Commit Graph

280 Commits

Author SHA1 Message Date
David Castellanos 01bcbcf167 Do not show passwords in Ansible output
This role prints passwords in Ansible outputs (e.g. when creating
users, etc.). This is a problem because passwords must never appear
in plaintext under any circunstances.

This commit attempts to fix the problem described above. The option
"no_log: true" has been added to tasks which may print passwords
during Ansible execution.
2016-09-21 23:51:38 +02:00
David Castellanos d9393b1b66 Fix systemd test for Ubuntu Xenial
The role checks if the system is running or not systemd. It checks the
name of the process with PID1, and if it contains the string "systemd"
assumes that the host is systemd-based. Unfortunately that check fails
in Ubuntu Xenial:

  vagrant@mongo-xenial:~$ cat /proc/1/cmdline
  /sbin/init

A better approach may be to check if /sbin/init is a symlink or a
binary. In systemd-based systems (e.g. Ubuntu Xenial), /sbin/init is a
symlink to the systemd binary:

  vagrant@mongo-xenial:~$ file /sbin/init
  /sbin/init: symbolic link to /lib/systemd/systemd

In Ubuntu Trusty /sbin/init is a binary:

  vagrant@mongo-trusty:~$ file /sbin/init
  /sbin/init: ELF 64-bit LSB  shared object, x86-64, version 1 (SYSV),
  dynamically linked (uses shared libs), for GNU/Linux 2.6.24,
  BuildID[sha1]=7a4c688d009fc1f06ffc692f5f42ab09e68582b2, strippe

This commit attempts to solve the problem described above. The systemd
check has been rewritten to check if /sbin/init is a binary or a
symlink.
2016-09-21 16:33:05 +02:00
Sergei Antipov d10f2919b1 Merge pull request #65 from maiers/master
Enabling check_mode
2016-08-02 10:50:33 +07:00
Sebastian Maier b949a5e6dd added 'always_run=yes' for two script tasks otherwise preventing check_mode to run through 2016-07-15 15:57:06 +02:00
Sergei Antipov 3cc5ee6378 Merge pull request #63 from mflopez79/fix_readme
Allowed values for security are enabled/disabled. A true value will produce mongo to not start at all on the server [ci skip]
2016-06-02 14:36:22 +07:00
Matias Lopez Riglos 64d9a0755f Allowed values for security are enabled/disabled. A true value will produce mongo to not start at all on the server 2016-05-19 11:07:36 -03:00
Sergei Antipov 7bfc707fcf Update description of replication module [skip ci] 2016-05-18 17:38:25 +06:00
Sergei Antipov cc835a3f18 Merge pull request #61 from ecerulm/patch-1
Ensure service is started
2016-05-10 14:17:43 +07:00
Ruben Laguna 705ea295b3 Ensure service is started
Since the service could have been stopped manually (outside Ansible) we should ensure that the service is started before waiting for the port to come up.
2016-05-09 22:06:37 +02:00
Sergei Antipov 084f09a789 Merge branch 'ubuntu_1204_fix_travis_builds' 2016-05-09 16:30:17 +06:00
Sergei Antipov 0e7e73871d Fixed problem with testing for 12.04 version 2016-05-09 15:57:26 +06:00
Sergei Antipov 9f208d1be4 Build Ubuntu 12.04 image insteed of pull it 2016-05-09 14:52:43 +06:00
Daniel White 4b22cc431d Enable server process forking by default on RedHat
The init scripts that are provided assume that forking is enabled by
default. This has been left in defaults, to preserve the capability for
users to override this option.
2016-05-08 04:17:38 +10:00
Daniel White 255dc39cc3 Define pidFilePath for offical RHEL packages
The init script in these packages _assumes_ that this variable is
defined. Without it, it fails to properly start the service.
2016-05-08 04:17:38 +10:00
Daniel White 6ccd0a332c Indicate level of support for RHEL/CentOS
Despite the test builds for CentOS, it's probably safe to mark them as
unknown until they've been used a bit more heavily.
2016-05-08 04:17:38 +10:00
Daniel White 589222f25e Provide better default user for a RedHat based OS
While we could define this in the per-platform variables, including this
in the defaults maintains backwards compatability for users that want to
override this value.
2016-05-08 04:17:38 +10:00
Daniel White b74bade421 Introduce support for RedHat package installation
This provides initial support for installing the relevant MongoDB
packages for a RedHat based OS. This currently only supports RHEL/CentOS
6 in order to keep the initial scope relatively constrained.
2016-05-08 04:17:38 +10:00
Daniel White 52b1f395ea Ensure tests run with expected docker image
This has been working so far since the tests have only cared about
Ubuntu as a target. Now that RedHat is an option, the default needs to
be overriden.
2016-05-08 04:13:36 +10:00
Sergei Antipov 0ea31ad349 Changed ansible_user for tests
Problem with ansible connection type 'docker' solved for
Travis CI tests.
2016-05-07 23:16:43 +06:00
Sergei Antipov 48fcd565fe Merge pull request #58 from danielwhite/configure-dbpath-owner
Ensure dbpath directory has configurable owner
2016-04-27 18:45:36 +06:00
Daniel White a0ce9baaac Ensure dbpath directory has configurable owner
Looks like when this variable was introduced, this particular task was
missed.

