sx+qEoUj -qd91KVhLnad/srIFINkQqDECgYB16aICVsmicy5mRodjX8rmUrCDJmyM/yss3oRV -FzqWfNxMCOWKxPhcuDgoun6j/RAmHjqUgcYynv95eo7oYATevyC69ePdEXH3t+hQ -J+CgAMum2cw6thBYVQESZa00TZBjR7YgR1iTXOJn39z1Mlxtuqr5GEXxikhlH0gC -j4JdaQKBgQDAX6bam2e7KBs5OLxMXpI/u2og/O7/YsPqITeNbboacfem18wFYqqA -5mHr3uJ1x+9sSjwzQT8Hv3i4oO2IcWEjRwZX31hpJNhR2MrAtMY1R0fuEuM+aZKW -8CYRbXi+LQuqBE2ZxrBtIbpkeAhARwp1rqUxTZVTpLctFYYHXX5Alw== +MIIEowIBAAKCAQEAprzLOS7Fa0ZNLfLPc+4k8lCGuIil0hXaP0ls+mami8lGOXjG +8QC64dJAscGy7RRNt8Hfa4xIjysDgrlxOXhjhtBBqAkdfzOGvw8BU1BmiryV0Jho +gCKUJcKQGAJNyPt5djPJ80Um6VfwEzum42qp6gSm4P5tFsyXKFUSLifTfjjTMN5C +GaKPnjy7Og2HecLbalb8Cr2aKw8L2oAtzdbx3d7t+4J9zki7O0XBiegsG7h290Il +V+MiDXkIRuMqkVysDLsQ6gd+TxTXs5adPXR1oC1g8fk5ZB51JwQbdWsmHEDGGVyD +qkUDG0szVlsAIkvGs5iXaZ0+xCs6cyPXKRCd7wIDAQABAoIBABA9883uMGzyvDHt +pSe12wN/tJ/lL8H3PvtLO8JonXCgeqa+jSKM36d/w62NINDXWXq89/aSA79ugTkK +t2zRvWA0iTDFMophio6x938WJeb919op/oP82lGTUlYEY29gj8Rj5xg7dD7mwgwd +k3Qzv7l8GoVwQ1AlPdQ/9TVpy8BPwIHErBNdGxVX8gID0MQXKlQXHOMFIOcbHifq +cW8tYeoPXq6WcaaXRhgVqt6cJEyqyAO/QM4Q3lVMn/7iyvn1DJFbb55sKH1/BARE +YqjjqpbPeehuSrrGUiXGDWNMLPxT5Sr4jtxykWPWYoIQNV+vKUG7dlOgY7dsjeA2 +WWIXPAECgYEA0RMfF9Zsb0gu7BtyZsdvVu5YE2y5aPvQFx9iFSs6y3kTAbxXLkrQ +7yy7Ba1LYHrSnGn0T8jqVAU9T9/ddHiIUNToQ1mzULjym8cqo1zF89/KaQY6FwnA +T4455bLqyOfnv1RuUDvc2voK32IIIb84Swddlq07NZ5xQ376e6UjWuECgYEAzCkW +gntN7Y0cRWq5K+2tZ81r8TGBJclj9UA5862Qjq0/D53ryEEGXboFKWePNH+SQejD +ELGNKOSBcV1JU2uYbO0TkNuQ2m6x5Iii4FKiLUgAxjNHBwrESQqqpQYgwPQm694L +UgcNIr19qt+u9iFzXXtHgwSdaRMb6uSX+F6wYs8CgYEAlkk9b4Aln/RuLjAokvLG ++OEJFKVxvaJM2WIoufjCIaLdY8EDlfYXq+UmZpVD+o0vOVn8USGmN1Ew2mqcIG3H +5vq0Hj2rZNodIpcO8jDs5jm2oLnmJctPnqAoxBFRLattbZ3+UdRGFG3qRNqN59wx +VdVsk7PgPNGwrwjmetygxmECgYB0EBOs3/5AQs1EpVRZpcfD0CNCPdtmqOO7g+Su +JAifI9xKu4NUF6tP0zWmASqHNNLnxzRFpDpUefsggGD0HKHNosVRv5DMrMtS2V6G +2lM6HMnb40DIvxUxVPAH2sD6EJKj2lpjKoEMM99iKcGkSQX1qeTQleoK1wMy+Ptw +BhyOPwKBgFpDaVu6NXg2H0jsm+pwPldQLFfZ8mAgmc7/BR7dyUVzm4iIiyKE3lio +ybppgO5WvypC/SNKCSjJrJ/kl2YS62Y40cS0rKxG34SzZLXa9qCuLIhRL1kKCD+G +eOjcJ9e6z7zKV7TKzY3sE6BoG8m7n20/eucffo3LrbyA2Z05D04A -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/khronos/cert.pem b/ansible/roles/docker_client/files/certs/khronos/cert.pem index b6ecc5b7..e935854b 100644 --- a/ansible/roles/docker_client/files/certs/khronos/cert.pem +++ b/ansible/roles/docker_client/files/certs/khronos/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FqMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F0MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNjIyMDUzOFoXDTE4MDIwNjIyMDUzOFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+mbY5+Yj7x+NZo8D0jS/j/cl -4RRXHprmsXk0Kd8i5oXW2yY+G8DaUOxq+iiDUJYVzU32bAFbeVMG5OjYdNwjvluj -Xe7HXg7GRT1BEJwtbPM7sidMLDvkXbNMFR8EdOj9Qlv/one8NsFqi60U+Qu0MLrR -Ur89ZwmwlKagON11s6IB7RocxJ/khYzlZeWA+DilShyE4qc0ccLL9Ysod/zeMqdi -SL+nWUwHxed/M5MqMxbncpMggDjIyCEX+Ym0xFmaFNvbtG3O7Ao2Aw5LLo0ZhAIe -uTMSYEPW5Isx6V3e+f4T1yIE00lvZXHfkwquo2K64H1XTrVVEVye/teorrVjKQID +MDIwNzIzMzg0NFoXDTE4MDIwNzIzMzg0NFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTqz1o3rvyRs4bNn0a6/JTge +YVmlgbCJcYhqnL8f7lIwIuJX76YXJYgl42HutjqrDO+lhSSKOoaoUcpUlGC6dflB +nTWk3/Qo2apTP8QADJq9DtWNz2jOU/hQmmH74WZfSeD/3hxh77Xg2sdmVyX3o4f2 +epr0Eth19QDs8jiDia9ob1S/GqyjB8K3t2iNysJO7PyMVRMFB+gh4/0vwytN+q+l +lExJnWBJ59hxEameYIAYbLZiXnt4AzS92uK3oUdPjYGbiV0Bn4UnjmqmlOP6AtHP +JocrKYAIdS0GcKoI312GbRv0HhGm6Lzt94WjDsiNWkO9TaWEmBDVOi8DPDXnZQID AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAFaUCPsaKpaImViAo1s7YEN1vXqciALU -4dGQ6gpXKir8F52qro7Wr0SLEyvRpefeg7xYPU0kDx0XnfysmoMoJmZ4V/vlAtxZ -6kuvxYK5xssTP9TgIrzAMsTM5at+Sf1ZZNaz5/u7a2fh5mZDTEet+XmALHBjfXi1 -+LG0yyr4QYtKzYqT/trKnsJ4wDv2cR0+u6/Zx+vkXQTsATXF2EuGxmssoG1F7AFl -tC+08HjFxuQSFw3KvRXzCr4EOJeBc+hiJVUOCU3cALeEa0LyOlwrHZUR+smO8Qpn -L5soJY5yS+JDbcRngNmTYVpfu9SMYJLrShCIiakToejp+VglfDO4aZk= +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAHkd+3C6ogJf/XQKk4bu0fPC079cu684 +s94YoKNbTpB3zX/47Of1cfX1nrhNgCmNknGPb70HQFimWeM+H1DXn6YPokbhK+IL +n6uN+dgvSagA3LdI9MvyiqdeDNZ39IJGEdPdNWD4in6uQda3W34B/WUeR0a5BAne +OTtY1+iDEhtF0P+CZxfQE5n+l1fMkQC6llm8UIGcAtc9aSp4zYQm2NwTuoO+7xtf +/QQ7ceVJJdulR6zU5Gn/v8cU3of2TE/QdfXUQVs7ET40ZCbD0LQn2ZdanVpWKZwb +E+C6xRdG7Dor5uPewUoXLUQ7OYH23eLD9LyDwETx7z/ntpVxMkz/Iug= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/khronos/key.pem b/ansible/roles/docker_client/files/certs/khronos/key.pem index 67c07bf5..710a4617 100644 --- a/ansible/roles/docker_client/files/certs/khronos/key.pem +++ b/ansible/roles/docker_client/files/certs/khronos/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA+mbY5+Yj7x+NZo8D0jS/j/cl4RRXHprmsXk0Kd8i5oXW2yY+ -G8DaUOxq+iiDUJYVzU32bAFbeVMG5OjYdNwjvlujXe7HXg7GRT1BEJwtbPM7sidM -LDvkXbNMFR8EdOj9Qlv/one8NsFqi60U+Qu0MLrRUr89ZwmwlKagON11s6IB7Roc -xJ/khYzlZeWA+DilShyE4qc0ccLL9Ysod/zeMqdiSL+nWUwHxed/M5MqMxbncpMg -gDjIyCEX+Ym0xFmaFNvbtG3O7Ao2Aw5LLo0ZhAIeuTMSYEPW5Isx6V3e+f4T1yIE -00lvZXHfkwquo2K64H1XTrVVEVye/teorrVjKQIDAQABAoIBAQCkaVksUrDvdkEq -wOaaY+YPyhBGDEvznXOxvcphX9CTmfdsJ10KbgMqtUC8hlNKW3FvPyx42B9OtxRE -wxo1CMIzYAoRSBIBkSPgHIsXM+Sjr8VXgXQDa0PTvkFLcPVFKiH4K13bOFENhsvF -cFzf9S5X/KIqecUAXZ1izVFQZSC+U2oBUdQIW3lSvO3LVhNII6Tq6TM/U8ce8QPL -g9/gqASCaXVWGRABxMfPYCVLjotoaj4uXD+le/3Zclbj8BpUt5U6hsv1+rUilwRc -IptaOwLXZPHrXZgLFkibObqckpdm8Qko++UVvPivaUAtG1V/2ymALPTBpaw9Ln9q -A9ivhWIxAoGBAP6PesFgx1ro3r0nT3brEOV2m1C5oxSMd7yKjd8b484ePrG9E8s/ -qa1vKOlkQmqYQUULBrm7bUzlSEvzEY429k3Y0paH+YM7iQr+LcBxYx8tZaoWsNuj -pTtTNCLVNNrInbIC4prbUolDLpJc7gisUqtOSHeH+EG7dFWKZFVmOnklAoGBAPvR -WOkRsLo3OiOB4NW6Fkg548TmrrEBF883iu3ANi7jWJk6NOGQAC+oik/A+pMTRzN4 -3S+CGbzazvFuo83ha7vslBwW/dWjQr/U1+4471YRDew92eD4FffiZuD4fUHXXMzU -zn3lCKSVUh+e2z7B2uiXB1PUaEOxCGcypRSL8Ay1AoGBAO218EzKYf8rvGvoXJVQ -1ztf8ZOFdptGvL1MqUTx113v8l2pkeVXcsxpJEwl+rttqG2f6UzhkCSha0y5E+i4 -vHJfie9V1JNOsh+Y0gKGH6jKjMgzXj4MZ8ypWuM4M54mftPvS8qOClnxaXj13LYu -rRgZByTPzO0c7nq+vAjfaLUdAoGAVlt93Tf23nWQF5szyrftakmIBf+CSytvyd1n -ZI91RXEr8ihW+D/VAIMRI7avd/61fT5mxCMexnhXXc6umC1FMAY66MMtu7Uob/cD -MiwOT/q7RpgTfyY1CnR3CZHOCuVbatdUFTKVWzPmHPfygjwi4X7hwWrncsdkdVeV -60zuPr0CgYByCvvz+XfcQJGeHD02vTb1ab7pnob7i4Nh4DD5ft6WhdHBYkUmM3YX -t/tGR7ABK/p12DYJovbAD9uGjXQ62obKyZ92ByJ1Nzeyv4/YST9yDdP8ap1eNBnu -ZNu++srcAhsAlm+wfG4uuLrIZNePEgtJfkZ7jz6VgdgBzyjlgY6Ayw== +MIIEpAIBAAKCAQEAwTqz1o3rvyRs4bNn0a6/JTgeYVmlgbCJcYhqnL8f7lIwIuJX +76YXJYgl42HutjqrDO+lhSSKOoaoUcpUlGC6dflBnTWk3/Qo2apTP8QADJq9DtWN +z2jOU/hQmmH74WZfSeD/3hxh77Xg2sdmVyX3o4f2epr0Eth19QDs8jiDia9ob1S/ +GqyjB8K3t2iNysJO7PyMVRMFB+gh4/0vwytN+q+llExJnWBJ59hxEameYIAYbLZi +Xnt4AzS92uK3oUdPjYGbiV0Bn4UnjmqmlOP6AtHPJocrKYAIdS0GcKoI312GbRv0 +HhGm6Lzt94WjDsiNWkO9TaWEmBDVOi8DPDXnZQIDAQABAoIBAHBvLfGsRv7DvS9f +awuReNu5WcQfm7Ro+rC7Rf3LIFNWM3g46B4kMNe/7vvuIi6a2KkAUPm2F1CSxiJB +bxGfbx/yV4GYk0VVFugAucwiyjyLVXLqREfpnhUyKgSK+ztejBe6+mdNcJdA54Ol +/yC6kOvw0zToMRk+JvTXAwi2ZaOZDgvneSGl7r2c6yUf3vkJWI9gDcNxva11Z8YG +LElQxq13elnnhxJcI/jL9tcIH9hBmZ52xSRXaUAYUEDmfB6RtvWSyn+lqSrt5i5M +nfUyytqpuGZyo+Uij69MFarvTqIY97h2tCnxjc+cTcx2W9LOkaibIZcPeTrIjBs6 +IbMrVokCgYEA/zroeZQ78Dz0Bx+binbeDq5hDbrHWbSPzVpp0kYXeXBuzVFA+VtP +6KViFmR80ehCATyKW8qRYJgeqx0P2q6A1gNBpnMyMEbKYWLFzOFkZ/dB0yxEEpfQ +VgKbEeRXJfehsr2Fqh4pbZDtPr8MDnEiOTH8n9ngYFfTPqrbcVgfZisCgYEAwc/q +pZHVAQRhvlB8mhzhusFLljWnswLELPy71IDKF8OcDRXTOaKr+bx7N4vl5tmS5GVZ +4RjwWdQK96Algj8QmtC2gu7TtzOZPbefIQlazw7f+KWPz9AyP9B9KjFk4Ws743c0 +/2KXtThTYysuie8ePHqTcUWFy1AqbDpnO7ZFMK8CgYEAqTarDoAixQIEX/yqqMBq +NJ2UJwAgTu8RL/qzkf96bL8IFwO56hiKABo1z9bLkndD24IB0R2aCMqR+qyH6Fot +fLYn/mz9Z1hnsO1FarI8WVlqwNDmSNVyALQ1j0UuKjPldpWEWucoXEXrpOAQ5DpJ +kFX9wRU4V2ei3Dd2ycy89IUCgYEAgX83zEsFZHmWCYBj0OFNXeg7ZfERzQUjKN/x +bIpk/b3gbcnQaWksuV/bgIDEKxvjDyI9DK8KISsR7OSfS0hyAs9Ds3Z6FaWvVVJ0 +S7GhcEoDEnMlBPiaKpNWnjOEsS1iRZjn21/398jbxp4aqWUQ8d4A2CVYwUEeJ1Ra +l8YwstcCgYBsAmkS6OD4vhc+63/Hr/w5DmMJGHUnlWA3iO/aYUMFWj8nCN9uSphv +5INGrPfFswQfGkQ32D46iJBOPziqWx+SVFusQwBQQ+eyID7mvLE5E6QQ1iti/KTP +sZyTcZMVdD1huJlzM7UsJERFNeXuzW0nQCuAAGQKJr7pKV2aPT1QBQ== -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/palantiri/cert.pem b/ansible/roles/docker_client/files/certs/palantiri/cert.pem index d29eb191..bb2a3a71 100644 --- a/ansible/roles/docker_client/files/certs/palantiri/cert.pem +++ b/ansible/roles/docker_client/files/certs/palantiri/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FrMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F1MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNjIyMDU1NFoXDTE4MDIwNjIyMDU1NFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWfk5aGWXI5h5bK+SsnhWcA0 -l6GY23+LvRHz7nUmlV6g++MjKfxHYviFgmgA8FqYdNg63chq96CLAQEfhJdDaNAJ -Or1TyEECKDagA8iKj2eXlw5Z98kOOCivFqljd+Nv7Xoo0gsPf/ET9sQnvC9zKPQz -/SfGdB0tP1NHpJllMCuJDw3MF8kLCp6RPMS4WC3EowReaczVUljZ39N5iBANgi/R -TTSJHNf1wwVdtXsOZGEgrO68i+fx+2z2e7kzknpKb3AZGa9HqXcL2KXAaLUPEyTz -PUWSqu2dwAe1BgiLkEM3AupVNQsD/Wv5sJU0E7ZBNVhjm+bFfXaaKcgZdv0zDwID +MDIwNzIzMzg1MFoXDTE4MDIwNzIzMzg1MFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5a2Sh+6vv/VniZ70vq7kkPU5 +Vj+9UUhCMxa5p7FAb0/L86nnL9SjWDT67uboX/CrZcaIHWtBZkYopKBJt82T7dKH +F7ZhLtb+FpX9PMiaWCUBa8n0g0zoQ/6MIQpn1Idxg7eSh+1HvUEjgZcM4DBMbC/f +90Ylf3OxIxknuKH07I1pJL6ZwgmyUC2qA3IpWa1UT0Ms2bEAfJc7VqVdXxsQfsVw +NggBr3mcnrbyN+IOuqhYxj3n7HrPWd7M52aAws6UsB41r0RUGSIuODr/lcPSJSe3 +9dQSMac/AK2c/wXobERCuD7SOmJLQqvtbEORlGlICTxNP3sjR/JupkdE20DLRwID AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAFMdYeQNfmUkj9K8bvVQCd9rptiHSE1x -r020q/PTzEUkVQ0RLO0MIESlKQRgm7bAcogcnDNe3fZIDeiXJTZ86v+9b6GfUOj+ -XP5Qxtbola6LYRXX538ISSZ1oiJDrcTVyr7vBfT+sVM/LmVu56ts2hTBg2F0Mj8D -jidD0r8kt1OLqMXtmEEQTDplJ+xZk8uHhu1XlihaQMaPIEwXVLTQk37jY90CurrB -ldK6XjmrKKfNFXZDF8J92oxQRK6CGKhOQzNcAUzKsyIY9+APLGpXCZlUKxzPwULv -7Vp0vtfOAry1D60SPFiZ7b2rUBBk7OpwNVs8t6hRIv743aVJs7Y7dgA= +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAHnZqhuOFpUBQmm8CiretyClfW5XGqaw +3mXokD9zJ24tUv/6pPv3QyEKya4Wd/D+JZqLXJh/9r2l9EoVSIQ+L/x1BVRD+vwi +CQqkltwx0BsBtjUl5FKyOoUNrLHcOh1SU7n+wp27zb08Cb+XpzGtfsi69bWiPfdF +lpKcnGlc10G1dHpddoFfo96fCpPwF/lrxdbgqzkML7j0oxDGgYq7IDdH2Om1qhlD +ZemFEdsXDqP0G8oqO8DOjyBDwANmp2f1F2tiTd9vVVqAd/2os8apHqYMVKfvJPKy +n6EbI0AolDhI3y2qBV+yAsMYHztIG5AIiI7K6XVSkOgt5SnHZFw+gis= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/palantiri/key.pem b/ansible/roles/docker_client/files/certs/palantiri/key.pem index a1b3c4c7..b91a93dc 100644 --- a/ansible/roles/docker_client/files/certs/palantiri/key.pem +++ b/ansible/roles/docker_client/files/certs/palantiri/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAyWfk5aGWXI5h5bK+SsnhWcA0l6GY23+LvRHz7nUmlV6g++Mj -KfxHYviFgmgA8FqYdNg63chq96CLAQEfhJdDaNAJOr1TyEECKDagA8iKj2eXlw5Z -98kOOCivFqljd+Nv7Xoo0gsPf/ET9sQnvC9zKPQz/SfGdB0tP1NHpJllMCuJDw3M -F8kLCp6RPMS4WC3EowReaczVUljZ39N5iBANgi/RTTSJHNf1wwVdtXsOZGEgrO68 -i+fx+2z2e7kzknpKb3AZGa9HqXcL2KXAaLUPEyTzPUWSqu2dwAe1BgiLkEM3AupV -NQsD/Wv5sJU0E7ZBNVhjm+bFfXaaKcgZdv0zDwIDAQABAoIBAFTuDsQWo8Vb9URb -X4tCHlkuh/75EfBdlJuiGm8Pz7llMhWF7qohzCicDBC1ss+oJGoBVLF5dkH93SAL -TTMoZjCoqXuvosjrQPGcN1XhFyzpzi7QyneGvQxJe6veuicwLV7DCLuqFlspWfXR -OcBNcg5vDA1Q3IrSUuZFRAzQ8q6grHtfQ2iTo9Z5jxpWOBFP480LjC/OkqlSmHNH -/KDPhaCzv3sDSNlUeuw0qb28GlsK2bwCrvzdtfHb1fZoCYjXdgbMfKcb+CvcorQ5 -cnBlE5VWduc/yI1rOKfG6QXZZgHqWHoIlu/E4enPGvpxxu+IHWZjPl3uTJVSrtJM -fKuGeSECgYEA/Yto9F5ftCSGfYaa5qIoZz41cilqhy1MaHlDyADbFlGLpt39CGH/ -qsjWk58Wgvl7c2hSOGCSuunK+9Rk+gPcNf6TDMpLZg59sXQrQYz7/BRpkHghkttO -nhUnAZbz2xD2uGHTzX1o94SQDwcJ23hOgQYf/EfrwuTtQoNNAfX+u9UCgYEAy1s4 -qKsUq1LCBmkUo7uBVZEhPlSD7Tb4ffG6kJSeZWvD6yjA0q+ICJJdH/RS6A7rj6LV -ZvBDg8XXtTIAE+cqTKEoTtx7kJvbGA83xncEXchuILm9jJoLXB/SR6Osf1WJY0fR -MdymlzYK94FfKoA3krJ03gkNjOsr95l7SWCUmVMCgYEAspqABpRsamPIcaheedUF -DSVfVNoj9rFMP9QckUk5DBHJhHSgCEWwakgsD7VjkEPaWMPGF3zAH/cNTDSkJRKP -D2ITiFEAqBXRKS4iQnzkDQD8FA7r552hVe6kmZQSl+DtS5luMDUFukahjFRy9y1a -b702zuqDA7lsAQypNJZrKTkCgYBFGiRwvGHzrdWc1AxdbxQN/ZksUw/Zhfp+4aui -Ab6pfCtBN8H+VgOF1iaq+x1JGfjWAGE/75khqBMa0XjRSpZHH+RQl/+tLikPTeyI -Fl13eOpjWHqe0qHVlkKgcW/mfSyIfhkKNo6th4HGhUHPcW5w/Q9VfAIMxsVUB+Wr -E5SrXQKBgQDkAHqpfi+a7WhTf2pe0yDs7rg99rT1Cm8e95dlYz+FaW0QM0GIt3I4 -opG1dVLDMM2q/EW0Ff7kvFKtrrcqLAC/DLiQ6kQ09UceabgMZsSjn0l7FEY7Cxvx -Vi01TMTmrgFcgG3LX2xrbZThvKSfkAYA1qlY5o5r7hQ2HsRbwL2UqQ== +MIIEpAIBAAKCAQEA5a2Sh+6vv/VniZ70vq7kkPU5Vj+9UUhCMxa5p7FAb0/L86nn +L9SjWDT67uboX/CrZcaIHWtBZkYopKBJt82T7dKHF7ZhLtb+FpX9PMiaWCUBa8n0 +g0zoQ/6MIQpn1Idxg7eSh+1HvUEjgZcM4DBMbC/f90Ylf3OxIxknuKH07I1pJL6Z +wgmyUC2qA3IpWa1UT0Ms2bEAfJc7VqVdXxsQfsVwNggBr3mcnrbyN+IOuqhYxj3n +7HrPWd7M52aAws6UsB41r0RUGSIuODr/lcPSJSe39dQSMac/AK2c/wXobERCuD7S +OmJLQqvtbEORlGlICTxNP3sjR/JupkdE20DLRwIDAQABAoIBADwsV2GJpT3ze2bQ +4Go8w+E+fgEcverXtZBQ+d73T1xaWaLC9rDPUuQ/LSb+FA9erGkDtJGQkhfLdcZ7 +wBSJpaH/MCmEPL3a0cL1FN2h6N4DA/ZLeOYVdhyqSeg2I7HIsnLB24AFKHBq6nR/ +MH5j6QHHITRVimlz1ArQAlobBGIcwyuduaQSxFgWc5JeMblwb0ZnNzSvW7INA+0R +e0XLIMKO4NxCfIo0zUrzUKV5GyTHPRy7p29O7mii/08i+rFwMSIZ90bYK0GluD4F +vhMM6MfU2Wujw3oZwUzg+zCAyk4wTBsv06JbdD/kMsHKVK6xYnERd7EROBd7oK1f +k3uVK4ECgYEA/UouBMjYf1j05apFXPXBUOvGE4uQUvGYENYxWgYbLjqzYX39eUQH +zuPERG5P3HnTj81Z2lgQEox5ay2EoUnSZqZg7vzNjf+EJfKh3xzaFjAT+QwJkRnr +J1TI8QbSxcClrhbM/7Nf7XDqS8ZljAWmJ9A59Ilx9Wr15Qtdoc6ElucCgYEA6CK2 +6TdjtP7fnKV8iMPoiyTj7BIQF7WCOQ1rJtBUveQOqq//573+nlnRI1LsVNDS2THG +YVQIAm/rv76tz4rz+JFAnDyvdYfYZAAW2B5WMKjdN5XU5QUMpMwnWNcwnljNRgEi +4MdBAhMdKuCQyENv8Ue2JYDLZ+GkenEhvo5KfKECgYBkY50/qjccqi5ORKE/Sew3 +3WrhXkRyi2zA55Qh4R+uv/dO4bev84XAu0eT88DVWre+XB6LyrF8GI8bKqxRnMe2 +haUPs8TozegbfkIoAvBxMNcJs3qrNwGb0h/eX9z0IfnIuSLBCeAwZLuIEvc2exqy +1vXRdRRkt+MDx/BxbD/i6wKBgQCJtw6MjS+50PsYE5UuDguHgPs2sgCaEDSRZESN +Ykrj3MhWutM2yKClkONh8XADYV+1OrJWS2P1DjDuMFEtL2JNtN5/0gDF2TGnIeZr +kJPRilyy/VCwDa7SlctCCWfuiQA+562pbIxEjtJe/ZrnNBrVKZYF6cLCfjr16Of8 +BK5sAQKBgQCErSNBZbAMocHQ/Yht5z/uCEJc9ngeByDhj4/7KQYmClso+wSXiYMO +zCRyMRA5SOnVU+H0d4erL11dEBzfI/opQDgsc2sSxlPoZyQh94htxl892YkYkGqa +QCCN7iR3XIB29IwlNjPB/CpSm+al3fieE2YOrsNXycq78FgPT3Pzrg== -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/sauron/cert.pem b/ansible/roles/docker_client/files/certs/sauron/cert.pem index f5abafc8..ddd4e774 100644 --- a/ansible/roles/docker_client/files/certs/sauron/cert.pem +++ b/ansible/roles/docker_client/files/certs/sauron/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FuMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F4MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNjIyMDY0MVoXDTE4MDIwNjIyMDY0MVowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoBcRWbsKwAjhJVfob1vM6Qm -/B1ejNFq3cEzRkcAA2jNRw7xMlrRY4IJFaCoIi6R5DRTj9d2QHEtL+NueRmvITZ2 -9PPleCrhqMF4LjAsC/Ln+RDbrTOPu//utjYRv21Ujwm/76GH/GByMqceqMQVrVIh -+yX6CzZMTHGXwQ91JmRzhr94gLwTNOSYnFLFyQJYe9jzh8BaNs9xdnwMCdWBqypw -sHaeUHHzK2oESIjPENmhw+BnHr1rnmSMV3GZ2LYqXPw9UWkhqM7SGAeZT7mDKUyO -B8a9Z0Yct5Akhvj4qzcrmsFrYhtobYcWfvzJGslDi2oj0HHVwrTGdQkNDj3k9QID +MDIwNzIzMzkwOVoXDTE4MDIwNzIzMzkwOVowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJexn76h5+d838OcIVjphrYt +gzi4apEuok5D0KEdQjAkvZHLWT3P0IP82kyu5njJ6Tmn+kLlByMx30JhXrubbO1P +v4CUYHGPnX7qc30n8IhV7m3XHS6VYN4Qn6kpl4vIOvHx9dlkLPlk8KhCAVQp9Un+ +m1OdVjOFUR/SXIx4c7LtCaPZ8J2VBSpNHq4w4iO9ArSUZ7b9lCZTP7RgV8tOO8jH +29IS6CIZ56R+LCehar69WYaJ5w9sEDkT/FnmsSZNRp1utYdLj7onasIGGgPBuf03 +aJ+d3frxsyWfPpR4jX/xVhEjRLQjHmh+F32UJEVp2/+sjzZvPYskjTdqMhITBwID AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAJON5JNVDkFKkBdJXn99WCKVVnEbfA0c -9bM6OGh+S8dgHL9HAgGHubcpPAo1s0ffyEd2kB9WRrO5u2wK/8DkjUVs9zMQg9hs -h6pf5NWG95F3iCyVVGpM3Q0ah8r5LipLhFSyR9yydrjtoWJjjg1scbPsaYUj2TTz -wmVJk+8XM5MTZnqKxfNBpVqB4lY2E5QTAi8m56W7IgjaGwwZ3vJn/IqdON3muMAw -pp8PUSBUKDj/Mq1pde53lm7aQL7LRh/H6hb70rxzTs2oSJAuogB+LvBFKgcCYEOg -wb2QVLviZQ8ngnfvQpmvAuDFdUMcYMpEUPfnqCLD5iGO6uS+njpDkpA= +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAJ0ucM2b0t+ZtNJTdj22kIiQI14mSTU9 +/BLcSKqWKOQ9cl5LsRiXMiqmb23ybF19GrxM8UPElQEcjwWSbWzOJgpfq6uw3jAE +L0eOsQOoQVS3NfwGzXc4aP0bfNEdE/oiCaxa6dImCbDcO3fv6wwjsHqQm8wK1W0x +GSmC2PCXtmuo6BqVf3fIOBo2ywmlyG270R36p7RGGBfUXQHm8JJrP73O5O5csQm9 +c90n4yWdgN4qnTmRE3BHQaypN64f3OyW0kjDdQ3MdODWl+c+6QxxfUZL31n2n3wi +sl5N7PwZ2uzfCkjCAT3u1iZzNi2LvrftE1PMAqRSSEPZca6KUH0mBrc= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/sauron/key.pem b/ansible/roles/docker_client/files/certs/sauron/key.pem index c45c5fe6..24efee60 100644 --- a/ansible/roles/docker_client/files/certs/sauron/key.pem +++ b/ansible/roles/docker_client/files/certs/sauron/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAzoBcRWbsKwAjhJVfob1vM6Qm/B1ejNFq3cEzRkcAA2jNRw7x -MlrRY4IJFaCoIi6R5DRTj9d2QHEtL+NueRmvITZ29PPleCrhqMF4LjAsC/Ln+RDb -rTOPu//utjYRv21Ujwm/76GH/GByMqceqMQVrVIh+yX6CzZMTHGXwQ91JmRzhr94 -gLwTNOSYnFLFyQJYe9jzh8BaNs9xdnwMCdWBqypwsHaeUHHzK2oESIjPENmhw+Bn -Hr1rnmSMV3GZ2LYqXPw9UWkhqM7SGAeZT7mDKUyOB8a9Z0Yct5Akhvj4qzcrmsFr -YhtobYcWfvzJGslDi2oj0HHVwrTGdQkNDj3k9QIDAQABAoIBAHnW6ppYW8gTUOGN -cNtxdgc2N3pRqdPUTAWDVMmGYs+gKl5expk7VIgt1UZZgFqKt7G53gPk0PS80jiL -LEdvjBFAnXdx4FbCllqHrG00Jwj1zUD7XWIYJhp6q1H/HQGhdF7hFcpBuIaEMV0J -leFlsJSO/VW91oZ/Bw2jiDJ0+F4pngcDFt1BCXLjKO6qNBD10+InjLb8+i23yKM3 -9Y3eC99L0QdjVh1wxius9OJ6Ej66swTwEXHOq5pUxfpsWcn0nOOdbsaUZwc79uk8 -/v9GScQhbUmSE/2vGJEo/VehCR38jOr+NjtCYg+DOFP/p20iqcWp8ILSpU+3oB1W -cVOEDgECgYEA/fCmWDUPQFajnMD/mNOEEAYHvMqhbuCc2WSgKlru+1b2RSq4zU23 -Tchfw0kr/8S2hh6US50AqAxyHzPZ8ugKfF7m9dgwVf43ZRzJpSxGV30iVtNoYDBi -JpOfP2sMpKnpIYasN485+IBpTkkUGSVIu2CtvGTBqHaVNJc5kIyoN1UCgYEA0C0y -N/EODBHIknJo2J6sWxqC96subg9K8RT0DewaSQO6PtU80DzPphKKgHOmtz8g2G/q -esarOT+xHrtKnXHA88VKaZUBuqrc7SVE8X0OUiJ2811d4IoaO/9wTxyfVym0gT/x -SPJPfK2NKm/Z8NWT3vIeoyHV/fwx5XaYBAb9tyECgYEApNAWtnMhhel1YRymB2No -eBnh1bdR1Su0wSedCEBikQAc8EFNFfqVuMcO2ClahDMBH8UjDHxG28rQGs5Fa3EM -tTHHBtKcdIN9IoPvn+M/eDMAIYguWxer7EutdLSezRR1+ct1ZM3xmwaE0kl94OAg -93RE7lwakKL+Ldbkhpuz5c0CgYA6y+kZH75F7mfl5OZz+CzZ9lzzMqgEcdFK0g40 -OHEcGi9qO7PXZLWJREdWDFQUAYJ3XvStBJurqa+O7HsgiNZkg16G/4zjegq3+ATG -5/k5fX53MfGnz5mlRHol/gGLDr5qmvK9FaMZpbLvP3Qgr1H6cAvzK0VTXP2Cv8Ij -sQ3LwQKBgAgBogQGYsDbO2OyWEwlIL4fj16o5R/5d4mRaEvHmKnmyD9u/qHO1x0f -sUx9MMMipNEPldiZHiwIxGu+FKxIaolPvwGrxSOTPVo3+tQh5A2pQtDHxxAVnNBH -HE6TliThXfRhqVzp/Xg50oQ8W7hEFHWYFOTxj/JevzWLfOrpZmP5 +MIIEpQIBAAKCAQEAtJexn76h5+d838OcIVjphrYtgzi4apEuok5D0KEdQjAkvZHL +WT3P0IP82kyu5njJ6Tmn+kLlByMx30JhXrubbO1Pv4CUYHGPnX7qc30n8IhV7m3X +HS6VYN4Qn6kpl4vIOvHx9dlkLPlk8KhCAVQp9Un+m1OdVjOFUR/SXIx4c7LtCaPZ +8J2VBSpNHq4w4iO9ArSUZ7b9lCZTP7RgV8tOO8jH29IS6CIZ56R+LCehar69WYaJ +5w9sEDkT/FnmsSZNRp1utYdLj7onasIGGgPBuf03aJ+d3frxsyWfPpR4jX/xVhEj +RLQjHmh+F32UJEVp2/+sjzZvPYskjTdqMhITBwIDAQABAoIBAB9FNQiIJdjWCJVm +dZ6Ams8stGzIYYZyZTTNgIibnUlctL/ugtuNDHL6p8nVBWP6/ltYFHINK0M1IOmb +wOh6a8tMvEZYqViZ0VhgJZCh10ybDuYeNuVir5L6YL6EuCL5nU43nsIHRoVTGdti +ByvbuvgyO9gBfnjyqt8FN5O27xR5WGGjUScPUCIhSU92W9D0+NENMeL44+7iXmE0 +zI/Qx3Sz5bRSMfv21ntRyv3W/I4vIwsPreOS6Xo5r8286pZO1XusdE98vAT6T1ga +vS6AU2dEhvieggsAUGnsCXFcLjF+RraIxfcqtGACXBmV1TILhhFw+AUJO3PTshhc +J+ZvAuECgYEA5D4PA88kXuVd/kDd6Er5jxzUQR4saMwkxKY2/s2niYQykA7oquLR +5wBSJ2bFfDiI2I1xXTgy6BO7R1vWoFeCdOQcsHczm+H1cain2qn4gQ+xFmCC6UPV +C1PuRdbETUCqPy82/WOI7kNmqj9Q46ndtIbW8DUTkKN/ZWyjSwEE620CgYEAyo4j +KonGpvojN9bfdaI++9yJXJPsa//mjENVL6AJb5dL/VKNw74CFuG4hj5Yb51T6ilq +bSDm3neuwHVF/0L1bGfflOqnhtp5FbcL4iNPKE+Fd/5VUFDStyDDOsiwr9G99Yo2 +uBBBxp2s0pUV4xp3xI+QSz2u/srK6eXf0vlPW8MCgYEAyXmKkYc5iNcZqIWkHRiJ +wO3m43B6LSv/TOOYakYpnPdoFshCVA6S0UH0QzmyHBxfmCELMAmazkgUqkIEbFez +HfH67T7b/L9yhRkmypv9dBfg72rURIsPNcep7lZNxA/P+KR5+yTwy7oNlzz672yT ++3aHp1SC58ubenFyl5PXvuUCgYEAmekjI4GJJvvOovFs3q+n+Cz9WxEzhmTuRAot +woByaw6luRlvixrn74cYdTkObdE4ICfULJPhmY2LhcYWp/2zCupq43biUP/VHgD2 +0KBP16uFGUZygRLI6knEzvgL+a0AEIEzTu1bbZYF6gVKmkRUWVFVLTbzr7tcMBpx +1peGC40CgYEAxrYQdA2vGjjzuMu4AMv59JCq5H+Zy7Bf3RRXymwvcJyySBDAi+KU +jZdKmmbBqfBVZG1ZWMby92Blx1KP66AekCVtsPyZqqToOSNO28H9dI5pqvIwiAPw +iYjFHfFTlicM9DM7hrufWtSPOc2OEO2MPHtibHZEbEbE0/bex3P/rkY= -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem b/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem index f5583cc9..0f7cd7dc 100644 --- a/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem +++ b/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FvMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F5MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNjIyMDY1MVoXDTE4MDIwNjIyMDY1MVowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9x4raqsne7pakh6tMP823R76 -pqILYKehpp6ApLuPvKS90N2buqww2qaai2+Iy+Pj8/OcoTU66VP5kD2g1ktYla9r -Y2ERLzU2Ls3j7bqBJh4bs2LBF/bnMdMta/a2lUiLODtUwSmXwSI1JD+YqAqka4zk -4QvHAKGVIVktV3pmiuYZK2aMXnjpkmodR/QM99IdwLjpOcaXNqZ8fW+lUpsZJWTJ -b3MLawtxn+h6RuyFhWU02wV/B0WJKSKt+bfAeqNUZG+rvhf5yRvZSMtuxzh7Y+gS -hXzliocP+wIhZO/MnkTSd1o3ov9d3PG8Jt+ZJQeNTPxqNgE2NEps/oK2VECpLwID +MDIwNzIzMzkxNloXDTE4MDIwNzIzMzkxNlowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rypwXQN+3twPcwYMNgRRZEE +d0V5g4rplzzZ2ewYGost4HzLpvxl4TW6zHONlf1Rknfp0SAPqvQFwSRTjsBaqQh2 +4NDMywKasJ02wsY3M12VStqhLQ5DFUZpognUTFTUslgZEKCPxMjNqR+BIkBKQIhP +AaQ41c1XiSQlYAdhMNd4AJFb1OQsDzHfSnebv0Yoa2z5sce54A4ShVrTmKZQFgpI +EBGktKu0s2AV2rcaxS0N0gnFCYir3E8xKZ/uw+f6WgWn1L8SoH4Se1nGNXgmg/Rz +plv7kZ3RDwGe7kxzf5GdewT+rCuV6djrOPIdDOJ+qBmjRNeDPY4vZvIGQqpqgwID AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBADdhwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ +ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBADYd0e7hE7YZ42Cm/UZUL76Qs2TYuYPf -pNUfiwxY5PuH+zD6zCyGGY8e7oKOQ0tYTsULIjUL6uQ7kKa64R/QX9qEQV2UcQ0G -RVGL9ythIgaxTN7icuxeXeD9olJtKzEbevzVS1pxasW/HNHQf95kQZlz9DwQ/OOf -+Qq04x4TiFoK3Z6uYxg11ACv2kzTpD0Q+CwrgXRhgItC7da/VklGMIiQcu2Swrvc -srezUlLXdsZHn3R3BIKBRPlol5oFpX6eVsugaqLxOQ9Bnjc57KCklc6E/cNc9FtC -1uN13z9zh30rOPQn1Ye1wlkAIiDrr0Luo7R64k5k/h+wYxxpEQSW97E= +cC5jb20wDQYJKoZIhvcNAQELBQADggEBAJNNKJIXYy2q7fJumKBdew3XLRuVep4/ +ect5zKMgwqTnI9au6XHn0hUQ6gnIwEJ/6EiVGnHQaBgb4BGYm22rjOpi3f5T9kho +IUEnyiWtOOy1xtMWivLLp7uAbHaT18s8mZoaXm+sbVvPhOQhKlmD99WsxmbDSLWb +RsTJTJ5YbRkKg1uDde0miC1xpAOVAadoqgWvkC4YPqu6yDbe9CZjBYQcorwfUCpH +4UcEKKYaQLxN+UAHzMH4Gf/fuAbGECoFOHSCgEsAIoeVsxcCS4RZE00cpzq6Xmfp +CElTVpYQBHIsif6D9MlStWKLN957WihfSpDwV6Ud42IvYn/e/tJfMmI= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/swarm-manager/key.pem b/ansible/roles/docker_client/files/certs/swarm-manager/key.pem index d14261de..eb0f9467 100644 --- a/ansible/roles/docker_client/files/certs/swarm-manager/key.pem +++ b/ansible/roles/docker_client/files/certs/swarm-manager/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA9x4raqsne7pakh6tMP823R76pqILYKehpp6ApLuPvKS90N2b -uqww2qaai2+Iy+Pj8/OcoTU66VP5kD2g1ktYla9rY2ERLzU2Ls3j7bqBJh4bs2LB -F/bnMdMta/a2lUiLODtUwSmXwSI1JD+YqAqka4zk4QvHAKGVIVktV3pmiuYZK2aM -XnjpkmodR/QM99IdwLjpOcaXNqZ8fW+lUpsZJWTJb3MLawtxn+h6RuyFhWU02wV/ -B0WJKSKt+bfAeqNUZG+rvhf5yRvZSMtuxzh7Y+gShXzliocP+wIhZO/MnkTSd1o3 -ov9d3PG8Jt+ZJQeNTPxqNgE2NEps/oK2VECpLwIDAQABAoIBAQDUw2sKOjaSds6I -RFVFfFdWZtfUJGy7WVj6xjlom/yTpRuw+zybqqmdeBhTuUIEmj+nyLWwrs38Gssi -f409ND4fEpvZQrey95OhFLAL/Ko5kW60MnCiG3jPE01mSVLGkWEclyjP7umz5anv -fboH5LHPz804XhWG25g00D0TtlUXfHhG+HQvbHkuqcjoTGKAdXDQrmBLWy3z02S9 -CFMOS8KhMIRYoQ7TVOiBnBXNsh2aCGIZSxI8Ndb1+yDa9tD/Qbvs5/opVCfbegPb -vroiDn3kH6SK1l3IEsJrGMvrqdAvbNvocI0qDkkrCTt2nMh98bM84/PhyQEL/T60 -AYTKXQCRAoGBAP5syrzMswCVNbHt4lpiGt6l4lS3nczJ9Nx7d/Ox5glITA82BDn7 -9+iygAruaRfb4otAqN6LmKENH93Nx4lhWBQX1IjWGCrr8x9ZTyFp4ZkxEj1Bckda -2i3IQ6urQ8/bMmVvUDb0cpawPJaEqAIWltZa/Wp1Dq1nFw5CHcACK511AoGBAPil -zCakeKTI9ls1iDK9YwkbHTTVzea6+gy/HaY4Gba6I5Tz8rxmI8luTuBqb0BYxYJC -o8k4AvLRPgHOGSgSfDnx1PMwq41aPg/Y/SayjITtBfnNzipNZhQISDItdtVikSnC -3f8SsPMomGhtRS16pRVbF8ay2gpTdKvZRn9q7WOTAoGBALuHEpPASTvnvrEMBqfZ -4bY0DLOmty/Ht6x/cPV1LXmwCSe5B7p5ZsvkLY5hFaMZVkyPdyi5OeGTG+bPkwBG -eLYurl/BdgTE7ukvWazmLvtL+QafY40GgQP3tTEmRhBBn062kig/WuqIsc+7rV4E -ql8Kp/i8mPnkn1DKGMV6lA01AoGASUj0pt8K/+aLVc6tWecf7WskbJInob2yPVeG -8ZrPWV/7ZMeR351rJs9wSAyWxaxkakQh6gisNc0eLYIFQB5SpvF0BkluBrd2W01l -L6aoa/VAMaRLA4TUdUsLnF5yC+qFRn282JU1ujVY1k5+eS0Qwv6aP2IviaOXW58q -fBuT5CkCgYACa3+Bk0AxWhBx4ZARuF3ntTdoQ+GSab5pGPUBQNAPZ9lZWAkRTq10 -vXKHFCACSMzjR/nXPPaeLFQA3az2Mo8Aaf8P02p8o910+xo9ieZpmJ630SORlbMM -qFD6KW3D6cwscU/sHI/6sRUMJC+iNS7j4JCltbJv481L9S9SKe2Akg== +MIIEowIBAAKCAQEA5rypwXQN+3twPcwYMNgRRZEEd0V5g4rplzzZ2ewYGost4HzL +pvxl4TW6zHONlf1Rknfp0SAPqvQFwSRTjsBaqQh24NDMywKasJ02wsY3M12VStqh +LQ5DFUZpognUTFTUslgZEKCPxMjNqR+BIkBKQIhPAaQ41c1XiSQlYAdhMNd4AJFb +1OQsDzHfSnebv0Yoa2z5sce54A4ShVrTmKZQFgpIEBGktKu0s2AV2rcaxS0N0gnF +CYir3E8xKZ/uw+f6WgWn1L8SoH4Se1nGNXgmg/Rzplv7kZ3RDwGe7kxzf5GdewT+ +rCuV6djrOPIdDOJ+qBmjRNeDPY4vZvIGQqpqgwIDAQABAoIBADd50uLFUXtOcW0a +PhK4UGbGeClpFc8vvfvz0HkZz63KGsynlJtggepE7dWsTrVqQ4uQszHpoHq80wld +/40J6IJNm69v5F1HEgQ2uGzaFXmPHY7yw9++VxitZkZkUJvNpZn/nn8l64snsHLi +NT0T8gZT/5LodhXJmitJ+oZ9H7wLDVOcNRjBQ+2tX5hN+o72wdr64E9EFNRbJRm1 +iB/BCwSDqhImQaHFkdCAupQerNmNjUQt+VIq3gutmj0MvadLvGROLyW5xun20ce+ +37//7aFSHXuVP3m3BJJontUhx6kCuvo466JevLEWnDoddzEUhxozvEkpOk97vRCt +0nH7U8ECgYEA+LFwdQLd9fMMjNwDdQAvOg+KPK99PFrlF8f0lSKVSRAoNAEhpbXh +c6TrMDrwZAakwYVB/D8VRAKgv8EHcjgBwziv5H9FJDI5fiO/D9rE9ZLnW89Lq9W8 +7LiBpxKM42SXLa2Jkf2btksUJSDUt21XfasKTEEydoNxzKmXQXJp0GMCgYEA7YQq +XKzH5Nxjfm7RbRiF1ZY/lXIgkniqr6ItAmiYYf7m9Yii9SIO9+VsvWIl78AaERnk +ReNzlLcIZxCm/+rGIhLh3hwotBfGSAnN5dRP5aZvGME7greABjBuPTQaug7RwUwP +7BFii0lB0eTQBmRkpG9oO/Lm+Kq9nAkAUjZNR2ECgYBPR2FuK8fOS/jIPqrrdW+Y +trN+vQLTZrZ5akjR8gBdFkV6rpGnXd/NGdnPujo/6M5E0tJCM2n4EE5mUoapJqmJ +Ll0EHn5QF6K0T3js+PSoxHf0kJSy5qQfYoISXJuFMd/vs86TN6GX7z8wxtKI1tZ5 +PTk/LdmEZkq0z6tkNbD9uQKBgBUQR4F4gTG2qcwon8IBDr1mWbUzLdhPgzOYOk2g +YQMvy+OyfmEm6BTr77zL23lrm+QwW6InDbT+lmwteeHwPCoBaq576NAv25G/7NaZ +AYzoOaoEWPa6t0vVN7GN0WD2t3tg93iEAi1ADepDVH98n8BFcQUAAaPD4JTZ54Fi +92+BAoGBAItIvbbaWDhJHOwuJQw0HdF3YlsuVdLEXF09OFzo9qE2VGanX1kPeb6D +aZZDNPHY1gh/3JZPzpe5GotXNqsuUy0zHwWJOq+zBuV/6t1VtPajCqu855aD+ufP +1AoYso9zKsDi8J54frJ8w+IS1OpTyzPhl90oUzjD/AqGv0QOVBl3 -----END RSA PRIVATE KEY----- From e779852b47eba901ac9bcd6868651a0adbe79ce8 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 16:03:49 -0800 Subject: [PATCH 36/61] Bug: Fix registry IP address. Fix typo --- ansible/roles/base_ubuntu/tasks/main.yml | 2 +- ansible/single-host-part-3.