community / community.general / 0.2.1 / module / rax_clb_ssl Manage SSL termination for a Rackspace Cloud Load Balancer. Authors: Ash Wilson (@smashwilson)community.general.rax_clb_ssl (0.2.1) — module
Install with ansible-galaxy collection install community.general:==0.2.1
collections: - name: community.general version: 0.2.1
Set up, reconfigure, or remove SSL termination for an existing load balancer.
- name: Enable SSL termination on a load balancer rax_clb_ssl: loadbalancer: the_loadbalancer state: present private_key: "{{ lookup('file', 'credentials/server.key' ) }}" certificate: "{{ lookup('file', 'credentials/server.crt' ) }}" intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}" secure_traffic_only: true wait: true
- name: Disable SSL termination rax_clb_ssl: loadbalancer: "{{ registered_lb.balancer.id }}" state: absent wait: true
env: description: - Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration). type: str wait: default: false description: - Wait for the balancer to be in state "running" before turning. type: bool state: choices: - present - absent default: present description: - If set to "present", SSL termination will be added to this load balancer. - If "absent", SSL termination will be removed instead. region: default: DFW description: - Region to create an instance in. type: str api_key: aliases: - password description: - Rackspace API key, overrides I(credentials). type: str enabled: default: true description: - If set to "false", temporarily disable SSL termination without discarding - existing credentials. type: bool username: description: - Rackspace username, overrides I(credentials). type: str tenant_id: description: - The tenant ID used for authentication. certificate: description: - The public SSL certificates as a string in PEM format. credentials: aliases: - creds_file description: - File to find the Rackspace credentials in. Ignored if I(api_key) and I(username) are provided. type: path private_key: description: - The private SSL key as a string in PEM format. secure_port: default: 443 description: - The port to listen for secure traffic. tenant_name: description: - The tenant name used for authentication. loadbalancer: description: - Name or ID of the load balancer on which to manage SSL termination. required: true wait_timeout: default: 300 description: - How long before "wait" gives up, in seconds. auth_endpoint: default: https://identity.api.rackspacecloud.com/v2.0/ description: - The URI of the authentication service. identity_type: default: rackspace description: - Authentication mechanism to use, such as rackspace or keystone. https_redirect: description: - If "true", the load balancer will redirect HTTP traffic to HTTPS. - Requires "secure_traffic_only" to be true. Incurs an implicit wait if SSL - termination is also applied or removed. type: bool validate_certs: aliases: - verify_ssl description: - Whether or not to require SSL validation of API endpoints. type: bool secure_traffic_only: default: false description: - If "true", the load balancer will *only* accept secure traffic. type: bool intermediate_certificate: description: - One or more intermediate certificate authorities as a string in PEM - format, concatenated into a single string.