ai-workspace-infra/playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make TLS cert name configurable

Browse Source
This commit is contained in:
Haitao Pan 2026-04-11 12:55:31 +08:00
parent c90bdd9093
commit d2531f6a22
3 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
deploy_agent_svc_plus.yml
View File

@ -31,6 +31,9 @@
agent_id: >-
{{ lookup('ansible.builtin.env', 'AGENT_ID')
| default('node-xhttp.svc.plus', true) }}
agent_tls_cert_name: >-
{{ lookup('ansible.builtin.env', 'AGENT_TLS_CERT_NAME')
| default(agent_id, true) }}
agent_controller_url: >-
{{ lookup('ansible.builtin.env', 'AGENT_CONTROLLER_URL')
| default('https://accounts.svc.plus', true) }}

1
roles/vhosts/agent-svc-plus/defaults/main.yml
View File

@ -32,6 +32,7 @@ agent_svc_plus_config_path: "{{ agent_svc_plus_config_dir }}/{{ agent_svc_plus_c
agent_svc_plus_data_dir: "/var/lib/agent-svc-plus"
agent_id: "node-xhttp.svc.plus"
agent_tls_cert_name: "{{ agent_id }}"
agent_controller_url: "https://accounts.svc.plus"
agent_api_token: ""
agent_http_timeout: "15s"

4
roles/vhosts/agent-svc-plus/templates/xray.tcp.template.json.j2
View File

@ -48,8 +48,8 @@
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_id }}/{{ agent_id }}.crt",
"keyFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_id }}/{{ agent_id }}.key"
"certificateFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_tls_cert_name }}/{{ agent_tls_cert_name }}.crt",
"keyFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_tls_cert_name }}/{{ agent_tls_cert_name }}.key"
}
]
}