tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove the tasks that mess up with the docker certificates.

This commit is contained in:
Andrea Dell'Amico 2019-09-25 03:24:16 +02:00
parent c96a81a33c
commit a628b04fb3
1 changed files with 0 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
library/roles/shinyproxy/tasks/main.yml
View File

@ -67,38 +67,6 @@
- name: Create shinyproxy log directory
file: dest={{ shinyproxy_log_dir }} state=directory owner=shinyproxy mode=0750
- name: Check if the Docker certs directory exists
stat: path=/var/lib/docker/swarm/certificates
register: certs_dir
- name: Create the PKI directory
file: dest={{ shinyproxy_docker_certs_dir }} state=directory owner=root group=shinyproxy mode=0750
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
- name: Copy the TLS files
copy: src=/var/lib/docker/swarm/certificates/{{ item.src }} dest={{ shinyproxy_docker_certs_dir }}/{{ item.dest }} remote_src=yes force=yes
with_items:
- { src: swarm-root-ca.crt, dest: ca.pem }
- { src: swarm-node.crt, dest: cert.pem }
- { src: swarm-node.key, dest: key.pem }
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
- name: Fix the TLS key file permissions
file: dest={{ shinyproxy_docker_certs_dir }}/key.pem owner=shinyproxy group=shinyproxy mode=0640
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
- name: Install a script that syncs the docker certificates
template: src=sync_docker_certificates.sh.j2 dest=/usr/local/bin/sync_docker_certificates
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
- name: Install a cron job that hourly updates the certificates used by shinyproxy to talk with docker
cron: name="Fix the docker certificates for shinyproxy" special_time=hourly job="/usr/local/bin/sync_docker_certificates > /var/log/shinyproxy/docker_certs.log 2>&1"
when: certs_dir.stat.isdir is defined and certs_dir.stat.isdir | bool
- name: Remove the cron job that hourly updates the certificates if we have no local docker
cron: name="Fix the docker certificates for shinyproxy" special_time=hourly job="/usr/local/bin/sync_docker_certificates > /var/log/shinyproxy/docker_certs.log 2>&1" state=absent
when: certs_dir.stat.isdir is not defined or not certs_dir.stat.isdir | bool
- name: Pull the Docker images for the Shiny apps, when using Docker standalone
docker_image: name={{ item.docker_image }} pull=yes state={{ item.image_state | default('present') }} force=yes
with_items: '{{ shinyproxy_apps }}'