From 183ca76796265d6b08f2a3e3d60d83df9c6d2f37 Mon Sep 17 00:00:00 2001 From: Sergio Nemirowski Date: Mon, 28 Mar 2022 17:37:33 +0300 Subject: [PATCH] ansible enhancements Signed-off-by: Sergio Nemirowski --- defaults/main.yml | 2 +- tasks/binary.yml | 6 +++--- tasks/main.yml | 14 +++++--------- tasks/tls.yml | 3 +-- tasks/user.yml | 4 +--- tasks/wallet.yml | 5 ++--- 6 files changed, 13 insertions(+), 21 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index cf4f92b..cd032bd 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -87,7 +87,7 @@ neogo__network_opts: 'standby_validators': - '02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2' 'seed_list': - - '127.0.0.1:30332' + - 'localhost:30332' # Default bind address neogo__bind_address: '0.0.0.0' diff --git a/tasks/binary.yml b/tasks/binary.yml index 5784a91..c95b990 100644 --- a/tasks/binary.yml +++ b/tasks/binary.yml @@ -4,9 +4,9 @@ ansible.builtin.get_url: url: "{{ neogo__bin_url }}" dest: "{{ neogo__bin_path }}" - mode: '0755' + force: yes owner: 'root' group: 'root' + mode: '0755' when: not (neogo__use_compose | bool) - notify: - - Restart NeoGo service + notify: [ 'Restart NeoGo service' ] diff --git a/tasks/main.yml b/tasks/main.yml index 4e90ffb..cbc0758 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -14,7 +14,7 @@ ansible.builtin.file: state: directory path: "{{ neogo__conf_dir }}" - owner: "root" + owner: 'root' group: "{{ neogo__group }}" mode: '0750' @@ -31,8 +31,7 @@ owner: 'root' group: '{{ neogo__group }}' mode: '0640' - notify: - - Restart NeoGo service + notify: [ 'Restart NeoGo service' ] - name: Copy compose file ansible.builtin.template: @@ -42,24 +41,21 @@ group: "{{ neogo__group }}" mode: '0640' when: neogo__use_compose | bool - notify: - - Restart NeoGo service + notify: [ 'Restart NeoGo service' ] - name: Copy regular systemd unit ansible.builtin.template: src: "neogo-legacy.service.bin.j2" dest: "/etc/systemd/system/neogo{{ neogo__instance }}.service" when: not (neogo__use_compose | bool) - notify: - - Restart NeoGo service + notify: [ 'Restart NeoGo service' ] - name: Copy dockerized systemd unit ansible.builtin.template: src: "neogo-legacy.service.compose.j2" dest: "/etc/systemd/system/neogo{{ neogo__instance }}.service" when: neogo__use_compose | bool - notify: - - Restart NeoGo service + notify: [ 'Restart NeoGo service' ] - name: Force debops.ferm run ansible.builtin.include_role: diff --git a/tasks/tls.yml b/tasks/tls.yml index 81bf080..7db970c 100644 --- a/tasks/tls.yml +++ b/tasks/tls.yml @@ -15,5 +15,4 @@ group: "{{ neogo__group }}" mode: '0640' when: neogo__tls_enabled | bool - notify: - - Restart NeoGo service + notify: [ 'Restart NeoGo service' ] diff --git a/tasks/user.yml b/tasks/user.yml index d84ee9e..50f6f9d 100644 --- a/tasks/user.yml +++ b/tasks/user.yml @@ -4,18 +4,16 @@ ansible.builtin.group: name: "{{ neogo__group }}" system: yes - state: 'present' - name: Create NeoGo user ansible.builtin.user: name: "{{ neogo__user }}" group: "{{ neogo__group }}" password: '*' - shell: /usr/sbin/nologin + shell: '/usr/sbin/nologin' home: "{{ neogo__data_dir }}" system: yes skeleton: no - state: 'present' - name: Get UID for NeoGo user ansible.builtin.getent: diff --git a/tasks/wallet.yml b/tasks/wallet.yml index 6217c7b..0557f57 100644 --- a/tasks/wallet.yml +++ b/tasks/wallet.yml @@ -6,9 +6,8 @@ content: "{{ neogo__wallet_content }}" owner: 'root' group: "{{ neogo__group }}" - mode: '0640' + mode: '0660' # neogo legacy wants write permissions when: > (neogo__wallet_content is defined) and (neogo__wallet_content|length > 0) - notify: - - Restart NeoGo service + notify: [ 'Restart NeoGo service' ]