---
-# file: roles/nomad/tasks/main.yaml
+# file: tasks/main.yaml
-- name: Inst - Update Package Cache (APT)
- apt:
+- name: Inst - Update Repositories Cache
+ ansible.builtin.apt:
update_cache: true
- cache_valid_time: 3600
when:
- - ansible_distribution|lower == 'ubuntu'
+ - ansible_os_family == 'Debian'
tags:
- - nomad-inst-prerequisites
+ - nomad-inst-package
-- name: Inst - Prerequisites
- package:
+- name: Inst - Dependencies
+ ansible.builtin.apt:
name: "{{ packages | flatten(levels=1) }}"
- state: latest
+ state: "present"
+ cache_valid_time: 3600
+ install_recommends: false
+ when:
+ - ansible_os_family == 'Debian'
tags:
- - nomad-inst-prerequisites
+ - nomad-inst-dependencies
- name: Conf - Add Nomad Group
- group:
+ ansible.builtin.group:
name: "{{ nomad_group }}"
state: "{{ nomad_user_state }}"
tags:
- nomad-conf-user
- name: Conf - Add Nomad user
- user:
+ ansible.builtin.user:
name: "{{ nomad_user }}"
group: "{{ nomad_group }}"
state: "{{ nomad_group_state }}"
tags:
- nomad-conf-user
-- name: Inst - Clean Nomad
- file:
- path: "{{ nomad_inst_dir }}/nomad"
- state: "absent"
- tags:
- - nomad-inst-package
-
- name: Inst - Download Nomad
- get_url:
+ ansible.builtin.get_url:
url: "{{ nomad_zip_url }}"
dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
tags:
- nomad-inst-package
+- name: Inst - Clean Nomad
+ ansible.builtin.file:
+ path: "{{ nomad_inst_dir }}/nomad"
+ state: "absent"
+ when:
+ - nomad_force_update | bool
+ tags:
+ - nomad-inst-package
+
- name: Inst - Unarchive Nomad
- unarchive:
+ ansible.builtin.unarchive:
src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
dest: "{{ nomad_inst_dir }}/"
- creates: "{{ nomad_inst_dir }}/nomad"
remote_src: true
tags:
- nomad-inst-package
- name: Inst - Nomad
- copy:
+ ansible.builtin.copy:
src: "{{ nomad_inst_dir }}/nomad"
dest: "{{ nomad_bin_dir }}"
owner: "{{ nomad_user }}"
- nomad-inst-package
- name: Conf - Create Directories "{{ nomad_data_dir }}"
- file:
+ ansible.builtin.file:
dest: "{{ nomad_data_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
+ mode: 0755
tags:
- nomad-conf
- name: Conf - Create Directories "{{ nomad_ssl_dir }}"
- file:
+ ansible.builtin.file:
dest: "{{ nomad_ssl_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
+ mode: 0755
tags:
- nomad-conf
- name: Conf - Create Config Directory
- file:
+ ansible.builtin.file:
dest: "{{ nomad_config_dir }}"
state: directory
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Base Configuration
- template:
+ ansible.builtin.template:
src: base.hcl.j2
dest: "{{ nomad_config_dir }}/base.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Server Configuration
- template:
+ ansible.builtin.template:
src: server.hcl.j2
dest: "{{ nomad_config_dir }}/server.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Client Configuration
- template:
+ ansible.builtin.template:
src: client.hcl.j2
dest: "{{ nomad_config_dir }}/client.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - TLS Configuration
- template:
+ ansible.builtin.template:
src: tls.hcl.j2
dest: "{{ nomad_config_dir }}/tls.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Telemetry Configuration
- template:
+ ansible.builtin.template:
src: telemetry.hcl.j2
dest: "{{ nomad_config_dir }}/telemetry.hcl"
owner: "{{ nomad_user }}"
tags:
- nomad-conf
-- name: Conf - Custom Configuration
- template:
- src: custom.json.j2
- dest: "{{ nomad_config_dir }}/custom.json"
+- name: Conf - Consul Configuration
+ ansible.builtin.template:
+ src: consul.hcl.j2
+ dest: "{{ nomad_config_dir }}/consul.hcl"
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
mode: 0644
- when:
- - nomad_config_custom is defined
tags:
- nomad-conf
- name: Conf - Copy Certificates And Keys
- copy:
+ ansible.builtin.copy:
content: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ nomad_user }}"
mode: 0600
no_log: true
loop: "{{ nomad_certificates | flatten(levels=1) }}"
+ when:
+ - nomad_certificates is defined
+ tags:
+ - nomad-conf
+
+- name: Conf - Nomad CLI Environment Variables
+ ansible.builtin.lineinfile:
+ path: "/etc/profile.d/nomad.sh"
+ line: "{{ item }}"
+ create: true
+ loop:
+ - "export NOMAD_ADDR=https://nomad.service.consul:4646"
+ - "export NOMAD_CACERT={{ nomad_ca_file }}"
+ - "export NOMAD_CLIENT_CERT={{ nomad_cli_cert_file }}"
+ - "export NOMAD_CLIENT_KEY={{ nomad_cli_key_file }}"
tags:
- nomad-conf
- name: Conf - System.d Script
- template:
+ ansible.builtin.template:
src: "nomad_systemd.service.j2"
dest: "/lib/systemd/system/nomad.service"
owner: "root"
mode: 0644
notify:
- "Restart Nomad"
+ when:
+ - nomad_service_mgr == "systemd"
tags:
- nomad-conf
-- meta: flush_handlers
+- name: Meta - Flush handlers
+ ansible.builtin.meta: flush_handlers