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/base_ubuntu/tasks/main.yml b/ansible/roles/base_ubuntu/tasks/main.yml index 1859b31c..33f5ba32 100644 --- a/ansible/roles/base_ubuntu/tasks/main.yml +++ b/ansible/roles/base_ubuntu/tasks/main.yml @@ -4,6 +4,6 @@ when: dock is not defined lineinfile: dest=/etc/hosts - line="{{ registry_address }} registry.runnable.com" + line="{{ hostvars[groups['registry'][0]]['ansible_default_ipv4']['address'] }} registry.runnable.com" state=present regexp=".+ registry\.runnable\.com" diff --git a/ansible/single-host-part-3.yml b/ansible/single-host-part-3.yml index 69ff80b5..dbfdea30 100644 --- a/ansible/single-host-part-3.yml +++ b/ansible/single-host-part-3.yml @@ -7,7 +7,7 @@ - include: docker-listener.yml git_branch="{{ docker_listener_branch }}" -t deploy ## Proxies -- include: registrator-api.yml # Only one of these is neededi, so registrator-navi is not needed +- include: registrator-api.yml # Only one of these is needed, so registrator-navi is not needed - include: single-host-proxy.yml # API depends on NGINX to be running - include: github-varnish.yml git_branch="{{ github_varnish_branch }}" -t deploy From 68ab14e038ea1d0aba449bd5488d455a84cd9a18 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 16:04:16 -0800 Subject: [PATCH 37/61] Redo Step 19: Create vault tokens --- ansible/grizzly-hosts/variables | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index a24f6509..f209c9f2 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -121,12 +121,12 @@ max_navi_port=65000 _redis_port=65075 _redis_tls_port=65076 api_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 # HelloRunnable -vault_auth_token=2c7d2b93-5fcd-6e14-d8ad-2a1efd18f3d4 -vault_token_01=6506bd2cb9f04083f8a8f2d6bb74317d589367b978ac2e1941c00ed113bf0ad501 -vault_token_02=af7c30392c23b315cbadca2ecaf38c6cb98e26a951fb247e396b1a6264e6787a02 -vault_token_03=e0506e43989cacb99d72d32afbbff7d8ca8dd9b250e4f766830ecbd4016403fe03 -vault_token_04=57bef9d21cb3f9a46d3fe5cc82e21deddfcc884081e0dfd8e632a5be1fadb2e704 -vault_token_05=1892a7a8a80ce6083be0fcc8b3ae6659accf775b80ff0cc05c5774087a2fc96305 +vault_auth_token=fd79064e-06e6-321e-0161-18f3d01fe5f9 +vault_token_01=b7da720ffe3cac65316f658c8cee1c3ce24d90a20d2d3d9de7f53505ab40a8e004 +vault_token_02=c806906837aadaeba9f74d9138bf8e0fe8012d521a605eb38d247bf11188fd4e02 +vault_token_03=e7d4bd5eb4edbc3b8c6ac7cac993b7af68d5b1af7ffa54f83b54bdd107a4dca103 +vault_token_04=98085f397d7bcab514f2efd77dc2259c62990c5f68b737d65185f325bd6c890f05 +vault_token_05=e3bb5ca08b0fa927dc6e113db39dac0c1750bad979b4e632bbffb1226c99c69001 github_domain=api.github.com is_github_enterprise=false github_protocol=https From 664e3007c76185094489e5ee9098bd5e24724c89 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 16:15:33 -0800 Subject: [PATCH 38/61] Bug: Upgrade dock-init --- ansible/dock.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/dock.yml b/ansible/dock.yml index c43aa36f..b278b923 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -12,7 +12,7 @@ groups=dock - include: charon.yml git_branch="v4.0.0" -- include: dock-init.yml git_branch="v10.1.0" +- include: dock-init.yml git_branch="v10.1.1" - include: krain.yml git_branch="v0.3.0" - hosts: "{{ dock }}" From b8da5744786ac5227ef1222bef39581c9123ce17 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 16:15:50 -0800 Subject: [PATCH 39/61] Redo Step 15: Bake new AMI --- ansible/grizzly-hosts/variables | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index f209c9f2..36e4c042 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -75,8 +75,8 @@ aws_secret_access_key=AKIAIS2HMUM2REGVTVIQ shiva_aws_region=us-west-2 shiva_dock_security_groups=sg-ec0da194 shiva_ssh_key_name=gamma-key -shiva_aws_instance_image_id=ami-9add58fa -shiva_aws_instance_image_name=grizzly-dock-2.0.11 +shiva_aws_instance_image_id=ami-a0ab2ec0 +shiva_aws_instance_image_name=grizzly-dock-2.0.12 shiva_aws_instance_type=t2.medium shiva_dock_pool_asg_name=grizzly-asg-dock-pool shiva_aws_launch_configuration_name=grizzly-lc-2.0.11 From ee168bdf4d506748d6e452c742de35ed75d21f74 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 16:20:45 -0800 Subject: [PATCH 40/61] Redo Step 17: Upgrade launch configuration version --- ansible/grizzly-hosts/variables | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 36e4c042..1b01e480 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -79,7 +79,7 @@ shiva_aws_instance_image_id=ami-a0ab2ec0 shiva_aws_instance_image_name=grizzly-dock-2.0.12 shiva_aws_instance_type=t2.medium shiva_dock_pool_asg_name=grizzly-asg-dock-pool -shiva_aws_launch_configuration_name=grizzly-lc-2.0.11 +shiva_aws_launch_configuration_name=grizzly-dock-2.0.12 shiva_aws_auto_scaling_group_subnets=subnet-b8be98dd shiva_aws_auto_scaling_group_max=29 shiva_aws_auto_scaling_group_prefix=asg-grizzly- From 09f7f15639c4430ff32d103533497ec32a3543d9 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 18:40:49 -0800 Subject: [PATCH 41/61] Bug: Fix BP installing postgres --- ansible/group_vars/alpha-big-poppa-http.yml | 4 +++- ansible/group_vars/alpha-big-poppa-worker.yml | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ansible/group_vars/alpha-big-poppa-http.yml b/ansible/group_vars/alpha-big-poppa-http.yml index 0942ea03..8097e79a 100644 --- a/ansible/group_vars/alpha-big-poppa-http.yml +++ b/ansible/group_vars/alpha-big-poppa-http.yml @@ -12,8 +12,10 @@ dockerfile_enviroment: [ ] dockerfile_pre_install_commands: [ + 'echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main"> /etc/apt/sources.list.d/pgdg.list', + 'wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -', "apt-get update", - "apt-get install postgresql-client=9.3+154ubuntu1 -y", + "apt-get install postgresql-client-9.4 -y", "echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' > .npmrc" ] diff --git a/ansible/group_vars/alpha-big-poppa-worker.yml b/ansible/group_vars/alpha-big-poppa-worker.yml index 13cf253c..5bcf1be1 100644 --- a/ansible/group_vars/alpha-big-poppa-worker.yml +++ b/ansible/group_vars/alpha-big-poppa-worker.yml @@ -11,8 +11,10 @@ dockerfile_enviroment: [ ] dockerfile_pre_install_commands: [ + 'echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main"> /etc/apt/sources.list.d/pgdg.list', + 'wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -', "apt-get update", - "apt-get install postgresql-client=9.3+154ubuntu1 -y", + "apt-get install postgresql-client-9.4 -y", "echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' > .npmrc" ] From 61af0a9817a891fec1be46a7512a4881b307afa8 Mon Sep 17 00:00:00 2001 From: thejsj Date: Tue, 7 Feb 2017 18:41:38 -0800 Subject: [PATCH 42/61] Bug: Add kill_container_name for consul-template --- ansible/group_vars/alpha-consul-template-updater.yml | 1 + ansible/roles/container_kill_start/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ansible/group_vars/alpha-consul-template-updater.yml b/ansible/group_vars/alpha-consul-template-updater.yml index 648aeb38..ace0bd57 100644 --- a/ansible/group_vars/alpha-consul-template-updater.yml +++ b/ansible/group_vars/alpha-consul-template-updater.yml @@ -1,4 +1,5 @@ name: consul-template-updater-{{ proxy_service_name }} +kill_container_name: consul-template-updater-{{ proxy_service_name }} # container_kill_start settings container_image: avthart/consul-template diff --git a/ansible/roles/container_kill_start/tasks/main.yml b/ansible/roles/container_kill_start/tasks/main.yml index 0b6e4aa6..75a37f69 100644 --- a/ansible/roles/container_kill_start/tasks/main.yml +++ b/ansible/roles/container_kill_start/tasks/main.yml @@ -20,7 +20,7 @@ - name: look for running containers running {{ container_image }} tags: deploy become: true - script: findTagRunning.sh {{ container_image }} + script: findTagRunning.sh {{ container_image }} {{ kill_container_name | default('') }} register: old_containers_id changed_when: old_containers_id.stdout | length > 4 From 049dc8b4f762ad4bc86cc150ab422c5f555391fb Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:48:14 -0800 Subject: [PATCH 43/61] Bug: Fix Redis port --- ansible/group_vars/alpha-redis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/group_vars/alpha-redis.yml b/ansible/group_vars/alpha-redis.yml index 807f32a1..b970e844 100644 --- a/ansible/group_vars/alpha-redis.yml +++ b/ansible/group_vars/alpha-redis.yml @@ -5,6 +5,6 @@ db_path: "/opt/redis/db" # container_kill_start settings container_image: redis container_tag: "latest" -container_run_opts: "-d --name redis -v {{ db_path }}:/data -p {{ redis_port }}:{{ redis_port }}" +container_run_opts: "-d --name redis -v {{ db_path }}:/data -p {{ redis_port }}:6379" hosted_ports: [ "{{ redis_port }}" ] From b7a7b0b6d93081efd462c4ae0a99a342dd66b90c Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:49:27 -0800 Subject: [PATCH 44/61] Bug: Remove comment from variables. Gets inserted into the ENV --- ansible/grizzly-hosts/variables | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 1b01e480..34a1d795 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -22,7 +22,7 @@ big_poppa_pg_pool_min=10 big_poppa_pg_pool_max=20 [cream:vars] -cream_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 #Hello Runnable +cream_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 cream_stripe_secret_key=sk_test_4De8Zdkfcyb29swkMmjZUMRh cream_stripe_publishable_key=pk_test_sHr5tQaPtgwiE2cpW6dQkzi8 @@ -90,7 +90,7 @@ aws_secret_key=k7L6Ljvl46ThhZ6ed3VeN6lRG83p3kR/1QXVDYUA environment_name=grizzly [vault:vars] -vault_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 #Hello Runnable +vault_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 vault_aws_access_key_id=AKIAIS2HMUM2REGVTVIQ vault_aws_secret_key=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 vault_aws_region=us-west-2 @@ -120,7 +120,7 @@ user_content_domain=runnabae.com max_navi_port=65000 _redis_port=65075 _redis_tls_port=65076 -api_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 # HelloRunnable +api_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 vault_auth_token=fd79064e-06e6-321e-0161-18f3d01fe5f9 vault_token_01=b7da720ffe3cac65316f658c8cee1c3ce24d90a20d2d3d9de7f53505ab40a8e004 vault_token_02=c806906837aadaeba9f74d9138bf8e0fe8012d521a605eb38d247bf11188fd4e02 @@ -132,5 +132,5 @@ is_github_enterprise=false github_protocol=https proxy_container_image=runnable/sticky-nginx proxy_container_image_version=v1.8.1 -charon_api_token=ebb1ef52e73a03899a31f067507f68e843d52f27 # Hello Runnable +charon_api_token=ebb1ef52e73a03899a31f067507f68e843d52f27 swarm_version=v1.2.3-0 From cfd7e6fac0048ccd901d65b2b8c97057b2b41363 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:50:35 -0800 Subject: [PATCH 45/61] Enhancement: Create Mongo user when deploying mongo --- ansible/roles/mongo-server/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ansible/roles/mongo-server/tasks/main.yml b/ansible/roles/mongo-server/tasks/main.yml index aedba96d..42d4a45b 100644 --- a/ansible/roles/mongo-server/tasks/main.yml +++ b/ansible/roles/mongo-server/tasks/main.yml @@ -43,3 +43,8 @@ owner: mongodb group: mongodb mode: 0440 + +- name: create user + tags: [tls] + become: true + command: docker exec -it mongodb mongo --eval 'db.createUser({"user":"{{ mongo_user }}=","pwd": "{{ mongo_password }}","roles":[]})' From 4ae4a1d099d26cbdfc3ca633934d0361cb6d17e3 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:51:25 -0800 Subject: [PATCH 46/61] Bug: Add certs and known_hosts in order to be able to install npm modules --- ansible/roles/builder/tasks/main.