4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 - include_tasks: password_gen.yml
21 - name: get admin password
22 command: '/usr/bin/curl
23 https://{{ ansible_host }}:{{ caas.etcd_api_port }}/v2/keys/swift/admin
24 --cacert /etc/etcd/ssl/ca.pem
25 --cert /etc/etcd/ssl/etcd{{ nodeindex }}.pem
26 --key /etc/etcd/ssl/etcd{{ nodeindex }}-key.pem'
30 - name: get registry password
31 command: '/usr/bin/curl
32 https://{{ ansible_host }}:{{ caas.etcd_api_port }}/v2/keys/swift/registry
33 --cacert /etc/etcd/ssl/ca.pem
34 --cert /etc/etcd/ssl/etcd{{ nodeindex }}.pem
35 --key /etc/etcd/ssl/etcd{{ nodeindex }}-key.pem'
36 register: registry_pass
39 - name: decode registry pass
40 shell: echo {{ (registry_pass.stdout|from_json).node.value }} | /usr/bin/openssl enc -d -aes-256-cbc -a -pass pass:{{ name }}
41 register: registry_pass
43 - name: set registry pass
45 swift_registry_pass: "{{ registry_pass.stdout }}"
47 - name: decode admin pass
48 shell: echo {{ (admin_pass.stdout|from_json).node.value }} | /usr/bin/openssl enc -d -aes-256-cbc -a -pass pass:{{ name }}
51 - name: set admin pass
53 swift_admin_pass: "{{ admin_pass.stdout }}"
58 name: /etc/swift/usr/{{ item }}
66 - name: allowing cloud_admin_user to access /etc/swift folder
69 entity: "{{ users.admin_user_name }}"
75 - name: allowing cloud_admin_user to access /etc/swift/usr folder
77 name: "/etc/swift/usr"
78 entity: "{{ users.admin_user_name }}"
84 - name: allowing cloud_admin_user to access /etc/swift/usr/admin folder
86 name: "/etc/swift/usr/admin"
87 entity: "{{ users.admin_user_name }}"
93 - name: copy admin env_file
95 src: main/admin_envfile
97 dest: /etc/swift/usr/admin/env_file
100 - name: Copy admin.yml
104 dest: /etc/swift/usr/admin/admin.yml
107 - name: allowing users.admin_user_name to access /etc/swift/usr/admin/env_file
109 name: "/etc/swift/usr/admin/env_file"
110 entity: "{{ users.admin_user_name }}"
116 - name: allowing cloud_admin_user to access /etc/swift/usr/admin/admin.yml
118 name: "/etc/swift/usr/admin/admin.yml"
119 entity: "{{ users.admin_user_name }}"