gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
18b406862634fbcf8609a97a42087651e4bac4f0
tsg-tsg-os-buildimage/ansible/roles/certstore/tasks/main.yml

112 lines
3.3 KiB
YAML
Raw Blame History

- name: Ensures /opt/tsg exists
file: path=/opt/tsg state=directory
tags: mkdir
#- name: "Install certstore"
# shell: rpm -i /tmp/rpm_download/{{ certstore_rpm_version.certstore }}*
- name: "download rpm packages: certstore"
yum:
name:
- "{{ certstore_rpm_version.certstore }}"
conf_file: "{{ rpm_repo_config_path }}"
state: present
download_only: yes
download_dir: "{{ path_download }}"
- name: "Get certstore rpm path"
find:
path: /tmp/rpm_download/
pattern: "{{ certstore_rpm_version.certstore }}*"
register: certstore_rpm_fullname
- name: "Install certstore from local path"
yum:
name: "{{ certstore_rpm_fullname.files[0].path }}"
state: present
disable_gpg_check: yes
- name: template certstore configure file
template:
src: "{{ role_path }}/templates/cert_store.ini.j2.j2"
dest: /opt/tsg/tsg-os-provision/templates/cert_store.ini.j2
when: runtime_env != 'TSG-X-P0906'
- name: template certstore zlog file
template:
src: "{{ role_path }}/templates/zlog.conf.j2"
dest: /opt/tsg/certstore/conf/zlog.conf
- name: "Create /usr/lib/systemd/system/certstore.service.d directory if it does not exist"
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- /usr/lib/systemd/system/certstore.service.d
- name: "copy slice file to certstore.service.d"
copy:
src: "{{ role_path }}/templates/service_override_slice.conf.j2"
dest: /usr/lib/systemd/system/certstore.service.d/service_override_slice.conf
mode: 0644
when: runtime_env != 'TSG-X-P0906'
- name: "copy env file to certstore.service.d"
copy:
src: "{{ role_path }}/templates/service_override_env.conf.j2"
dest: /usr/lib/systemd/system/certstore.service.d/service_override_env.conf
mode: 0644
- name: "Create /usr/lib/systemd/system/cert-redis.service.d directory if it does not exist"
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- /usr/lib/systemd/system/cert-redis.service.d
- name: "copy slice file to cert-redis.service.d"
copy:
src: "{{ role_path }}/templates/service_override_slice.conf.j2"
dest: /usr/lib/systemd/system/cert-redis.service.d/service_override_slice.conf
mode: 0644
when: runtime_env != 'TSG-X-P0906'
- name: "copy cert-redis file to dest"
copy:
src: "{{ role_path }}/files/"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { src: "cert-redis.conf" , dest: "/etc" , mode: "0644" }
- { src: "cert-redis.service" , dest: "/usr/lib/systemd/system" , mode: "0644" }
- name: "replace action: replace service WantedBy from multi-user.target to workload.target"
replace:
path: "{{ item }}"
regexp: 'WantedBy=multi-user.target'
replace: 'WantedBy=workload.target'
with_items:
- /usr/lib/systemd/system/cert-redis.service
- /usr/lib/systemd/system/certstore.service
when: runtime_env != 'TSG-X-P0906'
- name: "replace action: close redis-server daemonize TSG-X-0906"
replace:
path: "/etc/cert-redis.conf"
regexp: 'daemonize yes'
replace: 'daemonize no'
when: runtime_env == 'TSG-X-P0906'
##################### certstore #####################
- name: "start certstore"
systemd:
name: certstore.service
enabled: yes
##################### cert-redis #####################
- name: "start cert-redis"
systemd:
name: cert-redis.service
enabled: yes
Reference in New Issue View Git Blame Copy Permalink