mongodb: manage the keyfile needed by a cluster configuration.

2020-02-12 18:17:42 +01:00 · 2020-02-12 18:17:42 +01:00 · bb88b7519a
parent f78a20bab8
commit bb88b7519a
4 changed files with 17 additions and 2 deletions
--- a/library/roles/mongodb-org/defaults/main.yml
+++ b/library/roles/mongodb-org/defaults/main.yml
@ -86,3 +86,4 @@ mongodb_ganglia_auth_enabled: False
 mongodb_ganglia_db: admin
 mongodb_ganglia_auth_mechanism: MONGODB-CR
 # User and password are stored in the variables mongo_monitoring_u and mongo_monitoring_pwd
+
--- a/library/roles/mongodb-org/handlers/main.yml
+++ b/library/roles/mongodb-org/handlers/main.yml
@ -5,5 +5,6 @@
 
 - name: Restart mongodb
  service: name=mongodb state=restarted
+  ignore_errors: true
  when: "'{{ mongodb_start_server }}' == 'yes'"
 
--- a/library/roles/mongodb-org/tasks/main.yml
+++ b/library/roles/mongodb-org/tasks/main.yml
@ -3,3 +3,4 @@
 - import_tasks: mongodb-letsencrypt-acmetool.yml
  when: mongodb_ssl_letsencrypt_managed

+
--- a/library/roles/mongodb-org/tasks/mongodb.yml
+++ b/library/roles/mongodb-org/tasks/mongodb.yml
@ -37,7 +37,7 @@
      template: src=mongod-{{ mongodb_version }}.conf.j2 dest=/etc/mongod.conf owner=root group=root mode=0444 backup=yes
      when: mongodb_install_conf
      notify: Restart mongodb
-      tags: [ 'mongodb', 'mongodb_update_conf' ]
+      tags: [ 'mongodb', 'mongodb_update_conf', 'mongodb_keyfile' ]

  when:
    - mongodb_install_server 
@ -75,7 +75,7 @@
    - name: Install/Update the mongodb configuration
      template: src=mongod-{{ mongodb_version }}.conf.j2 dest=/etc/mongodb.conf owner=root group=root mode=0444 backup=yes
      when: mongodb_install_conf
-      notify: Restart mongodb
+      notify: Restart mongod
      tags: [ 'mongodb', 'mongodb_update_conf' ]

  when:
@ -100,6 +100,18 @@
  when: mongodb_install_server
  tags: mongodb

+- block:
+    - name: Create the mongodb conf directory
+      file: dest={{ mongodb_conf_path }} state=directory owner={{ mongodb_user }} group={{ mongodb_group }} mode=0755
+
+    - name: Install the keyfile if it is a replica cluster
+      copy: src='vault-{{ mongodb_replicaset }}-keyfile' dest={{ mongodb_conf_path }}/{{ mongodb_keyfile_name }} owner=mongodb group=mongodb mode=0400
+      notify: Restart mongod
+
+  when: mongodb_cluster_enabled
+  tags: [ 'mongodb', 'mongodb_keyfile', 'mongodb_update_conf' ]
+
+
 - block:
    - name: Ensure mongodb is started and enabled
      service: name=mongodb state=started enabled=yes