commit 16baaab3e5526b44fe2354a3aec470a54f3482d2
author Mohammed Naser <mnaser@vexxhost.com> Mon Jul 10 15:07:11 2023 -0400
committer Mohammed Naser <mnaser@vexxhost.com> Mon Jul 10 22:01:23 2023 -0400
tree 7fdd2c6998968c353c66b066918b3557e5d3bf9c
parent 49e663789270b443eb2bdcd573a89bfc5e89892c

chore(libvirt): enable tls

build/pin-images.py

diff --git a/build/pin-images.py b/build/pin-images.py
index dc42ef4..5f9341b 100755
--- a/build/pin-images.py
+++ b/build/pin-images.py
@@ -29,14 +29,20 @@
         # Get token for docker.io
         r = requests.get(
             "https://auth.docker.io/token",
-            params={"service": "registry.docker.io", "scope": f"repository:{image_ref.path()}:pull"},
+            params={
+                "service": "registry.docker.io",
+                "scope": f"repository:{image_ref.path()}:pull",
+            },
         )
         r.raise_for_status()
         token = r.json()["token"]
 
         r = requests.get(
             f"https://registry-1.docker.io/v2/{image_ref.path()}/manifests/{image_ref['tag']}",
-            headers={"Accept": "application/vnd.docker.distribution.manifest.v2+json", "Authorization": f"Bearer {token}"},
+            headers={
+                "Accept": "application/vnd.docker.distribution.manifest.v2+json",
+                "Authorization": f"Bearer {token}",
+            },
         )
         r.raise_for_status()
         digest = r.headers["Docker-Content-Digest"]

roles/libvirt/vars/main.yml

diff --git a/roles/libvirt/vars/main.yml b/roles/libvirt/vars/main.yml
index e80fc82..9286e84 100644
--- a/roles/libvirt/vars/main.yml
+++ b/roles/libvirt/vars/main.yml
@@ -20,4 +20,9 @@
     ceph:
       enabled: "{{ atmosphere_ceph_enabled | default(true) | bool }}"
     libvirt:
+      listen_tcp: "0"
+      listen_tls: "1"
       listen_addr: 0.0.0.0
+    qemu:
+      vnc_tls: "1"
+      vnc_tls_x509_verify: "1"