%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /etc/ansible/roles/common/tasks/
Upload File :
Create Path :
Current File : //etc/ansible/roles/common/tasks/update.yml

---
# This role contains common plays that will run on all nodes in bitrix-hosts
##### collect information on the current network configuration servers
##
- name: gathring facts about intreface and ip addreess
  bx_net: bx_netaddr={{ bx_netaddr }}
  tags: net_configs

- name: gathring facts about host
  bx_generate_host_vars: "host_name={{ inventory_hostname }}
    host_id={{ host_id |default('NOT_DEFINED') }}
    host_pass={{ host_pass | default('NOT_DEFINED') }}
    bx_netname={{ bx_netname | default('NOT_DEFINED') }}"
  tags: host_configs

- name: set variables for client IP and interfaces
  set_fact:
    bx_ether_client: "{{ hostvars[inventory_hostname]['bx_network']['interface'] }}"
    bx_netaddr_client: "{{ bx_netaddr }}"
    bx_netaddr_server: "{{ monitoring_server_netaddr }}"
    bx_hostname_server: "{{ monitoring_server }}"
  tags: net_configs

- name: debug info
  debug: msg="bx_ether_client={{ bx_ether_client }} 
    bx_netaddr_client={{ bx_netaddr_client }}
    bx_netaddr_server={{ bx_netaddr_server }}
    host_id={{ host_id }}
    host_pass={{ host_pass }}
    bx_netname={{ bx_netname }}
    bx_host={{ bx_host| default(bx_hostname) }}"
  tags: net_configs

##
##### /collect information on the current network configuration servers

##### install packages (if add old machine)
##
- name: install packages
  yum: pkg={{ item }} state=latest update_cache=yes
  tags: packages
  with_items:
    - etckeeper
    - bzip2
    - psmisc

##
##### / install packages (if add old machine)

- name: configure virtualization type
  set_fact:
    virtualization_type: "{{ ansible_virtualization_type|default('unknown') }}"

##### iptables/firewalld settings
##
- include: configure_firewall_service.yml
  when: configure_firewall

##
##### iptables/firewalld settings


##### hostname and network settings
##
- include: hostnames.yml
  vars: 
    hostname: "{{ inventory_hostname }}"
  when: bx_host is undefined

- include: hostnames.yml
  vars:
    hostname: "{{ bx_host }}"
  when: bx_host is defined

##
##### / network settings

##### sudoers
##
- name: update sudoers
  template: src=bitrix_hosts.j2
    dest=/etc/sudoers.d/bitrix_hosts
    mode=0440
    owner=root
  tags: sudoers

- name: delete BXANSIBLE
  lineinfile: dest=/etc/sudoers.d/bitrix
    regexp="BXANSIBLE"
    state=absent
  tags: sudoers

##### /sudoers
##

##
##### client configuration 
##
- name: pool information for child
  template: src=ansible-roles.j2 dest=/etc/ansible/ansible-roles 
    owner=root group=root mode=0640
  tags: pool_configuration

- name: configuration profile.d
  template: src=profiled-bitrix.sh.j2 dest=/etc/profile.d/bitrix.sh owner=root group=root mode=0644
  tags: profile

- name: update host config by ether and netaddr
  delegate_to: 127.0.0.1
  bx_conf: "hostname={{ inventory_hostname }} state=update 
    bx_netaddr={{ bx_netaddr_client }} iface={{ bx_ether_client }} 
    ifaddr={{ bx_netaddr_client }} 
    host_id={{ host_id }} host_pass={{ host_pass }} bx_netname={{ bx_netname }}"
  tags: network

##
##### / client configuration

##### time settings
##
- include: time.yml

##
##### / time settings

##### mysql
- include: mysql.yml
##### /mysql

##### nginx configuration for master server
##
- name: configure nginx server
  template: src=pool_manager.conf.j2 dest=/etc/nginx/bx/site_avaliable/pool_manager.conf
    owner=root group=root mode=0644
  tags: nginx
  when: inventory_hostname == monitoring_server
  notify: restart nginx

- name: enable config for nginx
  file: src=/etc/nginx/bx/site_avaliable/pool_manager.conf dest=/etc/nginx/bx/site_enabled/pool_manager.conf state=link
  tags: nginx
  when: inventory_hostname == monitoring_server
  notify: restart nginx

- name: create http password file
  delegate_to: 127.0.0.1
  htpasswd: path={{ pool_passwords }} name={{ host_id }} password={{ host_pass }} 
    state=present create=yes
  tags: nginx
  notify: restart nginx

- name: create certificate file
  shell: openssl req -new -x509 -days 3650 -nodes -out {{ pool_certificate }} -keyout {{ pool_certificate}} -config /etc/nginx/openssl.cnf creates={{ pool_certificate }}
  tags: nginx
  when: inventory_hostname == monitoring_server

- name: set access rights for nginx configs
  file: path={{ item }}
    owner=bitrix group=root mode=0640
  with_items:
   - "{{ pool_certificate }}"
   - "{{ pool_passwords }}"
  tags: nginx
  when: inventory_hostname == monitoring_server

- name: create cron task for update network settings on client
  template: src=cron-bx_network_updater.j2
    dest=/etc/cron.d/bx_network_updater
    owner=root group=root mode=0644
  tags: network
  when: inventory_hostname == monitoring_server

- name: test system files and create backup crontask for clients
  shell: /opt/webdir/bin/update_network.sh

##
##### /nginx configuration for master server

##### etckeeper configuration
##
- name: deploy etckeeper config
  template: src=etckeeper.conf.j2 dest=/etc/etckeeper/etckeeper.conf
  tags: etckeeper

- name: init etckeeper
  shell: /usr/bin/etckeeper init creates=/etc/.hg/hgrc
  tags: etckeeper

- name: check if the directory contains uncommitted changes
  shell: /usr/bin/etckeeper unclean && echo "True" || echo "False"
  register: hgstatus
  ignore_errors: True
  tags: etckeeper

- name: count commit date
  shell: date +"%Y-%m-%d %H:%M:%S"
  register: commitdate
  tags: etckeeper
  when: "'True' in hgstatus.stdout"

- name: commit changes by etckeeper
  shell: /usr/bin/etckeeper commit "commit from ansible task at {{ commitdate.stdout }}"
  tags: etckeeper
  when: "'True' in hgstatus.stdout"
##
##### /etckeeper configuration

Zerion Mini Shell 1.0