diff --git a/tasks/auth_initialization.yml b/tasks/auth_initialization.yml index 41d2fb9..00e7efd 100644 --- a/tasks/auth_initialization.yml +++ b/tasks/auth_initialization.yml @@ -1,5 +1,8 @@ --- +- include: auth_initialization_ald.yml + when: ansible_local.mongodb.mongodb.mongodb_login_port is defined + - name: create administrative user siteRootAdmin mongodb_user: database: admin @@ -7,13 +10,14 @@ password: "{{ item.password }}" roles: "{{ item.roles }}" login_host: 127.0.0.1 - login_port: "{{ mongodb_conf_port|default(27017) }}" with_items: - { name: "{{ mongodb_root_admin_name }}", password: "{{ mongodb_root_admin_password }}", roles: "root" } + register: rootadmin_user_result + when: ansible_local.mongodb.mongodb.mongodb_login_port is undefined - name: create administrative user siteUserAdmin mongodb_user: @@ -22,13 +26,14 @@ password: "{{ item.password }}" roles: "{{ item.roles }}" login_host: 127.0.0.1 - login_port: "{{ mongodb_conf_port|default(27017) }}" with_items: - { name: "{{ mongodb_user_admin_name }}", password: "{{ mongodb_user_admin_password }}", roles: "userAdminAnyDatabase" } + register: useradmin_user_result + when: ansible_local.mongodb.mongodb.mongodb_login_port is undefined - name: create normal users mongodb_user: @@ -38,9 +43,21 @@ roles: "{{ item.roles }}" replica_set: "{{ mongodb_conf_replSet }}" login_host: 127.0.0.1 - login_port: "{{ mongodb_conf_port|default(27017) }}" login_user: "{{ mongodb_user_admin_name }}" login_password: "{{ mongodb_user_admin_password }}" with_items: - "{{ mongodb_users }}" - when: mongodb_users is defined + when: mongodb_users is defined and ansible_local.mongodb.mongodb_login_port is undefined + +- name: Create facts.d directory + file: + state: directory + recurse: yes + path: /etc/ansible/facts.d + when: rootadmin_user_result|changed or useradmin_user_result|changed + +- name: Create facts file for mongodb + copy: + dest: /etc/ansible/facts.d/mongodb.fact + content: "[mongodb]\nmongodb_login_port={{ mongodb_conf_port }}\n" + when: rootadmin_user_result|changed or useradmin_user_result|changed diff --git a/tasks/auth_initialization_ald.yml b/tasks/auth_initialization_ald.yml new file mode 100644 index 0000000..1c27b8e --- /dev/null +++ b/tasks/auth_initialization_ald.yml @@ -0,0 +1,43 @@ +- name: create administrative user siteRootAdmin + mongodb_user: + database: admin + name: "{{ item.name }}" + password: "{{ item.password }}" + roles: "{{ item.roles }}" + login_host: 127.0.0.1 + login_port: "{{ ansible_local.mongodb.mongodb.mongodb_login_port|default(27017) }}" + with_items: + - { + name: "{{ mongodb_root_admin_name }}", + password: "{{ mongodb_root_admin_password }}", + roles: "root" + } + +- name: create administrative user siteUserAdmin + mongodb_user: + database: admin + name: "{{ item.name }}" + password: "{{ item.password }}" + roles: "{{ item.roles }}" + login_host: 127.0.0.1 + login_port: "{{ ansible_local.mongodb.mongodb_login_port|default(27017) }}" + with_items: + - { + name: "{{ mongodb_user_admin_name }}", + password: "{{ mongodb_user_admin_password }}", + roles: "userAdminAnyDatabase" + } + +- name: create normal users + mongodb_user: + database: "{{ item.database }}" + name: "{{ item.name }}" + password: "{{ item.password }}" + roles: "{{ item.roles }}" + replica_set: "{{ mongodb_conf_replSet }}" + login_host: 127.0.0.1 + login_port: "{{ ansible_local.mongodb.mongodb_login_port|default(27017) }}" + login_user: "{{ mongodb_user_admin_name }}" + login_password: "{{ mongodb_user_admin_password }}" + with_items: + - "{{ mongodb_users }}"