134 lines
3.9 KiB
YAML
134 lines
3.9 KiB
YAML
---
|
|
- name: Manage the Influxdata repository and packages
|
|
block:
|
|
- name: Install the deb repo key
|
|
apt_key:
|
|
url: '{{ influxdb_repo_key }}'
|
|
state: present
|
|
|
|
- name: Install the deb repository
|
|
apt_repository:
|
|
repo: '{{ influxdb_deb_repo }}'
|
|
state: present
|
|
update_cache: true
|
|
|
|
- name: Install the influxdb deb package
|
|
apt:
|
|
pkg: '{{ influxdb_pkgs }}'
|
|
state: present
|
|
cache_valid_time: 1800
|
|
|
|
when: ansible_distribution_file_variety == "Debian"
|
|
tags: ['influxdb', 'influxdb_repository']
|
|
|
|
- name: Manage the Influxd configuration
|
|
block:
|
|
- name: Influxdb 1.x configuration {{ influxdb_config_file }}
|
|
ini_file:
|
|
path: '{{ influxdb_config_file }}'
|
|
section: '{{ item.section }}'
|
|
option: '{{ item.option }}'
|
|
value: '{{ item.value }}'
|
|
state: "{{ item.state | default('present') }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
loop: '{{ influxdb_config }}'
|
|
notify: restart influxdb
|
|
when: influxdb_major_version < 2
|
|
|
|
- name: Influxdb 2+ configuration {{ influxdb_2_config_file }}
|
|
lineinfile:
|
|
path: '{{ influxdb_2_config_file }}'
|
|
regexp: '^{{ item.option }}\s'
|
|
line: '{{ item.option }} = "{{ item.value }}"'
|
|
state: "{{ item.state | default('present') }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
create: true
|
|
loop: '{{ influxdb_2_config }}'
|
|
notify: restart influxdb
|
|
when: influxdb_major_version < 2
|
|
|
|
tags: ['influxdb', 'influxdb_config']
|
|
|
|
- name: Letsencrypt tls management
|
|
block:
|
|
- name: Create the acme hooks directory if it does not yet exist
|
|
file:
|
|
dest: '{{ letsencrypt_acme_services_scripts_dir }}'
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Create the influxdb certificate directory
|
|
file:
|
|
dest: '{{ influxdb_tls_cert_dir }}'
|
|
state: directory
|
|
owner: root
|
|
group: influxdb
|
|
mode: 0750
|
|
|
|
- name: Copy the key file where influxdb expects it
|
|
copy:
|
|
src: '{{ letsencrypt_acme_sh_certificates_install_path }}/privkey'
|
|
dest: '{{ influxdb_tls_key_path }}'
|
|
owner: root
|
|
group: influxdb
|
|
mode: 0640
|
|
remote_src: true
|
|
notify: restart influxdb
|
|
|
|
- name: Influxdb 1.x configuration for TLS {{ influxdb_config_file }}
|
|
ini_file:
|
|
path: '{{ influxdb_config_file }}'
|
|
section: '{{ item.section }}'
|
|
option: '{{ item.option }}'
|
|
value: '{{ item.value }}'
|
|
state: "{{ item.state | default('present') }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
loop: '{{ influxdb_tls_config }}'
|
|
notify: restart influxdb
|
|
when: influxdb_major_version < 2
|
|
|
|
- name: Influxdb 2+ configuration for TLS {{ influxdb_2_config_file }}
|
|
lineinfile:
|
|
path: '{{ influxdb_2_config_file }}'
|
|
regexp: '^{{ item.option }}\s'
|
|
line: '{{ item.option }} = "{{ item.value }}"'
|
|
state: "{{ item.state | default('present') }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
create: true
|
|
loop: '{{ influxdb_2_tls_config }}'
|
|
notify: restart influxdb
|
|
when: influxdb_major_version < 2
|
|
|
|
- name: Install a script that fixes the letsencrypt certificate for influxdb and then restarts the service
|
|
template:
|
|
src: influxdb-letsencrypt-hook.j2
|
|
dest: '{{ letsencrypt_acme_services_scripts_dir }}/influxdb'
|
|
owner: root
|
|
group: root
|
|
mode: 4555
|
|
|
|
when:
|
|
- influxdb_tls_enabled
|
|
- influxdb_tls_letsencrypt_managed
|
|
- letsencrypt_acme_install
|
|
tags: ['influxdb', 'letsencrypt', 'influxdb_letsencrypt']
|
|
|
|
- name: Manage the Influxdata repository and packages
|
|
block:
|
|
- name: Ensure that influxdb is enabled and running
|
|
service:
|
|
name: influxd
|
|
state: started
|
|
enabled: true
|
|
|
|
tags: ['influxdb', 'influxdb_repository']
|