From: Frank Brehm Date: Mon, 11 Nov 2024 12:16:41 +0000 (+0100) Subject: Moving Ansible playbook files into directory playbooks, minor changes on playbook... X-Git-Url: https://git.uhu-banane.net/?a=commitdiff_plain;h=c785deea1d12ebdb5b1187c2a7e861dd1c9ca7b7;p=pixelpark%2Fpp-admin-tools.git Moving Ansible playbook files into directory playbooks, minor changes on playbook and inventory --- diff --git a/adjust-puppet-facts-customer.yaml b/adjust-puppet-facts-customer.yaml deleted file mode 100644 index 1b76112..0000000 --- a/adjust-puppet-facts-customer.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- - -- name: 'Adjust custom puppet facts for customer data.' - hosts: '{{ target }}' - - tasks: - - name: 'What is going to happen?' - debug: "var={{ item }}" - with_items: - - target - - project - - customer_yaml_file - - - name: "Get file stats of {{ customer_yaml_file }} ..." - stat: - path: "{{ customer_yaml_file }}" - ignore_errors: true - changed_when: false - register: customer_yfile_stat - - - name: "Get current configured customer in {{ customer_yaml_file }} ..." - shell: "if test -f {{ customer_yaml_file }} ; then cat {{ customer_yaml_file }} | grep '^customer:' | sed -e 's/^[^:]*:[ ]*//' -e 's/[ ]*$//'; fi" - ignore_errors: true - changed_when: false - register: cur_customer - - - name: "Get current configured project in {{ customer_yaml_file }} ..." - shell: "if test -f {{ customer_yaml_file }} ; then cat {{ customer_yaml_file }} | grep '^project:' | sed -e 's/^[^:]*:[ ]*//' -e 's/[ ]*$//'; fi" - ignore_errors: true - changed_when: false - register: cur_project - - - name: "Set project in in {{ customer_yaml_file }}, if necessary ..." - block: - - - name: "Save project {{ cur_customer.stdout }} in {{ customer_yaml_file }} ..." - shell: "echo -e \"---\ncustomer: {{ cur_customer.stdout }}\nproject: {{ cur_customer.stdout }}\" > {{ customer_yaml_file }}" - - when: cur_project.stdout == '' - - - name: "Set permissions of file {{ customer_yaml_file }} ..." - file: - path: "{{ customer_yaml_file }}" - owner: 'root' - group: 'root' - mode: 0644 - when: customer_yfile_stat.stat.exists == true - diff --git a/disable-ldap-server.yaml b/disable-ldap-server.yaml deleted file mode 100644 index 8ad04e9..0000000 --- a/disable-ldap-server.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -- name: "Validate the LDAP server to take off replication" - hosts: 127.0.0.1 - # vars_prompt: - - # - name: ldapserver_to_disable - # prompt: 'On which LDAP server do you want to disable replication?' - # private: false - - tasks: - - - name: Print a message - ansible.builtin.debug: - msg: "Replication should be disabled on the server '{{ ldapserver_to_disable }}'." - - - name: Setting status variable - ansible.builtin.set_fact: - found_ldapserver: false - - - name: "Searching for LDAP server '{{ ldapserver_to_disable }}' ..." - ansible.builtin.set_fact: - found_ldapserver: true - when: "item == ldapserver_to_disable" - ignore_errors: true - with_inventory_hostnames: - - ldap_servers - - - name: "Fail for non LDAP server." - ansible.builtin.fail: - msg: "The given host '{{ ldapserver_to_disable }}' is not a valid LDAP server." - when: found_ldapserver == false - -- name: "Disable host '{{ ldapserver_to_disable }}' as a HAProxy backend server." - hosts: haproxy_servers - - tasks: - - - name: "Setting backend server {{ haproxy_backend_name }}/{{ ldapserver_to_disable }} into maintenance." - community.general.haproxy: - state: disabled - host: "{{ ldapserver_to_disable }}" - socket: "{{ haproxy_admin_socket }}" - backend: "{{ haproxy_backend_name }}" - wait: true - drain: true - wait_interval: 2 - wait_retries: 