InfraScience
/
ansible-role-orientdb
24
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

Split the tasks file. TLS without letsencrypt.

This commit is contained in:
Andrea Dell'Amico 2023-12-06 19:38:05 +01:00
parent 10b25f8774
commit 71a51e8de1
Signed by: andrea.dellamico
GPG Key ID: 147ABE6CEB9E20FF
12 changed files with 322 additions and 247 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
defaults/main.yml
View File

@ -26,8 +26,8 @@ orientdb_configuration_files:
- hazelcast.xml
- automatic-backup.json
orientdb_ssl_enabled: false
orientdb_letsencrypt_ssl_enabled: false
orientdb_ssl_enabled: "{% if letsencrypt_acme_install is defined %}{{ letsencrypt_acme_install }}{% else %}false{% endif %}"
orientdb_letsencrypt_ssl_enabled: "{% if letsencrypt_acme_install is defined %}{{ letsencrypt_acme_install }}{% else %}false{% endif %}"
orientdb_ssl_client_auth_enabled: false
orientdb_hooks_enabled: false
@ -85,3 +85,6 @@ orientdb_automatic_backup_target_file_name: '${DBNAME}-${DATE:yyyyMMddHHmmss}.zi
orientdb_automatic_backup_compression_level: 9
orientdb_automatic_backup_buffer_size: 1048576
orientdb_automatic_backup_retention_days: '7'
# Monitoring
orientdb_nagios_enabled: "{% if nagios_enabled is defined %}{{ nagios_enabled }}{% else %}false{% endif %}"

8
handlers/main.yml
View File

@ -1,4 +1,10 @@
---
- name: Restart orientdb
service: name=orientdb state=restarted sleep=30
ansible.builtin.service:
name: orientdb
state: restarted
when: orientdb_enabled
- name: Reload systemd
ansible.builtin.systemd:
daemon_reload: true

5
meta/main.yml
View File

@ -26,4 +26,7 @@ dependencies:
version: master
name: openjdk
state: latest
- src: git+https://gitea-s2i2s.isti.cnr.it/ISTI-ansible-roles/ansible-role-java-keystore.git
version: master
name: java_keystore
state: latest

