---
-# file: roles/nomad/tasks/main.yaml
+# file: tasks/main.yaml
-- name: Inst - Update Package Cache (APT)
- apt:
+- name: Update Repositories Cache
+ ansible.builtin.apt:
update_cache: true
- cache_valid_time: 3600
when:
- - ansible_distribution|lower == 'ubuntu'
+ - ansible_os_family == 'Debian'
tags:
- - nomad-inst-prerequisites
+ - nomad-inst-package
-- name: Inst - Prerequisites
- package:
+- name: Dependencies
+ ansible.builtin.apt:
name: "{{ packages | flatten(levels=1) }}"
- state: latest
+ state: "present"
+ cache_valid_time: 3600
+ install_recommends: false
+ when:
+ - ansible_os_family == 'Debian'
tags:
- - nomad-inst-prerequisites
+ - nomad-inst-dependencies
-- name: Conf - Add Nomad Group
- group:
+- name: Add Nomad Group
+ ansible.builtin.group:
name: "{{ nomad_group }}"
- state: "{{ nomad_user_state }}"
+ state: "present"
tags:
- nomad-conf-user
-- name: Conf - Add Nomad user
- user:
+- name: Add Nomad user
+ ansible.builtin.user:
name: "{{ nomad_user }}"
group: "{{ nomad_group }}"
- state: "{{ nomad_group_state }}"
+ state: "present"
system: true
tags:
- nomad-conf-user
-- name: Inst - Clean Nomad
- file:
- path: "{{ nomad_inst_dir }}/nomad"
- state: "absent"
+- name: Download Nomad
+ ansible.builtin.get_url:
+ url: "{{ nomad_zip_url }}"
+ dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
+ mode: 0644
tags:
- nomad-inst-package
-- name: Inst - Download Nomad
- get_url:
- url: "{{ nomad_zip_url }}"
- dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
+- name: Clean Nomad
+ ansible.builtin.file:
+ path: "{{ nomad_inst_dir }}/nomad"
+ state: "absent"
+ when:
+ - nomad_force_update | bool
tags:
- nomad-inst-package
-- name: Inst - Unarchive Nomad
- unarchive:
+- name: Unarchive Nomad
+ ansible.builtin.unarchive:
src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
dest: "{{ nomad_inst_dir }}/"
- creates: "{{ nomad_inst_dir }}/nomad"
remote_src: true
tags:
- nomad-inst-package
-- name: Inst - Nomad
- copy:
+- name: Nomad
+ ansible.builtin.copy:
src: "{{ nomad_inst_dir }}/nomad"
dest: "{{ nomad_bin_dir }}"
owner: "{{ nomad_user }}"
tags:
- nomad-inst-package
-- name: Conf - Create Directories "{{ nomad_data_dir }}"
- file:
- dest: "{{ nomad_data_dir }}"
- state: directory
- owner: "{{ nomad_user }}"
- group: "{{ nomad_group }}"
- tags:
- - nomad-conf
-
-- name: Conf - Create Directories "{{ nomad_ssl_dir }}"
- file:
- dest: "{{ nomad_ssl_dir }}"
- state: directory
- owner: "{{ nomad_user }}"
- group: "{{ nomad_group }}"
- tags:
- - nomad-conf
-
-- name: Conf - Create Config Directory
- file:
- dest: "{{ nomad_config_dir }}"
- state: directory
+- name: Create Directories
+ ansible.builtin.file:
+ dest: "{{ item }}"
+ state: "directory"
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
mode: 0755
+ with_items:
+ - "{{ nomad_data_dir }}"
+ - "{{ nomad_config_dir }}"
+ - "{{ nomad_ssl_dir }}"
tags:
- nomad-conf
-- name: Conf - Base Configuration
- template:
- src: base.hcl.j2
- dest: "{{ nomad_config_dir }}/base.hcl"
- owner: "{{ nomad_user }}"
- group: "{{ nomad_group }}"
- mode: 0644
- tags:
- - nomad-conf
-
-- name: Conf - Server Configuration
- template:
- src: server.hcl.j2
- dest: "{{ nomad_config_dir }}/server.hcl"
- owner: "{{ nomad_user }}"
- group: "{{ nomad_group }}"
- mode: 0644
- when:
- - nomad_node_server | bool
- tags:
- - nomad-conf
-
-- name: Conf - Client Configuration
- template:
- src: client.hcl.j2
- dest: "{{ nomad_config_dir }}/client.hcl"
- owner: "{{ nomad_user }}"
- group: "{{ nomad_group }}"
- mode: 0644
- when:
- - nomad_node_client | bool
- tags:
- - nomad-conf
-
-- name: Conf - TLS Configuration
- template:
- src: tls.hcl.j2
- dest: "{{ nomad_config_dir }}/tls.hcl"
- owner: "{{ nomad_user }}"
- group: "{{ nomad_group }}"
- mode: 0644
- tags:
- - nomad-conf
-
-- name: Conf - Telemetry Configuration
- template:
- src: telemetry.hcl.j2
- dest: "{{ nomad_config_dir }}/telemetry.hcl"
- owner: "{{ nomad_user }}"
- group: "{{ nomad_group }}"
- mode: 0644
- tags:
- - nomad-conf
-
-- name: Conf - Consul Configuration
- template:
- src: consul.hcl.j2
- dest: "{{ nomad_config_dir }}/consul.hcl"
+- name: Base Configuration
+ ansible.builtin.template:
+ src: "{{ item }}.hcl.j2"
+ dest: "{{ nomad_config_dir }}/{{ item }}.hcl"
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
mode: 0644
+ with_items:
+ - "base"
+ - "consul"
+ - "client"
+ - "server"
+ - "telemetry"
+ - "tls"
+ - "vault"
tags:
- nomad-conf
- name: Conf - Copy Certificates And Keys
- copy:
+ ansible.builtin.copy:
content: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ nomad_user }}"
mode: 0600
no_log: true
loop: "{{ nomad_certificates | flatten(levels=1) }}"
+ when:
+ - nomad_certificates is defined
tags:
- nomad-conf
-- name: Conf - System.d Script
- template:
+- name: Nomad CLI Environment Variables
+ ansible.builtin.lineinfile:
+ path: "/etc/profile.d/nomad.sh"
+ line: "{{ item }}"
+ mode: 0644
+ create: true
+ loop:
+ - "export NOMAD_ADDR=https://nomad-server.service.consul:4646"
+ - "export NOMAD_CACERT={{ nomad_tls_ca_file }}"
+ - "export NOMAD_CLIENT_CERT={{ nomad_tls_cli_cert_file }}"
+ - "export NOMAD_CLIENT_KEY={{ nomad_tls_cli_key_file }}"
+ tags:
+ - nomad-conf
+
+- name: System.d Script
+ ansible.builtin.template:
src: "nomad_systemd.service.j2"
dest: "/lib/systemd/system/nomad.service"
owner: "root"
mode: 0644
notify:
- "Restart Nomad"
+ when:
+ - nomad_service_mgr == "systemd"
tags:
- nomad-conf
-- meta: flush_handlers
+- name: Meta - Flush handlers
+ ansible.builtin.meta: flush_handlers