60 - -# vim: filetype=yaml diff --git a/inventory/spk-ldap-stage.yaml b/inventory/spk-ldap-stage.yaml index b6c5796..4d1d35d 100644 --- a/inventory/spk-ldap-stage.yaml +++ b/inventory/spk-ldap-stage.yaml @@ -20,4 +20,6 @@ all: replication_manager_password_file: '/root/.private/dirserv-repl-mngr-pwd.txt' replication_manager_idle_timeout: 0 haproxy_backend_name: 'be-stage-ldap' + haproxy_user_socket: '/run/haproxy/user.sock' + haproxy_admin_socket: '/run/haproxy/admin.sock' diff --git a/playbooks/adjust-puppet-facts-customer.yaml b/playbooks/adjust-puppet-facts-customer.yaml new file mode 100644 index 0000000..1b76112 --- /dev/null +++ b/playbooks/adjust-puppet-facts-customer.yaml @@ -0,0 +1,48 @@ +--- + +- name: 'Adjust custom puppet facts for customer data.' + hosts: '{{ target }}' + + tasks: + - name: 'What is going to happen?' + debug: "var={{ item }}" + with_items: + - target + - project + - customer_yaml_file + + - name: "Get file stats of {{ customer_yaml_file }} ..." + stat: + path: "{{ customer_yaml_file }}" + ignore_errors: true + changed_when: false + register: customer_yfile_stat + + - name: "Get current configured customer in {{ customer_yaml_file }} ..." + shell: "if test -f {{ customer_yaml_file }} ; then cat {{ customer_yaml_file }} | grep '^customer:' | sed -e 's/^[^:]*:[ ]*//' -e 's/[ ]*$//'; fi" + ignore_errors: true + changed_when: false + register: cur_customer + + - name: "Get current configured project in {{ customer_yaml_file }} ..." + shell: "if test -f {{ customer_yaml_file }} ; then cat {{ customer_yaml_file }} | grep '^project:' | sed -e 's/^[^:]*:[ ]*//' -e 's/[ ]*$//'; fi" + ignore_errors: true + changed_when: false + register: cur_project + + - name: "Set project in in {{ customer_yaml_file }}, if necessary ..." + block: + + - name: "Save project {{ cur_customer.stdout }} in {{ customer_yaml_file }} ..." + shell: "echo -e \"---\ncustomer: {{ cur_customer.stdout }}\nproject: {{ cur_customer.stdout }}\" > {{ customer_yaml_file }}" + + when: cur_project.stdout == '' + + - name: "Set permissions of file {{ customer_yaml_file }} ..." + file: + path: "{{ customer_yaml_file }}" + owner: 'root' + group: 'root' + mode: 0644 + when: customer_yfile_stat.stat.exists == true + diff --git a/playbooks/disable-ldap-server.yaml b/playbooks/disable-ldap-server.yaml new file mode 100644 index 0000000..cdc5433 --- /dev/null +++ b/playbooks/disable-ldap-server.yaml @@ -0,0 +1,44 @@ +--- +- name: "Validate the LDAP server to take off replication" + hosts: localhost + gather_facts: false + + tasks: + + - name: Print a message + ansible.builtin.debug: + msg: "Replication should be disabled on the server '{{ ldapserver_to_disable }}'." + + - name: Setting status variable + ansible.builtin.set_fact: + found_ldapserver: false + + - name: "Searching for LDAP server '{{ ldapserver_to_disable }}' ..." + ansible.builtin.set_fact: + found_ldapserver: true + when: "item == ldapserver_to_disable" + ignore_errors: true + with_inventory_hostnames: + - ldap_servers + + - name: "Fail for non LDAP server." + ansible.builtin.fail: + msg: "The given host '{{ ldapserver_to_disable }}' is not a valid LDAP server." + when: found_ldapserver == false + +- name: "Disable host '{{ ldapserver_to_disable }}' as a HAProxy backend server." + hosts: haproxy_servers + + tasks: + + - name: "Setting backend server {{ haproxy_backend_name }}/{{ ldapserver_to_disable }} into maintenance." + community.general.haproxy: + state: drain + host: "{{ ldapserver_to_disable }}" + socket: "{{ haproxy_admin_socket }}" + backend: "{{ haproxy_backend_name }}" + wait: true + wait_interval: 2 + wait_retries: 60 + +# vim: filetype=yaml