257
tasks/main.yml
View File

@ -1,158 +1,25 @@
---
- name: OrientDB installation
- name: Manage the OrientDB installation
ansible.builtin.import_tasks: orientdb_install.yml
- name: Clean up the OrientDB backups
ansible.builtin.import_tasks: orientdb_backups.yml
- name: OrientDB monitoring
ansible.builtin.import_tasks: orientdb_monitoring.yml
when: orientdb_enabled
- name: OrientDB certificates via Letsencrypt
ansible.builtin.import_tasks: orientdb_letsencrypt.yml
when: orientdb_install
- name: OrientDB local certificates
ansible.builtin.import_tasks: orientdb_certificates.yml
when: orientdb_install
- name: OrientDB removal
ansible.builtin.import_tasks: orientdb_removal.yml
when: not orientdb_install
- name: Manage the OrientDB service
tags: ['orientdb']
when: orientdb_install
block:
- name: Create the orientdb user
ansible.builtin.user:
name: "{{ orientdb_user }}"
home: "{{ orientdb_base_dir }}"
createhome: false
shell: /bin/bash
- name: Create the orientdb directories
ansible.builtin.file:
dest: "{{ item }}"
owner: "{{ orientdb_user }}"
group: "{{ orientdb_user }}"
mode: "0750"
state: directory
loop:
- "{{ orientdb_base_dir }}"
- "{{ orientdb_data_dir }}"
- name: Get the orientdb distribution
ansible.builtin.get_url:
url: "{{ orientdb_binary_distribution_url }}"
dest: "{{ orientdb_base_dir }}/{{ orientdb_tar_file }}"
validate_certs: false
owner: root
group: root
mode: "0444"
- name: Unpack the orientdb distribution
ansible.builtin.unarchive:
src: '{{ orientdb_base_dir }}/{{ orientdb_tar_file }}'
dest: '{{ orientdb_base_dir }}'
copy: false
owner: root
group: root
args:
creates: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}'
- name: Create some directories inside the orientdb user home
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
dest: "{{ item }}"
state: directory
mode: "0750"
loop:
- '{{ orientdb_pid_dir }}'
- '{{ orientdb_automatic_backup_directory }}'
- name: Link to the databases directory
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
src: "{{ orientdb_data_dir }}"
dest: "{{ orientdb_link_to_data_dir }}"
state: link
- name: Remove the demodb database
ansible.builtin.file:
dest: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}/databases/demodb'
state: absent
- name: Link to the latest version
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
src: '{{ orientdb_tar_filename }}'
dest: '{{ orientdb_install_dir }}'
state: link
- name: Create a link to the data directory
ansible.builtin.file:
src: '{{ orientdb_data_dir }}'
dest: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}/databases'
state: link
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
force: true
- name: Create a orientdb log directory out of the distribution directory
ansible.builtin.file:
dest: '{{ orientdb_log_dir }}'
state: directory
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
mode: '0755'
- name: Link the log directory inside the orientdb user home
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
src: "{{ orientdb_log_dir }}"
dest: "{{ orientdb_home_prefix }}/{{ orientdb_user }}/logs"
state: link
- name: Remove the old hook jars
ansible.builtin.shell: rm -f {{ orientdb_install_dir }}/lib/{{ item }}
loop: '{{ orientdb_hooks_to_be_removed | default([]) }}'
tags: ['orientdb', 'orientdb_hooks']
- name: Fetch and install the hook jars
ansible.builtin.get_url:
url: "{{ item }}"
dest: "{{ orientdb_install_dir }}/lib"
owner: root
group: root
mode: "0644"
loop: '{{ orientdb_hooks_jars | default([]) }}'
notify: Restart orientdb
tags: ['orientdb', 'orientdb_hooks']
- name: Install the orientdb default settings
ansible.builtin.template:
src: orientdb.default.j2
dest: /etc/default/orientdb
owner: root
group: root
mode: "0444"
notify: Restart orientdb
- name: Fix the pid file path inside the start and shutdown scripts
ansible.builtin.lineinfile:
dest: '{{ orientdb_install_dir }}/bin/{{ item }}'
regexp: "^ORIENTDB_PID=.*$"
line: "ORIENTDB_PID={{ orientdb_pid_dir }}/orientdb.pid"
insertafter: "^PRG=.*$"
firstmatch: true
loop:
- server.sh
