aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.ansible/roles/consul/tasks/main.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'fdio.infra.ansible/roles/consul/tasks/main.yaml')
-rw-r--r--fdio.infra.ansible/roles/consul/tasks/main.yaml145
1 files changed, 145 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/consul/tasks/main.yaml b/fdio.infra.ansible/roles/consul/tasks/main.yaml
new file mode 100644
index 0000000000..6dd430754b
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/tasks/main.yaml
@@ -0,0 +1,145 @@
+---
+# file: tasks/main.yaml
+
+- name: Update Repositories Cache
+ ansible.builtin.apt:
+ update_cache: true
+ when:
+ - ansible_os_family == 'Debian'
+ tags:
+ - consul-inst-package
+
+- name: Dependencies
+ ansible.builtin.apt:
+ name: "{{ packages | flatten(levels=1) }}"
+ state: "present"
+ cache_valid_time: 3600
+ install_recommends: false
+ when:
+ - ansible_os_family == 'Debian'
+ tags:
+ - consul-inst-dependencies
+
+- name: Add Consul Group
+ ansible.builtin.group:
+ name: "{{ consul_group }}"
+ state: "present"
+ tags:
+ - consul-conf-user
+
+- name: Add Consul user
+ ansible.builtin.user:
+ name: "{{ consul_user }}"
+ group: "{{ consul_group }}"
+ state: "present"
+ system: true
+ tags:
+ - consul-conf-user
+
+- name: Download Consul
+ ansible.builtin.get_url:
+ url: "{{ consul_zip_url }}"
+ dest: "{{ consul_inst_dir }}/{{ consul_pkg }}"
+ tags:
+ - consul-inst-package
+
+- name: Clean Consul
+ ansible.builtin.file:
+ path: "{{ consul_inst_dir }}/consul"
+ state: "absent"
+ when:
+ - consul_force_update | bool
+ tags:
+ - consul-inst-package
+
+- name: Unarchive Consul
+ ansible.builtin.unarchive:
+ src: "{{ consul_inst_dir }}/{{ consul_pkg }}"
+ dest: "{{ consul_inst_dir }}/"
+ remote_src: true
+ tags:
+ - consul-inst-package
+
+- name: Consul
+ ansible.builtin.copy:
+ src: "{{ consul_inst_dir }}/consul"
+ dest: "{{ consul_bin_dir }}"
+ owner: "{{ consul_user }}"
+ group: "{{ consul_group }}"
+ force: true
+ mode: 0755
+ remote_src: true
+ tags:
+ - consul-inst-package
+
+- name: Create Directories
+ ansible.builtin.file:
+ dest: "{{ item }}"
+ state: "directory"
+ owner: "{{ consul_user }}"
+ group: "{{ consul_group }}"
+ mode: 0755
+ with_items:
+ - "{{ consul_config_dir }}"
+ - "{{ consul_ssl_dir }}"
+ - "{{ consul_data_dir }}"
+ - "{{ nomad_config_dir }}"
+ - "{{ nomad_ssl_dir }}"
+ tags:
+ - consul-conf
+
+- name: Base Configuration
+ ansible.builtin.template:
+ src: "{{ item }}.hcl.j2"
+ dest: "{{ consul_config_dir }}/{{ item }}.hcl"
+ owner: "{{ consul_user }}"
+ group: "{{ consul_group }}"
+ mode: 0644
+ with_items:
+ - "base"
+ - "ports"
+ - "telemetry"
+ tags:
+ - consul-conf
+
+- name: Copy Certificates And Keys
+ ansible.builtin.copy:
+ content: "{{ item.src }}"
+ dest: "{{ item.dest }}"
+ owner: "{{ consul_user }}"
+ group: "{{ consul_group }}"
+ mode: 0600
+ no_log: true
+ loop: "{{ consul_certificates | flatten(levels=1) }}"
+ when:
+ - consul_certificates is defined
+ tags:
+ - consul-conf
+
+- name: Stop Systemd-resolved
+ ansible.builtin.systemd:
+ daemon_reload: true
+ enabled: false
+ name: "systemd-resolved"
+ state: "{{ systemd_resolved_state }}"
+ when:
+ - consul_service_mgr == "systemd"
+ tags:
+ - consul-conf
+
+- name: System.d Script
+ ansible.builtin.template:
+ src: "consul_systemd.service.j2"
+ dest: "/lib/systemd/system/consul.service"
+ owner: "root"
+ group: "root"
+ mode: 0644
+ notify:
+ - "Restart Consul"
+ when:
+ - consul_service_mgr == "systemd"
+ tags:
+ - consul-conf
+
+- name: Flush handlers
+ ansible.builtin.meta: flush_handlers