Skip to content

MiroYld/ansible-CA-deployment

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
roles
roles
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
inventory.yml
inventory.yml
 
 
playbook.yml
playbook.yml
 
 
vars.yml
vars.yml
 
 

Repository files navigation

ansible-CA-deployment

CA deployment with ansible

Objective

Deploy an application behind a reverse proxy

Establish a chain of CA (certificate authority) 
-> create a public child certificate (for the reverse proxy) 
-> create a private child certificate (for the mTLS app <-> reverse proxy)

STEPS

part 1

  1. install python
  2. install ansible
  3. create a folder
  4. a role for certificates
    • a task for the root
      • generate the private key (RSA 4096)
      • generate the public key
        • create a CSR (certificate siging request)
        • sign the cert
    • a task for children
      • generate the private key (RSA 4096)
      • generate the public key
        • create a CSR (certificate siging request)
        • sign the cert
  5. a playbook

part 2

  1. install docker
  2. create the docker subnet
  3. Create the reverse proxy
  4. Create the dns server
    • including reverse proxy config
    • server config
    • basic DNS entries
  5. Raise a monitoring stack

usage

$ git clone https://github.com/MiroYld/ansible-CA-deployment.git
$ cd ansible-CA-deployment/
$ ansible-playbook --ask-vault-pass playbook.yml
pass => soleil123

About

CA deployment with ansible

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages