2021-10-07 21:37:16 +02:00
|
|
|
---
|
|
|
|
- name: Install dependencies
|
|
|
|
apt:
|
|
|
|
name:
|
|
|
|
- python3.9
|
|
|
|
- python3.9-venv
|
|
|
|
state: latest
|
|
|
|
update_cache: true
|
|
|
|
register: apt_result
|
|
|
|
retries: 3
|
|
|
|
until: apt_result is succeeded
|
|
|
|
|
|
|
|
- name: Create the kassandra user
|
|
|
|
user:
|
|
|
|
name: kassandra
|
|
|
|
home: /opt/kassandra
|
|
|
|
password_lock: yes
|
|
|
|
system: yes
|
|
|
|
|
|
|
|
- name: Install kassandra
|
|
|
|
become: yes
|
|
|
|
become_user: kassandra
|
|
|
|
pip:
|
|
|
|
name:
|
|
|
|
- wheel
|
|
|
|
- "kassandra @ git+https://gitea.auro.re/histausse/kassandra.git"
|
|
|
|
virtualenv: /opt/kassandra
|
|
|
|
virtualenv_command: "python3.9 -m venv"
|
|
|
|
|
|
|
|
- name: Configure kassandra
|
|
|
|
template:
|
|
|
|
src: kassandra-config.yaml
|
|
|
|
dest: /opt/kassandra/config.yaml
|
|
|
|
owner: kassandra
|
|
|
|
group: nogroup
|
|
|
|
mode: '0600'
|
|
|
|
notify: Restart kassandra
|
|
|
|
no_log: true
|
|
|
|
|
2021-10-09 18:24:01 +02:00
|
|
|
- name: Copy the CA cert
|
|
|
|
copy:
|
|
|
|
content: "{{ ca_cert }}"
|
|
|
|
dest: /opt/kassandra/ca.crt
|
|
|
|
notify: Restart kassandra
|
|
|
|
|
2021-10-07 21:37:16 +02:00
|
|
|
- name: Generate certificate
|
|
|
|
include_role:
|
|
|
|
name: generate-cert
|
|
|
|
vars:
|
|
|
|
directory: /opt/kassandra/
|
|
|
|
cname: "kassandra-{{ lan_address }}"
|
|
|
|
owner: kassandra
|
|
|
|
group: nogroup
|
|
|
|
key_mode: u=rw,g=,o=
|
|
|
|
subject_alt_name: "IP:{{ lan_address }}"
|
|
|
|
# Need an equivalent to notify here
|
|
|
|
|
2021-10-09 18:24:01 +02:00
|
|
|
- name: Ensured the certificate is monitored
|
|
|
|
import_tasks: register-cert-to-monitoring.yml
|
|
|
|
vars:
|
|
|
|
target: "{{ lan_address }}:8000|kassandra-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
|
2021-10-07 21:37:16 +02:00
|
|
|
|
|
|
|
- name: Copy the daemon configuration
|
|
|
|
template:
|
|
|
|
src: kassandra.service
|
|
|
|
dest: /etc/systemd/system/kassandra.service
|
|
|
|
notify: Restart kassandra
|
|
|
|
|
|
|
|
- name: Enable the daemon
|
|
|
|
systemd:
|
|
|
|
name: kassandra
|
|
|
|
state: started
|
|
|
|
enabled: yes
|