tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

library/roles/dnet_user_services_perms: Ansible 2 compatibility

This commit is contained in:
Andrea Dell'Amico 2016-06-30 11:30:35 +02:00
parent 2e973729e7
commit 14901f5aab
5 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dnet_user_services_perms/tasks/dnet-additional-packages.yml
View File

@ -1,13 +1,13 @@
--- ---
- name: Install additional packages, if needed - name: Install additional packages, if needed
apt: pkg={{ item }} state=installed apt: pkg={{ item }} state=installed
with_items: dnet_additional_packages with_items: '{{ dnet_additional_packages }}'
when: dnet_additional_packages is defined when: dnet_additional_packages is defined
tags: ['dnet', 'pkgs'] tags: ['dnet', 'pkgs']
- name: Install additional python modules, if needed - name: Install additional python modules, if needed
pip: name={{ item }} state=present pip: name={{ item }} state=present
with_items: dnet_additional_python_modules with_items: '{{ dnet_additional_python_modules }}'
when: dnet_additional_python_modules is defined when: dnet_additional_python_modules is defined
tags: ['dnet', 'pkgs'] tags: ['dnet', 'pkgs']

12
dnet_user_services_perms/tasks/dnet-data-dirs.yml
View File

@ -1,30 +1,30 @@
--- ---
- name: Create the dnet data dirs - name: Create the dnet data dirs
file: name={{ item }} state=directory owner={{ dnet_user }} group={{ dnet_group }} mode=0750 file: name={{ item }} state=directory owner={{ dnet_user }} group={{ dnet_group }} mode=0750
with_items: dnet_data_directories with_items: '{{ dnet_data_directories }}'
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Create the dnet log dirs - name: Create the dnet log dirs
file: name={{ item }} state=directory owner={{ tomcat_user }} group={{ dnet_group }} mode=0750 file: name={{ item }} state=directory owner={{ tomcat_user }} group={{ dnet_group }} mode=0750
with_items: dnet_log_directories with_items: '{{ dnet_log_directories }}'
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the read/write permissions on the dnet data dirs - name: Set the read/write permissions on the dnet data dirs
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present
with_items: dnet_data_directories with_items: '{{ dnet_data_directories }}'
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the default read/write permissions on the dnet data dirs - name: Set the default read/write permissions on the dnet data dirs
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
with_items: dnet_data_directories with_items: '{{ dnet_data_directories }}'
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the read permissions on the dnet log dirs - name: Set the read permissions on the dnet log dirs
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present
with_items: dnet_log_directories with_items: '{{ dnet_log_directories }}'
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the default read permissions on the dnet log dirs - name: Set the default read permissions on the dnet log dirs
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes
with_items: dnet_log_directories with_items: '{{ dnet_log_directories }}'
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]

2
dnet_user_services_perms/tasks/dnet-other-services-users.yml
View File

@ -2,7 +2,7 @@
# Ignore errors because it fails if the user is already present and used to run a service. # Ignore errors because it fails if the user is already present and used to run a service.
- name: Create users needed to operate services other than the dnet ones - name: Create users needed to operate services other than the dnet ones
user: name={{ item.user }} comment="{{ item.user }}" home={{ item.home }} createhome={{ item.createhome }} shell={{ item.shell }} user: name={{ item.user }} comment="{{ item.user }}" home={{ item.home }} createhome={{ item.createhome }} shell={{ item.shell }}
with_items: dnet_other_services_users with_items: '{{ dnet_other_services_users }}'
when: dnet_other_services_users is defined when: dnet_other_services_users is defined
ignore_errors: True ignore_errors: True
tags: [ 'users', 'dnet' ] tags: [ 'users', 'dnet' ]