This has also been moved to the configuration stage, since it seems to
fit with the task for ensuring the log directory exists, too.
2016-04-27 14:14:55 +10:00
Sergei Antipov 707d0ecaae Added meta info about precise [skip ci] 2016-04-19 13:23:29 +06:00
Sergei Antipov 86d4cb209a Merged backup user creating 2016-04-18 19:08:24 +06:00
Sergei Antipov 6341395252 Changed meta information [skip ci] 2016-04-18 18:37:52 +06:00
Sergei Antipov 81e05e0cc0 Updated support matrix [ci skip] 2016-04-18 13:19:41 +06:00
Sergei Antipov a996054a90 Merge pull request #56 from UnderGreen/travisci_improvements
Added 12.04 ubuntu testing
2016-04-18 13:16:11 +06:00
Sergei Antipov 4fd167c1dc Added 12.04 ubuntu testing 2016-04-18 10:48:13 +06:00
Sergei Antipov 177869a30d Added Travis CI build status [ci skip] 2016-04-17 23:59:53 +06:00
Sergei Antipov 77c55d557b Fixed problem with concurrency race 2016-04-17 23:18:31 +06:00
Sergei Antipov b387a16715 Added new Travis CI tests 2016-04-17 21:44:11 +06:00
Sergei Antipov 8089efd861 Updated README [ci skip] 2016-04-17 21:34:42 +06:00
Sergei Antipov 201c4089e2 TravisCI build improvements 2016-04-17 20:56:00 +06:00
Sergei Antipov 630e773962 Deleted unneeded parts 2016-04-17 20:40:20 +06:00
Sergei Antipov e5f2d18095 Fixed travis build 2016-04-17 20:29:24 +06:00
Sergei Antipov 25c7cec6f2 Support of mongodb 3 2016-04-17 19:43:00 +06:00
Sergei Antipov b6e2ffe362 Fixed variable conditional 2016-03-04 01:22:38 +06:00
Sergei Antipov 6dd0a0da06 Added compatibility check for Pymongo 2016-03-04 01:22:10 +06:00
Sergei Antipov 3dfa06c44f Added feature to use mongodb versions >= 3.0 2016-03-04 01:20:08 +06:00
Sergei Antipov 390f9263c4 Added task for waiting mongodb server is running 2016-03-04 01:18:01 +06:00
Sergei Antipov 45da87de3d Merge pull request #48 from rapkin/master
Fixed "ERROR! 'mongodb_replication_params' is undefined"
2016-02-03 13:13:39 +05:00
Sergei Antipov aa9b77e142 Merge pull request #49 from strangeman/master
Resolved error in single-node installation
2016-02-03 13:13:26 +05:00
Anton Markelov 5f101340de Resolve error in single-node installation 2016-02-03 15:53:32 +09:00
rapkin e66450e580 added default values for `mongodb_replication_params ` to avoid undefined 2016-01-29 14:37:25 +02:00
rapkin 42487b9f46 fixed `mongodb_replication_params is undefined` error (closes #37) 2016-01-29 14:17:16 +02:00
Sergei Antipov 61b008311c Merge pull request #47 from jamescarr/patch-1
Remove version attribute that breaks in 2.0.0
2016-01-28 12:11:09 +05:00
James Carr bbefe6562b Remove version attribute that breaks in 2.0.0 2016-01-27 15:06:34 -06:00
Sergei Antipov 0310a42b5b Version bump 2015-12-16 14:27:07 +05:00
Sergei Antipov 08e071d3a8 Version bump 2015-12-16 14:26:35 +05:00
Sergei Antipov 4d8927f5d6 Merge pull request #44 from davidcaste/davidcaste-replicaset-without-authentication
Fix replicaset config without authentication
2015-12-16 14:25:30 +05:00
davidcaste 4b2899bb6e Fix replicaset config without authentication
According to MongoDB documentation[1], "enabling internal authentication
(in a replicaset) enables access control". Therefore, if MongoDB is
configured without authentication (`auth = no`) a `keyFile` line
must not appear in the configuration file.

This commit attempts to solve the problem described above. An extra
check has been added to ensure the `keyFile` configuration option is
added only if replicaset authorization _and_ authentication is enabled.

[1]: https://docs.mongodb.org/v3.0/tutorial/enable-internal-authentication/
2015-12-16 09:24:08 +01:00