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/ansible/roles/builder/tasks/main.yml b/ansible/roles/builder/tasks/main.yml index b747286c..27064685 100644 --- a/ansible/roles/builder/tasks/main.yml +++ b/ansible/roles/builder/tasks/main.yml @@ -50,6 +50,19 @@ src: "{{ dockerfile }}" dest: "{{ build_dir }}/{{ name }}" +- name: copy secrets into build dir + tags: [ deploy ] + become: true + copy: + src=../docker-files/base/{{ item }} + dest={{ build_dir }}/{{ name }} + owner=ubuntu + group=ubuntu + mode=0700 + with_items: + - id_rsa + - known_hosts + - name: build docker image and tag tags: deploy become: yes From c597a593ffe7408f79f9953b285e63e5ea799348 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:52:56 -0800 Subject: [PATCH 47/61] Step 21: Add Github variables and other variables needed to deploy FE --- ansible/grizzly-hosts/variables | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 34a1d795..9e798159 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -134,3 +134,8 @@ proxy_container_image=runnable/sticky-nginx proxy_container_image_version=v1.8.1 charon_api_token=ebb1ef52e73a03899a31f067507f68e843d52f27 swarm_version=v1.2.3-0 +github_api_url=https://api.github.com +github_domain=api.github.com +github_protocol=https +web_intercom_id=xs5g95pd +web_sift_public_key=eea9746dff From a235e85d1bb1583c9ac74eedaa29de11c04d1e83 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:53:22 -0800 Subject: [PATCH 48/61] Bug: Add certs and known_hosts in order to be able to install npm modules --- ansible/roles/builder/templates/basic_node/Dockerfile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ansible/roles/builder/templates/basic_node/Dockerfile b/ansible/roles/builder/templates/basic_node/Dockerfile index 73f84cf7..a8eadc03 100644 --- a/ansible/roles/builder/templates/basic_node/Dockerfile +++ b/ansible/roles/builder/templates/basic_node/Dockerfile @@ -23,6 +23,11 @@ RUN {{ command }} {% endfor %} {% endif %} +RUN mkdir /root/.ssh/ +ADD id_rsa /root/.ssh/id_rsa +ADD known_hosts /root/.ssh/known_hosts +RUN chmod 600 /root/.ssh/id_rsa + # Add package.json from the current build context (`.` is the repo) second ADD ./repo/package.json /{{ name }}/package.json From deea1d4d23373f8b04ae4fa6b68cf73acf9c84a0 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:54:17 -0800 Subject: [PATCH 49/61] Bug: Fix mongodb datadog deployment stuff --- ansible/roles/datadog/tasks/main.yml | 2 +- .../roles/datadog/templates/{mongo.yaml.j2 => mongodb.yaml.j2} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename ansible/roles/datadog/templates/{mongo.yaml.j2 => mongodb.yaml.j2} (100%) diff --git a/ansible/roles/datadog/tasks/main.yml b/ansible/roles/datadog/tasks/main.yml index 9c717f04..1d4613dc 100644 --- a/ansible/roles/datadog/tasks/main.yml +++ b/ansible/roles/datadog/tasks/main.yml @@ -68,7 +68,7 @@ become: true when: has_dd_integration is defined template: - src="{{ name }}.yaml.j2" + src="roles/datadog/templates/{{ name }}.yaml.j2" dest="/etc/dd-agent/conf.d/{{ name }}.yaml" notify: restart datadog-agent diff --git a/ansible/roles/datadog/templates/mongo.yaml.j2 b/ansible/roles/datadog/templates/mongodb.yaml.j2 similarity index 100% rename from ansible/roles/datadog/templates/mongo.yaml.j2 rename to ansible/roles/datadog/templates/mongodb.yaml.j2 From ed4d3b9bd8f08ba4563abd6d96a4ae99c199bab0 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 10:55:30 -0800 Subject: [PATCH 50/61] Step 21: Go through deploying applications --- ansible/single-host-part-3.yml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/ansible/single-host-part-3.yml b/ansible/single-host-part-3.yml index dbfdea30..7122e344 100644 --- a/ansible/single-host-part-3.yml +++ b/ansible/single-host-part-3.yml @@ -1,28 +1,28 @@ # Docks Services -- include: swarm-manager.yml -- include: palantiri.yml git_branch="{{ palantiri_branch }}" -t deploy -- include: sauron.yml git_branch="{{ sauron_branch }}" -t deploy -- include: shiva.yml git_branch="{{ astral_branch }}" -t deploy -- include: khronos.yml git_branch="{{ khronos_branch }}" -t deploy -- include: docker-listener.yml git_branch="{{ docker_listener_branch }}" -t deploy +# - include: swarm-manager.yml +# - include: palantiri.yml git_branch="{{ palantiri_branch }}" -t deploy +# - include: sauron.yml git_branch="{{ sauron_branch }}" -t deploy +# - include: shiva.yml git_branch="{{ astral_branch }}" -t deploy +# - include: khronos.yml git_branch="{{ khronos_branch }}" -t deploy +# - include: docker-listener.yml git_branch="{{ docker_listener_branch }}" -t deploy ## Proxies -- include: registrator-api.yml # Only one of these is needed, so registrator-navi is not needed -- include: single-host-proxy.yml # API depends on NGINX to be running -- include: github-varnish.yml git_branch="{{ github_varnish_branch }}" -t deploy +# - include: registrator-api.yml # Only one of these is needed, so registrator-navi is not needed +# - include: single-host-proxy.yml # API depends on NGINX to be running +# - include: github-varnish.yml git_branch="{{ github_varnish_branch }}" -t deploy # Main -- include: big-poppa.yml git_branch="{{ big_poppa_branch }}" -t deploy -- include: api.yml git_branch="{{ api_branch }}" -t deploy -- include: cream.yml git_branch="{{ cream_branch }}" -t deploy # CREAM fails if big-poppa or API is down -- include: web.yml git_branch="{{ angular_branch }}" -t deploy # fucked +# - include: big-poppa.yml git_branch="{{ big_poppa_branch }}" -t deploy +# - include: api.yml git_branch="{{ api_branch }}" -t deploy +# - include: drake.yml git_branch="{{ drake_branch }}" -t deploy +# - include: cream.yml git_branch="{{ cream_branch }}" -t deploy # CREAM fails if big-poppa or API is down +# - include: web.yml git_branch="{{ angular_branch }}" -t deploy # fucked # Networking services -- include: detention.yml git_branch="{{ detention_branch }}" -t deploy +# - include: detention.yml git_branch="{{ detention_branch }}" -t deploy - include: link.yml git_branch="{{ link_branch }}" -t deploy - include: navi.yml git_branch="{{ navi_branch }}" -t deploy # Connects to Redis over tls port # Other - include: optimus.yml git_branch="{{ optimus_branch }}" -t deploy -- include: drake.yml git_branch="{{ drake_branch }}" -t deploy - include: pheidi.yml git_branch="{{ pheidi_branch }}" -t deploy From a22fab3f3b975beab6df55cf7ff70043403fbea1 Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 13:55:46 -0800 Subject: [PATCH 51/61] Bug: Adding region and node-sass to web, marketing, and detention --- ansible/group_vars/alpha-detention.yml | 2 ++ ansible/group_vars/alpha-marketing.yml | 1 + ansible/group_vars/alpha-web.yml | 1 + 3 files changed, 4 insertions(+) diff --git a/ansible/group_vars/alpha-detention.yml b/ansible/group_vars/alpha-detention.yml index cb1cbf12..a6d91102 100644 --- a/ansible/group_vars/alpha-detention.yml +++ b/ansible/group_vars/alpha-detention.yml @@ -12,6 +12,8 @@ redis_key: "frontend:{{ detention_hostname }}" is_redis_update_required: 'yes' dockerfile_post_install_commands: [ + "wget -nv https://github.com/eSlider/sassc-binaries/raw/develop/dist/sassc -O /usr/bin/sass", + "chmod +x /usr/bin/sass", "npm run grunt" ] diff --git a/ansible/group_vars/alpha-marketing.yml b/ansible/group_vars/alpha-marketing.yml index 94e57d3b..f82f756c 100644 --- a/ansible/group_vars/alpha-marketing.yml +++ b/ansible/group_vars/alpha-marketing.yml @@ -11,6 +11,7 @@ dockerfile_enviroment: [ "API_URL https://{{ api_hostname }}", "AWS_ACCESS_KEY {{ aws_access_key }}", "AWS_SECRET_KEY {{ aws_secret_key }}", + "AWS_REGION {{ marketing_aws_region | default('us-standard') }}", "ANGULAR_URL {{ angular_url }}", "AWS_BUCKET {{ domain }}", "NODE_ENV {{ node_env }}" diff --git a/ansible/group_vars/alpha-web.yml b/ansible/group_vars/alpha-web.yml index be7bf832..5139b787 100644 --- a/ansible/group_vars/alpha-web.yml +++ b/ansible/group_vars/alpha-web.yml @@ -14,6 +14,7 @@ dockerfile_enviroment: [ "MIXPANEL_PROXY_URL {{ mixpanel_proxy_url }}", "AWS_ACCESS_KEY {{ aws_access_key }}", "AWS_BUCKET app.{{ domain }}", + "AWS_REGION {{ web_aws_bucket_region | default('us-standard') }}", "AWS_SECRET_KEY {{ aws_secret_key }}", "INTERCOM_APP_ID {{ web_intercom_id }}", "MARKETING_URL {{ marketing_url }}", From bf552a04cebdee12fafcba6d2d2f255503fe4d7a Mon Sep 17 00:00:00 2001 From: thejsj Date: Wed, 8 Feb 2017 13:56:51 -0800 Subject: [PATCH 52/61] Step 21: Add new necessary vars --- ansible/grizzly-hosts/variables | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 9e798159..a5c38ca6 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -99,6 +99,12 @@ vault_unseal_tokens={'one':'d8a1906386b875439b744211699362625f07f4d3ade1376b9e2f _vault_port=65240 _vault_ssl_port=65241 +[web:vars] +web_intercom_id=xs5g95pd +web_sift_public_key=eea9746dff +web_aws_bucket_region=us-west-2 +marketing_aws_region=us-west-2 + [grizzly:vars] bastion_sshd_port=60709 datadog_tags=env:grizzly @@ -137,5 +143,3 @@ swarm_version=v1.2.3-0 github_api_url=https://api.github.com github_domain=api.github.com github_protocol=https -web_intercom_id=xs5g95pd -web_sift_public_key=eea9746dff From 0f9095eb87af405a8927b346b7482adba03b28bc Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:21:55 -0800 Subject: [PATCH 53/61] Bug: Add image-builder to dock script --- ansible/dock.yml | 2 ++ ansible/roles/image-builder/tasks/main.yml | 6 ------ 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/ansible/dock.yml b/ansible/dock.yml index b278b923..aa9b7b6a 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -11,6 +11,7 @@ name={{ dock }} groups=dock +- include: image-builder.yml git_branch="v4.2.3" - include: charon.yml git_branch="v4.0.0" - include: dock-init.yml git_branch="v10.1.1" - include: krain.yml git_branch="v0.3.0" @@ -29,3 +30,4 @@ - { role: install-ssm } - { role: dock-images } - { role: docks-psad } + diff --git a/ansible/roles/image-builder/tasks/main.yml b/ansible/roles/image-builder/tasks/main.yml index ac71aa5e..affd810b 100644 --- a/ansible/roles/image-builder/tasks/main.yml +++ b/ansible/roles/image-builder/tasks/main.yml @@ -8,9 +8,3 @@ - name: build the image-builder tags: deploy command: sudo docker build --no-cache --tag="registry.runnable.com/{{ image_builder_docker_namespace }}:{{ git_branch }}" /opt/runnable/image-builder - -- name: push image-builder - tags: deploy - run_once: true - command: sudo docker push "registry.runnable.com/{{ image_builder_docker_namespace }}:{{ git_branch }}" - when: dock is not defined From 070fd0fddc1300fc6a86d7f3def4c5fd4b76b90a Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:22:59 -0800 Subject: [PATCH 54/61] Bug: Change access token in link to variable --- ansible/group_vars/alpha-link.