From bb88b7519adc4d6a779a0edf9a9b09dc081623bb Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Wed, 12 Feb 2020 18:17:42 +0100
Subject: [PATCH] mongodb: manage the keyfile needed by a cluster
 configuration.

---
 library/roles/mongodb-org/defaults/main.yml |  1 +
 library/roles/mongodb-org/handlers/main.yml |  1 +
 library/roles/mongodb-org/tasks/main.yml    |  1 +
 library/roles/mongodb-org/tasks/mongodb.yml | 16 ++++++++++++++--
 4 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/library/roles/mongodb-org/defaults/main.yml b/library/roles/mongodb-org/defaults/main.yml
index 449b816c..b9607d51 100644
--- a/library/roles/mongodb-org/defaults/main.yml
+++ b/library/roles/mongodb-org/defaults/main.yml
@@ -86,3 +86,4 @@ mongodb_ganglia_auth_enabled: False
 mongodb_ganglia_db: admin
 mongodb_ganglia_auth_mechanism: MONGODB-CR
 # User and password are stored in the variables mongo_monitoring_u and mongo_monitoring_pwd
+
diff --git a/library/roles/mongodb-org/handlers/main.yml b/library/roles/mongodb-org/handlers/main.yml
index 360d4b7a..aea1cbc6 100644
--- a/library/roles/mongodb-org/handlers/main.yml
+++ b/library/roles/mongodb-org/handlers/main.yml
@@ -5,5 +5,6 @@
  
 - name: Restart mongodb
   service: name=mongodb state=restarted
+  ignore_errors: true
   when: "'{{ mongodb_start_server }}' == 'yes'"
  
diff --git a/library/roles/mongodb-org/tasks/main.yml b/library/roles/mongodb-org/tasks/main.yml
index cb357450..1d393b06 100644
--- a/library/roles/mongodb-org/tasks/main.yml
+++ b/library/roles/mongodb-org/tasks/main.yml
@@ -3,3 +3,4 @@
 - import_tasks: mongodb-letsencrypt-acmetool.yml
   when: mongodb_ssl_letsencrypt_managed
 
+
diff --git a/library/roles/mongodb-org/tasks/mongodb.yml b/library/roles/mongodb-org/tasks/mongodb.yml
index e217c52d..1df7f19d 100644
--- a/library/roles/mongodb-org/tasks/mongodb.yml
+++ b/library/roles/mongodb-org/tasks/mongodb.yml
@@ -37,7 +37,7 @@
       template: src=mongod-{{ mongodb_version }}.conf.j2 dest=/etc/mongod.conf owner=root group=root mode=0444 backup=yes
       when: mongodb_install_conf
       notify: Restart mongodb
-      tags: [ 'mongodb', 'mongodb_update_conf' ]
+      tags: [ 'mongodb', 'mongodb_update_conf', 'mongodb_keyfile' ]
 
   when:
     - mongodb_install_server 
@@ -75,7 +75,7 @@
     - name: Install/Update the mongodb configuration
       template: src=mongod-{{ mongodb_version }}.conf.j2 dest=/etc/mongodb.conf owner=root group=root mode=0444 backup=yes
       when: mongodb_install_conf
-      notify: Restart mongodb
+      notify: Restart mongod
       tags: [ 'mongodb', 'mongodb_update_conf' ]
 
   when:
@@ -100,6 +100,18 @@
   when: mongodb_install_server
   tags: mongodb
 
+- block:
+    - name: Create the mongodb conf directory
+      file: dest={{ mongodb_conf_path }} state=directory owner={{ mongodb_user }} group={{ mongodb_group }} mode=0755
+
+    - name: Install the keyfile if it is a replica cluster
+      copy: src='vault-{{ mongodb_replicaset }}-keyfile' dest={{ mongodb_conf_path }}/{{ mongodb_keyfile_name }} owner=mongodb group=mongodb mode=0400
+      notify: Restart mongod
+
+  when: mongodb_cluster_enabled
+  tags: [ 'mongodb', 'mongodb_keyfile', 'mongodb_update_conf' ]
+
+
 - block:
     - name: Ensure mongodb is started and enabled
       service: name=mongodb state=started enabled=yes