16
dnet_user_services_perms/tasks/dnet-tomcat-acls.yml
View File

@ -5,31 +5,31 @@
# Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
- name: Set the read/write permissions on the tomcat webapps and common/classes directories. single tomcat instance - name: Set the read/write permissions on the tomcat webapps and common/classes directories. single tomcat instance
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present
when: tomcat_m_instances is not defined
with_items: with_items:
- [ '{{ tomcat_webapps_dir }}', '{{ tomcat_common_classes_dir }}', '{{ tomcat_common_dir }}' ] - [ '{{ tomcat_webapps_dir }}', '{{ tomcat_common_classes_dir }}', '{{ tomcat_common_dir }}' ]
when: tomcat_m_instances is not defined
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the default read/write permissions on the tomcat webapps and common/classes directories. single tomcat instance - name: Set the default read/write permissions on the tomcat webapps and common/classes directories. single tomcat instance
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
when: tomcat_m_instances is not defined
with_items: with_items:
- [ '{{ tomcat_webapps_dir }}', '{{ tomcat_common_classes_dir }}', '{{ tomcat_common_dir }}' ] - [ '{{ tomcat_webapps_dir }}', '{{ tomcat_common_classes_dir }}', '{{ tomcat_common_dir }}' ]
when: tomcat_m_instances is not defined
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
# Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
- name: Set the read permissions on the tomcat log directory. single tomcat instance - name: Set the read permissions on the tomcat log directory. single tomcat instance
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present
when: tomcat_m_instances is not defined
with_items: with_items:
- [ '{{ tomcat_logdir }}' ] - [ '{{ tomcat_logdir }}' ]
when: tomcat_m_instances is not defined
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the default read permissions on the tomcat log directory. single tomcat instance - name: Set the default read permissions on the tomcat log directory. single tomcat instance
acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes
when: tomcat_m_instances is not defined
with_items: with_items:
- [ '{{ tomcat_logdir }}' ] - [ '{{ tomcat_logdir }}' ]
when: tomcat_m_instances is not defined
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
# #
@ -38,30 +38,30 @@
# Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
- name: Set the read/write permissions on the tomcat webapps and common/classes directories. multiple tomcat instances - name: Set the read/write permissions on the tomcat webapps and common/classes directories. multiple tomcat instances
acl: name={{ item.0.instance_path }}/{{ item.1 }} entity={{ dnet_group }} etype=group permissions=rwx state=present acl: name={{ item.0.instance_path }}/{{ item.1 }} entity={{ dnet_group }} etype=group permissions=rwx state=present
when: tomcat_m_instances is defined
with_nested: with_nested:
- '{{ tomcat_m_instances }}' - '{{ tomcat_m_instances }}'
- [ 'webapps', 'common', 'common/classes' ] - [ 'webapps', 'common', 'common/classes' ]
when: tomcat_m_instances is defined
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the default read/write permissions on the tomcat webapps and common/classes directories. multiple tomcat instances - name: Set the default read/write permissions on the tomcat webapps and common/classes directories. multiple tomcat instances
acl: name={{ item.0.instance_path }}/{{ item.1 }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes acl: name={{ item.0.instance_path }}/{{ item.1 }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
when: tomcat_m_instances is defined
with_nested: with_nested:
- '{{ tomcat_m_instances }}' - '{{ tomcat_m_instances }}'
- [ 'webapps', 'common', 'common/classes' ] - [ 'webapps', 'common', 'common/classes' ]
when: tomcat_m_instances is defined
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
# Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default # Note: the default is a default only. We need two commands to add acl effectively on the root dir and set the default
- name: Set the read permissions on the tomcat log directory. multiple tomcat instances - name: Set the read permissions on the tomcat log directory. multiple tomcat instances
acl: name={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} entity={{ dnet_group }} etype=group permissions=rx state=present acl: name={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} entity={{ dnet_group }} etype=group permissions=rx state=present
with_items: '{{ tomcat_m_instances }}'
when: tomcat_m_instances is defined when: tomcat_m_instances is defined
with_items: tomcat_m_instances
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]
- name: Set the default read permissions on the tomcat log directory. multiple tomcat instances - name: Set the default read permissions on the tomcat log directory. multiple tomcat instances
acl: name={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes acl: name={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes
with_items: '{{ tomcat_m_instances }}'
when: tomcat_m_instances is defined when: tomcat_m_instances is defined
with_items: tomcat_m_instances
tags: [ 'tomcat', 'dnet', 'users' ] tags: [ 'tomcat', 'dnet', 'users' ]

8
dnet_user_services_perms/tasks/dnet-users-data-dirs.yml
View File

@ -1,25 +1,25 @@
--- ---
- name: Create the users dnet data dirs - name: Create the users dnet data dirs
file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }} file: name={{ item.name }} state=directory owner={{ item.owner }} group={{ item.group }} mode={{ item.perms }}
with_items: dnet_users_data_directories with_items: '{{ dnet_users_data_directories }}'
when: item.create and not item.file when: item.create and not item.file
tags: [ 'dnet', 'users', 'dnet_u_acl' ] tags: [ 'dnet', 'users', 'dnet_u_acl' ]
- name: Set the read/write/access permissions on the users dnet data dirs - name: Set the read/write/access permissions on the users dnet data dirs
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present
with_items: dnet_users_data_directories with_items: '{{ dnet_users_data_directories }}'
when: not item.file when: not item.file
tags: [ 'dnet', 'users', 'dnet_u_acl' ] tags: [ 'dnet', 'users', 'dnet_u_acl' ]
- name: Set the default read/write/access permissions on the users dnet data dirs - name: Set the default read/write/access permissions on the users dnet data dirs
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
with_items: dnet_users_data_directories with_items: '{{ dnet_users_data_directories }}'
when: not item.file when: not item.file
tags: [ 'dnet', 'users', 'dnet_u_acl' ] tags: [ 'dnet', 'users', 'dnet_u_acl' ]
- name: Set the read/write permissions on pre-existing files inside the users dnet data dirs - name: Set the read/write permissions on pre-existing files inside the users dnet data dirs
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rw state=present acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rw state=present
with_items: dnet_users_data_directories with_items: '{{ dnet_users_data_directories }}'
when: item.file when: item.file
tags: [ 'dnet', 'users', 'dnet_u_acl' ] tags: [ 'dnet', 'users', 'dnet_u_acl' ]