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/group_vars/alpha-link.yml b/ansible/group_vars/alpha-link.yml index 1d8e2d22..62f37d2c 100644 --- a/ansible/group_vars/alpha-link.yml +++ b/ansible/group_vars/alpha-link.yml @@ -10,7 +10,7 @@ container_envs: > -e API_URL={{ api_url }} -e DATADOG_HOST={{ datadog_host_address }} -e DATADOG_PORT={{ datadog_port }} - -e HELLO_RUNNABLE_GITHUB_TOKEN=5d8f7029d3d6941b0fc62a7eb8c605d8e0bc7c29 + -e HELLO_RUNNABLE_GITHUB_TOKEN={{ link_hello_runnable_github_token }} -e MONGO=mongodb://{{ navi_mongo_host_address }}:{{ navi_mongo_port }}/{{ navi_mongo_database }} -e NODE_ENV={{ node_env }} -e RABBITMQ_HOSTNAME={{ rabbit_host_address }} From bf6791784d2770a93b1315535c85d4bc7cb0772f Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:28:01 -0800 Subject: [PATCH 55/61] Bug: Fix mongo image --- ansible/group_vars/alpha-mongo-navi.yml | 2 +- ansible/group_vars/alpha-mongo.yml | 2 +- ansible/roles/mongo-server/tasks/main.yml | 5 ----- 3 files changed, 2 insertions(+), 7 deletions(-) diff --git a/ansible/group_vars/alpha-mongo-navi.yml b/ansible/group_vars/alpha-mongo-navi.yml index 00765326..538d1c54 100644 --- a/ansible/group_vars/alpha-mongo-navi.yml +++ b/ansible/group_vars/alpha-mongo-navi.yml @@ -5,7 +5,7 @@ db_path: /opt/mongodb/db # container_kill_start settings container_image: mongo -container_tag: latest +container_tag: 3.2.4 container_run_opts: > -h {{ name }} -d diff --git a/ansible/group_vars/alpha-mongo.yml b/ansible/group_vars/alpha-mongo.yml index 9ef943bc..a575c695 100644 --- a/ansible/group_vars/alpha-mongo.yml +++ b/ansible/group_vars/alpha-mongo.yml @@ -5,7 +5,7 @@ db_path: /opt/mongodb/db # container_kill_start settings container_image: mongo -container_tag: latest +container_tag: 2.6.11 container_run_opts: -d --name mongodb -p {{ mongo_port }}:27017 -v {{ db_path }}:/data/db:rw # do not monitor docker-daemon for mongo, as there is none diff --git a/ansible/roles/mongo-server/tasks/main.yml b/ansible/roles/mongo-server/tasks/main.yml index 42d4a45b..aedba96d 100644 --- a/ansible/roles/mongo-server/tasks/main.yml +++ b/ansible/roles/mongo-server/tasks/main.yml @@ -43,8 +43,3 @@ owner: mongodb group: mongodb mode: 0440 - -- name: create user - tags: [tls] - become: true - command: docker exec -it mongodb mongo --eval 'db.createUser({"user":"{{ mongo_user }}=","pwd": "{{ mongo_password }}","roles":[]})' From c5ac889997eb0bc2bb1efb50177c199c776d05c6 Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:28:46 -0800 Subject: [PATCH 56/61] Step 4: Fix auth for MongoDB --- ansible/grizzly-hosts/variables | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index a5c38ca6..deeeb190 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -4,7 +4,7 @@ api_aws_secret_access_key=k7L6Ljvl46ThhZ6ed3VeN6lRG83p3kR/1QXVDYUA api_github_client_id=fb6620cd05b411759d15 api_github_client_secret=8a7ff50364ce874865cebabae3d61697801ec950 api_github_deploy_keys_bucket=runnable.deploykeys.grizzly -api_mongo_auth=nfE2OIeyTKWt4aGZWr1NSYTQb6WVN0dfp7U7vNKfRhY=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= +api_mongo_auth=b3f65941632347b2941ef9cf0d6a1fd2:0d3ab8d34f4e4b5a82ea7bc10ebaab5b api_mongo_database=grizzly api_mongo_replset_name=grizzly-rs0 api_s3_context_bucket=runnable.context.resources.grizzly @@ -15,7 +15,7 @@ big_poppa_pg_host=grizzly.cnksgdqarobf.us-west-2.rds.amazonaws.com:5432 big_poppa_pg_port=5432 big_poppa_pg_user=e1058667bd5f4e50 big_poppa_github_token=5346739a35753d289b9ef52bd68328ad36897091 -big_poppa_mongo_auth=nfE2OIeyTKWt4aGZWr1NSYTQb6WVN0dfp7U7vNKfRhY=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= +big_poppa_mongo_auth=b3f65941632347b2941ef9cf0d6a1fd2:0d3ab8d34f4e4b5a82ea7bc10ebaab5b big_poppa_mongo_database=grizzly big_poppa_mongo_replset_name=grizzly-rs0 big_poppa_pg_pool_min=10 @@ -37,7 +37,7 @@ docks_rollbar_key=${ROLLBAR_TOKEN_DOCKS} drake_port=80 [khronos:vars] -khronos_mongo_auth=W2i3PLCITOqvPeEG9MGiQ6F3yAdwwUJGscb1FURHxuI=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= +khronos_mongo_auth=b3f65941632347b2941ef9cf0d6a1fd2:0d3ab8d34f4e4b5a82ea7bc10ebaab5b khronos_mongo_database=grizzly khronos_mongo_replset_name=grizzly @@ -56,7 +56,7 @@ optimus_github_deploy_keys_bucket=runnable.deploykeys.grizzly [palantiri:vars] [pheidi:vars] -pheidi_mongo_auth=W2i3PLCITOqvPeEG9MGiQ6F3yAdwwUJGscb1FURHxuI=:IjY3mdy1R8Se+yTelCBGo32t6w2D7kDVuymLV6YDOkQ= +pheidi_mongo_auth=b3f65941632347b2941ef9cf0d6a1fd2:0d3ab8d34f4e4b5a82ea7bc10ebaab5b pheidi_mongo_database=grizzly pheidi_mongo_replset_name=grizzly pheidi_runnabot_tokens=5346739a35753d289b9ef52bd68328ad36897091 From 9e469d01b0a39f58f0d23494a8ab3f086289d884 Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:29:52 -0800 Subject: [PATCH 57/61] Step 4: Change HelloRunnable Access Tokens --- ansible/grizzly-hosts/variables | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index deeeb190..364c3995 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -22,7 +22,7 @@ big_poppa_pg_pool_min=10 big_poppa_pg_pool_max=20 [cream:vars] -cream_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 +cream_hello_runnable_github_token=7d97ecc61565ab2170a285060bc31628ba5c3443 cream_stripe_secret_key=sk_test_4De8Zdkfcyb29swkMmjZUMRh cream_stripe_publishable_key=pk_test_sHr5tQaPtgwiE2cpW6dQkzi8 @@ -43,6 +43,9 @@ khronos_mongo_replset_name=grizzly [metis:vars] +[link:vars] +link_hello_runnable_github_token=7d97ecc61565ab2170a285060bc31628ba5c3443 + [navi:vars] navi_cookie_secret=17578a96-8610-4db0-83ea-7b4491e8c1a5 _navi_proxy_port=65100 @@ -90,7 +93,7 @@ aws_secret_key=k7L6Ljvl46ThhZ6ed3VeN6lRG83p3kR/1QXVDYUA environment_name=grizzly [vault:vars] -vault_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 +vault_hello_runnable_github_token=7d97ecc61565ab2170a285060bc31628ba5c3443 vault_aws_access_key_id=AKIAIS2HMUM2REGVTVIQ vault_aws_secret_key=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 vault_aws_region=us-west-2 @@ -126,7 +129,7 @@ user_content_domain=runnabae.com max_navi_port=65000 _redis_port=65075 _redis_tls_port=65076 -api_hello_runnable_github_token=ebb1ef52e73a03899a31f067507f68e843d52f27 +api_hello_runnable_github_token=7d97ecc61565ab2170a285060bc31628ba5c3443 vault_auth_token=fd79064e-06e6-321e-0161-18f3d01fe5f9 vault_token_01=b7da720ffe3cac65316f658c8cee1c3ce24d90a20d2d3d9de7f53505ab40a8e004 vault_token_02=c806906837aadaeba9f74d9138bf8e0fe8012d521a605eb38d247bf11188fd4e02 @@ -138,7 +141,7 @@ is_github_enterprise=false github_protocol=https proxy_container_image=runnable/sticky-nginx proxy_container_image_version=v1.8.1 -charon_api_token=ebb1ef52e73a03899a31f067507f68e843d52f27 +charon_api_token=7d97ecc61565ab2170a285060bc31628ba5c3443 swarm_version=v1.2.3-0 github_api_url=https://api.github.com github_domain=api.github.com From 06632335d5c2b8b6a71b90cfc90e1c10ad2d87c1 Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:30:26 -0800 Subject: [PATCH 58/61] Bug: Make number of containers default to 1 in single host --- ansible/grizzly-hosts/variables | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index 364c3995..c41b3f36 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -8,6 +8,7 @@ api_mongo_auth=b3f65941632347b2941ef9cf0d6a1fd2:0d3ab8d34f4e4b5a82ea7bc10ebaab5b api_mongo_database=grizzly api_mongo_replset_name=grizzly-rs0 api_s3_context_bucket=runnable.context.resources.grizzly +api_number_of_containers=1 [big-poppa:vars] big_poppa_pg_pass=790e5214041d4ff4b0dadbb63cfcc66d @@ -50,6 +51,7 @@ link_hello_runnable_github_token=7d97ecc61565ab2170a285060bc31628ba5c3443 navi_cookie_secret=17578a96-8610-4db0-83ea-7b4491e8c1a5 _navi_proxy_port=65100 _navi_proxy_ssl_port=65101 +navi_number_of_containers=1 [optimus:vars] optimus_aws_access_id=AKIAIS2HMUM2REGVTVIQ From 0c39afb0e2cfb4f14b7c773b3bc0c68bfa126476 Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:31:07 -0800 Subject: [PATCH 59/61] Bug: Github domain should be github.com, not api.github.com --- ansible/grizzly-hosts/variables | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index c41b3f36..bb7a56fb 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -146,5 +146,5 @@ proxy_container_image_version=v1.8.1 charon_api_token=7d97ecc61565ab2170a285060bc31628ba5c3443 swarm_version=v1.2.3-0 github_api_url=https://api.github.com -github_domain=api.github.com +github_domain=github.com github_protocol=https From 7329f9142f7c1c97eb9117ccf4c4fe0c330aa2dc Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:31:54 -0800 Subject: [PATCH 60/61] Step 16: Fix subnet, asg, ami, access key for grizzly env --- ansible/grizzly-hosts/variables | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/grizzly-hosts/variables b/ansible/grizzly-hosts/variables index bb7a56fb..f98833f9 100644 --- a/ansible/grizzly-hosts/variables +++ b/ansible/grizzly-hosts/variables @@ -76,16 +76,16 @@ registry_s3_region=us-west-2 [shiva:vars] aws_access_key_id=AKIAIS2HMUM2REGVTVIQ -aws_secret_access_key=AKIAIS2HMUM2REGVTVIQ +aws_secret_access_key=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 shiva_aws_region=us-west-2 shiva_dock_security_groups=sg-ec0da194 shiva_ssh_key_name=gamma-key -shiva_aws_instance_image_id=ami-a0ab2ec0 -shiva_aws_instance_image_name=grizzly-dock-2.0.12 +shiva_aws_instance_image_id=ami-74ee6a14 +shiva_aws_instance_image_name=grizzly-dock-2.0.15 shiva_aws_instance_type=t2.medium shiva_dock_pool_asg_name=grizzly-asg-dock-pool -shiva_aws_launch_configuration_name=grizzly-dock-2.0.12 -shiva_aws_auto_scaling_group_subnets=subnet-b8be98dd +shiva_aws_launch_configuration_name=grizzly-dock-2.0.16 +shiva_aws_auto_scaling_group_subnets=subnet-d485c1a3 shiva_aws_auto_scaling_group_max=29 shiva_aws_auto_scaling_group_prefix=asg-grizzly- From 7c3770b933cff3c8ad4f69dc4ee589e8ce07b2b7 Mon Sep 17 00:00:00 2001 From: thejsj Date: Thu, 9 Feb 2017 15:33:57 -0800 Subject: [PATCH 61/61] Step 13: Generate new certs for docker_client --- .../docker_client/files/certs/api/cert.pem | 36 ++++++------- .../docker_client/files/certs/api/key.pem | 50 +++++++++---------- .../files/certs/docker-listener/cert.pem | 36 ++++++------- .../files/certs/docker-listener/key.pem | 50 +++++++++---------- .../files/certs/khronos/cert.pem | 36 ++++++------- .../docker_client/files/certs/khronos/key.pem | 50 +++++++++---------- .../files/certs/palantiri/cert.pem | 36 ++++++------- .../files/certs/palantiri/key.pem | 50 +++++++++---------- .../docker_client/files/certs/sauron/cert.pem | 36 ++++++------- .../docker_client/files/certs/sauron/key.pem | 50 +++++++++---------- .../files/certs/swarm-manager/cert.pem | 36 ++++++------- .../files/certs/swarm-manager/key.pem | 50 +++++++++---------- 12 files changed, 258 insertions(+), 258 deletions(-) diff --git a/ansible/roles/docker_client/files/certs/api/cert.pem b/ansible/roles/docker_client/files/certs/api/cert.pem index de3614fc..a6e652a4 100644 --- a/ansible/roles/docker_client/files/certs/api/cert.pem +++ b/ansible/roles/docker_client/files/certs/api/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+FwMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3KMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNzIzMzgxNFoXDTE4MDIwNzIzMzgxNFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnHUhF9uVYAJvvW+NfvA4dVL -reakqOnKQvhFFMsAIHJ4YMtTj4R7zNV1WMtI/lL4CpurJEPbnPXUUTWCqKvxGk+T -xhGNNx0UaDpjqWc793GjJL9fTNEFAnjAzrXFetzBPujxG3NpBZ8zKwiE+qTFKqJd -fGl2zObYLB+msjoKnaXdV9dIEaZIBPP4pbCaEGlEBBheBCmQ/cXLG7BvT+BOnNOv -dNEJdX9hgDfJ333Jc1v/pmx6//17FQm51g1pOYOtPHhC0mkxuobkQgyKHYP4kb7x -FHOvhmotmk7QiP+F3c6K8oZ0Z48kpiHr5GmaemwEovJQJGaJ8oupBfT+NnRrLQID -AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ -AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAItVFo3OkpYmCnMSd0/WeqV+fjm3lLOk -T+v+WrvmjoikRGQCflRFdlIwk9Sg4c+eqN0iBJtt++ZjzM6rHksab8xQVnXjbjEI -wHeMTxGTWJZAe2KTQyc2nLsHbtzglBXlinj0opiL99uUq2NMy/7f6wlMcCDyhu9r -HltgRwTC924OL61gFFJkL3ehsafT/k9oH0+1MEuLaVGcmARBfhwX3aJM8QYE2nlk -xSnH7MeP6z4Ti57T8oLA5d5+o8IdAQkmDCvnYJxMgHzOMRkAVo9hzlbvM82YMygE -+Pm4lwFHGC0+xRAGGvbxilIIAn1ezrbpEivud1henxLKyAmh9o2g0vY= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 +MDUyMjAxMDI0N1oXDTE3MDUyMjAxMDI0N1owETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k3kbA7xGxxoP28GiT1fctTX +Msax59ADfdFVxG3OnzLo53vGwx6Ge1B2R42fdfUD7yuPwn1s2BhaHKSbh8BvJwAu +JOyMTO5gGmRnqR/r7PiWwY3Ef2EMT6mMNIpXLGdSn0V6f7hgyu/oJgzpJb8O3DT2 ++tZdoKQVFBhrrXMj8qftroZRciiiArddNgfd9OrVw0O4DOyvtyhOVjVpe0mg1n/r +c3zweOKSRpY1/TnpSa/WN3MCLFIIyFJDVQvWe/I1bpdCf0xYaxnOefiq6HFMgu6S +9OStkbimQphRVVy8toa6uLt38oqKX1MC0//8O+eZjGKZAF8CMmx/5qgXIKh+LwID +AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE +WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv +c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI +hvcNAQELBQADggEBAC3aYEO6zq4/pYZMSR+EBRwxr0E64ck5swBhXF/xq9nKqhvS +Xh5Y+rPbzwnNefSsAsEYkgsJnENTgPfvrpbt60txx+MmY0OPf0UHX4eQFdpzfFBG +C1jT+3Vo2Kr9z8x0OgFvfxRfHgKYQWjDgdqyFGZ4jz7iq6bhpR5FiVUfJ0y3nmmz +NXwS+QJzgyKhs7OjiZhyPElGTSUUi5KBBOk2cpzB3FworYTbZ3gIcgr1IFD/tH4M +PnjD5YTZtmZvpPaCVwXucOCOWAXqhvbYYpWypZApFL0NgFYYRbirEJSmUFqondDJ +jUANI0fuk4JqUOZzqyTM2Xtan8hVZtoipIXWjoI= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/api/key.pem b/ansible/roles/docker_client/files/certs/api/key.pem index 3ae31fac..7f33350f 100644 --- a/ansible/roles/docker_client/files/certs/api/key.pem +++ b/ansible/roles/docker_client/files/certs/api/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAxnHUhF9uVYAJvvW+NfvA4dVLreakqOnKQvhFFMsAIHJ4YMtT -j4R7zNV1WMtI/lL4CpurJEPbnPXUUTWCqKvxGk+TxhGNNx0UaDpjqWc793GjJL9f -TNEFAnjAzrXFetzBPujxG3NpBZ8zKwiE+qTFKqJdfGl2zObYLB+msjoKnaXdV9dI -EaZIBPP4pbCaEGlEBBheBCmQ/cXLG7BvT+BOnNOvdNEJdX9hgDfJ333Jc1v/pmx6 -//17FQm51g1pOYOtPHhC0mkxuobkQgyKHYP4kb7xFHOvhmotmk7QiP+F3c6K8oZ0 -Z48kpiHr5GmaemwEovJQJGaJ8oupBfT+NnRrLQIDAQABAoIBAD9mWqk3+/4g+/wg -cva4SfVcueMDTxQQLWib/SYZfR7gs4jpLPcrMopMoEMQH2/xfgGVnmXlsCJDf+O6 -HtZYqJzpU6LyNJWpGr35+aFDtCroCWFSKtZV6S3S+naQKFmKccrxjSZiBume5TAY -drPFNKDcYtW+tA/eqK3gJtfGJ2IZ7KxBQrBTr9ZsxgUoX0GES/CM1Rw62AQrla03 -doLqkXGHo1Aaf7mmIUjE/1LWPAUUmpeVKQlep9xaupADMl8zePnve+jR4l64N+3Y -Kvpta1oUsILyMrtc74b+cFWOIBu2CUAJ6awSzxp/0p7tU7EtrG8+kUbPD7+pTU8f -7+5cm1kCgYEA/0SBzoZnQIpcMYgGsuOr8qDAXDHLJiMd2PqS53Vjgxy6iJshb7O2 -zZw4sgPK2MK9krPPd/8CDvF2KfgwXrsOF7K6SOhalovu0DfGjCwn33ltYFrXpB6U -ln5tYPa1OzEvz/7b3afp3njJU3NunXosrx0Mse9x7xQWXKO0/cso/XsCgYEAxwOW -PVhnTTGE98dKVccX3+QBvZWgtPWPM3uaPrviJhkc4f5RrZxyAIyleKVSEiAw4SWT -o3u9nUDEKeNRxo7rDgznNMTwkCuzjkGV0kli386wjv5KLeoTa+BpNTnvc852IFVq -c6iUlStUYDbhYNZE48F6HZdHB5pw7xC7gGc6lXcCgYAK2fyyrOACzF7y9Bdkz2zl -2ZOT18INEv0X1j8ce88JKdV8LSwUtY0V3IhEeQjMgirQ67fsH/kUbYtaaWSVAlqt -AzoME2SWdchnLZfRKadgRqcxq2rzXSFv7Fv1/UbjB0pDC1CJcbPtczELzSJsq17u -6ss5XTZ4tV/l/EebamGJtQKBgD3Ws3xkV9T4qiSD3GlC7/w10QSj1cfk9ZY9tfQA -VYkZDIx8hcy4bAQXr+MJG7NeJVIQZwvJi2Wtlkadx+82wXsgL0eKWmWx7p0pa/Bn -tT1t8Ba+lTYnIdnHZWmQkwMdCD+LywQdQe4IBLPQ2b9JVSagG93N/9gw+R6PyHNh -oCaJAoGAZvpGm5cq4BPOIMIbG6A8WuMwRLv63hktXoS4tx8NewFrWHu0mKrABsGg -Z1d6n26w5TEFE3HMcg5DqSLQz0nCPGjjsq9yJjNJFkRRVD3onKZkIZRUE6o48NBL -F0mJvQGXY8XnNDkaD1oE5PGHFsG3iqAHlpui1L8b2fGzteTMHI8= +MIIEpAIBAAKCAQEA2k3kbA7xGxxoP28GiT1fctTXMsax59ADfdFVxG3OnzLo53vG +wx6Ge1B2R42fdfUD7yuPwn1s2BhaHKSbh8BvJwAuJOyMTO5gGmRnqR/r7PiWwY3E +f2EMT6mMNIpXLGdSn0V6f7hgyu/oJgzpJb8O3DT2+tZdoKQVFBhrrXMj8qftroZR +ciiiArddNgfd9OrVw0O4DOyvtyhOVjVpe0mg1n/rc3zweOKSRpY1/TnpSa/WN3MC +LFIIyFJDVQvWe/I1bpdCf0xYaxnOefiq6HFMgu6S9OStkbimQphRVVy8toa6uLt3 +8oqKX1MC0//8O+eZjGKZAF8CMmx/5qgXIKh+LwIDAQABAoIBAQC5KgBpt3LCcCHs +TBvbJHdlSysNIoOcAFA10+1Po2PynJf4YICC181xoxnwLyvmPWCM6QITEZfU4zLr +wKM7Tfn5tqltIEcQqdBSEn/qb+0JHwGgQsM81/A9Ua5ekkjGnQzzk1cIJjfTahIa +1DCdl6TfGv2yXUklDIfkd6I9iMAg/MWVrGB84g3P/39tWM+hmUCtJSHo7v8zoxNV +xKO23kcKCEkYObeFZdEkgPRzKIOzm1wEJeN7BVQ3yMgpr39KA+We4sl2LHWXHelI +8MO5kwQh4nZgJ0gxilWjf+DUizt1pVbNWVgox3ogHIZA2gV2Kt4BP6MokVTxD73A +3IWx1idBAoGBAPhCXpHdrXdLbCSmXH/B5uNsUo8MZNwAbfd/WYfvji0Z5raQUdYG +qmp36Z9qUwTL3a+KZMv0V81rI6vTZO/KEyDq5S7IMYrAr4a8V8jmqaohPqqj64Yp +Ppq0a73CaUZ19L5kWfhzLWsbHUVqG6PFqTqOlwEtwkLn9pyN6SR19NonAoGBAOEc +a0oChJYMD/ZjYjZ0HK0HIgSEvFOxQ8Qzy1BCf6XgvnoOiZZHIDunnIn0a2bbqbyS +aN1LjjaWd6tMRM21aXsIxM9QENtkNs83QSUDPat1iIWMSDKo4lmZBGqok8gvlQqh +avWo9em3wRE5VRKptgjfHclpaATIftikIjCWkWi5AoGACw+p9wXRfMc3gkqHRIn3 +J5rj8suykrrSK3zZGF1sEEZfKTM08jxJy4ScPCYYnNYYgoHAC/ZPEy/63uUEUkrG +n2jX3UW+L1h2eaJapvDgDlx81k2HaOrdhzcStdm7pxAKX5FJEPDQzTzgCP+5S4q7 +B4ji4YKQbTq4mjEYei9nQXECgYEAti6YyfHVudWTSZVPE8DOwF3Icx21iIoqzOwZ +/B+FTQrhPMjtItj3RjA1KRTNoxXdfcaD5azTMGx/9vsnp8/MyQzkst8adWPaU8Nl +Dn5b95qMXYCVoaI6ZcbH40YBK/8OQOc4OA6AzqCvOLBMoGkG8JEZezq6OzzEI7Ja +FTaWAckCgYAGHGGukuxyp9T4awqH6iAHd1LhZHLseGouwiF1MZpHVO+H8XKhYJoi +1Xd4FXDYClHzoLiTbPmiiRee1g3hgvrvOl1JqHmS8zNNJCY0Skx1wIBKGIywJEZb +GgrXeEVtylz0b0ifA8LHJmUiIEnkcuSWwRrPeWpfowsVOIXEbHu+/w== -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/docker-listener/cert.pem b/ansible/roles/docker_client/files/certs/docker-listener/cert.pem index 80b5c68d..2d06f70b 100644 --- a/ansible/roles/docker_client/files/certs/docker-listener/cert.pem +++ b/ansible/roles/docker_client/files/certs/docker-listener/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F3MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3NMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNzIzMzkwNFoXDTE4MDIwNzIzMzkwNFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprzLOS7Fa0ZNLfLPc+4k8lCG -uIil0hXaP0ls+mami8lGOXjG8QC64dJAscGy7RRNt8Hfa4xIjysDgrlxOXhjhtBB -qAkdfzOGvw8BU1BmiryV0JhogCKUJcKQGAJNyPt5djPJ80Um6VfwEzum42qp6gSm -4P5tFsyXKFUSLifTfjjTMN5CGaKPnjy7Og2HecLbalb8Cr2aKw8L2oAtzdbx3d7t -+4J9zki7O0XBiegsG7h290IlV+MiDXkIRuMqkVysDLsQ6gd+TxTXs5adPXR1oC1g -8fk5ZB51JwQbdWsmHEDGGVyDqkUDG0szVlsAIkvGs5iXaZ0+xCs6cyPXKRCd7wID -AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ -AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAEbaKgrdEcFu8szkU2TkgPelJ8ad7SVl -07EPN8g8WoZE7OY25ZEBkwX7La/MaZex1St9+pLxkj+uh/lBGSLKmHKsQWf40NT1 -2U0UhgU8x+/KLUPThU6kyXSQplKY91UH4tTG5rYxvJYDAvSV5/rqZw0Y8k8ObnfU -JR2pSoT3ucA9p2JGkR8YFFxmzhuid0YohkOwS9M0zC12WynKOYe3n8aguGF8ZeN1 -mTJfQZWNaHZvHwtPpdVIy8+C7a6JAwdF/+FkO65tE5BciUCt1w+zJbScVV2KLjna -WZBedzSZUBMlZnS4v1B6d852TxM3tondxXN8tfrGqkOC82TzCDgxA7I= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 +MDUyMjAxMTQ0NFoXDTE3MDUyMjAxMTQ0NFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH5qoWShLw++mR2eZGh3W//j +qfYvL8ihli92GDu9n0Vo0FPe9Wbe2mJ763LvRS+r3DMNjE28seiy7ReIbmRCcgWy +yymY9O0pVA6ovxID/Q6eMPcoXMI+dvMfFAvbNV7tkbSbnrnfoTjtKsIlYCzrYYOh +GEnF2/IJnSNiFa1+WHP/XliCcD0sHfN4StGsycaFDXs6nqqYhX/+ojR7RlyNVeJ+ +z1pkSBpiQJkv5KxowIl7c3fDBISk+U2yyxd5tuvA4e/8Eg79iRxGAIwI6HaJvD4V +zdg0L2cwHLmzcqkKeiX1Co17EMPBAPWzVoFg/ngF5ds/3k1XB614lqfMw2lqOQID +AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE +WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv +c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI +hvcNAQELBQADggEBABKM+cHuBZdkNitpMj/2hRnK/TOsyQ+BAP0OkKWIuOSoQTM8 +GTTeCdwwTbZJnI4l5HhSq3tu0YAKAFj8qMr50os3dgxuDcla4XxRRjM9tCD1SieB +DB7jNf71V45Z8Iw7L0xCViHpyZJEiz18aAILLExdDqyDpBCLQYGuyAcinuqXa1uY +mjFlJCVWz5LMdZwqskaMs/iXexNRr0t9EgDqOvXSfNnTVMoUOS5Qyts0H5cJX1xp +RL1hKsK6aIT40ro2lfp2Qfsn5fUjmKMFyGUSXhrKW2vR35REBEJMpdA/ycKvTh6i +HpUkjKAYolWteVI6z0/O05ReDJ+r7zCgg1AZmF8= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/docker-listener/key.pem b/ansible/roles/docker_client/files/certs/docker-listener/key.pem index bfa8a6b9..372e988c 100644 --- a/ansible/roles/docker_client/files/certs/docker-listener/key.pem +++ b/ansible/roles/docker_client/files/certs/docker-listener/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAprzLOS7Fa0ZNLfLPc+4k8lCGuIil0hXaP0ls+mami8lGOXjG -8QC64dJAscGy7RRNt8Hfa4xIjysDgrlxOXhjhtBBqAkdfzOGvw8BU1BmiryV0Jho -gCKUJcKQGAJNyPt5djPJ80Um6VfwEzum42qp6gSm4P5tFsyXKFUSLifTfjjTMN5C -GaKPnjy7Og2HecLbalb8Cr2aKw8L2oAtzdbx3d7t+4J9zki7O0XBiegsG7h290Il -V+MiDXkIRuMqkVysDLsQ6gd+TxTXs5adPXR1oC1g8fk5ZB51JwQbdWsmHEDGGVyD -qkUDG0szVlsAIkvGs5iXaZ0+xCs6cyPXKRCd7wIDAQABAoIBABA9883uMGzyvDHt -pSe12wN/tJ/lL8H3PvtLO8JonXCgeqa+jSKM36d/w62NINDXWXq89/aSA79ugTkK -t2zRvWA0iTDFMophio6x938WJeb919op/oP82lGTUlYEY29gj8Rj5xg7dD7mwgwd -k3Qzv7l8GoVwQ1AlPdQ/9TVpy8BPwIHErBNdGxVX8gID0MQXKlQXHOMFIOcbHifq -cW8tYeoPXq6WcaaXRhgVqt6cJEyqyAO/QM4Q3lVMn/7iyvn1DJFbb55sKH1/BARE -YqjjqpbPeehuSrrGUiXGDWNMLPxT5Sr4jtxykWPWYoIQNV+vKUG7dlOgY7dsjeA2 -WWIXPAECgYEA0RMfF9Zsb0gu7BtyZsdvVu5YE2y5aPvQFx9iFSs6y3kTAbxXLkrQ -7yy7Ba1LYHrSnGn0T8jqVAU9T9/ddHiIUNToQ1mzULjym8cqo1zF89/KaQY6FwnA -T4455bLqyOfnv1RuUDvc2voK32IIIb84Swddlq07NZ5xQ376e6UjWuECgYEAzCkW -gntN7Y0cRWq5K+2tZ81r8TGBJclj9UA5862Qjq0/D53ryEEGXboFKWePNH+SQejD -ELGNKOSBcV1JU2uYbO0TkNuQ2m6x5Iii4FKiLUgAxjNHBwrESQqqpQYgwPQm694L -UgcNIr19qt+u9iFzXXtHgwSdaRMb6uSX+F6wYs8CgYEAlkk9b4Aln/RuLjAokvLG -+OEJFKVxvaJM2WIoufjCIaLdY8EDlfYXq+UmZpVD+o0vOVn8USGmN1Ew2mqcIG3H -5vq0Hj2rZNodIpcO8jDs5jm2oLnmJctPnqAoxBFRLattbZ3+UdRGFG3qRNqN59wx -VdVsk7PgPNGwrwjmetygxmECgYB0EBOs3/5AQs1EpVRZpcfD0CNCPdtmqOO7g+Su -JAifI9xKu4NUF6tP0zWmASqHNNLnxzRFpDpUefsggGD0HKHNosVRv5DMrMtS2V6G -2lM6HMnb40DIvxUxVPAH2sD6EJKj2lpjKoEMM99iKcGkSQX1qeTQleoK1wMy+Ptw -BhyOPwKBgFpDaVu6NXg2H0jsm+pwPldQLFfZ8mAgmc7/BR7dyUVzm4iIiyKE3lio -ybppgO5WvypC/SNKCSjJrJ/kl2YS62Y40cS0rKxG34SzZLXa9qCuLIhRL1kKCD+G -eOjcJ9e6z7zKV7TKzY3sE6BoG8m7n20/eucffo3LrbyA2Z05D04A +MIIEowIBAAKCAQEAnH5qoWShLw++mR2eZGh3W//jqfYvL8ihli92GDu9n0Vo0FPe +9Wbe2mJ763LvRS+r3DMNjE28seiy7ReIbmRCcgWyyymY9O0pVA6ovxID/Q6eMPco +XMI+dvMfFAvbNV7tkbSbnrnfoTjtKsIlYCzrYYOhGEnF2/IJnSNiFa1+WHP/XliC +cD0sHfN4StGsycaFDXs6nqqYhX/+ojR7RlyNVeJ+z1pkSBpiQJkv5KxowIl7c3fD +BISk+U2yyxd5tuvA4e/8Eg79iRxGAIwI6HaJvD4Vzdg0L2cwHLmzcqkKeiX1Co17 +EMPBAPWzVoFg/ngF5ds/3k1XB614lqfMw2lqOQIDAQABAoIBAH6iLVb8PxH+A5WT +SiCmCDACGQ/njrdz+o21SjLB5OeFGxO5Sqn53EuLdgtIriWmNcOx7DykixTL4D3K +1TO/HaV2xv9vYb6QSukiE5rJ0UBtG8Uzuw2UgUdv5K4sCe5eKo/FPkhq0HN9xSzc +fbIdpzr5cNpemCUq7myhvTUddyfLMdcRrQX2J2Msxq7tjPYmXrgx29/fN7iY6jAw +gu94XD2Tcjd/OExiGAZrEklosiskaoN5o5ksTzAXfmKamYa+kF5C3GELru2Vve3s +QNRCZaKFivN/T+NJZBHwmqk8pdq+/MkXQPACmFRJx6PEjhmJSo4MUsjdfrE9m5mc +2/mcMaECgYEAy4+q1wudK8DfqrXx9uhoCoZP2Y76C3aMTAQ6cfbXX045W3xA4GtC +9aD6rq8bH678rH8qppwAEGG4W86oyG9ivRPtolnfTFUCw+MDLu74620L3A2e1mZY +Tck7CIWu5qr8qgCoDt3v4wMU0Rd79gCnlRWXjTm+/MxcnPCcxFFhVDMCgYEAxM7G ++7h9BrDIEFWirMmGinIUxJJvmOBgFeYuAFnuZX7gZtCj9lkkVJm7941o1bxxPxA9 +oSn+2Alvp+GMo+k6qa9ocbicXSoJT248bp0P0VbAAVMd5HkcwEmWAmz2DP0h15Hj +1Fr5NZVKSt/sRLrkTy4mk2ApcfztPQJC2RF8O+MCgYBPgwOpUgkHcSQsqzsjRa52 +BfaktVtoJNsySiiGIXQI7yYqXQN+ZYdXKJUirJU8r/5UZqvDPoYr3+/CNJvrBs8b +qfAVjWNSjpYw67hvmbqzQvnx74QOnRV69NJRRt6FjV56DR2YCQrNsoNsFO8/rQvI +iRGUgWzfk/fM+ZNSf7MzzwKBgHBPK8BEFJz3zwN7Svzdd/iTh4RxqFuOV2bH1yJ+ +L4wd7kLd92NClXftzxVCzjuCcQGy6+iHhZWVNPGRxedX1hE1Nx4GYrzLm0qHttbM +rFUi8ykOXHWgI6cblw5FTdg1r9VLvL7XN3W7fwzhYfwKxvTkekEJ1DznQB7bpngn +AUVPAoGBAMFiKdaONJnzRUIPM0ObJBGSarHUsGFXacf9j/FRQWpIphR5pqpdA6Qw +ctsSk9Sh5vjp9nBP0vaiA3vq93mvB6dbt/aeZIYGHn2A93Yes8URa1BU8+QPOJgS +ZrLLBn8mYnzRzzjKdcpI5zL3oZfsD25yyqe9kENNAh2FurB2zDkB -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/khronos/cert.pem b/ansible/roles/docker_client/files/certs/khronos/cert.pem index e935854b..6b4c5d8a 100644 --- a/ansible/roles/docker_client/files/certs/khronos/cert.pem +++ b/ansible/roles/docker_client/files/certs/khronos/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F0MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3RMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNzIzMzg0NFoXDTE4MDIwNzIzMzg0NFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTqz1o3rvyRs4bNn0a6/JTge -YVmlgbCJcYhqnL8f7lIwIuJX76YXJYgl42HutjqrDO+lhSSKOoaoUcpUlGC6dflB -nTWk3/Qo2apTP8QADJq9DtWNz2jOU/hQmmH74WZfSeD/3hxh77Xg2sdmVyX3o4f2 -epr0Eth19QDs8jiDia9ob1S/GqyjB8K3t2iNysJO7PyMVRMFB+gh4/0vwytN+q+l -lExJnWBJ59hxEameYIAYbLZiXnt4AzS92uK3oUdPjYGbiV0Bn4UnjmqmlOP6AtHP -JocrKYAIdS0GcKoI312GbRv0HhGm6Lzt94WjDsiNWkO9TaWEmBDVOi8DPDXnZQID -AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ -AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAHkd+3C6ogJf/XQKk4bu0fPC079cu684 -s94YoKNbTpB3zX/47Of1cfX1nrhNgCmNknGPb70HQFimWeM+H1DXn6YPokbhK+IL -n6uN+dgvSagA3LdI9MvyiqdeDNZ39IJGEdPdNWD4in6uQda3W34B/WUeR0a5BAne -OTtY1+iDEhtF0P+CZxfQE5n+l1fMkQC6llm8UIGcAtc9aSp4zYQm2NwTuoO+7xtf -/QQ7ceVJJdulR6zU5Gn/v8cU3of2TE/QdfXUQVs7ET40ZCbD0LQn2ZdanVpWKZwb -E+C6xRdG7Dor5uPewUoXLUQ7OYH23eLD9LyDwETx7z/ntpVxMkz/Iug= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 +MDUyMjAxMzI0MVoXDTE3MDUyMjAxMzI0MVowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5VkdXxdEcgJNR5r07lsFfsk +WGMZzmXMfJ2CbYthcFsZ6kpXHz9dagQdr7Td4JrtyzluQ492xsdWJNqfZ+X+fdIA +fZRXpZzOgv8GpaFf2TPckFDB4Knm/7DTDdjBZH0uf/Vw0PNc+xFZaDB2JaujsDSj +Q4ncMIEcYMngf9Au5RAJr9QkMM5WuE1NNcihHb/SYs4HNI2ndf/WY8dAjcEtt3dv +0MdAR2gbW+hmWlxKw7UdpcfSaMv/fjtABRyeEmNQkuUjvPFmllYJ7DnSaV8eYsJe +ahp/3IAF/zJIG7PYnng9lIKmULo0SwUh87ZJV2BT9NA+WVgtyCITx5OldctVQQID +AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE +WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv +c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI +hvcNAQELBQADggEBAEAkWi8L5bgZ4awj2dW7oEpaFI3Ypt/ROIbrENPcXvLKNf92 +JfpfttMR7Nz7kAZEDgFKS4k4aLN8pX/RKYmPI/QluYuJsrRykrnB1FDAKO4NwEu0 +yHtMW3ZtSAZ8fQeU6bpgA1u1EdYGGe4JOORkR0rfuvqwRwBhAhMQo7HowhbyvfhT ++IM6XZGlhyPZeE/6fm1qJCr1hH8kEZk/68ljnLoBfCqXWtFvwDlrZU/p+1dLQQOZ +Qssomi0tEMJdPqn0l/vyk29A43iRPSpwJjdRqe4A7sp7UB13Le3/EKvDRFkGcu7b +GmMd5RhD/7AsWBPdHSgDThFANEfL4CU8vj9zsyA= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/khronos/key.pem b/ansible/roles/docker_client/files/certs/khronos/key.pem index 710a4617..7739e6e0 100644 --- a/ansible/roles/docker_client/files/certs/khronos/key.pem +++ b/ansible/roles/docker_client/files/certs/khronos/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAwTqz1o3rvyRs4bNn0a6/JTgeYVmlgbCJcYhqnL8f7lIwIuJX -76YXJYgl42HutjqrDO+lhSSKOoaoUcpUlGC6dflBnTWk3/Qo2apTP8QADJq9DtWN -z2jOU/hQmmH74WZfSeD/3hxh77Xg2sdmVyX3o4f2epr0Eth19QDs8jiDia9ob1S/ -GqyjB8K3t2iNysJO7PyMVRMFB+gh4/0vwytN+q+llExJnWBJ59hxEameYIAYbLZi -Xnt4AzS92uK3oUdPjYGbiV0Bn4UnjmqmlOP6AtHPJocrKYAIdS0GcKoI312GbRv0 -HhGm6Lzt94WjDsiNWkO9TaWEmBDVOi8DPDXnZQIDAQABAoIBAHBvLfGsRv7DvS9f -awuReNu5WcQfm7Ro+rC7Rf3LIFNWM3g46B4kMNe/7vvuIi6a2KkAUPm2F1CSxiJB -bxGfbx/yV4GYk0VVFugAucwiyjyLVXLqREfpnhUyKgSK+ztejBe6+mdNcJdA54Ol -/yC6kOvw0zToMRk+JvTXAwi2ZaOZDgvneSGl7r2c6yUf3vkJWI9gDcNxva11Z8YG -LElQxq13elnnhxJcI/jL9tcIH9hBmZ52xSRXaUAYUEDmfB6RtvWSyn+lqSrt5i5M -nfUyytqpuGZyo+Uij69MFarvTqIY97h2tCnxjc+cTcx2W9LOkaibIZcPeTrIjBs6 -IbMrVokCgYEA/zroeZQ78Dz0Bx+binbeDq5hDbrHWbSPzVpp0kYXeXBuzVFA+VtP -6KViFmR80ehCATyKW8qRYJgeqx0P2q6A1gNBpnMyMEbKYWLFzOFkZ/dB0yxEEpfQ -VgKbEeRXJfehsr2Fqh4pbZDtPr8MDnEiOTH8n9ngYFfTPqrbcVgfZisCgYEAwc/q -pZHVAQRhvlB8mhzhusFLljWnswLELPy71IDKF8OcDRXTOaKr+bx7N4vl5tmS5GVZ -4RjwWdQK96Algj8QmtC2gu7TtzOZPbefIQlazw7f+KWPz9AyP9B9KjFk4Ws743c0 -/2KXtThTYysuie8ePHqTcUWFy1AqbDpnO7ZFMK8CgYEAqTarDoAixQIEX/yqqMBq -NJ2UJwAgTu8RL/qzkf96bL8IFwO56hiKABo1z9bLkndD24IB0R2aCMqR+qyH6Fot -fLYn/mz9Z1hnsO1FarI8WVlqwNDmSNVyALQ1j0UuKjPldpWEWucoXEXrpOAQ5DpJ -kFX9wRU4V2ei3Dd2ycy89IUCgYEAgX83zEsFZHmWCYBj0OFNXeg7ZfERzQUjKN/x -bIpk/b3gbcnQaWksuV/bgIDEKxvjDyI9DK8KISsR7OSfS0hyAs9Ds3Z6FaWvVVJ0 -S7GhcEoDEnMlBPiaKpNWnjOEsS1iRZjn21/398jbxp4aqWUQ8d4A2CVYwUEeJ1Ra -l8YwstcCgYBsAmkS6OD4vhc+63/Hr/w5DmMJGHUnlWA3iO/aYUMFWj8nCN9uSphv -5INGrPfFswQfGkQ32D46iJBOPziqWx+SVFusQwBQQ+eyID7mvLE5E6QQ1iti/KTP -sZyTcZMVdD1huJlzM7UsJERFNeXuzW0nQCuAAGQKJr7pKV2aPT1QBQ== +MIIEowIBAAKCAQEAt5VkdXxdEcgJNR5r07lsFfskWGMZzmXMfJ2CbYthcFsZ6kpX +Hz9dagQdr7Td4JrtyzluQ492xsdWJNqfZ+X+fdIAfZRXpZzOgv8GpaFf2TPckFDB +4Knm/7DTDdjBZH0uf/Vw0PNc+xFZaDB2JaujsDSjQ4ncMIEcYMngf9Au5RAJr9Qk +MM5WuE1NNcihHb/SYs4HNI2ndf/WY8dAjcEtt3dv0MdAR2gbW+hmWlxKw7UdpcfS +aMv/fjtABRyeEmNQkuUjvPFmllYJ7DnSaV8eYsJeahp/3IAF/zJIG7PYnng9lIKm +ULo0SwUh87ZJV2BT9NA+WVgtyCITx5OldctVQQIDAQABAoIBAGuJOehL6eSBjUst +P7Is2jBiBR81JaeuH8MbLIxoabI72wlPdIscPebc9Fq5EoL/na0+PeWbQtMbbs11 +toxQv+sJuTnWTCT5nkpDgqxAw/liFKAAfiDQxTwfYvGod1gar8NKjUQIWf3DYuDS +ClL0oJSVsNDeDznmVy4m8rdLxjxsUitkwciZnF6FbJZFm/Ki2IOfugGh7zwBu3N2 +ivGwCtwoj/YqmCzgtZMu93bb7ZO2p2kka+tqLi1wGaVZlEdltURm3MBv+I8LAG+r +mrJAP33Wig4c7/OlZ6RYg7KdZ+efDU813atC9cZdjJFVhrN5vBqYcSOravqDIvSJ +PcL40WUCgYEA8O9Wb6DrIv+QZ3/pBX7uJCSFuomF2X6x0RMTTYlht/TaOba/wu8E +ROqicGNm61LDDrDl0JVopyN+BCDKaPFaUucsTwOxw1yIF0tD4pdsw2XKI/NvjYKE +qf1+cKUGbeSb9Jx/kW15iOlYpkmPkVwyitTjMESFreuvunLkxwpF+VsCgYEAwxAH +E6q7iZytifI5CDQEOjoXy3LciHW4oNTykIOVL2DzMfZZQee0hIvglmKX5zPVShMq +fMueVozAbXn2ZaSiBg1t2uj6OXLgiVxcW2YHjMS9cFx+X5y7YRAm+yO9WDvfEPiT +4/rBUcRcII17fv3SyEn3vWXBTAAEHvTNDH+aUpMCgYAKIcZ8w0OgISctcw+Vj5Ts +KC0HfykF0HIh3K9/HzvgxIc4zhqaU/rV+xgBqex2EPDq+T1w3Beej7uI6OgaKawm +uFoAqKMdGBMRB7U/HicQwIMTp/UU+lwh2esrSYVPscFtM/eZYgUuYMG9nHJRJpNp +izJSoU8N1U96g8JjLGds6QKBgQCMvB+e/OvZ2YULpgun83+pUwif7PtYKTdQMtPf +mFAmothUD91OQ5Jmn1Umq3PVh/w3OaTJ7U8MOvkLA5fWtfWAUGgWLUl78Xo3IMAx +4WdJFRlo3BMBgN9gpHq7b4nJA0lpwS9SqTSZfgbKJcoYUaGmiFeJ+sR/xPM0MoNO +pTH+qQKBgGVIPtAAA2/o8QcBv1utAh2LU49dt7+2/cIgM9z1USoCiEdxh0PQXc37 +/GAKFPGWSc9wUjG50Ucz3ADoGMieT3OcGtNx6ZB+FSDWvO9XJ8gs5qX5BB3y4qfs +/tXJUgJ1tYVrUs+zg79UXidQfUX3sXEUG0pXtIZJ/a6Cg/t43it0 -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/palantiri/cert.pem b/ansible/roles/docker_client/files/certs/palantiri/cert.pem index bb2a3a71..766051bc 100644 --- a/ansible/roles/docker_client/files/certs/palantiri/cert.pem +++ b/ansible/roles/docker_client/files/certs/palantiri/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F1MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3QMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNzIzMzg1MFoXDTE4MDIwNzIzMzg1MFowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5a2Sh+6vv/VniZ70vq7kkPU5 -Vj+9UUhCMxa5p7FAb0/L86nnL9SjWDT67uboX/CrZcaIHWtBZkYopKBJt82T7dKH -F7ZhLtb+FpX9PMiaWCUBa8n0g0zoQ/6MIQpn1Idxg7eSh+1HvUEjgZcM4DBMbC/f -90Ylf3OxIxknuKH07I1pJL6ZwgmyUC2qA3IpWa1UT0Ms2bEAfJc7VqVdXxsQfsVw -NggBr3mcnrbyN+IOuqhYxj3n7HrPWd7M52aAws6UsB41r0RUGSIuODr/lcPSJSe3 -9dQSMac/AK2c/wXobERCuD7SOmJLQqvtbEORlGlICTxNP3sjR/JupkdE20DLRwID -AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ -AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAHnZqhuOFpUBQmm8CiretyClfW5XGqaw -3mXokD9zJ24tUv/6pPv3QyEKya4Wd/D+JZqLXJh/9r2l9EoVSIQ+L/x1BVRD+vwi -CQqkltwx0BsBtjUl5FKyOoUNrLHcOh1SU7n+wp27zb08Cb+XpzGtfsi69bWiPfdF -lpKcnGlc10G1dHpddoFfo96fCpPwF/lrxdbgqzkML7j0oxDGgYq7IDdH2Om1qhlD -ZemFEdsXDqP0G8oqO8DOjyBDwANmp2f1F2tiTd9vVVqAd/2os8apHqYMVKfvJPKy -n6EbI0AolDhI3y2qBV+yAsMYHztIG5AIiI7K6XVSkOgt5SnHZFw+gis= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 +MDUyMjAxMzIyM1oXDTE3MDUyMjAxMzIyM1owETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEra9ZEnGFAKb7p1g21tud9W +IBQps5/GYU51/+oSukrn6+U6fFNHdiOQ8E677odvWYMMGwaJ3ImHH0KfwcjNnHsQ +ooJfOApL0X/6HbCgrxs/721YU02odjmGsFO8ReavPy1suqbXhUR0UNHgcPRCgp9p +c8FznBF/2c0e9KcHiD26BCiJeapoxiQTHilnh4UCews9DorP4Zenfa7dBRdqbre3 +YYEa7t+oKmv0w302p0Bxv94U4sc5yTxQjwzh1Rf7GsbIZR8xyh3mbIREilOzrsgn +yYbWF+5ofxBNbNQkPssjnJDZlFB8Gqwotlko02mRAeiOSCmfWqCfjBxcT1ByBwID +AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE +WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv +c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI +hvcNAQELBQADggEBAJa8HURp0+0cx6eg1PfYwbpzHJtQPoYtj/Am36sPd73NeSJU +k7ksiWtQtoX3HAu2WK946BXMA9UF/ZB0+icvVgfl45nVYQQinM+nJT/LCcVfHglx +t/rMFcTARMxdu0bDNFAxzWf5CuEC3liMI+/uM3ySlvmddsRfJJnRxs3/rXDjvHu5 +Bqxk2Es1r79IT5V06N6a68hyecZ+CGMEy1fqHz4nsTzni5WEligtxTD8DHY9kI7j +6TLl4dY5hW0KURqNwnTTasuKoippvGA/5gNRhd7gcvBjNGmKLQKP5ltH3cF9jYaU +UKzjY2BQL6HCjYxCB0EtxfwFTMCTaDuYyt8hym0= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/palantiri/key.pem b/ansible/roles/docker_client/files/certs/palantiri/key.pem index b91a93dc..d43d47b9 100644 --- a/ansible/roles/docker_client/files/certs/palantiri/key.pem +++ b/ansible/roles/docker_client/files/certs/palantiri/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA5a2Sh+6vv/VniZ70vq7kkPU5Vj+9UUhCMxa5p7FAb0/L86nn -L9SjWDT67uboX/CrZcaIHWtBZkYopKBJt82T7dKHF7ZhLtb+FpX9PMiaWCUBa8n0 -g0zoQ/6MIQpn1Idxg7eSh+1HvUEjgZcM4DBMbC/f90Ylf3OxIxknuKH07I1pJL6Z -wgmyUC2qA3IpWa1UT0Ms2bEAfJc7VqVdXxsQfsVwNggBr3mcnrbyN+IOuqhYxj3n -7HrPWd7M52aAws6UsB41r0RUGSIuODr/lcPSJSe39dQSMac/AK2c/wXobERCuD7S -OmJLQqvtbEORlGlICTxNP3sjR/JupkdE20DLRwIDAQABAoIBADwsV2GJpT3ze2bQ -4Go8w+E+fgEcverXtZBQ+d73T1xaWaLC9rDPUuQ/LSb+FA9erGkDtJGQkhfLdcZ7 -wBSJpaH/MCmEPL3a0cL1FN2h6N4DA/ZLeOYVdhyqSeg2I7HIsnLB24AFKHBq6nR/ -MH5j6QHHITRVimlz1ArQAlobBGIcwyuduaQSxFgWc5JeMblwb0ZnNzSvW7INA+0R -e0XLIMKO4NxCfIo0zUrzUKV5GyTHPRy7p29O7mii/08i+rFwMSIZ90bYK0GluD4F -vhMM6MfU2Wujw3oZwUzg+zCAyk4wTBsv06JbdD/kMsHKVK6xYnERd7EROBd7oK1f -k3uVK4ECgYEA/UouBMjYf1j05apFXPXBUOvGE4uQUvGYENYxWgYbLjqzYX39eUQH -zuPERG5P3HnTj81Z2lgQEox5ay2EoUnSZqZg7vzNjf+EJfKh3xzaFjAT+QwJkRnr -J1TI8QbSxcClrhbM/7Nf7XDqS8ZljAWmJ9A59Ilx9Wr15Qtdoc6ElucCgYEA6CK2 -6TdjtP7fnKV8iMPoiyTj7BIQF7WCOQ1rJtBUveQOqq//573+nlnRI1LsVNDS2THG -YVQIAm/rv76tz4rz+JFAnDyvdYfYZAAW2B5WMKjdN5XU5QUMpMwnWNcwnljNRgEi -4MdBAhMdKuCQyENv8Ue2JYDLZ+GkenEhvo5KfKECgYBkY50/qjccqi5ORKE/Sew3 -3WrhXkRyi2zA55Qh4R+uv/dO4bev84XAu0eT88DVWre+XB6LyrF8GI8bKqxRnMe2 -haUPs8TozegbfkIoAvBxMNcJs3qrNwGb0h/eX9z0IfnIuSLBCeAwZLuIEvc2exqy -1vXRdRRkt+MDx/BxbD/i6wKBgQCJtw6MjS+50PsYE5UuDguHgPs2sgCaEDSRZESN -Ykrj3MhWutM2yKClkONh8XADYV+1OrJWS2P1DjDuMFEtL2JNtN5/0gDF2TGnIeZr -kJPRilyy/VCwDa7SlctCCWfuiQA+562pbIxEjtJe/ZrnNBrVKZYF6cLCfjr16Of8 -BK5sAQKBgQCErSNBZbAMocHQ/Yht5z/uCEJc9ngeByDhj4/7KQYmClso+wSXiYMO -zCRyMRA5SOnVU+H0d4erL11dEBzfI/opQDgsc2sSxlPoZyQh94htxl892YkYkGqa -QCCN7iR3XIB29IwlNjPB/CpSm+al3fieE2YOrsNXycq78FgPT3Pzrg== +MIIEowIBAAKCAQEAxEra9ZEnGFAKb7p1g21tud9WIBQps5/GYU51/+oSukrn6+U6 +fFNHdiOQ8E677odvWYMMGwaJ3ImHH0KfwcjNnHsQooJfOApL0X/6HbCgrxs/721Y +U02odjmGsFO8ReavPy1suqbXhUR0UNHgcPRCgp9pc8FznBF/2c0e9KcHiD26BCiJ +eapoxiQTHilnh4UCews9DorP4Zenfa7dBRdqbre3YYEa7t+oKmv0w302p0Bxv94U +4sc5yTxQjwzh1Rf7GsbIZR8xyh3mbIREilOzrsgnyYbWF+5ofxBNbNQkPssjnJDZ +lFB8Gqwotlko02mRAeiOSCmfWqCfjBxcT1ByBwIDAQABAoIBABp3DTZ2r5Kzl/Sg +ax+hLV4WIoKItWamcBTGg1pRsNy1JLfFXDFO+R+QhAYiV2w9jmG/LW6nXwcA89rf +HLL/49jpLsD6WuQvXzGL06kVG1UAk4owb+wrWD84WlSDtaqnA5G9Ch/QRtaM+DG9 +WklgZWc/HvSgbHnqUhaHdVj+/CD+FPBipYYm5tEDX0066wH1jhK01rH+BPzTgY5Q +LI0n8aE+HQwj1xOP/1xfX8lYr3nC6wyPgB4RB7O7eSF0l+rvkn3dkOzN0TjRO8wM +bCGKcXPVZNIYE54jigbcDVtKbrACbqBS9hJ9TOFVQg+AgRX39bM2x/qZNCQFNLqA +e4Bn2cECgYEA8MJ76VvACZ/pyyZf5k1exQHfoVNohPQvkX0qVmYsK5opV07MtyTu +KpwxxARFPvRTfUaT81MpHQYoA2wnHI5oByxDR8hWfMpPristGpny2wVUy3CukQV2 +NuZEf2/4JuWSoGuoPtJ265x/LdbLZN3sHrARMdG6jvkbpR3oYd0B5gkCgYEA0LfH +G90e9RzkoS93N2FNwe1wZ/ZVMp+/DMtGNc6mrIsW8VVQv1vgBbcOnIDbO2xlOY8e +a80Bfoz7l4KwMJp9f+J1oXTWq8SDzQUv/Oq9s/mQUGzeIW4L8rcZVBdJy61S+Yzh +AJUEzzqM1pPrYx6Zu7OjWaQtCyFkvT/P6FeOG48CgYBf7++2fpQYgbuE8ya1u9Du +yh9VxsnYaQFnhSvQv+gL++NLYiAbPsEVA6alCFqbinqWagBcrp+sbB6XtoojS+/S +I+YvfXpRQcDck2Hmvr/SXN58LsuxCC8iE0HqUjDdNw/lkuC5H965ZmQbXQMxj2ke +lWRUqNEhVcyZUECgdpPiGQKBgQC3fDiQKE4k0ae0g9PcXbBMAf7FhmrTvFfqWXF5 +sBgaq5QZyRTZhV1l6M3xi94vWVWLymPGBU2BAVPUmFFoCQi3OlCLBfoKuxHbVOoh +AASRiZ3y9iI5ZVMfpxOfN3Hqmo7NT6omJts5ipFxukw+sRIZTw0VqxzmIg87yDNw +YDhPxQKBgGDgwTfGJinjEp/c0AKFll+fMZF2Y9LbY4eF8JPsfTtauiirdiMNQtVS +QFWsOAjpcrwNyO1vn66j8F+aTeJ+6dfguuKtjaGGM5CATeuxHhasrME2Kn6JIOsL +BKF22VBdXZ6BgrXY95M/Of+RwHsGEyt5LxDTICxYEAK5iJGTTPiV -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/sauron/cert.pem b/ansible/roles/docker_client/files/certs/sauron/cert.pem index ddd4e774..8097df91 100644 --- a/ansible/roles/docker_client/files/certs/sauron/cert.pem +++ b/ansible/roles/docker_client/files/certs/sauron/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F4MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3OMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNzIzMzkwOVoXDTE4MDIwNzIzMzkwOVowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJexn76h5+d838OcIVjphrYt -gzi4apEuok5D0KEdQjAkvZHLWT3P0IP82kyu5njJ6Tmn+kLlByMx30JhXrubbO1P -v4CUYHGPnX7qc30n8IhV7m3XHS6VYN4Qn6kpl4vIOvHx9dlkLPlk8KhCAVQp9Un+ -m1OdVjOFUR/SXIx4c7LtCaPZ8J2VBSpNHq4w4iO9ArSUZ7b9lCZTP7RgV8tOO8jH -29IS6CIZ56R+LCehar69WYaJ5w9sEDkT/FnmsSZNRp1utYdLj7onasIGGgPBuf03 -aJ+d3frxsyWfPpR4jX/xVhEjRLQjHmh+F32UJEVp2/+sjzZvPYskjTdqMhITBwID -AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ -AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAJ0ucM2b0t+ZtNJTdj22kIiQI14mSTU9 -/BLcSKqWKOQ9cl5LsRiXMiqmb23ybF19GrxM8UPElQEcjwWSbWzOJgpfq6uw3jAE -L0eOsQOoQVS3NfwGzXc4aP0bfNEdE/oiCaxa6dImCbDcO3fv6wwjsHqQm8wK1W0x -GSmC2PCXtmuo6BqVf3fIOBo2ywmlyG270R36p7RGGBfUXQHm8JJrP73O5O5csQm9 -c90n4yWdgN4qnTmRE3BHQaypN64f3OyW0kjDdQ3MdODWl+c+6QxxfUZL31n2n3wi -sl5N7PwZ2uzfCkjCAT3u1iZzNi2LvrftE1PMAqRSSEPZca6KUH0mBrc= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 +MDUyMjAxMTcyNFoXDTE3MDUyMjAxMTcyNFowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PMfE+VNxIAI234KT1xKncmu ++mwAmKkMg+HU0Ii6Ek2VkIsdVhRenUfbb5u+ijP/Att1QSyA+aynnLOh4lDL8okW +AJl52PFq1yMFSd5VYQ3ag9UYFvD5Vvl/vliyfbTMwlx572z9sqCBQPBHmog+J21S +ZnC4ztBM2NKCO6PKuchY95fHTkgmHwS2+Xbt3PFsiU+pr4Ch2m9fWj9vc+tJtmK+ +r8sosO5qcRuP/OwaLqCo34UEHHriCGyzK4FlhYHqeERkAOm+p6ruawkhooF9tmkw +kkQpyh39BkKl6N3spS8CWeGlBZebYCbr00d0yhHnpvdQW5nuTyLEdYiZqq6AiwID +AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE +WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv +c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI +hvcNAQELBQADggEBAH91usWaOqOUYpNyLnDTTnxC6yyClMBuxLn93qDZcWv2cJhz +MVOAgWm2BZjj4BZyGvAIocNoFXb2MhZZzbLCN1VaI5Rq5TnTo9jfrWHdyobdFYc/ +DzigDM/iV60LomxnDaWs2iBNhIwVKlNu5M/h4VY/r8tMFOtgWbQrYVsKq91GbLoI +iGs/OyNa7m5fBOvMhXSqU2NlipyrbbhYijlg5yEt50ry+rjl+d1JS7Wtn32akRhf +DF/bF9LdZHV6BC+PubUr2tMDAT+qXua2q5aXLTYTsBB2DL6lhLROoIYK5igLAbno +yWzL9xCJBgvLQJwfgxvQ6HrQ85G5ONA756J3iY4= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/sauron/key.pem b/ansible/roles/docker_client/files/certs/sauron/key.pem index 24efee60..a17cbcd6 100644 --- a/ansible/roles/docker_client/files/certs/sauron/key.pem +++ b/ansible/roles/docker_client/files/certs/sauron/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAtJexn76h5+d838OcIVjphrYtgzi4apEuok5D0KEdQjAkvZHL -WT3P0IP82kyu5njJ6Tmn+kLlByMx30JhXrubbO1Pv4CUYHGPnX7qc30n8IhV7m3X -HS6VYN4Qn6kpl4vIOvHx9dlkLPlk8KhCAVQp9Un+m1OdVjOFUR/SXIx4c7LtCaPZ -8J2VBSpNHq4w4iO9ArSUZ7b9lCZTP7RgV8tOO8jH29IS6CIZ56R+LCehar69WYaJ -5w9sEDkT/FnmsSZNRp1utYdLj7onasIGGgPBuf03aJ+d3frxsyWfPpR4jX/xVhEj -RLQjHmh+F32UJEVp2/+sjzZvPYskjTdqMhITBwIDAQABAoIBAB9FNQiIJdjWCJVm -dZ6Ams8stGzIYYZyZTTNgIibnUlctL/ugtuNDHL6p8nVBWP6/ltYFHINK0M1IOmb -wOh6a8tMvEZYqViZ0VhgJZCh10ybDuYeNuVir5L6YL6EuCL5nU43nsIHRoVTGdti -ByvbuvgyO9gBfnjyqt8FN5O27xR5WGGjUScPUCIhSU92W9D0+NENMeL44+7iXmE0 -zI/Qx3Sz5bRSMfv21ntRyv3W/I4vIwsPreOS6Xo5r8286pZO1XusdE98vAT6T1ga -vS6AU2dEhvieggsAUGnsCXFcLjF+RraIxfcqtGACXBmV1TILhhFw+AUJO3PTshhc -J+ZvAuECgYEA5D4PA88kXuVd/kDd6Er5jxzUQR4saMwkxKY2/s2niYQykA7oquLR -5wBSJ2bFfDiI2I1xXTgy6BO7R1vWoFeCdOQcsHczm+H1cain2qn4gQ+xFmCC6UPV -C1PuRdbETUCqPy82/WOI7kNmqj9Q46ndtIbW8DUTkKN/ZWyjSwEE620CgYEAyo4j -KonGpvojN9bfdaI++9yJXJPsa//mjENVL6AJb5dL/VKNw74CFuG4hj5Yb51T6ilq -bSDm3neuwHVF/0L1bGfflOqnhtp5FbcL4iNPKE+Fd/5VUFDStyDDOsiwr9G99Yo2 -uBBBxp2s0pUV4xp3xI+QSz2u/srK6eXf0vlPW8MCgYEAyXmKkYc5iNcZqIWkHRiJ -wO3m43B6LSv/TOOYakYpnPdoFshCVA6S0UH0QzmyHBxfmCELMAmazkgUqkIEbFez -HfH67T7b/L9yhRkmypv9dBfg72rURIsPNcep7lZNxA/P+KR5+yTwy7oNlzz672yT -+3aHp1SC58ubenFyl5PXvuUCgYEAmekjI4GJJvvOovFs3q+n+Cz9WxEzhmTuRAot -woByaw6luRlvixrn74cYdTkObdE4ICfULJPhmY2LhcYWp/2zCupq43biUP/VHgD2 -0KBP16uFGUZygRLI6knEzvgL+a0AEIEzTu1bbZYF6gVKmkRUWVFVLTbzr7tcMBpx -1peGC40CgYEAxrYQdA2vGjjzuMu4AMv59JCq5H+Zy7Bf3RRXymwvcJyySBDAi+KU -jZdKmmbBqfBVZG1ZWMby92Blx1KP66AekCVtsPyZqqToOSNO28H9dI5pqvIwiAPw -iYjFHfFTlicM9DM7hrufWtSPOc2OEO2MPHtibHZEbEbE0/bex3P/rkY= +MIIEowIBAAKCAQEA1PMfE+VNxIAI234KT1xKncmu+mwAmKkMg+HU0Ii6Ek2VkIsd +VhRenUfbb5u+ijP/Att1QSyA+aynnLOh4lDL8okWAJl52PFq1yMFSd5VYQ3ag9UY +FvD5Vvl/vliyfbTMwlx572z9sqCBQPBHmog+J21SZnC4ztBM2NKCO6PKuchY95fH +TkgmHwS2+Xbt3PFsiU+pr4Ch2m9fWj9vc+tJtmK+r8sosO5qcRuP/OwaLqCo34UE +HHriCGyzK4FlhYHqeERkAOm+p6ruawkhooF9tmkwkkQpyh39BkKl6N3spS8CWeGl +BZebYCbr00d0yhHnpvdQW5nuTyLEdYiZqq6AiwIDAQABAoIBAQCyMsjc41QSjXnc +AzspcffW1oEgeeR922jnq8FkyCW9T0NLc76W2/DY+Nq+KLxn9l79yxvx8AX16O9S +CFf9hNNGIEVTNxtp2Ywof9vbFrynvOoQy++eswRULfEiHiMvYm6+bphzLOeX5QyE +hQ3GWSB56de8dbORDWphPrdQpR3uHBugsebsv24TDDVBD8WBeWir9CLTqTgxxDmP +FGIBPr9v6zGy0gn/wPeOJSNK8/Bx01jMUZ/8TsTEiHqE/jFXdEUbkem8ntgqMM6u +epG2K30n198D+AJpH661O4IgdHFYE5zx3UVV+oouNRcN3w477JZm19Ntc8orii+E +iBvBrMDRAoGBAPz0kU8BjX30+qt4lQwCXbVvNc2b7riozkVSOGIRuTF91QdfqarQ +OB5MvVdWqWtcIyZkCrhAaHJCOPXIcqTuy0BimYEQaiBCRlCxGPs/QCmqXtjdS5HL +3T/EqFAEfCNGTbMi3Nl9Kzd3Q7zD3jx3iMMBgbucz8hVA78IJsj1PFH3AoGBANeD +SMG0d9YAVZu/JekOKblWEjW9TlHRGnZbgAzJrkS0EvXAYxT9YzOjsoItvMpC9gFg +qbsM+FGtsuidW2hsCnhhiSPxYfk6yep/tES+oSVaF9kALSczZHf1+yIbImpWhR8z +6KtwhigZsvB1W9Aqmik22KvO72G4fPHiRPms/qENAoGAUmTLTAPCdcutNtsxGVdP +9MBDszReftGlVpkgenkxbHiDQkKbvmLSVLREXEWDK9A4NtIRV9DK9KSzbwOarDSI +CfHT9GFHYDiWNMRq0bPZj3jKKjNy4QuZhqLk/CNp2AeXWYk6jLEjuY5khwD5y5JX +/sTn4BeE6skeTkQ2dfDDdCMCgYBnOFT3mdUvpTdbgkDJD+SCBSxxmrrRSwKOn6KD +/XC/LTRLihqqqfYCfKv516gtg8bJwB9rHHouvLAM45ktOVoGcEi781fGhBbDfui7 +aEZMWotDfucheGbtYd4nZrGkFs5ptHYC7sECodRngP45hL4TcVZza4iR2EfXnlUE +9It8XQKBgDZYL7xChu23zLI15iqPYrtO0SC3+wRoepva41Anf6nWdE+CZUXRBAYV +QydtW8orDrC3vW5RAT20zunfq7a3ddinrYXgVX8Vs88i1DExmrxUrocJ9muB2jtl +RRl4h7W2T5dfpanuf7uR/MkEHRIaoBhRSTzlLKR1Hb/DclBhY3aV -----END RSA PRIVATE KEY----- diff --git a/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem b/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem index 0f7cd7dc..5c3f9506 100644 --- a/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem +++ b/ansible/roles/docker_client/files/certs/swarm-manager/cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAPaNx14Ny+F5MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD +MIIDqTCCApGgAwIBAgIJAMVvyYYoDm3IMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYD VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j aXNjbzERMA8GA1UEChMIUnVubmFibGUxDDAKBgNVBAsTA09wczESMBAGA1UEAxMJ -bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE3 -MDIwNzIzMzkxNloXDTE4MDIwNzIzMzkxNlowETEPMA0GA1UEAxMGY2xpZW50MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rypwXQN+3twPcwYMNgRRZEE -d0V5g4rplzzZ2ewYGost4HzLpvxl4TW6zHONlf1Rknfp0SAPqvQFwSRTjsBaqQh2 -4NDMywKasJ02wsY3M12VStqhLQ5DFUZpognUTFTUslgZEKCPxMjNqR+BIkBKQIhP -AaQ41c1XiSQlYAdhMNd4AJFb1OQsDzHfSnebv0Yoa2z5sce54A4ShVrTmKZQFgpI -EBGktKu0s2AV2rcaxS0N0gnFCYir3E8xKZ/uw+f6WgWn1L8SoH4Se1nGNXgmg/Rz -plv7kZ3RDwGe7kxzf5GdewT+rCuV6djrOPIdDOJ+qBmjRNeDPY4vZvIGQqpqgwID -AQABo4GPMIGMMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBrBgNVHREE -ZDBihwQKBAAahwQKBACUhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/ -AAABgglsb2NhbGhvc3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFw -cC5jb20wDQYJKoZIhvcNAQELBQADggEBAJNNKJIXYy2q7fJumKBdew3XLRuVep4/ -ect5zKMgwqTnI9au6XHn0hUQ6gnIwEJ/6EiVGnHQaBgb4BGYm22rjOpi3f5T9kho -IUEnyiWtOOy1xtMWivLLp7uAbHaT18s8mZoaXm+sbVvPhOQhKlmD99WsxmbDSLWb -RsTJTJ5YbRkKg1uDde0miC1xpAOVAadoqgWvkC4YPqu6yDbe9CZjBYQcorwfUCpH -4UcEKKYaQLxN+UAHzMH4Gf/fuAbGECoFOHSCgEsAIoeVsxcCS4RZE00cpzq6Xmfp -CElTVpYQBHIsif6D9MlStWKLN957WihfSpDwV6Ud42IvYn/e/tJfMmI= +bG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBvcHNAcnVubmFibGUuY29tMB4XDTE2 +MDUyMjAwMTUxMloXDTE3MDUyMjAwMTUxMlowETEPMA0GA1UEAxMGY2xpZW50MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUuwLJTfkFxf/hwel4mpQiZI +nHWtB56EceQFO2uwnRPRJ0STkJuigwCOnTX6CCSFwIv6X0wcqf+kf//LnQe6Zq0g +Cn9Vaz0yGJlLmREjvF3ub5hNcCujCVbB1IIet1XVQGwpAVwvBtokoAfnJWD36oec +qJNy8loL2KU9vJa1ISKduNgPJWc9eiUzOvgDAtwa+VQ9BZ52FJsgEVEjWKBtIYgb +cw2UkN+uruFRWJDUDKhq3rNZcpx9r4uxU291T6t2SfTx7eG9x/ciO1UQk9FTSXvf +x+QRCBfu3TqzEA1dps8/p+u+yotuz+L3a70hY5AN2YcfcfE3P1Fnluaz7XVKTwID +AQABo4GDMIGAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBfBgNVHREE +WDBWhwQKCAQohwQKDAyIhwQKCAU/hwQKCAY7hwQKBAb7hwR/AAABgglsb2NhbGhv +c3SCJXN3YXJtLXN0YWdpbmctY29kZW5vdy5ydW5uYWJsZWFwcC5jb20wDQYJKoZI +hvcNAQELBQADggEBAHFsocmzGWjBN4lSau7Rt7kQQV5nux/qJJgYVxptDnzXXQ8t +Vn68RFEYmWmm3E6gLjIxKARxwEISRl3yLStvjP6MFmp7j3mKkSNCt1Gptkd9QR0t +SfTIisKvgVZNXC2HRQ6KSYQJXgVhgc63AOXhTTPNS8u3KMwDWZs2j0wZZiYr7Vln +9t1gZ3koA1gsQfdUc1J6Nbgi9neawNXmjsAihNNCEYjDFSKIkxcOtl0PtqJMwuYF +OQP8oI0E3HEtOlnqfSsqxYvPsrLL696ywg9oa+bahqKrFKL0Nx6AaUTfcpERO5oj +gKgQODbKNn7xZYbJo0VeN6ujfmcvNJGs1AtOJ1c= -----END CERTIFICATE----- diff --git a/ansible/roles/docker_client/files/certs/swarm-manager/key.pem b/ansible/roles/docker_client/files/certs/swarm-manager/key.pem index eb0f9467..37ca2fdd 100644 --- a/ansible/roles/docker_client/files/certs/swarm-manager/key.pem +++ b/ansible/roles/docker_client/files/certs/swarm-manager/key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA5rypwXQN+3twPcwYMNgRRZEEd0V5g4rplzzZ2ewYGost4HzL -pvxl4TW6zHONlf1Rknfp0SAPqvQFwSRTjsBaqQh24NDMywKasJ02wsY3M12VStqh -LQ5DFUZpognUTFTUslgZEKCPxMjNqR+BIkBKQIhPAaQ41c1XiSQlYAdhMNd4AJFb -1OQsDzHfSnebv0Yoa2z5sce54A4ShVrTmKZQFgpIEBGktKu0s2AV2rcaxS0N0gnF -CYir3E8xKZ/uw+f6WgWn1L8SoH4Se1nGNXgmg/Rzplv7kZ3RDwGe7kxzf5GdewT+ -rCuV6djrOPIdDOJ+qBmjRNeDPY4vZvIGQqpqgwIDAQABAoIBADd50uLFUXtOcW0a -PhK4UGbGeClpFc8vvfvz0HkZz63KGsynlJtggepE7dWsTrVqQ4uQszHpoHq80wld -/40J6IJNm69v5F1HEgQ2uGzaFXmPHY7yw9++VxitZkZkUJvNpZn/nn8l64snsHLi -NT0T8gZT/5LodhXJmitJ+oZ9H7wLDVOcNRjBQ+2tX5hN+o72wdr64E9EFNRbJRm1 -iB/BCwSDqhImQaHFkdCAupQerNmNjUQt+VIq3gutmj0MvadLvGROLyW5xun20ce+ -37//7aFSHXuVP3m3BJJontUhx6kCuvo466JevLEWnDoddzEUhxozvEkpOk97vRCt -0nH7U8ECgYEA+LFwdQLd9fMMjNwDdQAvOg+KPK99PFrlF8f0lSKVSRAoNAEhpbXh -c6TrMDrwZAakwYVB/D8VRAKgv8EHcjgBwziv5H9FJDI5fiO/D9rE9ZLnW89Lq9W8 -7LiBpxKM42SXLa2Jkf2btksUJSDUt21XfasKTEEydoNxzKmXQXJp0GMCgYEA7YQq -XKzH5Nxjfm7RbRiF1ZY/lXIgkniqr6ItAmiYYf7m9Yii9SIO9+VsvWIl78AaERnk -ReNzlLcIZxCm/+rGIhLh3hwotBfGSAnN5dRP5aZvGME7greABjBuPTQaug7RwUwP -7BFii0lB0eTQBmRkpG9oO/Lm+Kq9nAkAUjZNR2ECgYBPR2FuK8fOS/jIPqrrdW+Y -trN+vQLTZrZ5akjR8gBdFkV6rpGnXd/NGdnPujo/6M5E0tJCM2n4EE5mUoapJqmJ -Ll0EHn5QF6K0T3js+PSoxHf0kJSy5qQfYoISXJuFMd/vs86TN6GX7z8wxtKI1tZ5 -PTk/LdmEZkq0z6tkNbD9uQKBgBUQR4F4gTG2qcwon8IBDr1mWbUzLdhPgzOYOk2g -YQMvy+OyfmEm6BTr77zL23lrm+QwW6InDbT+lmwteeHwPCoBaq576NAv25G/7NaZ -AYzoOaoEWPa6t0vVN7GN0WD2t3tg93iEAi1ADepDVH98n8BFcQUAAaPD4JTZ54Fi -92+BAoGBAItIvbbaWDhJHOwuJQw0HdF3YlsuVdLEXF09OFzo9qE2VGanX1kPeb6D -aZZDNPHY1gh/3JZPzpe5GotXNqsuUy0zHwWJOq+zBuV/6t1VtPajCqu855aD+ufP -1AoYso9zKsDi8J54frJ8w+IS1OpTyzPhl90oUzjD/AqGv0QOVBl3 +MIIEpAIBAAKCAQEAwUuwLJTfkFxf/hwel4mpQiZInHWtB56EceQFO2uwnRPRJ0ST +kJuigwCOnTX6CCSFwIv6X0wcqf+kf//LnQe6Zq0gCn9Vaz0yGJlLmREjvF3ub5hN +cCujCVbB1IIet1XVQGwpAVwvBtokoAfnJWD36oecqJNy8loL2KU9vJa1ISKduNgP +JWc9eiUzOvgDAtwa+VQ9BZ52FJsgEVEjWKBtIYgbcw2UkN+uruFRWJDUDKhq3rNZ +cpx9r4uxU291T6t2SfTx7eG9x/ciO1UQk9FTSXvfx+QRCBfu3TqzEA1dps8/p+u+ +yotuz+L3a70hY5AN2YcfcfE3P1Fnluaz7XVKTwIDAQABAoIBAQDBPJZR6z6YhhCc +66WVntRrwfQDHg0tucX0SZ0Fa0IztfT4ybCv9zb+udbYyXY9H63q8MUK8f8R3/Sm +1aTLRkeNj/OhKuzM+W+UcePGkQDltg3A2ERKKAWkN2wssyxb4d3/umE/79U/h2Ln +7R6iGo+dkZcGW+mk6GpBWegfGZbYGJMg4UsLffTRLHuD3sWJDFtIHdU21H3+SUoB +L4WnoVTaINaO7je3nyjKc6aiiLZt8hwNlfwiow/KUcJ7lfwa3OeDe5KgX/IKCvTD +LvbJ4MPbM3ByXgTdt89cG5f7y9njvJwGAxjvV11e8PV7iEDzaN/7+jqtIuaKw4UT +JMjE9vXhAoGBAOR5eDiGL3/bbkUCAyonh0haZJ5CSeYFpiykgFi1XHZWkrkZVsH6 +MEOvsvXI/v7B9pc4+QBHIHNxMd03BpvhTpThRDFdx5q+hbdYV62LW9wePHzYGrTU +CbD/KFXR+Qf9ugT2HGPI99fjI+Al/hZUR2BaTK4UGJnY0NKRal8B+zBRAoGBANiV +Pso+g4/wMa2kz5CvJ6bwOInYHWYkETw7vp9y6GODkWU+KQBqPz5CP+TGkZFO/ZtF +2TG876NlViwJlvwqF83n2xqY1jaU58XdmkK0N6jY9/v9VuZ5lLnFWZNvti78n+46 +g2FrnSjsRrnqU4WYtw1LfGObdZxfwwUdJDp3w8ifAoGAMttHA237DL7PYNT911hN +KLHWS9P9lxIS10UWvKhCGKVUq5cUVMFYFPj7IPLIr/SE60xnQMSUWJ4Nt2wUMIaK +c2FhSIvTboKSSSmE+sBWhjzEwhVofG/maFujotbGVB0KVyhhUWTeplONHMvYLyg7 +axsujmEyyKwWb4im4NcUDsECgYEAwrqNVfGXAFeJkwJXzVJuaF4bt3QkGq3bATkG +Tv5ViwPEOi8FVmYwrp2KLPuL7gYDZxQKD/o7y8FVFQsaQWbnOC56hRNdpn2DVhfE +lqzKTnmlnV9OPrKZ0d1qiHEscFqawOrDLVhAWYb2oDnbFocULlPsZvJjcFF5WqO0 +6wy7bykCgYAU+YNnB35TiIsdXLjauZ68DtPslVY7dRRiyu1Ynob3JZImHdP0CQ34 +4tdHwSF2osx3EG0hOCMpVrHqjzzMIeGj9637m+6u/St9J71CL4AZQr83veSYpN8R +Av+YuAPiinJUEGCYC8su1fVQ9KAKvF36mo5PLC9/PHiZXi4v8YXsjw== -----END RSA PRIVATE KEY-----