Template
dvn_template
Create encrypted VTC registration/config files
Synopsis
- create
vtc_reg.jsecfor VTC registration via Key/PIN - create
vtc_config.jsecfor VTC configuration without using Key/PIN
Options
| Parameter | Required? | Default | Choices | Comments |
|---|---|---|---|---|
| src | yes | source filename to encrypt from, e.g. ~/vtc_config.json.vtc1 |
||
| dest | yes | destination filename to write encrypted output to, e.g. ~/vtc_config.jsec.vtc1 |
||
| encrypt_cmd | yes | location of cfe_app binary, e.g. /usr/local/bin/cfe_app |
||
| state | no | present |
|
specify state of the dest file. Value absent will delete the file, if it exists. |
Examples
---
- hosts: vtc
vars:
client_port: 49001
tasks:
- name: create vtc_config.json file from Jinja template
template:
src: ./vtc_config.json.j2
dest: vtc_config.json.{{inventory_hostname}}
delegate_to: 127.0.0.1
- name: Generate vtc_config.jsec file from JSON file
dvn_template:
src: vtc_config.json.{{inventory_hostname}}
dest: vtc_config.jsec.{{inventory_hostname}}
encrypt_binary: "/usr/local/bin/dvn_encrypt" # replace with the path to your binary on your Ansible machine
delegate_to: 127.0.0.1
- name: copy JSEC file to target VTC
copy:
src: vtc_config.jsec.{{inventory_hostname}}
dest: /etc/dvn/vtc_config.jsec
Setup
The example playbook above delegates the dvn_template call to localhost. This is done to simplify the dvn_encrypt installation to a one-time process on the Ansible control node.
To set it up:
- copy
dvn_encryptbinary to/usr/local/bin/dvn_encrypt
after which you should be able to successfully run /usr/local/bin/dvn_encrypt -e [inputFile] [outputFile]
To make a playbook that doesn't use delegate_to, you could do the above 3 setup steps on each VTC and run the template and dvn_template tasks on the target node instead of the Ansible control node.