Skip to content

Commit 0dd09a8

Browse files
widhalmtwidhalmt
authored
Merge pull request #30 from NETWAYS/fix/connectionstrings-14
Make sure all certificates contain used hostnames
2 parents 95b2f79 + 898e515 commit 0dd09a8

File tree

4 files changed

+6
-6
lines changed

4 files changed

+6
-6
lines changed

roles/beats/tasks/beats-security.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@
1919
--ca {{ elastic_ca_dir }}/elastic-stack-ca.p12
2020
--ca-pass {{ elastic_ca_pass }}
2121
--name {{ ansible_hostname }}
22-
--ip {{ ansible_default_ipv4.address }}
23-
--dns {{ ansible_hostname }},{{ ansible_fqdn }}
22+
--ip {{ ansible_default_ipv4.address | default(ansible_all_ipv4_addresses[0]) }}
23+
--dns {{ ansible_hostname }},{{ ansible_fqdn }},{{ inventory_hostname }}
2424
--pass {{ beats_tls_key_passphrase }}
2525
--pem
2626
--out {{ elastic_ca_dir }}/{{ ansible_hostname }}-beats.zip

roles/elasticsearch/tasks/elasticsearch-security.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -192,7 +192,7 @@
192192
--ca-pass {{ elastic_ca_pass }}
193193
--name {{ hostvars[item].ansible_hostname }}
194194
--ip {{ hostvars[item].ansible_default_ipv4.address | default(hostvars[item].ansible_all_ipv4_addresses[0]) }}
195-
--dns {{ hostvars[item].ansible_hostname }},{{ hostvars[item].ansible_fqdn }}
195+
--dns {{ hostvars[item].ansible_hostname }},{{ hostvars[item].ansible_fqdn }},{{ hostvars[item].inventory_hostname }}
196196
--pass {{ elasticsearch_tls_key_passphrase }}
197197
--out {{ elastic_ca_dir }}/{{ hostvars[item].ansible_hostname }}.p12
198198
loop: "{{ groups['elasticsearch'] }}"

roles/kibana/tasks/kibana-security.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -56,8 +56,8 @@
5656
--ca {{ elastic_ca_dir }}/elastic-stack-ca.p12
5757
--ca-pass {{ elastic_ca_pass }}
5858
--name {{ ansible_hostname }}
59-
--ip {{ ansible_default_ipv4.address }}
60-
--dns {{ ansible_hostname }},{{ ansible_fqdn }}
59+
--ip {{ ansible_default_ipv4.address | default(ansible_all_ipv4_addresses[0]) }}
60+
--dns {{ ansible_hostname }},{{ ansible_fqdn }},{{ inventory_hostname }}
6161
--pass {{ kibana_tls_key_passphrase }}
6262
--out {{ elastic_ca_dir }}/{{ ansible_hostname }}.p12
6363
delegate_to: "{{ elasticsearch_ca }}"

roles/logstash/tasks/logstash-security.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@
2424
--ca {{ elastic_ca_dir }}/elastic-stack-ca.p12
2525
--ca-pass {{ elastic_ca_pass }}
2626
--name {{ ansible_hostname }}
27-
--ip {{ ansible_default_ipv4.address }}
27+
--ip {{ ansible_default_ipv4.address | default(ansible_all_ipv4_addresses[0]) }}
2828
--dns {{ ansible_hostname }},{{ ansible_fqdn }},{{ inventory_hostname }}
2929
--pass {{ logstash_tls_key_passphrase }}
3030
--out {{ elastic_ca_dir }}/{{ ansible_hostname }}-ls.p12

0 commit comments

Comments
 (0)