--- - name: Install required packages apt: name: - curl - gnupg state: present #- name: Add mongo ppa key (new way of adding an apt repository key) # ansible.builtin.get_url: # url: https://pgp.mongodb.com/server-7.0.asc # dest: /etc/apt/trusted.gpg.d/mongodb-server-7.0.gpg # mode: '0644' # force: true - name: Add mongo ppa key (new way of adding an apt repository key) ansible.builtin.shell: curl -fsSL https://pgp.mongodb.com/server-7.0.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/mongodb-server-7.0.gpg args: creates: /etc/apt/trusted.gpg.d/mongodb-server-7.0.gpg - name: Add the mongo repository to the source list ansible.builtin.shell: echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list args: creates: /etc/apt/sources.list.d/mongodb-org-7.0.list #- name: Add specified repository into sources list # ansible.builtin.apt_repository: # repo: deb-src http://repo.mongodb.org/apt/debian bookworm/mongodb-org/8.0 stable main # state: present #- name: Update system after the addition of the mongo repo # apt: # update_cache: yes # upgrade: dist - name: Update all packages after the addition of the mongo repo ansible.builtin.apt: name: "*" state: latest - name: Mongodb-org installation apt: name: mongodb-org state: latest update_cache: yes #- name: Add server Ip in mongod.conf # ansible.builtin.lineinfile: # path: /etc/mongod.conf # search_string: ' bindIp: 127.0.0.1' # line: ' bindIp: 127.0.0.1, {{ mongodb_ip }}' - name: Start the mongodb daemon ansible.builtin.shell: systemctl start mongod - name: Verify the mongodb service status ansible.builtin.systemd: state: started name: mongod register: mongo_status - debug: var: mongo_status.status.ActiveState - name: Enable the mongod service and ensure it is not masked ansible.builtin.systemd: name: mongod enabled: true masked: no #- name: Check if user database admin exists # become: false # ansible.builtin.script: # executable: python3 # cmd: "check_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}" # register: admin_exists # #delegate_to: 127.0.0.1 # ignore_errors: true # check_admin_user (check if admin user exists) - name: Create working directory for mongo admin scripts become: false ansible.builtin.file: path: /home/{{ user }}/tmp/ state: directory mode: '0755' - name: Installing workplace script librairies become: false ansible.builtin.pip: name: pymongo virtualenv: /home/{{ user }}/tmp/.venv - name: Upload check_admin_user python script become: false ansible.builtin.copy: src: files/check_admin_user.py dest: "/home/{{ user }}/tmp/" mode: '0755' - name: Run check_admin_user python script become: false ansible.builtin.shell: "cd /home/{{ user }}/tmp && . .venv/bin/activate && ./check_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}" register: admin_exists args: executable: /bin/bash ignore_errors: true - debug: var: admin_exists #- name: Add mongo database admin # become: false # ansible.builtin.script: # executable: python3 # cmd: "add_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}" # delegate_to: 127.0.0.1 # when: admin_exists.rc == 0 - name: Upload add_admin_user python script become: false ansible.builtin.copy: src: files/add_admin_user.py dest: "/home/{{ user }}/tmp/" mode: '0755' - name: Installing workplace script librairies become: false ansible.builtin.pip: name: pymongo virtualenv: /home/{{ user }}/tmp/.venv - name: Run add_admin_user python script ansible.builtin.shell: "cd /home/{{ user }}/tmp && . .venv/bin/activate && ./add_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}" args: executable: /bin/bash when: admin_exists.rc == 0 ignore_errors: true - name: Enable restricted authentication over mongodb ansible.builtin.replace: path: /etc/mongod.conf regexp: '#security:' replace: "security: \n authorization: enabled" - name: Restart the mongodb daemon ansible.builtin.shell: systemctl restart mongod - name: Verify the mongodb service status ansible.builtin.systemd: state: started name: mongod register: mongo_status - debug: var: mongo_status.status.ActiveState