mirror of
https://github.com/status-im/ansible-role-mongodb.git
synced 2025-01-26 04:59:03 +00:00
131 lines
4.6 KiB
YAML
131 lines
4.6 KiB
YAML
---
|
|
|
|
- name: Check value of variable mongodb_net_ssl_host
|
|
fail:
|
|
msg: 'Set mongodb_net_ssl_mode is preferSSL or set valid hostname for mongodb_net_ssl_host!'
|
|
when: ( mongodb_net_ssl_mode == 'requireSSL'
|
|
and mongodb_net_ssl_host == '' )
|
|
|
|
- name: Check value of variable mongodb_login_host
|
|
fail:
|
|
msg: 'Set mongodb_login_host equal mongodb_net_ssl_host!'
|
|
when: ( mongodb_net_ssl_mode == 'requireSSL'
|
|
and mongodb_net_ssl_host != mongodb_login_host
|
|
and not mongodb_replication_replset )
|
|
|
|
- name: Include OS-specific variables
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- "{{ ansible_distribution_release }}.yml"
|
|
- "{{ ansible_distribution }}.yml"
|
|
- "{{ ansible_os_family }}.yml"
|
|
|
|
- name: Include installation tasks
|
|
include: "{{ item }}"
|
|
with_first_found:
|
|
- "install.{{ ansible_distribution | lower }}.yml"
|
|
- "install.{{ ansible_os_family | lower }}.yml"
|
|
tags: [mongodb]
|
|
|
|
- name: Include configuration.yml
|
|
include: configure.yml
|
|
tags: [mongodb]
|
|
|
|
- name: Include replication and auth configuration
|
|
include: replication_init_auth.yml
|
|
when: ( mongodb_replication_replset | length > 0
|
|
and mongodb_security_authorization == 'enabled'
|
|
and mongodb_master is defined and mongodb_master )
|
|
tags: [mongodb]
|
|
|
|
- name: Include replication configuration
|
|
include: replication.yml
|
|
when: mongodb_replication_replset | length > 0
|
|
tags: [mongodb]
|
|
|
|
- name: Check where admin user already exists
|
|
command: >
|
|
mongo --quiet {{ '--ssl --host ' + mongodb_net_ssl_host if mongodb_net_ssl_mode == 'requireSSL' else '' }} -u {{ mongodb_user_admin_name }} \
|
|
-p {{ mongodb_user_admin_password }} --port {{ mongodb_net_port }} --eval 'db.version()' admin
|
|
register: mongodb_user_admin_check
|
|
changed_when: false
|
|
check_mode: no
|
|
ignore_errors: true
|
|
when: ( mongodb_security_authorization == 'enabled'
|
|
and not mongodb_replication_replset )
|
|
no_log: true
|
|
tags: [mongodb]
|
|
|
|
- name: Include authorization configuration
|
|
include: auth_initialization.yml
|
|
when: ( mongodb_security_authorization == 'enabled'
|
|
and not mongodb_replication_replset
|
|
and mongodb_user_admin_check.rc != 0 )
|
|
tags: [mongodb]
|
|
|
|
- name: create normal users with replicaset
|
|
mongodb_user:
|
|
database: "{{ item.database }}"
|
|
name: "{{ item.name }}"
|
|
password: "{{ item.password }}"
|
|
update_password: "{{ mongodb_user_update_password }}"
|
|
roles: "{{ item.roles }}"
|
|
login_user: "{{ mongodb_user_admin_name }}"
|
|
login_password: "{{ mongodb_user_admin_password }}"
|
|
login_port: "{{ mongodb_login_port|default(27017) }}"
|
|
login_host: "{{ mongodb_login_host|default('localhost') }}"
|
|
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
|
with_items:
|
|
- "{{ mongodb_users | default([]) }}"
|
|
when: ( mongodb_replication_replset
|
|
and mongodb_security_authorization == 'enabled'
|
|
and mongodb_master is defined and mongodb_master )
|
|
no_log: true
|
|
tags: [mongodb]
|
|
|
|
- name: create normal users without replicaset
|
|
mongodb_user:
|
|
database: "{{ item.database }}"
|
|
name: "{{ item.name }}"
|
|
password: "{{ item.password }}"
|
|
update_password: "{{ mongodb_user_update_password }}"
|
|
roles: "{{ item.roles }}"
|
|
login_user: "{{ mongodb_user_admin_name }}"
|
|
login_password: "{{ mongodb_user_admin_password }}"
|
|
login_port: "{{ mongodb_net_port }}"
|
|
login_host: "{{ mongodb_login_host|default('localhost') }}"
|
|
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
|
with_items:
|
|
- "{{ mongodb_users | default([]) }}"
|
|
when: ( mongodb_security_authorization == 'enabled'
|
|
and not mongodb_replication_replset )
|
|
no_log: true
|
|
tags: [mongodb]
|
|
|
|
- name: create oplog user with replicaset
|
|
mongodb_user:
|
|
database: admin
|
|
user: "{{ item.user }}"
|
|
password: "{{ item.password }}"
|
|
update_password: "{{ mongodb_user_update_password }}"
|
|
roles:
|
|
- db: local
|
|
role: read
|
|
login_user: "{{ mongodb_user_admin_name }}"
|
|
login_password: "{{ mongodb_user_admin_password }}"
|
|
login_port: "{{ mongodb_login_port|default(27017) }}"
|
|
login_host: "{{ mongodb_login_host|default('localhost') }}"
|
|
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
|
|
with_items:
|
|
- "{{ mongodb_oplog_users | default([]) }}"
|
|
when: ( mongodb_replication_replset | length > 0
|
|
and mongodb_security_authorization == 'enabled'
|
|
and mongodb_master is defined and mongodb_master )
|
|
no_log: false
|
|
tags: [mongodb]
|
|
|
|
- name: Include MMS Agent configuration
|
|
include: mms-agent.yml
|
|
when: mongodb_mms_api_key | length > 0
|
|
tags: [mongodb]
|