Setup and Enable HTTPS / TLS Security Configuration

## Description

Generate Self-Signed TLS certificates + Root Certificate Authority for Komponist. The Root CA + Certificates / Keys will be used by `traefik` reverse-proxy for TLS-Termination for the running services. The Root CA will be saved under `/usr/local/share/ca-certificates/` to make it acceptable for the Control Node (as well as for browsers).

### References

- [Ansible's Documentation on how to create self-signed certificates][1]
- [Ansible's Documentation on how to create a small CA][2]
- [Modesto Mas' blog post for Private Registry][3]

### Tasks

- [ ] Design `vars/certs.yml` Configuration File
- [ ] Design playbook for custom Certificate Authority (CA) generation
- [ ] Design playbook for device(s) certificates + CA signing
- [ ] [traefik] Add CA path + certificate paths to templates and config file

[1]: https://docs.ansible.com/ansible/latest/collections/community/crypto/docsite/guide_selfsigned.html
[2]: https://docs.ansible.com/ansible/latest/collections/community/crypto/docsite/guide_ownca.html
[3]: https://mmas.github.io/run-docker-registry-self-signed-certificate-ansible

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Setup and Enable HTTPS / TLS Security Configuration #70

Description

References

Tasks

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Setup and Enable HTTPS / TLS Security Configuration #70

Description

Description

References

Tasks

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions