initial upload
This commit is contained in:
122
roles/consul/tasks/main.yml
Normal file
122
roles/consul/tasks/main.yml
Normal file
@@ -0,0 +1,122 @@
|
||||
---
|
||||
|
||||
|
||||
- name: Ensure the consul user exists
|
||||
user:
|
||||
name: consul
|
||||
home: '{{ consul_data_dir }}'
|
||||
system: yes
|
||||
groups: ssl-cert
|
||||
append: yes
|
||||
shell: /bin/false
|
||||
createhome: no
|
||||
state: present
|
||||
tags: packages
|
||||
|
||||
- name: Ensure the consul config dir exists
|
||||
file:
|
||||
dest: /etc/consul.d
|
||||
owner: root
|
||||
group: consul
|
||||
mode: 0750
|
||||
state: directory
|
||||
tags: packages
|
||||
|
||||
- name: Ensure the consul data dir exists
|
||||
file:
|
||||
dest: /opt/consul
|
||||
owner: consul
|
||||
group: consul
|
||||
mode: 0750
|
||||
state: directory
|
||||
tags: packages
|
||||
|
||||
- name: Remove old consul config
|
||||
file:
|
||||
dest: /etc/consul.d/00-base_config.json
|
||||
state: absent
|
||||
tags: configs
|
||||
|
||||
- name: Install consul config
|
||||
template:
|
||||
dest: /etc/consul.d/00-base_config.hcl
|
||||
src: etc_consul.d_00-base_config.hcl.j2
|
||||
#validate: 'consul validate %s'
|
||||
mode: 0640
|
||||
owner: root
|
||||
group: consul
|
||||
notify: Restart consul
|
||||
tags:
|
||||
- configs
|
||||
- consul.conf
|
||||
|
||||
- name: Install consul service config
|
||||
template:
|
||||
dest: /etc/default/consul
|
||||
src: etc_default_consul.j2
|
||||
when: not consul_stub_mode
|
||||
notify: Restart consul
|
||||
tags: configs
|
||||
|
||||
- name: Install consul service
|
||||
template:
|
||||
dest: /etc/systemd/system/consul.service
|
||||
src: etc_systemd_system_consul.service.j2
|
||||
when: not consul_stub_mode
|
||||
notify: Restart consul
|
||||
tags: configs
|
||||
|
||||
- name: Enable the consul service
|
||||
systemd:
|
||||
name: consul
|
||||
state: "{{ 'started' if not consul_stub_mode else 'stopped' }}"
|
||||
enabled: "{{ not consul_stub_mode }}"
|
||||
daemon_reload: yes
|
||||
when: not consul_stub_mode
|
||||
tags: configs
|
||||
|
||||
- name: Remove the master token if present
|
||||
lineinfile:
|
||||
dest: /root/.bashrc
|
||||
regexp: '^export CONSUL_HTTP_TOKEN=.*'
|
||||
state: absent
|
||||
when: consul_acl_master_token is defined and consul_acl_master_token and not consul_stub_mode
|
||||
tags: configs
|
||||
|
||||
- name: Install packages needed by consul-tag
|
||||
apt:
|
||||
pkg:
|
||||
- python3
|
||||
- python3-requests
|
||||
state: present
|
||||
when: not consul_stub_mode
|
||||
tags: consul-tag
|
||||
|
||||
- name: Install consul-tag
|
||||
template:
|
||||
dest: /usr/local/bin/consul-tag
|
||||
src: usr_local_bin_consul-tag.j2
|
||||
mode: 0755
|
||||
owner: root
|
||||
group: root
|
||||
when: not consul_stub_mode
|
||||
tags: consul-tag
|
||||
|
||||
- name: Remove old firewall config
|
||||
file: dest=/etc/firewall/rules-v4.d/28_consul.sh state=absent
|
||||
when: consul_firewall and not consul_stub_mode
|
||||
notify: Restart firewall
|
||||
tags:
|
||||
- configs
|
||||
- firewall
|
||||
|
||||
- name: Install the consul firewall config
|
||||
template:
|
||||
dest: /etc/firewall/rules-v4.d/78_consul.sh
|
||||
src: etc_firewall_rules-v4.d_78_consul.sh.j2
|
||||
mode: 0600
|
||||
when: consul_firewall
|
||||
notify: Restart firewall
|
||||
tags:
|
||||
- configs
|
||||
- firewall
|
||||
Reference in New Issue
Block a user