Kristjan Kullerkann e5b79820c8 Oplog user creation
Add functionality to create oplog users
2018-09-03 23:06:22 +03:00

117 lines
3.9 KiB
YAML

---
- name: Include OS-specific variables
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution_release }}.yml"
- "{{ ansible_distribution }}.yml"
- "{{ ansible_os_family }}.yml"
- name: Include installation tasks
include: "install.{{ ansible_os_family | lower }}.yml"
tags: [mongodb]
- name: Include configuration.yml
include: configure.yml
tags: [mongodb]
- name: Include replication and auth configuration
include: replication_init_auth.yml
when: ( mongodb_replication_replset
and mongodb_replication_replset != ''
and mongodb_security_authorization == 'enabled'
and mongodb_master is defined and mongodb_master )
tags: [mongodb]
- name: Include replication configuration
include: replication.yml
when: mongodb_replication_replset and mongodb_replication_replset != ''
tags: [mongodb]
- name: Check where admin user already exists
command: >
mongo --quiet -u {{ mongodb_user_admin_name }} \
-p {{ mongodb_user_admin_password }} --port {{ mongodb_net_port }} --eval 'db.version()' admin
register: mongodb_user_admin_check
changed_when: false
check_mode: no
ignore_errors: true
when: ( mongodb_security_authorization == 'enabled'
and (not mongodb_replication_replset
or mongodb_replication_replset == '') )
no_log: true
tags: [mongodb]
- name: Include authorization configuration
include: auth_initialization.yml
when: ( mongodb_security_authorization == 'enabled'
and (not mongodb_replication_replset
or mongodb_replication_replset == '')
and mongodb_user_admin_check.rc != 0 )
tags: [mongodb]
- name: create normal users with replicaset
mongodb_user_fixed:
database: "{{ item.database }}"
name: "{{ item.name }}"
password: "{{ item.password }}"
update_password: "{{ mongodb_user_update_password }}"
roles: "{{ item.roles }}"
login_user: "{{ mongodb_user_admin_name }}"
login_password: "{{ mongodb_user_admin_password }}"
login_port: "{{ mongodb_login_port|default(27017) }}"
login_host: "{{ mongodb_login_host|default('localhost') }}"
with_items:
- "{{ mongodb_users | default([]) }}"
when: ( mongodb_replication_replset
and mongodb_replication_replset != ''
and mongodb_security_authorization == 'enabled'
and mongodb_master is defined and mongodb_master )
no_log: true
tags: [mongodb]
- name: create normal users without replicaset
mongodb_user_fixed:
database: "{{ item.database }}"
name: "{{ item.name }}"
password: "{{ item.password }}"
update_password: "{{ mongodb_user_update_password }}"
roles: "{{ item.roles }}"
login_user: "{{ mongodb_user_admin_name }}"
login_password: "{{ mongodb_user_admin_password }}"
login_port: "{{ mongodb_net_port }}"
with_items:
- "{{ mongodb_users | default([]) }}"
when: ( mongodb_security_authorization == 'enabled'
and (not mongodb_replication_replset
or mongodb_replication_replset == '') )
no_log: true
tags: [mongodb]
- name: create oplog user with replicaset
mongodb_user_fixed:
database: admin
user: "{{ item.user }}"
password: "{{ item.password }}"
update_password: "{{ mongodb_user_update_password }}"
roles:
- db: local
role: read
login_user: "{{ mongodb_user_admin_name }}"
login_password: "{{ mongodb_user_admin_password }}"
login_port: "{{ mongodb_login_port|default(27017) }}"
login_host: "{{ mongodb_login_host|default('localhost') }}"
with_items:
- "{{ mongodb_oplog_users | default([]) }}"
when: ( mongodb_replication_replset
and mongodb_replication_replset != ''
and mongodb_security_authorization == 'enabled'
and mongodb_master is defined and mongodb_master )
no_log: false
tags: [mongodb]
- name: Include MMS Agent configuration
include: mms-agent.yml
when: mongodb_mms_api_key != ""
tags: [mongodb]