openstack/ansible-role-atos-hsm
Code Issues Proposed changes
ansible-role-atos-hsm/tasks/main.yaml
Douglas Mendizábal 5069751256 Add HA (load balancing) support 
This patch add support for configuring proteccio to use
more than one HSM.  When more than one HSM is provided
the proteccio client is configured for High Availability (HA).

This patch changes the format of the variables and should
be released as a new major version. (e.g. 1.0.0).

Change-Id: Ib9989ee72a67f71275e31b966bff7673072fb3f8
2020-02-04 09:48:42 -06:00

71 lines
2.0 KiB
YAML
Raw Blame History

---
- name: Create working directory
file:
path: "{{ atos_client_working_dir }}"
state: directory
mode: 0755
- name: Download ATOS client ISO
get_url:
url: "{{ atos_client_iso_location }}"
dest: "{{ atos_client_working_dir }}/{{ atos_client_iso_name }}"
force: no
- name: Mount the iso for ATOS
mount:
path: /mnt/atos_iso
src: "{{ atos_client_working_dir }}/{{ atos_client_iso_name }}"
fstype: iso9660
state: mounted
- name: check for client software installation
stat: path=/etc/proteccio/proteccio.rc.example
register: atos_client
- name: install client software
expect:
chdir: /mnt/atos_iso/Linux
command: ./install.sh
responses:
"Select Language: enter f \\(french\\) or e \\(english\\) \\[f\\]": "e"
"Do you want to install the TrustWay Proteccio Administration Application \\(y/n\\)\\? \\[n\\]": "n"
"Press the <Enter> key to exit the installation program": "\n"
when: not atos_client.stat.exists
- name: allow using legacy variables for backwards compatibility
set_fact:
args:
atos_hsms:
- name: Legacy variables HSM
server_cert_location: "{{ atos_server_cert_location }}"
ip: "{{ atos_hsm_ip_address }}"
when: atos_hsms is not defined and atos_hsm_ip_address is defined
notify: legacy vars warning
- name: create proteccio.rc
template:
src: proteccio.rc.j2
dest: /etc/proteccio/proteccio.rc
- name: Get the client cert
get_url:
url: "{{ atos_client_cert_location }}"
dest: /etc/proteccio/proteccio_client.crt
force: no
- name: Get the client key
get_url:
url: "{{ atos_client_key_location }}"
dest: /etc/proteccio/proteccio_client.key
force: no
- name: Get the server cert
get_url:
url: "{{ item.server_cert_location }}"
dest: "/etc/proteccio/{{ item.ip | replace('.', '_') }}.CRT"
force: no
loop: "{{ atos_hsms }}"
- name: run nethsmstatus to confirm connection # noqa 301
command: nethsmstatus
View Git Blame Copy Permalink