- include_tasks: password_gen.yml
with_items:
- - "admin"
- "registry"
-- name: get admin password
- command: '/usr/bin/curl
- https://{{ ansible_host }}:{{ caas.etcd_api_port }}/v2/keys/swift/admin
- --cacert /etc/etcd/ssl/ca.pem
- --cert /etc/etcd/ssl/etcd{{ nodeindex }}.pem
- --key /etc/etcd/ssl/etcd{{ nodeindex }}-key.pem'
- register: admin_pass
- become_user: "root"
-
- name: get registry password
command: '/usr/bin/curl
https://{{ ansible_host }}:{{ caas.etcd_api_port }}/v2/keys/swift/registry
- name: set registry pass
set_fact:
swift_registry_pass: "{{ registry_pass.stdout }}"
-
-- name: decode admin pass
- shell: echo {{ (admin_pass.stdout|from_json).node.value }} | /usr/bin/openssl enc -d -aes-256-cbc -a -pass pass:{{ name }}
- register: admin_pass
-
-- name: set admin pass
- set_fact:
- swift_admin_pass: "{{ admin_pass.stdout }}"
-
-- name: create dirs
- file:
- mode: 0750
- name: /etc/swift/usr/{{ item }}
- state: directory
- owner: swift
- group: swift
- with_items:
- - "admin"
- become_user: "root"
-
-- name: allowing cloud_admin_user to access /etc/swift folder
- acl:
- name: "/etc/swift"
- entity: "{{ users.admin_user_name }}"
- etype: user
- permissions: rx
- state: present
- become_user: "root"
-
-- name: allowing cloud_admin_user to access /etc/swift/usr folder
- acl:
- name: "/etc/swift/usr"
- entity: "{{ users.admin_user_name }}"
- etype: user
- permissions: rx
- state: present
- become_user: "root"
-
-- name: allowing cloud_admin_user to access /etc/swift/usr/admin folder
- acl:
- name: "/etc/swift/usr/admin"
- entity: "{{ users.admin_user_name }}"
- etype: user
- permissions: rx
- state: present
- become_user: "root"
-
-- name: copy admin env_file
- template:
- src: main/admin_envfile
- mode: 0640
- dest: /etc/swift/usr/admin/env_file
- become_user: "root"
-
-- name: Copy admin.yml
- template:
- src: main/admin.yml
- mode: 0640
- dest: /etc/swift/usr/admin/admin.yml
- become_user: "root"
-
-- name: allowing users.admin_user_name to access /etc/swift/usr/admin/env_file
- acl:
- name: "/etc/swift/usr/admin/env_file"
- entity: "{{ users.admin_user_name }}"
- etype: user
- permissions: r
- state: present
- become_user: "root"
-
-- name: allowing cloud_admin_user to access /etc/swift/usr/admin/admin.yml
- acl:
- name: "/etc/swift/usr/admin/admin.yml"
- entity: "{{ users.admin_user_name }}"
- etype: user
- permissions: r
- state: present
- become_user: "root"
-