---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ barbican_services }}"
- name: Ensuring vassals config directories exist
vars:
service: "{{ barbican_services['barbican-api'] }}"
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
with_items:
- "barbican-api/vassals"
- name: Check if policies shall be overwritten
stat:
path: "{{ item }}"
run_once: True
delegate_to: localhost
register: barbican_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/barbican/"
skip: true
- name: Set barbican policy file
set_fact:
barbican_policy_file: "{{ barbican_policy.results.0.stat.path | basename }}"
barbican_policy_file_path: "{{ barbican_policy.results.0.stat.path }}"
when:
- barbican_policy.results
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ barbican_services }}"
notify:
- Restart {{ item.key }} container
- name: Copying over barbican-api.ini
vars:
service: "{{ barbican_services['barbican-api'] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/barbican-api.ini.j2"
- "{{ node_custom_config }}/barbican-api/barbican-api.ini"
- "{{ node_custom_config }}/barbican-api/{{ inventory_hostname }}/barbican-api.ini"
dest: "{{ node_config_directory }}/barbican-api/vassals/barbican-api.ini"
mode: "0660"
become: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
notify:
- Restart barbican-api container
- name: Checking whether barbican-api-paste.ini file exists
vars:
service: "{{ barbican_services['barbican-api'] }}"
stat:
path: "{{ node_custom_config }}/barbican/barbican-api-paste.ini"
run_once: True
delegate_to: localhost
register: check_barbican_api_paste_ini
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
- name: Copying over barbican-api-paste.ini
vars:
service: "{{ barbican_services['barbican-api'] }}"
template:
src: "{{ node_custom_config }}/barbican/barbican-api-paste.ini"
dest: "{{ node_config_directory }}/barbican-api/barbican-api-paste.ini"
mode: "0660"
become: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
- check_barbican_api_paste_ini.stat.exists
notify:
- Restart barbican-api container
- name: Copying over barbican.conf
vars:
service_name: "{{ item.key }}"
merge_configs:
sources:
- "{{ role_path }}/templates/barbican.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/barbican.conf"
- "{{ node_custom_config }}/barbican/{{ item.key }}.conf"
- "{{ node_custom_config }}/barbican/{{ inventory_hostname }}/barbican.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/barbican.conf"
mode: "0660"
become: true
when:
- item.value.enabled | bool
- inventory_hostname in groups[item.value.group]
with_dict: "{{ barbican_services }}"
notify:
- Restart {{ item.key }} container
- name: Copying over existing policy file
template:
src: "{{ barbican_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ barbican_policy_file }}"
mode: "0660"
become: true
when:
- barbican_policy_file is defined
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ barbican_services }}"
notify:
- Restart {{ item.key }} container
- include_tasks: check-containers.yml
when: kolla_action != "config"