consul_version: "1.9.5"
consul_pkg: "consul_{{ consul_version }}_linux_{{ consul_architecture }}.zip"
consul_zip_url: "https://releases.hashicorp.com/consul/{{ consul_version }}/{{ consul_pkg }}"
+consul_force_update: false
# Inst - System paths.
consul_bin_dir: "/usr/local/bin"
consul_restart_handler_state: "restarted"
nomad_restart_handler_state: "restarted"
systemd_resolved_state: "stopped"
+consul_service_mgr: ""
# Conf - User and group.
consul_group: "consul"
---
# file: roles/consul/tasks/main.yaml
-- name: Inst - Update Package Cache (APT)
+- name: Install Dependencies
apt:
- update_cache: true
+ name: "{{ packages | flatten(levels=1) }}"
+ state: "present"
cache_valid_time: 3600
+ install_recommends: false
when:
- ansible_distribution|lower == 'ubuntu'
tags:
- - consul-inst-prerequisites
-
-- name: Inst - Prerequisites
- package:
- name: "{{ packages | flatten(levels=1) }}"
- state: latest
- tags:
- - consul-inst-prerequisites
+ - consul-inst-dependencies
- name: Conf - Add Consul Group
group:
tags:
- consul-conf-user
-- name: Inst - Clean Consul
- file:
- path: "{{ consul_inst_dir }}/consul"
- state: "absent"
- tags:
- - consul-inst-package
-
- name: Inst - Download Consul
get_url:
url: "{{ consul_zip_url }}"
tags:
- consul-inst-package
+- name: Inst - Clean Consul
+ file:
+ path: "{{ consul_inst_dir }}/consul"
+ state: "absent"
+ when:
+ - consul_force_update | bool
+ tags:
+ - consul-inst-package
+
- name: Inst - Unarchive Consul
unarchive:
src: "{{ consul_inst_dir }}/{{ consul_pkg }}"
dest: "{{ consul_inst_dir }}/"
- creates: "{{ consul_inst_dir }}/consul"
remote_src: true
tags:
- consul-inst-package
mode: 0600
no_log: true
loop: "{{ consul_certificates | flatten(levels=1) }}"
+ when:
+ - consul_certificates is defined
tags:
- consul-conf
enabled: false
name: "systemd-resolved"
state: "{{ systemd_resolved_state }}"
+ when:
+ - nomad_service_mgr == "systemd"
tags:
- consul-conf
notify:
- "Restart Consul"
- "Restart Nomad"
+ when:
+ - nomad_service_mgr == "systemd"
tags:
- consul-conf
packages: "{{ packages_base + packages_by_distro[ansible_distribution | lower] + packages_by_arch[ansible_machine] }}"
packages_base:
- "curl"
- - "git"
- "unzip"
packages_by_distro:
ubuntu:
nomad_podman_url: "https://releases.hashicorp.com/nomad-driver-podman/{{ nomad_podman_version }}"
nomad_podman_zip_url: "{{ nomad_podman_url }}/{{ nomad_podman_pkg }}"
nomad_podman_checksum_file_url: "{{ nomad_podman_url }}/nomad-driver-podman_{{ nomad_podman_version }}_SHA256SUMS"
+nomad_force_update: false
# Paths
nomad_inst_dir: "/opt"
# Initialization and startup script templates
nomad_restart_handler_state: "restarted"
+nomad_service_mgr: ""
# System user and group
nomad_group: "nomad"
nomad_raft_protocol: 2
# Client settings
-nomad_certificates:
- - src: "{{ file_nomad_ca_pem }}"
- dest: "{{ nomad_ca_file }}"
- - src: "{{ file_nomad_client_pem }}"
- dest: "{{ nomad_cert_file }}"
- - src: "{{ file_nomad_client_key_pem }}"
- dest: "{{ nomad_key_file }}"
-nomad_node_class: ""
+nomad_node_class: "compute"
nomad_no_host_uuid: true
nomad_max_kill_timeout: "30s"
nomad_gc_interval: "1m"
---
# file: roles/nomad/tasks/main.yaml
-- name: Inst - Update Package Cache (APT)
+- name: Install Dependencies
apt:
- update_cache: true
+ name: "{{ packages | flatten(levels=1) }}"
+ state: "present"
cache_valid_time: 3600
+ install_recommends: false
when:
- ansible_distribution|lower == 'ubuntu'
tags:
- - nomad-inst-prerequisites
-
-- name: Inst - Prerequisites
- package:
- name: "{{ packages | flatten(levels=1) }}"
- state: latest
- tags:
- - nomad-inst-prerequisites
+ - nomad-inst-dependencies
- name: Conf - Add Nomad Group
group:
tags:
- nomad-conf-user
-- name: Inst - Clean Nomad
- file:
- path: "{{ nomad_inst_dir }}/nomad"
- state: "absent"
- tags:
- - nomad-inst-package
-
- name: Inst - Download Nomad
get_url:
url: "{{ nomad_zip_url }}"
tags:
- nomad-inst-package
+- name: Inst - Clean Nomad
+ file:
+ path: "{{ nomad_inst_dir }}/nomad"
+ state: "absent"
+ when:
+ - nomad_force_update | bool
+ tags:
+ - nomad-inst-package
+
- name: Inst - Unarchive Nomad
unarchive:
src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
dest: "{{ nomad_inst_dir }}/"
- creates: "{{ nomad_inst_dir }}/nomad"
remote_src: true
tags:
- nomad-inst-package
mode: 0600
no_log: true
loop: "{{ nomad_certificates | flatten(levels=1) }}"
+ when:
+ - nomad_certificates
tags:
- nomad-conf
mode: 0644
notify:
- "Restart Nomad"
+ when:
+ - nomad_service_mgr == "systemd"
tags:
- nomad-conf
Code Review / csit.git / commitdiff