Project

General

Profile

Actions
Copy link

Task #12448

closed

Task #12445: SSL Certificate for mongodb development cluster

Add a letsencrypt hook script to the mongodb-org-3.2 ansible role

Added by Andrea Dell'Amico over 6 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
_InfraScience Systems Engineer
Category:
System Application
Target version:
Mongodb: enable and enforce TLS
Start date:
Sep 10, 2018
Due date:
% Done:

100%

Estimated time:
Infrastructure:
Development, Pre-Production, Production

Description

Add a script that restarts the mongodb server when the certificate is renewed.

Actions
Copy link
 #1

Updated by Andrea Dell'Amico over 6 years ago

  • Status changed from New to In Progress
Actions
Copy link
 #2

Updated by Andrea Dell'Amico over 6 years ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100

The hook script has been added to the role.

I also added the two variables to the mongo_dev/all.yml file:

mongodb_ssl_enabled: False
mongodb_ssl_letsencrypt_managed: True

This way, the hook does not restart the mongodb servers after a certificate request.
Remember to change the first variable to True when the nodes reconfiguration will be complete and running and run the mongodb plabook with the tag mongodb_letsencrypt, so that the servers will be restarted after every certificate renewal.

Actions
Copy link
 #3

Updated by Roberto Cirillo over 6 years ago

  • Status changed from Feedback to Closed

I've added the following variable to mongo_dev/all.yml and mongo_vol_dev/mongo_vol_dev.yml:

letsencrypt_acme_install: True

and tested it on mongo5-d-d4s.d4science.org.

Actions
Copy link

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 8.91 MB)