Update to 2023-10-13 15:00

2025-07-27 00:05:44 +02:00 · 2023-10-13 15:00:23 +02:00
parent 5956dad4fd
commit e823a08de2
32 changed files with 163 additions and 142 deletions
--- a/roles/ldap2pg/tasks/conf.yml
+++ b/roles/ldap2pg/tasks/conf.yml
@@ -1,5 +1,9 @@
 ---

+- name: Deploy env file
+  template: src=ldap2pg.env.j2 dest=/etc/sysconfig/ldap2pg owner=root group=postgres mode=640
+  tags: pg
+
 - name: Deploy ldap2pg configuration
  block:
    - name: Render config template
@@ -15,10 +19,11 @@
        - restart ldap2pg.timer

    - name: Validate new configuration
-      command: /bin/ldap2pg --config /etc/ldap2pg.yml --dry
+      command: /usr/local/bin/ldap2pg --config /etc/ldap2pg.yml
      changed_when: False
      become_user: "{{ ldap2pg_user }}"
      register: ldap2pg_conf_validation
+      environment: "{{ ldap2pg_env }}"

  rescue:
    - name: Rollback previous configuration
@@ -35,6 +40,7 @@

 - name: Fails if new configuration isn't validated
  fail:
-    msg: "Failed to validate /etc/ldap2pg: {{ ldap2pg_conf_validation.stdout }}"
+    msg: "Failed to validate /etc/ldap2pg.yml: {{ ldap2pg_conf_validation.stdout }}"
  when: ldap2pg_conf_validation.rc != 0
  tags: pg
+
--- a/roles/ldap2pg/tasks/facts.yml
+++ b/roles/ldap2pg/tasks/facts.yml
@@ -1,10 +1,27 @@
 ---

-# Load distribution specific variables
- include_vars: "{{ item }}"
-  with_first_found:
-    - "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
-    - "{{ role_path }}/vars/{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
-    - "{{ role_path }}/vars/{{ ansible_distribution }}.yml"
-    - "{{ role_path }}/vars/{{ ansible_os_family }}.yml"
+- name: Set default install mode
+  set_fact: ldap2pg_install_mode='none'
+  tags: pg
+
+- name: Check if ldap2pg is installed
+  stat: path=/usr/local/bin/ldap2pg
+  register: ldap2pg_bin
+  tags: pg
+
+- name: Check installed version
+  shell: ldap2pg -V | head -1 | sed -E 's/ldap2pg v(\d+)/\1/'
+  register: ldap2pg_current_version
+  when: ldap2pg_bin.stat.exists
+  changed_when: False
+  tags: pg
+
+- name: Set install mode
+  set_fact: ldap2pg_install_mode='install'
+  when: not ldap2pg_bin.stat.exists
+  tags: pg
+
+- name: Set install_mode to upgrade
+  set_fact: ldap2pg_install_mode='upgrade'
+  when: ldap2pg_bin.stat.exists and ldap2pg_current_version.stdout != ldap2pg_version
  tags: pg
--- a/roles/ldap2pg/tasks/install.yml
+++ b/roles/ldap2pg/tasks/install.yml
@@ -1,20 +1,28 @@
 ---

- name: Install packages
-  package: name={{ ldap2pg_packages }}
+- name: Ensure ldap2pg package is removed
+  package: name=ldap2pg state=absent
  tags: pg

- when: ansible_os_family == 'RedHat' and ansible_distribution_major_version is version('8', '<')
+- when: ldap2pg_install_mode != 'none'
  block:
-    - name: Check if ldap2Pg is built with python 2 or 3
-      stat: path=/usr/lib/python3.6/site-packages/ldap2pg/ldap.py
-      register: ldap2pg_py
+    - name: Download ldap2pg binary
+      get_url:
+        url: "{{ ldap2pg_archive_url }}"
+        dest: /tmp/ldap2pg.tar.gz
+        checksum: "sha256:{{ ldap2pg_archive_sha256 }}"

-    - name: Set ldap.py path
-      set_fact: ldap_py_ver={{ ldap2pg_py.stat.exists | ternary('3.6', '2.7') }}
+    - name: Extract ldap2pg archive
+      unarchive:
+        src: /tmp/ldap2pg.tar.gz
+        dest: /usr/local/bin
+        include:
+          - ldap2pg
+        owner: root
+        group: root
+        mode: 755
+        remote_src: True

-    - name: Patch ldap2pg to specify global cacert
-      patch: src=ldap2pg_cacert.diff dest=/usr/lib/python{{ ldap_py_ver }}/site-packages/ldap2pg/ldap.py
  tags: pg

 - name: Install systemd unit