status-im/ansible-role-mongodb
2
0
Fork 0
mirror of https://github.com/status-im/ansible-role-mongodb.git synced 2025-01-12 22:44:27 +00:00
Code Issues Projects Releases Wiki Activity

Added authorization configuration

Browse Source
This commit is contained in:
Sergei Antipov 2015-02-09 18:39:32 +06:00
parent 5f167f612a
commit 9e17ec9ed8
3 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
defaults/main.yml
View File

@ -76,3 +76,7 @@ mongodb_keyfile_content: |
ZWLnP/mXKV992/Jhu0Z577DHlh+3JIYx0PceB9yzACJ8MNARHF7QpBkhtuGMGZpF
T+c73exupZFxItXs1Bnhe3djgE3MKKyYvxNUIbcTJoe7nhVMrwO/7lBSpVLvC4p3
wR700U0LDaGGQpslGtiE56SemgoP
# password for administrative users
mongodb_user_admin_password: passw0rd
mongodb_root_admin_password: passw0rd

47
tasks/authorization.yml Normal file
View File

@ -0,0 +1,47 @@
---
- name: Install required package for mongodb_user module
apt: name=python-pymongo
- name: create administrative user siteRootAdmin
mongodb_user:
database: admin
name: "{{ item.name }}"
password: "{{ item.password }}"
roles: "{{ item.roles }}"
login_host: "{{ mongodb_user_login_host|default('localhost') }}"
with_items:
- {
name: siteRootAdmin,
password: "{{ mongodb_root_admin_password }}",
roles: "root"
}
- name: create administrative user siteUserAdmin
mongodb_user:
database: admin
name: "{{ item.name }}"
password: "{{ item.password }}"
roles: "{{ item.roles }}"
login_host: "{{ mongodb_user_login_host|default('localhost') }}"
login_user: "siteRootAdmin"
login_password: "{{ mongodb_root_admin_password }}"
with_items:
- {
name: siteUserAdmin,
password: "{{ mongodb_user_admin_password }}",
roles: "userAdminAnyDatabase"
}
- name: create normal users
mongodb_user:
database: "{{ item.database }}"
name: "{{ item.name }}"
password: "{{ item.password }}"
roles: "{{ item.roles }}"
login_host: "{{ mongodb_user_login_host|default('localhost') }}"
login_user: "siteRootAdmin"
login_password: "{{ mongodb_root_admin_password }}"
with_items:
- {{ mongodb_users }}
when: mongodb_users is defined

3
tasks/mongodb.yml
View File

@ -9,5 +9,8 @@
service: name={{ mongodb_daemon_name }} state=started enabled=yes
changed_when: False
- include: authorization.yml
when: mongodb_conf_auth == "yes"
- include: mms-agent.yml
when: mongodb_mms_api_key != ""