- shutdown.sh
tags: ['orientdb', 'orientdb_pid']
- name: Install the orientdb configuration files
ansible.builtin.template:
src: '{{ item }}.j2'
dest: '{{ orientdb_install_dir }}/config/{{ item }}'
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
mode: '0640'
loop: '{{ orientdb_configuration_files }}'
notify: Restart orientdb
tags: ['orientdb', 'orientdb_config']
- name: Set the permissions of some configuration files
ansible.builtin.file:
dest: '{{ orientdb_install_dir }}/config/{{ item }}'
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
mode: '0600'
loop:
- custom-sql-functions.json
- security.json
- orientdb-etl-log.properties
notify: Restart orientdb
tags: ['orientdb', 'orientdb_config']
- name: Install the nagios nrpe configuration
ansible.builtin.template:
src: orientdb-nrpe.cfg.j2
dest: "{{ nrpe_include_dir }}/orientdb-nrpe.cfg"
owner: root
group: root
mode: "0444"
notify: Reload NRPE server
when:
- nrpe_include_dir is defined
- nagios_enabled is defined and nagios_enabled
tags: ['orientdb', 'orientdb_nagios']
- name: Install the orientdb SYSV startup script
ansible.builtin.template:
src: orientdb.init.j2
@ -171,11 +38,9 @@
mode: "0644"
tags: ['orientdb', 'orientdb_init']
when: ansible_service_mgr == 'systemd'
register: reload_systemd
notify: Reload systemd
- name: Reload the systemd service
ansible.builtin.systemd:
daemon_reload: true
when: reload_systemd is changed
ansible.builtin.meta: flush_handlers
- name: Ensure that the service is enabled and running
ansible.builtin.service:
name: orientdb
@ -188,85 +53,3 @@
state: stopped
enabled: false
when: not orientdb_enabled
- name: Clean up the backups
tags: ['orientdb', 'orientdb_backup']
when: orientdb_install
block:
- name: Install a script that removes the old orientdb backups
ansible.builtin.template:
src: backup-cleaner.sh.j2
dest: /usr/local/bin/orientdb-backup-cleaner
owner: root
group: root
mode: "0555"
- name: Add a cron job that removes the old backups
ansible.builtin.cron:
cron_file: orientdb-backup-cleaner
disabled: false
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
special_time: daily
user: "{{ orientdb_user }}"
name: "Remove old orientdb backups"
state: present
- name: Manage the Letsencrypt certificates
tags: ['orientdb', 'letsencrypt', 'orientdb_letsencrypt']
when:
- orientdb_install
- orientdb_letsencrypt_ssl_enabled
- letsencrypt_acme_install is defined and letsencrypt_acme_install
block:
- name: Create the acme hooks directory if it does not yet exist
ansible.builtin.file:
dest: "{{ letsencrypt_acme_services_scripts_dir }}"
state: directory
owner: root
group: root
mode: "0755"
- name: Install a letsencrypt hook to update the orientdb certificate
ansible.builtin.template:
src: orientdb-letsencrypt-acme.sh.j2
dest: "{{ letsencrypt_acme_services_scripts_dir }}/orientdb"
owner: root
group: root
mode: "4555"
- name: Remove OrientDB
tags: ['orientdb']
when: not orientdb_install
block:
- name: Ensure that the service is disabled and stopped
ansible.builtin.service:
name: orientdb
state: stopped
enabled: false
- name: Remove the orientdb SysV startup file
ansible.builtin.file:
dest: /etc/init.d/orientdb
state: absent
when: ansible_service_mgr != 'systemd'
- name: Remove the orientdb systemd unit
ansible.builtin.file:
dest: /usr/lib/systemd/system/orientdb.service
state: absent
when: ansible_service_mgr == 'systemd'
- name: Remove the link to the orientdb distribution
ansible.builtin.file:
dest: "{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}"
state: absent
- name: Remove the default options file
ansible.builtin.file:
dest: /etc/default/orientdb
state: absent
- name: Remove the backup cleaner script
ansible.builtin.file:
dest: /usr/local/bin/orientdb-backup-cleaner
state: absent
- name: Remove the backup cleaner cron job
ansible.builtin.cron:
cron_file: orientdb-backup-cleaner
disabled: false
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
special_time: daily
user: '{{ orientdb_user }}'
name: "Remove old orientdb backups"
state: absent

