jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-10-31 19:01:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2022-08-01 16:00

Browse Source
This commit is contained in:
Daniel Berteaud
2022-08-01 16:00:18 +02:00
parent 1650198b44
commit 576eba31fe
11 changed files with 159 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/consul/tasks/conf.yml
View File

@@ -2,11 +2,11 @@
- name: Deploy consul configuration
template:
src: consul.json.j2
dest: "{{ consul_root_dir }}/etc/consul.json"
src: consul.hcl.j2
dest: "{{ consul_root_dir }}/etc/consul.hcl"
owner: root
group: "{{ consul_user }}"
mode: 640
validate: consul validate %s
mode: 0640
#validate: consul validate %s
notify: restart consul
tags: consul

30
roles/consul/tasks/facts.yml
View File

@@ -1,12 +1,26 @@
---
- name: Detect installed version
block:
- import_tasks: ../includes/webapps_set_install_mode.yml
vars:
- root_dir: "{{ consul_root_dir }}"
- version: "{{ consul_version }}"
- set_fact: consul_install_mode={{ install_mode | default('none') }}
- set_fact: consul_current_version={{ current_version | default('') }}
- set_fact: consul_install_mode='none'
tags: consul
- name: Detect if consul is installed
stat: path=/usr/local/bin/consul
register: consul_bin
tags: consul
- when: not consul_bin.stat.exists
set_fact: consul_install_mode='install'
tags: consul
- when: consul_bin.stat.exists
block:
- name: Detect installed version
shell: /usr/local/bin/consul version | head -1 | perl -pe 's/Consul v(\d+(\.\d+)*)/$1/'
changed_when: False
register: consul_current_version
- set_fact: consul_current_version={{ consul_current_version.stdout }}
tags: consul
- when: consul_bin.stat.exists and consul_current_version != consul_version
set_fact: consul_install_mode='upgrade'

4
roles/consul/tasks/iptables.yml
View File

@@ -6,10 +6,10 @@
state: "{{ (('tcp' in consul_services[item].proto or 'udp' in consul_services[item].proto) and consul_services[item].src_ip | length > 0) | ternary('present', 'absent') }}"
rules: |
{% if 'tcp' in consul_services[item].proto %}
-A INPUT -m state --state NEW -p tcp --dport {{ consul_services[item].port }} -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport {{ consul_services[item].port }} -s {{ consul_services[item].src_ip | join(',') }} -j ACCEPT
{% endif %}
{% if 'udp' in consul_services[item].proto %}
-A INPUT -m state --state NEW -p udp --dport {{ consul_services[item].port }} -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport {{ consul_services[item].port }} -s {{ consul_services[item].src_ip | join(',') }} -j ACCEPT
{% endif %}
loop: "{{ consul_services.keys() | list }}"
tags: firewall,consul

3
roles/consul/tasks/main.yml
View File

@@ -26,9 +26,6 @@
- include_tasks: services.yml
tags: always
- include_tasks: write_version.yml
tags: always
- include_tasks: archive_post.yml
when: consul_install_mode | default('none') == 'upgrade'
tags: always

5
roles/consul/tasks/write_version.yml
View File

@@ -1,5 +0,0 @@
---
- name: Write installed version
copy: content={{ consul_version }} dest={{ consul_root_dir }}/meta/ansible_version
tags: consul