main.yml (2462B)
1 --- 2 - name: Install packages 3 package: 4 name: taskd 5 state: present 6 7 - name: Initialize taskd data store 8 command: "taskd init --data {{ taskd_dir }}" 9 args: 10 creates: "{{ taskd_dir }}/config" 11 12 - name: stat server certificate 13 stat: 14 path: "{{ taskd_dir }}/server.cert.pem" 15 register: taskd_server_cert 16 17 - block: 18 - name: crete tmp dir 19 tempfile: 20 state: directory 21 register: taskd_tmp_dir 22 23 - name: copy pki generation scripts 24 command: "cp -r {{ taskd_pki_dir }}/* {{ taskd_tmp_dir.path }}/" 25 26 - name: generate vars 27 template: 28 src: templates/vars.j2 29 dest: "{{ taskd_tmp_dir }}/vars" 30 31 - name: Create Certificates 32 command: 33 chdir: "{{ taskd_tmp_dir }}" 34 cmd: "./generate" 35 36 - name: Copy certs 37 copy: 38 src: "{{ taskd_tmp_dir }}/{{ item }}" 39 dest: "{{ taskd_dir }}/{{ item }}" 40 remote_src: yes 41 owner: "{{ taskd_user }}" 42 group: "{{ taskd_group }}" 43 mode: 0600 44 with_items: 45 - client.cert.pem 46 - client.key.pem 47 - server.cert.pem 48 - server.key.pem 49 - server.crl.pem 50 - ca.cert.pem 51 52 - name: Configure certs 53 command: "taskd config --data {{ taskd_dir }} --force {{ item.name }} {{ item.value }}" 54 with_items: 55 - { name: "client.cert", value: "client.cert.pem" } 56 - { name: "client.key", value: "client.key.pem" } 57 - { name: "server.cert", value: "server.cert.pem" } 58 - { name: "server.key", value: "server.key.pem" } 59 - { name: "server.crl", value: "server.crl.pem" } 60 - { name: "ca.cert", value: "ca.cert.pem" } 61 62 always: 63 - name: destroy tmp dir 64 file: 65 path: "{{ taskd_tmp_dir }}" 66 state: absent 67 68 when: 69 - not taskd_server_cert.stat.exists 70 71 - name: Ensure server config is ok 72 lineinfile: 73 path: "{{ taskd_dir }}/config" 74 line: "server={{ taskd_server }}:{{ taskd_port }}" 75 regex: '^server=' 76 notify: 77 - restart taskd 78 79 - name: Create org 80 command: "taskd add --data {{ taskd_dir }} org {{ item }}" 81 args: 82 creates: "{{ taskd_dir }}/orgs/{{ item }}" 83 with_items: "{{ taskd_orgs }}" 84 notify: 85 - restart taskd 86 87 - name: ensure permissions are ok 88 file: 89 path: "{{ taskd_dir }}" 90 state: directory 91 recurse: yes 92 owner: "{{ taskd_user }}" 93 group: "{{ taskd_group }}" 94 95 - name: ensure started 96 service: 97 name: taskd 98 state: started 99 enabled: yes