21
tasks/orientdb_backups.yml Normal file
View File

@ -0,0 +1,21 @@
---
- name: orientdb_backups | Clean up the backups
tags: ['orientdb', 'orientdb_backup']
when: orientdb_install
block:
- name: orientdb_backups | Install a script that removes the old orientdb backups
ansible.builtin.template:
src: backup-cleaner.sh.j2
dest: /usr/local/bin/orientdb-backup-cleaner
owner: root
group: root
mode: "0555"
- name: orientdb_backups | Add a cron job that removes the old backups
ansible.builtin.cron:
cron_file: orientdb-backup-cleaner
disabled: false
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
special_time: daily
user: "{{ orientdb_user }}"
name: "Remove old orientdb backups"
state: present

28
tasks/orientdb_certificates.yml Normal file
View File

@ -0,0 +1,28 @@
---
- name: orientdb_certificates | Manage the Letsencrypt certificates
tags: ['orientdb', 'letsencrypt', 'orientdb_letsencrypt']
when: orientdb_ssl_enabled
block:
- name: orientdb_certificates | Create the acme hooks directory if it does not yet exist
ansible.builtin.file:
dest: "{{ letsencrypt_acme_services_scripts_dir }}"
state: directory
owner: root
group: root
mode: "0755"
- name: orientdb_certificates | Install a letsencrypt hook to update the orientdb certificate
ansible.builtin.template:
src: orientdb-letsencrypt-acme.sh.j2
dest: "{{ letsencrypt_acme_services_scripts_dir }}/orientdb"
owner: root
group: root
mode: "4555"
- name: orientdb_certificates | Remove the hook if letsencrypt is not used
tags: ['orientdb', 'letsencrypt', 'orientdb_letsencrypt']
when: not orientdb_letsencrypt_ssl_enabled
block:
- name: orientdb_certificates | Install a letsencrypt hook to update the orientdb certificate
ansible.builtin.file:
dest: "{{ letsencrypt_acme_services_scripts_dir }}/orientdb"
state: absent

145
tasks/orientdb_install.yml Normal file
View File

@ -0,0 +1,145 @@
---
- name: orientdb_install | OrientDB installation
tags: ['orientdb']
when: orientdb_install
block:
- name: orientdb_install | Create the orientdb user
ansible.builtin.user:
name: "{{ orientdb_user }}"
home: "{{ orientdb_base_dir }}"
createhome: false
shell: /bin/bash
- name: orientdb_install | Create the orientdb directories
ansible.builtin.file:
dest: "{{ item }}"
owner: "{{ orientdb_user }}"
group: "{{ orientdb_user }}"
mode: "0750"
state: directory
loop:
- "{{ orientdb_base_dir }}"
- "{{ orientdb_data_dir }}"
- name: orientdb_install | Get the orientdb distribution
ansible.builtin.get_url:
url: "{{ orientdb_binary_distribution_url }}"
dest: "{{ orientdb_base_dir }}/{{ orientdb_tar_file }}"
validate_certs: false
owner: root
group: root
mode: "0444"
- name: orientdb_install | Unpack the orientdb distribution
ansible.builtin.unarchive:
src: '{{ orientdb_base_dir }}/{{ orientdb_tar_file }}'
dest: '{{ orientdb_base_dir }}'
copy: false
owner: root
group: root
args:
creates: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}'
- name: orientdb_install | Create some directories inside the orientdb user home
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
dest: "{{ item }}"
state: directory
mode: "0750"
loop:
- '{{ orientdb_pid_dir }}'
- '{{ orientdb_automatic_backup_directory }}'
- name: orientdb_install | Link to the databases directory
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
src: "{{ orientdb_data_dir }}"
dest: "{{ orientdb_link_to_data_dir }}"
state: link
- name: orientdb_install | Remove the demodb database
ansible.builtin.file:
dest: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}/databases/demodb'
state: absent
- name: orientdb_install | Link to the latest version
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
src: '{{ orientdb_tar_filename }}'
dest: '{{ orientdb_install_dir }}'
state: link
- name: orientdb_install | Create a link to the data directory
ansible.builtin.file:
src: '{{ orientdb_data_dir }}'
dest: '{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}-{{ orientdb_version }}/databases'
state: link
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
force: true
- name: orientdb_install | Create a orientdb log directory out of the distribution directory
ansible.builtin.file:
dest: '{{ orientdb_log_dir }}'
state: directory
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
mode: '0755'
- name: orientdb_install | Link the log directory inside the orientdb user home
become: true
become_user: '{{ orientdb_user }}'
ansible.builtin.file:
src: "{{ orientdb_log_dir }}"
dest: "{{ orientdb_home_prefix }}/{{ orientdb_user }}/logs"
state: link
- name: orientdb_install | Remove the old hook jars
ansible.builtin.command: rm -f {{ orientdb_install_dir }}/lib/{{ item }}
loop: '{{ orientdb_hooks_to_be_removed | default([]) }}'
register: hook_jars_rm
changed_when: hook_jars_rm.rc
tags: ['orientdb', 'orientdb_hooks']
- name: orientdb_install | Fetch and install the hook jars
ansible.builtin.get_url:
url: "{{ item }}"
dest: "{{ orientdb_install_dir }}/lib"
owner: root
group: root
mode: "0644"
loop: '{{ orientdb_hooks_jars | default([]) }}'
notify: Restart orientdb
tags: ['orientdb', 'orientdb_hooks']
- name: orientdb_install | Install the orientdb default settings
ansible.builtin.template:
src: orientdb.default.j2
dest: /etc/default/orientdb
owner: root
group: root
mode: "0444"
notify: Restart orientdb
- name: orientdb_install | Fix the pid file path inside the start and shutdown scripts
ansible.builtin.lineinfile:
dest: '{{ orientdb_install_dir }}/bin/{{ item }}'
regexp: "^ORIENTDB_PID=.*$"
line: "ORIENTDB_PID={{ orientdb_pid_dir }}/orientdb.pid"
insertafter: "^PRG=.*$"
firstmatch: true
loop:
- server.sh
- shutdown.sh
tags: ['orientdb', 'orientdb_pid']
- name: orientdb_install | Install the orientdb configuration files
ansible.builtin.template:
src: '{{ item }}.j2'
dest: '{{ orientdb_install_dir }}/config/{{ item }}'
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
mode: '0640'
loop: '{{ orientdb_configuration_files }}'
notify: Restart orientdb
tags: ['orientdb', 'orientdb_config']
- name: orientdb_install | Set the permissions of some configuration files
ansible.builtin.file:
dest: '{{ orientdb_install_dir }}/config/{{ item }}'
owner: '{{ orientdb_user }}'
group: '{{ orientdb_user }}'
mode: '0600'
loop:
- custom-sql-functions.json
- security.json
- orientdb-etl-log.properties
notify: Restart orientdb
tags: ['orientdb', 'orientdb_config']

