chore(libvirt): enable tls
diff --git a/build/pin-images.py b/build/pin-images.py
index dc42ef4..5f9341b 100755
--- a/build/pin-images.py
+++ b/build/pin-images.py
@@ -29,14 +29,20 @@
# Get token for docker.io
r = requests.get(
"https://auth.docker.io/token",
- params={"service": "registry.docker.io", "scope": f"repository:{image_ref.path()}:pull"},
+ params={
+ "service": "registry.docker.io",
+ "scope": f"repository:{image_ref.path()}:pull",
+ },
)
r.raise_for_status()
token = r.json()["token"]
r = requests.get(
f"https://registry-1.docker.io/v2/{image_ref.path()}/manifests/{image_ref['tag']}",
- headers={"Accept": "application/vnd.docker.distribution.manifest.v2+json", "Authorization": f"Bearer {token}"},
+ headers={
+ "Accept": "application/vnd.docker.distribution.manifest.v2+json",
+ "Authorization": f"Bearer {token}",
+ },
)
r.raise_for_status()
digest = r.headers["Docker-Content-Digest"]
diff --git a/roles/libvirt/vars/main.yml b/roles/libvirt/vars/main.yml
index e80fc82..9286e84 100644
--- a/roles/libvirt/vars/main.yml
+++ b/roles/libvirt/vars/main.yml
@@ -20,4 +20,9 @@
ceph:
enabled: "{{ atmosphere_ceph_enabled | default(true) | bool }}"
libvirt:
+ listen_tcp: "0"
+ listen_tls: "1"
listen_addr: 0.0.0.0
+ qemu:
+ vnc_tls: "1"
+ vnc_tls_x509_verify: "1"