From e7bba72cd95159179b5afd4f2b9e6f6d48cba0df Mon Sep 17 00:00:00 2001 From: Tobias Florek Date: Thu, 2 Jun 2016 17:25:10 +0200 Subject: Add flag to manage htpasswd, or not. Setting `openshift_master_manage_htpasswd` falsy will disable managing the htpasswd file. It won't get overwritten/generated. --- roles/openshift_master/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/openshift_master') diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 63a54a0d9..8ae169dfb 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -93,7 +93,7 @@ src: htpasswd.j2 mode: 0600 backup: yes - when: item.kind == 'HTPasswdPasswordIdentityProvider' + when: item.kind == 'HTPasswdPasswordIdentityProvider' and openshift.master.manage_htpasswd | bool with_items: "{{ openshift.master.identity_providers }}" - name: Create the ldap ca file if needed -- cgit v1.2.3 From 4538443750921273532d97ff653729e95bc52ad9 Mon Sep 17 00:00:00 2001 From: Tobias Florek Date: Thu, 2 Jun 2016 19:36:59 +0200 Subject: ensure htpasswd file exists Also move file mode to the file-exists check to not specify twice. --- roles/openshift_master/tasks/main.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'roles/openshift_master') diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 8ae169dfb..476ed4b0c 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -91,11 +91,19 @@ template: dest: "{{ item.filename }}" src: htpasswd.j2 - mode: 0600 backup: yes when: item.kind == 'HTPasswdPasswordIdentityProvider' and openshift.master.manage_htpasswd | bool with_items: "{{ openshift.master.identity_providers }}" +- name: Ensure htpasswd file exists + copy: + dest: "{{ item.filename }}" + force: no + content: "" + mode: 0600 + when: item.kind == 'HTPasswdPasswordIdentityProvider' + with_items: "{{ openshift.master.identity_providers }}" + - name: Create the ldap ca file if needed copy: dest: "{{ item.ca if 'ca' in item and '/' in item.ca else openshift_master_config_dir ~ '/' ~ item.ca | default('ldap_ca.crt') }}" -- cgit v1.2.3 From 98fa177034fd31b638afba5f826e83cb44e830a9 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 24 May 2016 17:08:39 -0400 Subject: At least backup things --- roles/openshift_master/tasks/systemd_units.yml | 3 +++ 1 file changed, 3 insertions(+) (limited to 'roles/openshift_master') diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index a81270bab..2b527c03b 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -42,6 +42,7 @@ template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-api.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + backup: true when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" notify: - restart master api @@ -50,6 +51,7 @@ template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-controllers.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + backup: true when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" notify: - restart master controllers @@ -65,5 +67,6 @@ template: src: "atomic-openshift-master.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master + backup: true notify: - restart master -- cgit v1.2.3 From a2fad7dd125bb4f1b0123beab81cbff9075397d4 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 31 May 2016 14:05:35 -0400 Subject: Preserve proxy config if it's undefined --- roles/openshift_master/tasks/systemd_units.yml | 43 ++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) (limited to 'roles/openshift_master') diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index 2b527c03b..458b56fd1 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -38,6 +38,13 @@ when: create_ha_unit_files | changed # end workaround for missing systemd unit files +- name: Preserve Master API Proxy Config options + command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api + register: master_api_proxy + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + failed_when: false + changed_when: false + - name: Create the master api service env file template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-api.j2" @@ -47,6 +54,21 @@ notify: - restart master api +- name: Restore Master API Proxy Config Options + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + and master_api_proxy.rc == 0 and 'http_proxy' not in openshift.common and 'https_proxy' not in openshift.common + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + line: "{{ item }}" + with_items: "{{ master_api_proxy.stdout_lines | default([]) }}" + +- name: Preserve Master Controllers Proxy Config options + command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api + register: master_controllers_proxy + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + failed_when: false + changed_when: false + - name: Create the master controllers service env file template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-controllers.j2" @@ -56,6 +78,14 @@ notify: - restart master controllers +- name: Restore Master Controllers Proxy Config Options + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + line: "{{ item }}" + with_items: "{{ master_controllers_proxy.stdout_lines | default([]) }}" + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + and master_controllers_proxy.rc == 0 and 'http_proxy' not in openshift.common and 'https_proxy' not in openshift.common + - name: Install Master docker service file template: dest: "/etc/systemd/system/{{ openshift.common.service_type }}-master.service" @@ -63,6 +93,12 @@ register: install_result when: openshift.common.is_containerized | bool and openshift.master.ha is defined and not openshift.master.ha | bool +- name: Preserve Master Proxy Config options + command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master + register: master_proxy + failed_when: false + changed_when: false + - name: Create the master service env file template: src: "atomic-openshift-master.j2" @@ -70,3 +106,10 @@ backup: true notify: - restart master + +- name: Restore Master Proxy Config Options + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master + line: "{{ item }}" + with_items: "{{ master_proxy.stdout_lines | default([]) }}" + when: master_proxy.rc == 0 and 'http_proxy' not in openshift.common and 'https_proxy' not in openshift.common \ No newline at end of file -- cgit v1.2.3