cleanPlaybook #3

Merged
pulsar merged 2 commits from cleanPlaybook into master 2024-05-06 22:48:13 +00:00
5 changed files with 73 additions and 22 deletions
Showing only changes of commit c20f87e83a - Show all commits

View File

@ -13,7 +13,12 @@ keepalived_ipv6: ""
keepalived_peers: []
keepalived_notify_script_enabled: false
keepalived_notify_enable: false
keepalived_notify_pre: {}
keepalived_notify_is_master: {}
keepalived_notify_is_backup: {}
keepalived_notify_is_fault: {}
keepalived_notify_by_default: {}
keepalived_track_scripts: []
# Exemple:

View File

@ -8,32 +8,35 @@
- name: Déployer la configuration
ansible.builtin.template:
src: keepalived.j2
dest: /etc/keepalived/keepalived.conf
owner: root
group: root
mode: u=rw,g=r,o=r
src: keepalived.j2
dest: /etc/keepalived/keepalived.conf
become: true
notify: Redémarrer keepalived.service
- name: Déployer les scripts
ansible.builtin.copy:
src: keepalived/notify.sh
dest: /etc/keepalived/
owner: keepalived_script
group: keepalived_script
mode: u=rx,g=rx,o=
when: keepalived_notify_script_enabled
become: true
notify: Redémarrer keepalived.service
- name: Déployer le fichier de configuration de sudoers
ansible.builtin.copy:
src: keepalived/sudoers
dest: /etc/sudoers.d/keepalived
ansible.builtin.template:
src: sudoers.j2
dest: /etc/sudoers.d/keepalived_script
owner: root
group: root
mode: u=rw,g=r,o=r
group: keepalived_script
mode: u=rwx,g=rx,o=
validate: /usr/sbin/visudo -cf %s
when: "'keepalived/sudoers' is file"
when:
- keepalived_notify_enable
- keepalived_sudoers_cmd | length > 0
become: true
notify: Redémarrer keepalived.service
- name: Déployer les scripts
ansible.builtin.template:
src: notify.bash.j2
dest: /etc/keepalived/notify.bash
owner: root
group: keepalived_script
mode: u=rwx,g=rx,o=
when: keepalived_notify_enable
become: true
notify: Redémarrer keepalived.service

View File

@ -64,8 +64,8 @@ vrrp_instance VIP_{{ keepalived_uid }} {
}
{% endif %}
{% if keepalived_notify_script_enabled %}
notify /etc/keepalived/notify.sh
{% if keepalived_notify_enable %}
notify /etc/keepalived/notify.bash
{% endif %}
{% if keepalived_track_scripts | length > 0 %}

38
templates/notify.bash.j2 Normal file
View File

@ -0,0 +1,38 @@
#!/bin/bash
# {{ ansible_managed }}
TYPE=$1
NAME=$2
STATE=$3
{% if keepalived_notify_pre | length > 0 %}
{{ keepalived_notify_pre }}
{% endif %}
# Use keepalived state
case $STATE in
{% if keepalived_notify_is_master | length > 0 %}
"MASTER")
{{ keepalived_notify_is_master | indent(4) }}
exit 0
;;
{% endif %}
{% if keepalived_notify_is_backup | length > 0 %}
"BACKUP")
{{ keepalived_notify_is_backup | indent(4) }}
exit 0
;;
{% endif %}
{% if keepalived_notify_is_fault | length > 0 %}
"FAULT")
{{ keepalived_notify_is_fault | indent(4) }}
exit 0
;;
{% endif %}
{% if keepalived_notify_by_default | length > 0 %}
*)
{{ keepalived_notify_by_default | indent(4) }}
exit 1
;;
{% endif %}
esac

5
templates/sudoers.j2 Normal file
View File

@ -0,0 +1,5 @@
# {{ ansible_managed }}
{% for cmd in keepalived_sudoers_cmd %}
keepalived_script ALL=(ALL) NOPASSWD:{{ cmd }}
{% endfor %}