---
-# file: roles/nomad/tasks/main.yaml
+# file: tasks/main.yaml
-- name: Install Dependencies
- apt:
+- name: Inst - Update Repositories Cache
+ ansible.builtin.apt:
+ update_cache: true
+ when:
+ - ansible_os_family == 'Debian'
+ tags:
+ - nomad-inst-package
+
+- name: Inst - Dependencies
+ ansible.builtin.apt:
name: "{{ packages | flatten(levels=1) }}"
state: "present"
cache_valid_time: 3600
install_recommends: false
when:
- - ansible_distribution|lower == 'ubuntu'
+ - ansible_os_family == 'Debian'
tags:
- nomad-inst-dependencies
- name: Conf - Add Nomad Group
- group:
+ ansible.builtin.group:
name: "{{ nomad_group }}"
state: "{{ nomad_user_state }}"
tags:
- nomad-conf-user
- name: Conf - Add Nomad user
- user:
+ ansible.builtin.user:
name: "{{ nomad_user }}"
group: "{{ nomad_group }}"
state: "{{ nomad_group_state }}"
- nomad-conf-user
- name: Inst - Download Nomad
- get_url:
+ ansible.builtin.get_url:
url: "{{ nomad_zip_url }}"
dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
tags:
- nomad-inst-package
- name: Inst - Clean Nomad
- file:
+ ansible.builtin.file:
path: "{{ nomad_inst_dir }}/nomad"
state: "absent"
when:
- nomad-inst-package
- name: Inst - Unarchive Nomad
- unarchive:
+ ansible.builtin.unarchive:
src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
dest: "{{ nomad_inst_dir }}/"
remote_src: true
- nomad-inst-package
- name: Inst - Nomad
- copy:
+ ansible.builtin.copy:
src: "{{ nomad_inst_dir }}/nomad"
dest: "{{ nomad_bin_dir }}"
owner: "{{ nomad_user }}"
- nomad-inst-package
- name: Conf - Create Directories "{{ nomad_data_dir }}"
- file:
+ ansible.builtin.file:
dest: "{{ nomad_data_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
+ mode: 0755
tags:
- nomad-conf
- name: Conf - Create Directories "{{ nomad_ssl_dir }}"
- file:
+ ansible.builtin.file:
dest: "{{ nomad_ssl_dir }}"
state: directory
owner: "{{ nomad_user }}"
group: "{{ nomad_group }}"
+ mode: 0755
tags:
- nomad-conf
- name: Conf - Create Config Directory
- file:
+ ansible.builtin.file:
dest: "{{ nomad_config_dir }}"
state: directory
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Base Configuration
- template:
+ ansible.builtin.template:
src: base.hcl.j2
dest: "{{ nomad_config_dir }}/base.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Server Configuration
- template:
+ ansible.builtin.template:
src: server.hcl.j2
dest: "{{ nomad_config_dir }}/server.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Client Configuration
- template:
+ ansible.builtin.template:
src: client.hcl.j2
dest: "{{ nomad_config_dir }}/client.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - TLS Configuration
- template:
+ ansible.builtin.template:
src: tls.hcl.j2
dest: "{{ nomad_config_dir }}/tls.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Telemetry Configuration
- template:
+ ansible.builtin.template:
src: telemetry.hcl.j2
dest: "{{ nomad_config_dir }}/telemetry.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Consul Configuration
- template:
+ ansible.builtin.template:
src: consul.hcl.j2
dest: "{{ nomad_config_dir }}/consul.hcl"
owner: "{{ nomad_user }}"
- nomad-conf
- name: Conf - Copy Certificates And Keys
- copy:
+ ansible.builtin.copy:
content: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ nomad_user }}"
no_log: true
loop: "{{ nomad_certificates | flatten(levels=1) }}"
when:
- - nomad_certificates
+ - nomad_certificates is defined
+ tags:
+ - nomad-conf
+
+- name: Conf - Nomad CLI Environment Variables
+ ansible.builtin.lineinfile:
+ path: "/etc/profile.d/nomad.sh"
+ line: "{{ item }}"
+ create: true
+ loop:
+ - "export NOMAD_ADDR=https://nomad.service.consul:4646"
+ - "export NOMAD_CACERT={{ nomad_ca_file }}"
+ - "export NOMAD_CLIENT_CERT={{ nomad_cli_cert_file }}"
+ - "export NOMAD_CLIENT_KEY={{ nomad_cli_key_file }}"
tags:
- nomad-conf
- name: Conf - System.d Script
- template:
+ ansible.builtin.template:
src: "nomad_systemd.service.j2"
dest: "/lib/systemd/system/nomad.service"
owner: "root"
tags:
- nomad-conf
-- meta: flush_handlers
+- name: Meta - Flush handlers
+ ansible.builtin.meta: flush_handlers
Code Review / csit.git / blobdiff