mongodb: ansible-lint fixes
This commit is contained in:
parent
75d8555e6c
commit
5907d1cef2
2 changed files with 20 additions and 18 deletions
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
|
- name: Restart mongod
|
||||||
- name: restart mongod
|
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
name: mongod
|
name: mongod
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,10 @@
|
||||||
---
|
---
|
||||||
|
- name: Create group
|
||||||
- name: create group
|
|
||||||
ansible.builtin.group:
|
ansible.builtin.group:
|
||||||
name: mongod
|
name: mongod
|
||||||
gid: 1006
|
gid: 1006
|
||||||
|
|
||||||
- name: create user
|
- name: Create user
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: mongod
|
name: mongod
|
||||||
comment: Service MongoDB
|
comment: Service MongoDB
|
||||||
|
|
@ -15,7 +14,7 @@
|
||||||
shell: /sbin/nologin
|
shell: /sbin/nologin
|
||||||
uid: 1006
|
uid: 1006
|
||||||
|
|
||||||
- name: enable repository
|
- name: Enable repository
|
||||||
ansible.builtin.yum_repository:
|
ansible.builtin.yum_repository:
|
||||||
name: mongodb
|
name: mongodb
|
||||||
baseurl: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64
|
baseurl: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64
|
||||||
|
|
@ -24,7 +23,7 @@
|
||||||
gpgkey: https://www.mongodb.org/static/pgp/server-5.0.asc
|
gpgkey: https://www.mongodb.org/static/pgp/server-5.0.asc
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
- name: install packages
|
- name: Install packages
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
state: installed
|
state: installed
|
||||||
|
|
@ -32,12 +31,12 @@
|
||||||
- mongodb-org-server
|
- mongodb-org-server
|
||||||
- mongodb-org-shell
|
- mongodb-org-shell
|
||||||
|
|
||||||
- name: set selinux file contexts on data directory
|
- name: Set SELinux file contexts on data directory
|
||||||
community.general.sefcontext:
|
community.general.sefcontext:
|
||||||
path: "/export/mongodb(/.*)?"
|
path: "/export/mongodb(/.*)?"
|
||||||
setype: mongod_var_lib_t
|
setype: mongod_var_lib_t
|
||||||
|
|
||||||
- name: create data directory
|
- name: Create data directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /export/mongodb
|
path: /export/mongodb
|
||||||
state: directory
|
state: directory
|
||||||
|
|
@ -46,7 +45,7 @@
|
||||||
group: mongod
|
group: mongod
|
||||||
setype: _default
|
setype: _default
|
||||||
|
|
||||||
- name: link data directory
|
- name: Link data directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /srv/mongodb
|
path: /srv/mongodb
|
||||||
src: /export/mongodb
|
src: /export/mongodb
|
||||||
|
|
@ -55,7 +54,7 @@
|
||||||
state: link
|
state: link
|
||||||
follow: false
|
follow: false
|
||||||
|
|
||||||
- name: generate combined certificate/private key file contents
|
- name: Generate combined certificate/private key file contents
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
argv:
|
argv:
|
||||||
- /bin/cat
|
- /bin/cat
|
||||||
|
|
@ -64,7 +63,7 @@
|
||||||
changed_when: false
|
changed_when: false
|
||||||
register: mongodb_cert_key
|
register: mongodb_cert_key
|
||||||
|
|
||||||
- name: create combined certificate/private key file
|
- name: Create combined certificate/private key file
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: "{{ tls_private }}/mongodb.pem"
|
dest: "{{ tls_private }}/mongodb.pem"
|
||||||
content: "{{ mongodb_cert_key.stdout }}"
|
content: "{{ mongodb_cert_key.stdout }}"
|
||||||
|
|
@ -73,7 +72,7 @@
|
||||||
group: mongod
|
group: mongod
|
||||||
notify: restart mongod
|
notify: restart mongod
|
||||||
|
|
||||||
- name: configure logrotate
|
- name: Configure logrotate
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: /etc/logrotate.d/mongod
|
dest: /etc/logrotate.d/mongod
|
||||||
src: mongod.logrotate
|
src: mongod.logrotate
|
||||||
|
|
@ -81,7 +80,7 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: "{{ ansible_wheel }}"
|
group: "{{ ansible_wheel }}"
|
||||||
|
|
||||||
- name: configure startup options
|
- name: Configure startup options
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: /etc/sysconfig/mongod
|
dest: /etc/sysconfig/mongod
|
||||||
content: |
|
content: |
|
||||||
|
|
@ -91,7 +90,7 @@
|
||||||
group: "{{ ansible_wheel }}"
|
group: "{{ ansible_wheel }}"
|
||||||
notify: restart mongod
|
notify: restart mongod
|
||||||
|
|
||||||
- name: create configuration
|
- name: Create configuration
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
dest: /etc/mongod.conf
|
dest: /etc/mongod.conf
|
||||||
src: mongod.conf.j2
|
src: mongod.conf.j2
|
||||||
|
|
@ -100,14 +99,18 @@
|
||||||
group: "{{ ansible_wheel }}"
|
group: "{{ ansible_wheel }}"
|
||||||
notify: restart mongod
|
notify: restart mongod
|
||||||
|
|
||||||
- name: enable service
|
- name: Enable service
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
name: mongod
|
name: mongod
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
- name: create mongo alias cmd for root
|
- name: Create mongo alias cmd for root
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: /root/.bashrc
|
path: /root/.bashrc
|
||||||
line: alias mongo='mongo --tlsCertificateKeyFile {{ tls_private }}/mongodb.pem --tlsCAFile {{ tls_certs }}/ca.crt --tls mongodb://{{ inventory_hostname }}/'
|
line: >
|
||||||
|
alias mongo='mongo
|
||||||
|
--tlsCertificateKeyFile {{ tls_private }}/mongodb.pem
|
||||||
|
--tlsCAFile {{ tls_certs }}/ca.crt
|
||||||
|
--tls mongodb://{{ inventory_hostname }}/'
|
||||||
regexp: ^alias mongo=.*
|
regexp: ^alias mongo=.*
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue