Add correct support mode requireSLL.

This commit is contained in:
Mikhail Konyakhin 2019-06-05 15:16:18 +03:00
parent e5caa291b5
commit f8142e6d5a
4 changed files with 23 additions and 1 deletions

View File

@ -31,6 +31,7 @@ mongodb_net_port: 27017 # Specify port number
mongodb_net_ssl: disabled # Enable or disable ssl connections
mongodb_net_ssl_mode: "" # Set the ssl mode (RequireSSL / preferSSL / AllowSSL / disabled)
mongodb_net_ssl_pemfile: "" # Location of the pemfile to use for ssl
mongodb_net_ssl_host: "" # Valid ssl hostname
## processManagement Options
# Fork server process

View File

@ -1,5 +1,18 @@
---
- name: Check value of variable mongodb_net_ssl_host
fail:
msg: 'Set mongodb_net_ssl_mode is preferSSL or set valid hostname for mongodb_net_ssl_host!'
when: ( mongodb_net_ssl_mode == 'requireSSL'
and mongodb_net_ssl_host == '' )
- name: Check value of variable mongodb_login_host
fail:
msg: 'Set mongodb_login_host equal mongodb_net_ssl_host!'
when: ( mongodb_net_ssl_mode == 'requireSSL'
and mongodb_net_ssl_host != mongodb_login_host
and not mongodb_replication_replset )
- name: Include OS-specific variables
include_vars: "{{ item }}"
with_first_found:
@ -32,7 +45,7 @@
- name: Check where admin user already exists
command: >
mongo --quiet -u {{ mongodb_user_admin_name }} \
mongo --quiet {{ '--ssl --host ' + mongodb_net_ssl_host if mongodb_net_ssl_mode == 'requireSSL' else '' }} -u {{ mongodb_user_admin_name }} \
-p {{ mongodb_user_admin_password }} --port {{ mongodb_net_port }} --eval 'db.version()' admin
register: mongodb_user_admin_check
changed_when: false
@ -61,6 +74,7 @@
login_password: "{{ mongodb_user_admin_password }}"
login_port: "{{ mongodb_login_port|default(27017) }}"
login_host: "{{ mongodb_login_host|default('localhost') }}"
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
with_items:
- "{{ mongodb_users | default([]) }}"
when: ( mongodb_replication_replset
@ -79,6 +93,8 @@
login_user: "{{ mongodb_user_admin_name }}"
login_password: "{{ mongodb_user_admin_password }}"
login_port: "{{ mongodb_net_port }}"
login_host: "{{ mongodb_login_host|default('localhost') }}"
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
with_items:
- "{{ mongodb_users | default([]) }}"
when: ( mongodb_security_authorization == 'enabled'
@ -99,6 +115,7 @@
login_password: "{{ mongodb_user_admin_password }}"
login_port: "{{ mongodb_login_port|default(27017) }}"
login_host: "{{ mongodb_login_host|default('localhost') }}"
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
with_items:
- "{{ mongodb_oplog_users | default([]) }}"
when: ( mongodb_replication_replset | length > 0

View File

@ -14,6 +14,7 @@
hidden: "{{ item.hidden|default(false) }}"
priority: "{{ item.priority|default(1.0) }}"
votes: "{{ item.votes|default(omit) }}"
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
when: mongodb_security_authorization == 'enabled'
with_items:
- "{{ mongodb_replication_params|default([]) }}"
@ -30,6 +31,7 @@
hidden: "{{ item.hidden|default(false) }}"
priority: "{{ item.priority|default(1.0) }}"
votes: "{{ item.votes|default(omit) }}"
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
when: mongodb_security_authorization == 'disabled'
with_items:
- "{{ mongodb_replication_params|default([]) }}"

View File

@ -13,6 +13,7 @@
hidden: "{{ item.hidden|default(false) }}"
priority: "{{ item.priority|default(1.0) }}"
votes: "{{ item.votes|default(omit) }}"
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
with_items:
- "{{ mongodb_replication_params|default([]) }}"
register: mongodb_replica_init
@ -35,6 +36,7 @@
hidden: "{{ item.hidden|default(false) }}"
priority: "{{ item.priority|default(1.0) }}"
votes: "{{ item.votes|default(omit) }}"
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
when: mongodb_replica_init is failed
with_items:
- "{{ mongodb_replication_params|default([]) }}"