28
tasks/orientdb_letsencrypt.yml Normal file
View File

@ -0,0 +1,28 @@
---
- name: orientdb_letsencrypt | Manage the Letsencrypt certificates
tags: ['orientdb', 'letsencrypt', 'orientdb_letsencrypt']
when: orientdb_letsencrypt_ssl_enabled
block:
- name: orientdb_letsencrypt | Create the acme hooks directory if it does not yet exist
ansible.builtin.file:
dest: "{{ letsencrypt_acme_services_scripts_dir }}"
state: directory
owner: root
group: root
mode: "0755"
- name: orientdb_letsencrypt | Install a letsencrypt hook to update the orientdb certificate
ansible.builtin.template:
src: orientdb-letsencrypt-acme.sh.j2
dest: "{{ letsencrypt_acme_services_scripts_dir }}/orientdb"
owner: root
group: root
mode: "4555"
- name: orientdb_letsencrypt | Remove the hook if letsencrypt is not used
tags: ['orientdb', 'letsencrypt', 'orientdb_letsencrypt']
when: not orientdb_letsencrypt_ssl_enabled
block:
- name: orientdb_letsencrypt | Install a letsencrypt hook to update the orientdb certificate
ansible.builtin.file:
dest: "{{ letsencrypt_acme_services_scripts_dir }}/orientdb"
state: absent

18
tasks/orientdb_monitoring.yml Normal file
View File

@ -0,0 +1,18 @@
---
- name: orientdb_monitoring | OrientDB Nagios monitoring
tags: ['orientdb', 'orientdb_nagios']
block:
- name: orientdb_monitoring | Install the nagios nrpe configuration
ansible.builtin.template:
src: orientdb-nrpe.cfg.j2
dest: "{{ nrpe_include_dir }}/orientdb-nrpe.cfg"
owner: root
group: root
mode: "0444"
notify: Reload NRPE server
when: orientdb_nagios_enabled
- name: orientdb_monitoring | Remove the nagios nrpe configuration
ansible.builtin.file:
dest: "{{ nrpe_include_dir }}/orientdb-nrpe.cfg"
state: absent
when: not orientdb_nagios_enabled

