Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
SASC
sentinel-legacy
Commits
f50ceaf4
Commit
f50ceaf4
authored
Jan 25, 2016
by
bow
Browse files
Move sentinel-specific database setup to the sentinel role from mongodb role
parent
2c5b0320
Changes
9
Hide whitespace changes
Inline
Side-by-side
deployment/ansible-role-mongodb/defaults/main.yml
View file @
f50ceaf4
...
...
@@ -9,8 +9,6 @@ mongodb_user_admin_password: userAdmin
mongodb_users
:
[]
mongodb_sentinel_users
:
[]
## System options ##
# MongoDB package name (mongodb-org for vendor, mongodb for apt)
mongodb_package
:
mongodb-org
...
...
@@ -33,9 +31,6 @@ mongodb_daemon_name: "{{ 'mongod' if ('mongodb-org' in mongodb_package) else 'mo
# PyMongo version to install -- if evaluates to no, will install from apt instead
mongodb_pymongo_pip_version
:
"
2.9"
# JS script that runs after installation for ensuring indices exist
mongodb_js_index_script
:
"
dbIndexSetup.js"
# Location for misc files
mongodb_misc_dir
:
/opt/mongodb
...
...
deployment/ansible-role-mongodb/tasks/main.yml
View file @
f50ceaf4
...
...
@@ -9,7 +9,3 @@
-
include
:
config_auth.yml
when
:
mongodb_conf_auth
tags
:
[
mongodb
]
-
include
:
config_db.yml
tags
:
[
mongodb
]
deployment/ansible-role-sentinel/defaults/main.yml
View file @
f50ceaf4
...
...
@@ -15,15 +15,36 @@ sentinel_unit_tests: no
# Whether to run integration tests before deploying. #
sentinel_integration_tests
:
no
# Sentinel database user. #
sentinel_database_user
:
sentinel-api
## TODO: sync with the mongodb role
# Sentinel database user password. #
sentinel_database_password
:
api
## TODO: sync with the mongodb role
# Sentinel-specific MongoDB users. #
sentinel_mongodb_user_name
:
sentinel-api
sentinel_mongodb_user_password
:
api
sentinel_mongodb_users
:
-
database
:
sentinel
name
:
sentinel-owner
password
:
owner
roles
:
dbOwner
-
database
:
sentinel
name
:
"
{{
sentinel_mongodb_user_name
}}"
password
:
"
{{
sentinel_mongodb_user_password
}}"
roles
:
readWrite
# Sentinel API admin user. #
sentinel_api_users
:
# The default admin user
-
id
:
dev
email
:
dev@sentinel.dev
password
:
dev
active_key
:
dev
verified
:
yes
is_admin
:
yes
# Directory for storing Sentinel-related files. #
sentinel_dir
:
/opt/sentinel
# Script for creating Sentinel database index. #
sentinel_mongodb_js_script
:
"
dbIndexSetup.js"
# Path for all deployments. #
sentinel_deployments_dir
:
"
{{
sentinel_dir
}}/deployments"
...
...
deployment/ansible-role-
mongodb
/files/dbIndexSetup.js
→
deployment/ansible-role-
sentinel
/files/dbIndexSetup.js
View file @
f50ceaf4
File moved
deployment/ansible-role-sentinel/tasks/deploy.yml
View file @
f50ceaf4
...
...
@@ -62,6 +62,9 @@
set_fact
:
sentinel_version="{{ cmd_sentinel_version.stdout_lines|last|replace('[info] ', '') }}"
when
:
cmd_sentinel_version|success
-
include
:
deploy_db.yml
tags
:
[
sentinel
,
deploy
]
-
include
:
deploy_jar.yml
tags
:
[
sentinel
,
deploy
]
...
