mirror of
https://github.com/status-im/ansible-role-mongodb.git
synced 2025-02-15 22:46:54 +00:00
Add correct support mode requireSLL.
This commit is contained in:
parent
e5caa291b5
commit
f8142e6d5a
@ -31,6 +31,7 @@ mongodb_net_port: 27017 # Specify port number
|
||||
mongodb_net_ssl: disabled # Enable or disable ssl connections
|
||||
mongodb_net_ssl_mode: "" # Set the ssl mode (RequireSSL / preferSSL / AllowSSL / disabled)
|
||||
mongodb_net_ssl_pemfile: "" # Location of the pemfile to use for ssl
|
||||
mongodb_net_ssl_host: "" # Valid ssl hostname
|
||||
|
||||
## processManagement Options
|
||||
# Fork server process
|
||||
|
@ -1,5 +1,18 @@
|
||||
---
|
||||
|
||||
- name: Check value of variable mongodb_net_ssl_host
|
||||
fail:
|
||||
msg: 'Set mongodb_net_ssl_mode is preferSSL or set valid hostname for mongodb_net_ssl_host!'
|
||||
when: ( mongodb_net_ssl_mode == 'requireSSL'
|
||||
and mongodb_net_ssl_host == '' )
|
||||
|
||||
- name: Check value of variable mongodb_login_host
|
||||
fail:
|
||||
msg: 'Set mongodb_login_host equal mongodb_net_ssl_host!'
|
||||
when: ( mongodb_net_ssl_mode == 'requireSSL'
|
||||
and mongodb_net_ssl_host != mongodb_login_host
|
||||
and not mongodb_replication_replset )
|
||||
|
||||
- name: Include OS-specific variables
|
||||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
@ -32,7 +45,7 @@
|
||||
|
||||
- name: Check where admin user already exists
|
||||
command: >
|
||||
mongo --quiet -u {{ mongodb_user_admin_name }} \
|
||||
mongo --quiet {{ '--ssl --host ' + mongodb_net_ssl_host if mongodb_net_ssl_mode == 'requireSSL' else '' }} -u {{ mongodb_user_admin_name }} \
|
||||
-p {{ mongodb_user_admin_password }} --port {{ mongodb_net_port }} --eval 'db.version()' admin
|
||||
register: mongodb_user_admin_check
|
||||
changed_when: false
|
||||
@ -61,6 +74,7 @@
|
||||
login_password: "{{ mongodb_user_admin_password }}"
|
||||
login_port: "{{ mongodb_login_port|default(27017) }}"
|
||||
login_host: "{{ mongodb_login_host|default('localhost') }}"
|
||||
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
||||
with_items:
|
||||
- "{{ mongodb_users | default([]) }}"
|
||||
when: ( mongodb_replication_replset
|
||||
@ -79,6 +93,8 @@
|
||||
login_user: "{{ mongodb_user_admin_name }}"
|
||||
login_password: "{{ mongodb_user_admin_password }}"
|
||||
login_port: "{{ mongodb_net_port }}"
|
||||
login_host: "{{ mongodb_login_host|default('localhost') }}"
|
||||
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
||||
with_items:
|
||||
- "{{ mongodb_users | default([]) }}"
|
||||
when: ( mongodb_security_authorization == 'enabled'
|
||||
@ -99,6 +115,7 @@
|
||||
login_password: "{{ mongodb_user_admin_password }}"
|
||||
login_port: "{{ mongodb_login_port|default(27017) }}"
|
||||
login_host: "{{ mongodb_login_host|default('localhost') }}"
|
||||
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
||||
with_items:
|
||||
- "{{ mongodb_oplog_users | default([]) }}"
|
||||
when: ( mongodb_replication_replset | length > 0
|
||||
|
@ -14,6 +14,7 @@
|
||||
hidden: "{{ item.hidden|default(false) }}"
|
||||
priority: "{{ item.priority|default(1.0) }}"
|
||||
votes: "{{ item.votes|default(omit) }}"
|
||||
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
||||
when: mongodb_security_authorization == 'enabled'
|
||||
with_items:
|
||||
- "{{ mongodb_replication_params|default([]) }}"
|
||||
@ -30,6 +31,7 @@
|
||||
hidden: "{{ item.hidden|default(false) }}"
|
||||
priority: "{{ item.priority|default(1.0) }}"
|
||||
votes: "{{ item.votes|default(omit) }}"
|
||||
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
||||
when: mongodb_security_authorization == 'disabled'
|
||||
with_items:
|
||||
- "{{ mongodb_replication_params|default([]) }}"
|
||||
|
@ -13,6 +13,7 @@
|
||||
hidden: "{{ item.hidden|default(false) }}"
|
||||
priority: "{{ item.priority|default(1.0) }}"
|
||||
votes: "{{ item.votes|default(omit) }}"
|
||||
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
||||
with_items:
|
||||
- "{{ mongodb_replication_params|default([]) }}"
|
||||
register: mongodb_replica_init
|
||||
@ -35,6 +36,7 @@
|
||||
hidden: "{{ item.hidden|default(false) }}"
|
||||
priority: "{{ item.priority|default(1.0) }}"
|
||||
votes: "{{ item.votes|default(omit) }}"
|
||||
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
||||
when: mongodb_replica_init is failed
|
||||
with_items:
|
||||
- "{{ mongodb_replication_params|default([]) }}"
|
||||
|
Loading…
x
Reference in New Issue
Block a user