princely-acts
/
deployment
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f2a6754021'
${ noResults }
deployment/roles/mongodb/tasks/main.yml

159 lines
4.4 KiB
YAML
Raw Blame History Unescape Escape

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

---
- name: Install required packages
apt:
name:
- curl
- gnupg
state: present
#- name: Add mongo ppa key (new way of adding an apt repository key)
# ansible.builtin.get_url:
# url: https://pgp.mongodb.com/server-7.0.asc
# dest: /etc/apt/trusted.gpg.d/mongodb-server-7.0.gpg
# mode: '0644'
# force: true
- name: Add mongo ppa key (new way of adding an apt repository key)
ansible.builtin.shell: curl -fsSL https://pgp.mongodb.com/server-7.0.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/mongodb-server-7.0.gpg
args:
creates: /etc/apt/trusted.gpg.d/mongodb-server-7.0.gpg
- name: Add the mongo repository to the source list
ansible.builtin.shell: echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list
args:
creates: /etc/apt/sources.list.d/mongodb-org-7.0.list
#- name: Add specified repository into sources list
# ansible.builtin.apt_repository:
# repo: deb-src http://repo.mongodb.org/apt/debian bookworm/mongodb-org/8.0 stable main
# state: present
#- name: Update system after the addition of the mongo repo
# apt:
# update_cache: yes
# upgrade: dist
- name: Update all packages after the addition of the mongo repo
ansible.builtin.apt:
name: "*"
state: latest
- name: Mongodb-org installation
apt:
name: mongodb-org
state: latest
update_cache: yes
#- name: Add server Ip in mongod.conf
# ansible.builtin.lineinfile:
# path: /etc/mongod.conf
# search_string: ' bindIp: 127.0.0.1'
# line: ' bindIp: 127.0.0.1, {{ mongodb_ip }}'
- name: Start the mongodb daemon
ansible.builtin.shell: systemctl start mongod
- name: Verify the mongodb service status
ansible.builtin.systemd:
state: started
name: mongod
register: mongo_status
- debug:
var: mongo_status.status.ActiveState
- name: Enable the mongod service and ensure it is not masked
ansible.builtin.systemd:
name: mongod
enabled: true
masked: no
#- name: Check if user database admin exists
# become: false
# ansible.builtin.script:
# executable: python3
# cmd: "check_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}"
# register: admin_exists
# #delegate_to: 127.0.0.1
# ignore_errors: true
# check_admin_user (check if admin user exists)
- name: Create working directory for mongo admin scripts
become: false
ansible.builtin.file:
path: /home/{{ user }}/tmp/
state: directory
mode: '0755'
- name: Installing workplace script librairies
become: false
ansible.builtin.pip:
name: pymongo
virtualenv: /home/{{ user }}/tmp/.venv
- name: Upload check_admin_user python script
become: false
ansible.builtin.copy:
src: files/check_admin_user.py
dest: "/home/{{ user }}/tmp/"
mode: '0755'
- name: Run check_admin_user python script
become: false
ansible.builtin.shell: "cd /home/{{ user }}/tmp && . .venv/bin/activate && ./check_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}"
register: admin_exists
args:
executable: /bin/bash
ignore_errors: true
- debug:
var: admin_exists
#- name: Add mongo database admin
# become: false
# ansible.builtin.script:
# executable: python3
# cmd: "add_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}"
# delegate_to: 127.0.0.1
# when: admin_exists.rc == 0
- name: Upload add_admin_user python script
become: false
ansible.builtin.copy:
src: files/add_admin_user.py
dest: "/home/{{ user }}/tmp/"
mode: '0755'
- name: Installing workplace script librairies
become: false
ansible.builtin.pip:
name: pymongo
virtualenv: /home/{{ user }}/tmp/.venv
- name: Run add_admin_user python script
ansible.builtin.shell: "cd /home/{{ user }}/tmp && . .venv/bin/activate && ./add_admin_user.py {{ mongodb_ip }} {{ mongodb_admin }} {{mongodb_password}}"
args:
executable: /bin/bash
when: admin_exists.rc == 0
ignore_errors: true
- name: Enable restricted authentication over mongodb
ansible.builtin.replace:
path: /etc/mongod.conf
regexp: '#security:'
replace: "security: \n authorization: enabled"
- name: Restart the mongodb daemon
ansible.builtin.shell: systemctl restart mongod
- name: Verify the mongodb service status
ansible.builtin.systemd:
state: started
name: mongod
register: mongo_status
- debug:
var: mongo_status.status.ActiveState
Reference in New Issue View Git Blame Copy Permalink