...
deployment/ansible-role-
mongodb
/tasks/
config
_db.yml
→
deployment/ansible-role-
sentinel
/tasks/
deploy
_db.yml
View file @
f50ceaf4
---
-
name
:
copy
index confi
g script if defined
copy
:
src={{ mongodb_js_
index_
script }} dest={{
mongodb_misc
_dir }} owner={{
mongodb
_user }} group={{
mongodb
_user }} mode=0644
when
:
mongodb_js_
index_
script is defined
-
name
:
copy
database indexin
g script if defined
copy
:
src={{
sentinel_
mongodb_js_script }} dest={{
sentinel
_dir }} owner={{
sentinel
_user }} group={{
sentinel
_user }} mode=0644
when
:
sentinel_
mongodb_js_script is defined
-
name
:
run database
confi
g script
shell
:
/usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{
mongodb_misc
_dir }}/{{ mongodb_js_
index_
script }} -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
when
:
mongodb_js_
index_
script is defined
-
name
:
run database
indexin
g script
shell
:
/usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{
sentinel
_dir }}/{{
sentinel_
mongodb_js_script }} -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
when
:
sentinel_
mongodb_js_script is defined
register
:
js_index_script
changed_when
:
js_index_script.stdout != ""
...
...
@@ -15,19 +15,19 @@
register
:
api_users_exist
changed_when
:
api_users_exist.stdout != "1" or api_users_exist.rc !=
0
with_items
:
-
"
{{
mongodb_
sentinel_users
}}"
when
:
mongodb_
sentinel_users is defined and
mongodb_
sentinel_users
-
"
{{
sentinel_
api_
users
}}"
when
:
sentinel_
api_
users is defined and sentinel_
api_
users
-
name
:
copy users config script if required
template
:
src=sentinelUsersSetup.js.j2 dest={{
mongodb_misc
_dir }}/sentinelUsersSetup.js owner={{
mongodb
_user }} group={{
mongodb
_user }} mode=0600
template
:
src=sentinelUsersSetup.js.j2 dest={{
sentinel
_dir }}/sentinelUsersSetup.js owner={{
sentinel
_user }} group={{
sentinel
_user }} mode=0600
when
:
api_users_exist|changed
-
name
:
run api users config script if required
shell
:
/usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{
mongodb_misc
_dir }}/sentinelUsersSetup.js -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
shell
:
/usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{
sentinel
_dir }}/sentinelUsersSetup.js -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
register
:
api_users
changed_when
:
api_users.stdout != ""
when
:
api_users_exist|changed
-
name
:
remove api users config script if present
file
:
path={{
mongodb_misc
_dir }}/sentinelUsersSetup.js state=absent
file
:
path={{
sentinel
_dir }}/sentinelUsersSetup.js state=absent
when
:
api_users_exist|changed
deployment/ansible-role-sentinel/templates/sentinel.conf.j2
View file @
f50ceaf4
# {{ ansible_managed }}
mongodb.userName={{ mongodb_user_
sentinel_
name }}
mongodb.password={{ mongodb_user_
sentinel_
password }}
mongodb.userName={{
sentinel_
mongodb_user_name }}
mongodb.password={{
sentinel_
mongodb_user_password }}
{% if sentinel_production %}
sentinel.env=production
{% else %}
...
...
deployment/ansible-role-
mongodb
/templates/sentinelUsersSetup.js.j2
→
deployment/ansible-role-
sentinel
/templates/sentinelUsersSetup.js.j2
View file @
f50ceaf4
...
...
@@ -14,7 +14,7 @@ var addUserIfNotExist = function(user) {
}
var users = [
{% for user in
mongodb_
sentinel_users %}
{% for user in sentinel_
api_
users %}
{
id: "{{ user.id }}",
email: "{{ user.email }}",
...
...
deployment/ansible-role-sentinel/vars/main.yml
View file @
f50ceaf4
---
# Sentinel-specific MongoDB users. #
mongodb_user_sentinel_name
:
sentinel-api
mongodb_user_sentinel_password
:
api
mongodb_users
:
-
database
:
sentinel
name
:
sentinel-owner
password
:
owner
roles
:
dbOwner
-
database
:
sentinel
name
:
"
{{
mongodb_user_sentinel_name
}}"
password
:
"
{{
mongodb_user_sentinel_password
}}"
roles
:
readWrite
# Sentinel API admin user. #
mongodb_sentinel_users
:
# The default admin user
-
id
:
dev
email
:
dev@sentinel.dev
password
:
dev
active_key
:
dev
verified
:
yes
is_admin
:
yes
mongodb_users
:
"
{{
sentinel_mongodb_users
}}"
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment