From 288ea2a8449c6fd19ea611222070b71da3451472 Mon Sep 17 00:00:00 2001 From: paulfantom Date: Mon, 25 Jun 2018 11:19:02 +0200 Subject: [PATCH 1/2] major cleanup --- tasks/client.yml | 1 - tasks/main.yml | 26 +++++++------------------- tasks/python_sni.yml | 12 ++++++------ tasks/server.yml | 14 ++++++++++++-- vars/Debian.yml | 6 +----- vars/RedHat.yml | 6 +----- vars/main.yml | 9 --------- 7 files changed, 27 insertions(+), 47 deletions(-) diff --git a/tasks/client.yml b/tasks/client.yml index 28a8391..138be92 100644 --- a/tasks/client.yml +++ b/tasks/client.yml @@ -1,5 +1,4 @@ --- - - name: download minio client get_url: url: "{{ minio_client_download_url }}" diff --git a/tasks/main.yml b/tasks/main.yml index 78a39f7..48e9f68 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,31 +1,19 @@ --- - - name: include os-specific variables include_vars: "{{ ansible_os_family }}.yml" - # add the python sni support to legacy python installations -- include: python_sni.yml - when: ansible_os_family == 'Debian' - and ansible_python_version is version_compare('2.6.0', '>=') - and ansible_python_version is version_compare('2.7.9', '<') +- name: add the python sni support to legacy python installations + include: python_sni.yml + when: + - ansible_os_family == 'Debian' + - ansible_python_version is version_compare('2.6.0', '>=') + - ansible_python_version is version_compare('2.7.9', '<') - # install additional ansible dependencies - name: install ansible support packages package: name: "{{ item }}" state: present - with_items: "{{ ansible_support_packages }}" - -- name: create minio group - group: - name: "{{ minio_group }}" - state: present - -- name: create minio user - user: - name: "{{ minio_user }}" - group: "{{ minio_group }}" - shell: /bin/bash + with_items: "{{ minio_ansible_support_packages }}" - include: server.yml when: minio_install_server diff --git a/tasks/python_sni.yml b/tasks/python_sni.yml index 26ffb5f..092df51 100644 --- a/tasks/python_sni.yml +++ b/tasks/python_sni.yml @@ -1,12 +1,9 @@ --- - -# with_indexed_items is required as a workaround for this issue: -# https://github.com/ansible/ansible-modules-core/issues/1178 - name: install python-pip package: - name: "{{ item.1 }}" + name: "{{ item }}" state: present - with_indexed_items: "{{ python_pip_packages }}" + with_items: "{{ python_pip_packages }}" - name: install the Python SNI support packages package: @@ -21,4 +18,7 @@ pip: name: "{{ item }}" state: present - with_items: "{{ python_sni_pip_dependencies }}" + with_items: + - pyopenssl + - ndg-httpsclient + - pyasn1 diff --git a/tasks/server.yml b/tasks/server.yml index 3fac750..4c1c52d 100644 --- a/tasks/server.yml +++ b/tasks/server.yml @@ -1,4 +1,14 @@ --- +- name: create minio group + group: + name: "{{ minio_group }}" + state: present + +- name: create minio user + user: + name: "{{ minio_user }}" + group: "{{ minio_group }}" + shell: /bin/bash - name: create data storage directories file: @@ -27,13 +37,13 @@ - name: create the minio server systemd config template: src: minio.service.j2 - dest: "{{ systemd_units_dir }}/minio.service" + dest: "/etc/systemd/system/minio.service" when: ansible_service_mgr == "systemd" - name: create the minio server init.d config template: src: minio.init.j2 - dest: "{{ initd_conf_dir }}/minio" + dest: "/etc/init.d/minio" mode: 0750 when: ansible_service_mgr != "systemd" diff --git a/vars/Debian.yml b/vars/Debian.yml index 9843211..514b3e3 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,8 +1,4 @@ --- - -# systemd unit files location -systemd_units_dir: /lib/systemd/system - # packages providing python-pip python_pip_packages: - python-pip @@ -14,5 +10,5 @@ python_sni_support_packages: - libffi-dev # extra packages needed by ansible to correctly configure the system -ansible_support_packages: +minio_ansible_support_packages: - ca-certificates diff --git a/vars/RedHat.yml b/vars/RedHat.yml index d596637..80e48c0 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,8 +1,4 @@ --- - -# systemd unit files location -systemd_units_dir: /etc/systemd/system - # packages providing python-pip python_pip_packages: - epel-release @@ -12,4 +8,4 @@ python_pip_packages: python_sni_support_packages: [ ] # extra packages needed by ansible to correctly configure the system -ansible_support_packages: [ ] +minio_ansible_support_packages: [ ] diff --git a/vars/main.yml b/vars/main.yml index 21f7299..1dc9b27 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -3,12 +3,3 @@ # Minio and MC download urls minio_server_download_url: https://dl.minio.io/server/minio/release/linux-amd64/minio minio_client_download_url: https://dl.minio.io/client/mc/release/linux-amd64/mc - -# default init scripts location -initd_conf_dir: /etc/init.d - -# python pip packages required to support SNI certificates -python_sni_pip_dependencies: - - pyopenssl - - ndg-httpsclient - - pyasn1 From 915f820f4b5cc2b3e3d9d9c70485ed072454acff Mon Sep 17 00:00:00 2001 From: paulfantom Date: Mon, 25 Jun 2018 11:22:23 +0200 Subject: [PATCH 2/2] binary files should be owned by root --- tasks/client.yml | 4 ++-- tasks/server.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/client.yml b/tasks/client.yml index 138be92..fac3f50 100644 --- a/tasks/client.yml +++ b/tasks/client.yml @@ -3,6 +3,6 @@ get_url: url: "{{ minio_client_download_url }}" dest: "{{ minio_client_bin }}" - owner: "{{ minio_user }}" - group: "{{ minio_group }}" + owner: "root" + group: "root" mode: 0755 diff --git a/tasks/server.yml b/tasks/server.yml index 4c1c52d..f6d32a2 100644 --- a/tasks/server.yml +++ b/tasks/server.yml @@ -24,8 +24,8 @@ get_url: url: "{{ minio_server_download_url }}" dest: "{{ minio_server_bin }}" - owner: "{{ minio_user }}" - group: "{{ minio_group }}" + owner: "root" + group: "root" mode: 0755 - name: generate the minio server envfile