# vim: set ft=ansible:
|
---
|
- name: Ensure directory /etc/ansible exists
|
file:
|
path: /etc/ansible
|
state: directory
|
|
- name: Copy over ansible hosts file
|
copy:
|
src: "{{ ANSIBLE_REPO_PATH }}/workdir/hosts-{{ env_type }}-{{ guid }}"
|
dest: /etc/ansible/hosts
|
|
- name: get idm certificate
|
get_url:
|
url: "{{idm_ca_url}}"
|
dest: /root/ca.crt
|
mode: 0440
|
when: >
|
(install_idm is defined and install_idm == "ldap")
|
or 'ldap' in install_idms|d([])
|
|
- when: >
|
(install_idm is defined and install_idm == "htpasswd")
|
or 'htpasswd' in install_idms|d([])
|
block:
|
- name: Install httpd-tools
|
package:
|
name: httpd-tools
|
|
# NOTE: We do not use 'htpasswd' module here because we have 200 entries to
|
# create in the htpasswd file. It would take >1min instead of <1s using a
|
# jinja2 template.
|
- name: Generate htpasswd hash for user_password
|
shell: >-
|
htpasswd -nb "userN" "{{user_password}}"|cut -d: -f2
|
register: htpasswd_line
|
when:
|
- user_password is defined
|
- user_password_hash is not defined
|
|
- name: Set fact user_password_hash
|
set_fact:
|
user_password_hash: "{{htpasswd_line.stdout}}"
|
when:
|
- user_password is defined
|
- user_password_hash is not defined
|
- htpasswd_line is succeeded
|
|
- name: Generate htpasswd hash for admin user
|
shell: >-
|
htpasswd -nb "admin" "{{admin_password}}"|cut -d: -f2
|
register: htpasswd_line
|
when:
|
- admin_password_hash is not defined
|
- admin_password is defined
|
|
- name: Set fact admin_password_hash
|
set_fact:
|
admin_password_hash: "{{htpasswd_line.stdout}}"
|
when:
|
- admin_password is defined
|
- admin_password_hash is not defined
|
- htpasswd_line is succeeded
|
|
- name: Generate htpasswd file
|
template:
|
src: "{{ ANSIBLE_REPO_PATH }}/configs/{{env_type}}/files/htpasswd.openshift"
|
dest: /root/htpasswd.openshift
|
|
- name: Install Host packages for releases before 3.10
|
yum:
|
state: present
|
name:
|
- "atomic-openshift-clients-{{ osrelease }}"
|
- "atomic-openshift-utils"
|
- "atomic-openshift-{{ osrelease }}"
|
- "httpd-tools"
|
when:
|
- osrelease is version_compare('3.10', '<')
|
tags:
|
- install_openshift_node_packages
|
|
- name: Install Host packages for releases starting with 3.10
|
yum:
|
state: present
|
name:
|
- "atomic-openshift-clients-{{ osrelease }}"
|
- "atomic-openshift-{{ osrelease }}"
|
- "openshift-ansible-{{ osrelease }}"
|
- "httpd-tools"
|
- "glusterfs-fuse"
|
when:
|
- osrelease is version_compare('3.10', '>=')
|
- osrelease is version_compare('3.10.45', '!=')
|
tags:
|
- install_openshift_node_packages
|
|
- name: Install Host packages for releases starting with 3.10
|
yum:
|
state: present
|
name:
|
- "atomic-openshift-clients-{{ osrelease }}"
|
- "atomic-openshift-{{ osrelease }}"
|
- "openshift-ansible-3.10.47"
|
- "httpd-tools"
|
- "glusterfs-fuse"
|
when:
|
- osrelease is version_compare('3.10', '>=')
|
- osrelease is version_compare('3.10.45', '==')
|
tags:
|
- install_openshift_node_packages
|
|
- name: For OCP 3.10.14 update openshift-ansible package to latest available release (3.10.21)
|
yum:
|
name: openshift-ansible-3.10.21
|
state: present
|
when:
|
- osrelease is version_compare('3.10.14', '==')
|
tags:
|
- install_openshift_node_packagee
|