Commit f50ceaf4 authored by bow's avatar bow
Browse files

Move sentinel-specific database setup to the sentinel role from mongodb role

parent 2c5b0320
......@@ -9,8 +9,6 @@ mongodb_user_admin_password: userAdmin
mongodb_users: []
mongodb_sentinel_users: []
## System options ##
# MongoDB package name (mongodb-org for vendor, mongodb for apt)
mongodb_package: mongodb-org
......@@ -33,9 +31,6 @@ mongodb_daemon_name: "{{ 'mongod' if ('mongodb-org' in mongodb_package) else 'mo
# PyMongo version to install -- if evaluates to no, will install from apt instead
mongodb_pymongo_pip_version: "2.9"
# JS script that runs after installation for ensuring indices exist
mongodb_js_index_script: "dbIndexSetup.js"
# Location for misc files
mongodb_misc_dir: /opt/mongodb
......
......@@ -9,7 +9,3 @@
- include: config_auth.yml
when: mongodb_conf_auth
tags: [mongodb]
- include: config_db.yml
tags: [mongodb]
......@@ -15,15 +15,36 @@ sentinel_unit_tests: no
# Whether to run integration tests before deploying. #
sentinel_integration_tests: no
# Sentinel database user. #
sentinel_database_user: sentinel-api ## TODO: sync with the mongodb role
# Sentinel database user password. #
sentinel_database_password: api ## TODO: sync with the mongodb role
# Sentinel-specific MongoDB users. #
sentinel_mongodb_user_name: sentinel-api
sentinel_mongodb_user_password: api
sentinel_mongodb_users:
- database: sentinel
name: sentinel-owner
password: owner
roles: dbOwner
- database: sentinel
name: "{{ sentinel_mongodb_user_name }}"
password: "{{ sentinel_mongodb_user_password }}"
roles: readWrite
# Sentinel API admin user. #
sentinel_api_users:
# The default admin user
- id: dev
email: dev@sentinel.dev
password: dev
active_key: dev
verified: yes
is_admin: yes
# Directory for storing Sentinel-related files. #
sentinel_dir: /opt/sentinel
# Script for creating Sentinel database index. #
sentinel_mongodb_js_script: "dbIndexSetup.js"
# Path for all deployments. #
sentinel_deployments_dir: "{{ sentinel_dir }}/deployments"
......
......@@ -62,6 +62,9 @@
set_fact: sentinel_version="{{ cmd_sentinel_version.stdout_lines|last|replace('[info] ', '') }}"
when: cmd_sentinel_version|success
- include: deploy_db.yml
tags: [sentinel, deploy]
- include: deploy_jar.yml
tags: [sentinel, deploy]
......
---
- name: copy index config script if defined
copy: src={{ mongodb_js_index_script }} dest={{ mongodb_misc_dir }} owner={{ mongodb_user }} group={{ mongodb_user }} mode=0644
when: mongodb_js_index_script is defined
- name: copy database indexing script if defined
copy: src={{ sentinel_mongodb_js_script }} dest={{ sentinel_dir }} owner={{ sentinel_user }} group={{ sentinel_user }} mode=0644
when: sentinel_mongodb_js_script is defined
- name: run database config script
shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ mongodb_misc_dir }}/{{ mongodb_js_index_script }} -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
when: mongodb_js_index_script is defined
- name: run database indexing script
shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ sentinel_dir }}/{{ sentinel_mongodb_js_script }} -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
when: sentinel_mongodb_js_script is defined
register: js_index_script
changed_when: js_index_script.stdout != ""
......@@ -15,19 +15,19 @@
register: api_users_exist
changed_when: api_users_exist.stdout != "1" or api_users_exist.rc != 0
with_items:
- "{{ mongodb_sentinel_users }}"
when: mongodb_sentinel_users is defined and mongodb_sentinel_users
- "{{ sentinel_api_users }}"
when: sentinel_api_users is defined and sentinel_api_users
- name: copy users config script if required
template: src=sentinelUsersSetup.js.j2 dest={{ mongodb_misc_dir }}/sentinelUsersSetup.js owner={{ mongodb_user }} group={{ mongodb_user }} mode=0600
template: src=sentinelUsersSetup.js.j2 dest={{ sentinel_dir }}/sentinelUsersSetup.js owner={{ sentinel_user }} group={{ sentinel_user }} mode=0600
when: api_users_exist|changed
- name: run api users config script if required
shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ mongodb_misc_dir }}/sentinelUsersSetup.js -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ sentinel_dir }}/sentinelUsersSetup.js -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
register: api_users
changed_when: api_users.stdout != ""
when: api_users_exist|changed
- name: remove api users config script if present
file: path={{ mongodb_misc_dir }}/sentinelUsersSetup.js state=absent
file: path={{ sentinel_dir }}/sentinelUsersSetup.js state=absent
when: api_users_exist|changed
# {{ ansible_managed }}
mongodb.userName={{ mongodb_user_sentinel_name }}
mongodb.password={{ mongodb_user_sentinel_password }}
mongodb.userName={{ sentinel_mongodb_user_name }}
mongodb.password={{ sentinel_mongodb_user_password }}
{% if sentinel_production %}
sentinel.env=production
{% else %}
......
......@@ -14,7 +14,7 @@ var addUserIfNotExist = function(user) {
}
var users = [
{% for user in mongodb_sentinel_users %}
{% for user in sentinel_api_users %}
{
id: "{{ user.id }}",
email: "{{ user.email }}",
......
---
# Sentinel-specific MongoDB users. #
mongodb_user_sentinel_name: sentinel-api
mongodb_user_sentinel_password: api
mongodb_users:
- database: sentinel
name: sentinel-owner
password: owner
roles: dbOwner
- database: sentinel
name: "{{ mongodb_user_sentinel_name }}"
password: "{{ mongodb_user_sentinel_password }}"
roles: readWrite
# Sentinel API admin user. #
mongodb_sentinel_users:
# The default admin user
- id: dev
email: dev@sentinel.dev
password: dev
active_key: dev
verified: yes
is_admin: yes
mongodb_users: "{{ sentinel_mongodb_users }}"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment