Commit f50ceaf4 authored by bow's avatar bow
Browse files

Move sentinel-specific database setup to the sentinel role from mongodb role

parent 2c5b0320
...@@ -9,8 +9,6 @@ mongodb_user_admin_password: userAdmin ...@@ -9,8 +9,6 @@ mongodb_user_admin_password: userAdmin
mongodb_users: [] mongodb_users: []
mongodb_sentinel_users: []
## System options ## ## System options ##
# MongoDB package name (mongodb-org for vendor, mongodb for apt) # MongoDB package name (mongodb-org for vendor, mongodb for apt)
mongodb_package: mongodb-org mongodb_package: mongodb-org
...@@ -33,9 +31,6 @@ mongodb_daemon_name: "{{ 'mongod' if ('mongodb-org' in mongodb_package) else 'mo ...@@ -33,9 +31,6 @@ mongodb_daemon_name: "{{ 'mongod' if ('mongodb-org' in mongodb_package) else 'mo
# PyMongo version to install -- if evaluates to no, will install from apt instead # PyMongo version to install -- if evaluates to no, will install from apt instead
mongodb_pymongo_pip_version: "2.9" mongodb_pymongo_pip_version: "2.9"
# JS script that runs after installation for ensuring indices exist
mongodb_js_index_script: "dbIndexSetup.js"
# Location for misc files # Location for misc files
mongodb_misc_dir: /opt/mongodb mongodb_misc_dir: /opt/mongodb
......
...@@ -9,7 +9,3 @@ ...@@ -9,7 +9,3 @@
- include: config_auth.yml - include: config_auth.yml
when: mongodb_conf_auth when: mongodb_conf_auth
tags: [mongodb] tags: [mongodb]
- include: config_db.yml
tags: [mongodb]
...@@ -15,15 +15,36 @@ sentinel_unit_tests: no ...@@ -15,15 +15,36 @@ sentinel_unit_tests: no
# Whether to run integration tests before deploying. # # Whether to run integration tests before deploying. #
sentinel_integration_tests: no sentinel_integration_tests: no
# Sentinel database user. # # Sentinel-specific MongoDB users. #
sentinel_database_user: sentinel-api ## TODO: sync with the mongodb role sentinel_mongodb_user_name: sentinel-api
sentinel_mongodb_user_password: api
# Sentinel database user password. #
sentinel_database_password: api ## TODO: sync with the mongodb role sentinel_mongodb_users:
- database: sentinel
name: sentinel-owner
password: owner
roles: dbOwner
- database: sentinel
name: "{{ sentinel_mongodb_user_name }}"
password: "{{ sentinel_mongodb_user_password }}"
roles: readWrite
# Sentinel API admin user. #
sentinel_api_users:
# The default admin user
- id: dev
email: dev@sentinel.dev
password: dev
active_key: dev
verified: yes
is_admin: yes
# Directory for storing Sentinel-related files. # # Directory for storing Sentinel-related files. #
sentinel_dir: /opt/sentinel sentinel_dir: /opt/sentinel
# Script for creating Sentinel database index. #
sentinel_mongodb_js_script: "dbIndexSetup.js"
# Path for all deployments. # # Path for all deployments. #
sentinel_deployments_dir: "{{ sentinel_dir }}/deployments" sentinel_deployments_dir: "{{ sentinel_dir }}/deployments"
......
...@@ -62,6 +62,9 @@ ...@@ -62,6 +62,9 @@
set_fact: sentinel_version="{{ cmd_sentinel_version.stdout_lines|last|replace('[info] ', '') }}" set_fact: sentinel_version="{{ cmd_sentinel_version.stdout_lines|last|replace('[info] ', '') }}"
when: cmd_sentinel_version|success when: cmd_sentinel_version|success
- include: deploy_db.yml
tags: [sentinel, deploy]
- include: deploy_jar.yml - include: deploy_jar.yml
tags: [sentinel, deploy] tags: [sentinel, deploy]
......
--- ---
- name: copy index config script if defined - name: copy database indexing script if defined
copy: src={{ mongodb_js_index_script }} dest={{ mongodb_misc_dir }} owner={{ mongodb_user }} group={{ mongodb_user }} mode=0644 copy: src={{ sentinel_mongodb_js_script }} dest={{ sentinel_dir }} owner={{ sentinel_user }} group={{ sentinel_user }} mode=0644
when: mongodb_js_index_script is defined when: sentinel_mongodb_js_script is defined
- name: run database config script - name: run database indexing script
shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ mongodb_misc_dir }}/{{ mongodb_js_index_script }} -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ sentinel_dir }}/{{ sentinel_mongodb_js_script }} -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
when: mongodb_js_index_script is defined when: sentinel_mongodb_js_script is defined
register: js_index_script register: js_index_script
changed_when: js_index_script.stdout != "" changed_when: js_index_script.stdout != ""
...@@ -15,19 +15,19 @@ ...@@ -15,19 +15,19 @@
register: api_users_exist register: api_users_exist
changed_when: api_users_exist.stdout != "1" or api_users_exist.rc != 0 changed_when: api_users_exist.stdout != "1" or api_users_exist.rc != 0
with_items: with_items:
- "{{ mongodb_sentinel_users }}" - "{{ sentinel_api_users }}"
when: mongodb_sentinel_users is defined and mongodb_sentinel_users when: sentinel_api_users is defined and sentinel_api_users
- name: copy users config script if required - name: copy users config script if required
template: src=sentinelUsersSetup.js.j2 dest={{ mongodb_misc_dir }}/sentinelUsersSetup.js owner={{ mongodb_user }} group={{ mongodb_user }} mode=0600 template: src=sentinelUsersSetup.js.j2 dest={{ sentinel_dir }}/sentinelUsersSetup.js owner={{ sentinel_user }} group={{ sentinel_user }} mode=0600
when: api_users_exist|changed when: api_users_exist|changed
- name: run api users config script if required - name: run api users config script if required
shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ mongodb_misc_dir }}/sentinelUsersSetup.js -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin shell: /usr/bin/mongo --quiet {{ mongodb_conf_bind_ip }}:{{ mongodb_conf_port }}/sentinel {{ sentinel_dir }}/sentinelUsersSetup.js -u {{ mongodb_root_name }} -p {{ mongodb_root_password }} --authenticationDatabase admin
register: api_users register: api_users
changed_when: api_users.stdout != "" changed_when: api_users.stdout != ""
when: api_users_exist|changed when: api_users_exist|changed
- name: remove api users config script if present - name: remove api users config script if present
file: path={{ mongodb_misc_dir }}/sentinelUsersSetup.js state=absent file: path={{ sentinel_dir }}/sentinelUsersSetup.js state=absent
when: api_users_exist|changed when: api_users_exist|changed
# {{ ansible_managed }} # {{ ansible_managed }}
mongodb.userName={{ mongodb_user_sentinel_name }} mongodb.userName={{ sentinel_mongodb_user_name }}
mongodb.password={{ mongodb_user_sentinel_password }} mongodb.password={{ sentinel_mongodb_user_password }}
{% if sentinel_production %} {% if sentinel_production %}
sentinel.env=production sentinel.env=production
{% else %} {% else %}
......
...@@ -14,7 +14,7 @@ var addUserIfNotExist = function(user) { ...@@ -14,7 +14,7 @@ var addUserIfNotExist = function(user) {
} }
var users = [ var users = [
{% for user in mongodb_sentinel_users %} {% for user in sentinel_api_users %}
{ {
id: "{{ user.id }}", id: "{{ user.id }}",
email: "{{ user.email }}", email: "{{ user.email }}",
......
--- ---
# Sentinel-specific MongoDB users. # mongodb_users: "{{ sentinel_mongodb_users }}"
mongodb_user_sentinel_name: sentinel-api
mongodb_user_sentinel_password: api
mongodb_users:
- database: sentinel
name: sentinel-owner
password: owner
roles: dbOwner
- database: sentinel
name: "{{ mongodb_user_sentinel_name }}"
password: "{{ mongodb_user_sentinel_password }}"
roles: readWrite
# Sentinel API admin user. #
mongodb_sentinel_users:
# The default admin user
- id: dev
email: dev@sentinel.dev
password: dev
active_key: dev
verified: yes
is_admin: yes
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment