From 28c0cd80e4d3282d0409388254e0cef91626dee8 Mon Sep 17 00:00:00 2001
From: Patrick Toal <ptoal@takeflight.ca>
Date: Wed, 17 Apr 2024 14:32:23 -0400
Subject: [PATCH] Add more information

---
 playbooks/install_nginx.yml        |  5 ++-
 playbooks/investigate_high_cpu.yml | 20 +++++++++++-
 playbooks/update_certificates.yml  | 51 ++++++++++++++++++++++++++++++
 3 files changed, 74 insertions(+), 2 deletions(-)
 create mode 100644 playbooks/update_certificates.yml

diff --git a/playbooks/install_nginx.yml b/playbooks/install_nginx.yml
index bf1df80..4a1f133 100644
--- a/playbooks/install_nginx.yml
+++ b/playbooks/install_nginx.yml
@@ -3,7 +3,10 @@
   hosts: all
   become: true
   tasks:
-
+    # This is incomplete
+    # - name: Certificates Installed
+    #   ansible.builtin.include_tasks:
+    #     file: upate_certificates.yml
     - name: Nginx Installed
       ansible.builtin.include_role:
         name: nginxinc.nginx_core.nginx
diff --git a/playbooks/investigate_high_cpu.yml b/playbooks/investigate_high_cpu.yml
index 85afb51..aab2650 100644
--- a/playbooks/investigate_high_cpu.yml
+++ b/playbooks/investigate_high_cpu.yml
@@ -28,4 +28,22 @@
         impact: high
         urgency: high
       delegate_to: localhost
- 
\ No newline at end of file
+      register: incident_result
+
+    - name: Create SNow Problem
+      servicenow.itsm.problem:
+        state: new
+        short_description: "{{ alertmanager_annotations.summary }}"
+        description: "Generator URL: {{ alertmanager_generator_url }}"
+        impact: high
+        urgency: high
+        other:
+          user_input: "Information from Ansible: {{ incident_report }}"
+      register: problem_result
+
+    - name: Update Incident
+      servicenow.itsm.incident:
+        state: in_progress
+        number: "{{ incident_result.record.number }}"
+        other:
+          problem_id: "{{ problem_result.record.number }}"
diff --git a/playbooks/update_certificates.yml b/playbooks/update_certificates.yml
new file mode 100644
index 0000000..1a86dd7
--- /dev/null
+++ b/playbooks/update_certificates.yml
@@ -0,0 +1,51 @@
+---
+- name: Request and INstall Certs from Red Hat IdM
+  hosts: webservers
+  become: true
+
+  tasks:
+    - name: Ensure the IPA client and OpenSSL are installed
+      ansible.builtin.package:
+        name:
+          - ipa-client
+          - openssl
+        state: present
+
+    - name: Generate private key
+      community.crypto.openssl_privatekey:
+        path: "{{ key_path }}"
+        size: 2048
+
+    - name: Generate CSR
+      community.crypto.openssl_csr:
+        path: "{{ csr_path }}"
+        privatekey_path: "{{ key_path }}"
+        common_name: "{{ ansible_fqdn }}"
+        subject: "{{ cert_subject }}"
+        key_usage:
+          - digitalSignature
+          - keyEncipherment
+        extended_key_usage:
+          - serverAuth
+
+    - name: Request a certificate from IdM
+      redhat.rhel_idm.ipacert:
+        ipaadmin_password: "{{ ipa_admin_password }}"
+        csr_path: "{{ csr_path }}"
+        principal: "HTTP/{{ ansible_fqdn }}@{{ ipa_domain }}"
+        cert_profile: "HTTP_Server"
+        cert_out_path: "{{ cert_path }}"
+      register: cert_result
+
+    - name: Install the certificate
+      ansible.builtin.copy:
+        content: "{{ cert_result.certificate }}"
+        dest: "{{ cert_path }}"
+      notify:
+        - restart web server
+
+  handlers:
+    - name: restart web server
+      ansible.builtin.service:
+        name: httpd
+        state: restarted
\ No newline at end of file