Add more information

playbooks/install_nginx.yml

@@ -3,7 +3,10 @@
   hosts: all
   become: true
   tasks:
-
+    # This is incomplete
+    # - name: Certificates Installed
+    #   ansible.builtin.include_tasks:
+    #     file: upate_certificates.yml
     - name: Nginx Installed
       ansible.builtin.include_role:
         name: nginxinc.nginx_core.nginx

playbooks/investigate_high_cpu.yml

@@ -28,4 +28,22 @@
         impact: high
         urgency: high
       delegate_to: localhost
- 
+      register: incident_result
+
+    - name: Create SNow Problem
+      servicenow.itsm.problem:
+        state: new
+        short_description: "{{ alertmanager_annotations.summary }}"
+        description: "Generator URL: {{ alertmanager_generator_url }}"
+        impact: high
+        urgency: high
+        other:
+          user_input: "Information from Ansible: {{ incident_report }}"
+      register: problem_result
+
+    - name: Update Incident
+      servicenow.itsm.incident:
+        state: in_progress
+        number: "{{ incident_result.record.number }}"
+        other:
+          problem_id: "{{ problem_result.record.number }}"

playbooks/update_certificates.yml

@@ -0,0 +1,51 @@
+---
+- name: Request and INstall Certs from Red Hat IdM
+  hosts: webservers
+  become: true
+
+  tasks:
+    - name: Ensure the IPA client and OpenSSL are installed
+      ansible.builtin.package:
+        name:
+          - ipa-client
+          - openssl
+        state: present
+
+    - name: Generate private key
+      community.crypto.openssl_privatekey:
+        path: "{{ key_path }}"
+        size: 2048
+
+    - name: Generate CSR
+      community.crypto.openssl_csr:
+        path: "{{ csr_path }}"
+        privatekey_path: "{{ key_path }}"
+        common_name: "{{ ansible_fqdn }}"
+        subject: "{{ cert_subject }}"
+        key_usage:
+          - digitalSignature
+          - keyEncipherment
+        extended_key_usage:
+          - serverAuth
+
+    - name: Request a certificate from IdM
+      redhat.rhel_idm.ipacert:
+        ipaadmin_password: "{{ ipa_admin_password }}"
+        csr_path: "{{ csr_path }}"
+        principal: "HTTP/{{ ansible_fqdn }}@{{ ipa_domain }}"
+        cert_profile: "HTTP_Server"
+        cert_out_path: "{{ cert_path }}"
+      register: cert_result
+
+    - name: Install the certificate
+      ansible.builtin.copy:
+        content: "{{ cert_result.certificate }}"
+        dest: "{{ cert_path }}"
+      notify:
+        - restart web server
+
+  handlers:
+    - name: restart web server
+      ansible.builtin.service:
+        name: httpd
+        state: restarted