forked from ISTI-ansible-roles/ansible-roles
Merge branch 'master' of adellam/ansible-roles into master
This commit is contained in:
commit
bf19935c8a
|
@ -67,38 +67,6 @@
|
||||||
- name: Create shinyproxy log directory
|
- name: Create shinyproxy log directory
|
||||||
file: dest={{ shinyproxy_log_dir }} state=directory owner=shinyproxy mode=0750
|
file: dest={{ shinyproxy_log_dir }} state=directory owner=shinyproxy mode=0750
|
||||||
|
|
||||||
- name: Check if the Docker certs directory exists
|
|
||||||
stat: path=/var/lib/docker/swarm/certificates
|
|
||||||
register: certs_dir
|
|
||||||
|
|
||||||
- name: Create the PKI directory
|
|
||||||
file: dest={{ shinyproxy_docker_certs_dir }} state=directory owner=root group=shinyproxy mode=0750
|
|
||||||
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
|
|
||||||
|
|
||||||
- name: Copy the TLS files
|
|
||||||
copy: src=/var/lib/docker/swarm/certificates/{{ item.src }} dest={{ shinyproxy_docker_certs_dir }}/{{ item.dest }} remote_src=yes force=yes
|
|
||||||
with_items:
|
|
||||||
- { src: swarm-root-ca.crt, dest: ca.pem }
|
|
||||||
- { src: swarm-node.crt, dest: cert.pem }
|
|
||||||
- { src: swarm-node.key, dest: key.pem }
|
|
||||||
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
|
|
||||||
|
|
||||||
- name: Fix the TLS key file permissions
|
|
||||||
file: dest={{ shinyproxy_docker_certs_dir }}/key.pem owner=shinyproxy group=shinyproxy mode=0640
|
|
||||||
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
|
|
||||||
|
|
||||||
- name: Install a script that syncs the docker certificates
|
|
||||||
template: src=sync_docker_certificates.sh.j2 dest=/usr/local/bin/sync_docker_certificates
|
|
||||||
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
|
|
||||||
|
|
||||||
- name: Install a cron job that hourly updates the certificates used by shinyproxy to talk with docker
|
|
||||||
cron: name="Fix the docker certificates for shinyproxy" special_time=hourly job="/usr/local/bin/sync_docker_certificates > /var/log/shinyproxy/docker_certs.log 2>&1"
|
|
||||||
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
|
|
||||||
|
|
||||||
- name: Remove the cron job that hourly updates the certificates if we have no local docker
|
|
||||||
cron: name="Fix the docker certificates for shinyproxy" special_time=hourly job="/usr/local/bin/sync_docker_certificates > /var/log/shinyproxy/docker_certs.log 2>&1" state=absent
|
|
||||||
when: certs_dir.stat.isdir is not defined or not certs_dir.stat.isdir | bool
|
|
||||||
|
|
||||||
- name: Pull the Docker images for the Shiny apps, when using Docker standalone
|
- name: Pull the Docker images for the Shiny apps, when using Docker standalone
|
||||||
docker_image: name={{ item.docker_image }} pull=yes state={{ item.image_state | default('present') }} force=yes
|
docker_image: name={{ item.docker_image }} pull=yes state={{ item.image_state | default('present') }} force=yes
|
||||||
with_items: '{{ shinyproxy_apps }}'
|
with_items: '{{ shinyproxy_apps }}'
|
||||||
|
|
Loading…
Reference in New Issue