40
tasks/orientdb_removal.yml Normal file
View File

@ -0,0 +1,40 @@
---
- name: orientdb_removal | Remove OrientDB
tags: ['orientdb']
block:
- name: orientdb_removal | Ensure that the service is disabled and stopped
ansible.builtin.service:
name: orientdb
state: stopped
enabled: false
- name: orientdb_removal | Remove the orientdb SysV startup file
ansible.builtin.file:
dest: /etc/init.d/orientdb
state: absent
when: ansible_service_mgr != 'systemd'
- name: orientdb_removal | Remove the orientdb systemd unit
ansible.builtin.file:
dest: /usr/lib/systemd/system/orientdb.service
state: absent
when: ansible_service_mgr == 'systemd'
- name: orientdb_removal | Remove the link to the orientdb distribution
ansible.builtin.file:
dest: "{{ orientdb_home_prefix }}/{{ orientdb_user }}/{{ orientdb_dir }}"
state: absent
- name: orientdb_removal | Remove the default options file
ansible.builtin.file:
dest: /etc/default/orientdb
state: absent
- name: orientdb_removal | Remove the backup cleaner script
ansible.builtin.file:
dest: /usr/local/bin/orientdb-backup-cleaner
state: absent
- name: orientdb_removal | Remove the backup cleaner cron job
ansible.builtin.cron:
cron_file: orientdb-backup-cleaner
disabled: false
job: "/usr/local/bin/orientdb-backup-cleaner >/dev/null 2>&1"
special_time: daily
user: '{{ orientdb_user }}'
name: "Remove old orientdb backups"
state: absent

4
templates/orientdb-letsencrypt-acme.sh.j2
View File

@ -30,9 +30,9 @@ chgrp {{ orientdb_user }} "{{ java_keystore_file }}"
if [ "$ORIENTDB_ENABLED" == "True" ] ; then
logger "orientdb letsencrypt hook: shut down orientdb."
/etc/init.d/orientdb stop
systemctl stop orientdb
sleep 30
/etc/init.d/orientdb start
systemctl start orientdb
logger "orientdb letsencrypt hook: start orientdb."
else
logger "orientdb letsencrypt hook: the service is disabled, we do not restart it."

8
templates/orientdb-server-config.xml.j2
View File

@ -54,8 +54,8 @@
{% endif %}
<parameter value="{{ java_keystore_file }}" name="network.ssl.keyStore"/>
<parameter value="{{ java_keystore_pwd }}" name="network.ssl.keyStorePassword"/>
<parameter value="{{ java_keystore_file }}" name="network.ssl.trustStore"/>
<parameter value="{{ java_keystore_pwd }}" name="network.ssl.trustStorePassword"/>
<parameter value="{{ java_truststore_file }}" name="network.ssl.trustStore"/>
<parameter value="{{ java_truststore_pwd }}" name="network.ssl.trustStorePassword"/>
</parameters>
</socket>
<socket implementation="com.orientechnologies.orient.server.network.OServerTLSSocketFactory" name="https">
@ -67,8 +67,8 @@
{% endif %}
<parameter value="{{ java_keystore_file }}" name="network.ssl.keyStore"/>
<parameter value="{{ java_keystore_pwd }}" name="network.ssl.keyStorePassword"/>
<parameter value="{{ java_keystore_file }}" name="network.ssl.trustStore"/>
<parameter value="{{ java_keystore_pwd }}" name="network.ssl.trustStorePassword"/>
<parameter value="{{ java_truststore_file }}" name="network.ssl.trustStore"/>
<parameter value="{{ java_truststore_pwd }}" name="network.ssl.trustStorePassword"/>
</parameters>
</socket>
</sockets>