--- # Copyright 2014, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: create the system group group: name: "{{ nova_system_group_name }}" gid: "{{ nova_system_group_gid|default(omit) }}" state: "present" system: "yes" tags: - nova-group - name: Remove old key file(s) if found file: path: "{{ item }}" state: "absent" with_items: - "{{ nova_system_home_folder }}/.ssh/authorized_keys" - "{{ nova_system_home_folder }}/.ssh/id_rsa" - "{{ nova_system_home_folder }}/.ssh/id_rsa.pub" when: - nova_recreate_keys | bool tags: - nova-key - nova-key-create - name: Create the nova system user user: name: "{{ nova_system_user_name }}" uid: "{{ nova_system_user_uid|default(omit) }}" group: "{{ nova_system_group_name }}" comment: "{{ nova_system_comment }}" shell: "{{ nova_system_shell }}" system: "yes" createhome: "yes" home: "{{ nova_system_home_folder }}" generate_ssh_key: "yes" tags: - nova-user - nova-key - nova-key-create - name: Create Nova NFS mount point(s) file: path: "{{ item.local_path }}" state: directory mode: "0755" with_items: "{{ nova_nfs_client }}" tags: - nova-dirs # NOTE(cloudnull): During an upgrade the local directory may exist on a source # install. If the directory does exist it will need to be # removed. This is required on source installs because the # config directory is a link. - name: Source config block block: - name: Stat config directory stat: path: "/etc/nova" register: nova_conf_dir_stat - name: Remove the config directory file: path: "/etc/nova" state: absent when: - nova_conf_dir_stat.stat.isdir is defined and nova_conf_dir_stat.stat.isdir when: - nova_install_method == 'source' - name: Create nova dir file: path: "{{ item.path | default(omit) }}" src: "{{ item.src | default(omit) }}" dest: "{{ item.dest | default(omit) }}" state: "{{ item.state | default('directory') }}" owner: "{{ item.owner|default(nova_system_user_name) }}" group: "{{ item.group|default(nova_system_group_name) }}" mode: "{{ item.mode | default('0755') }}" force: "{{ item.force | default(omit) }}" when: - (item.condition | default(true)) | bool - item.path not in nova_mount_points with_items: - path: "/openstack" owner: "root" group: "root" - path: "{{ (nova_install_method == 'distro') | ternary('/etc/nova', (nova_bin | dirname) + '/etc/nova') }}" mode: "0755" # NOTE(cloudnull): The "src" path is relative. This ensures all files remain # within the host/container confines when connecting to # them using the connection plugin or the root filesystem. - dest: "/etc/nova" src: "{{ nova_bin | dirname | regex_replace('^/', '../') }}/etc/nova" state: link force: true condition: "{{ nova_install_method == 'source' }}" - path: "/etc/sudoers.d" mode: "0750" owner: "root" group: "root" - path: "/var/cache/nova" - path: "{{ nova_system_home_folder }}" - path: "{{ nova_system_home_folder }}/.ssh" mode: "0700" - path: "{{ nova_system_home_folder }}/cache/api" - path: "{{ nova_system_home_folder }}/instances" - path: "{{ nova_lock_path }}" - path: "/var/run/nova" tags: - nova-dirs - name: Test for log directory or link shell: | if [ -h "{{ nova_log_dir }}" ]; then chown -h {{ nova_system_user_name }}:{{ nova_system_group_name }} "{{ nova_log_dir }}" chown -R {{ nova_system_user_name }}:{{ nova_system_group_name }} "$(readlink {{ nova_log_dir }})" else exit 1 fi register: log_dir failed_when: false changed_when: log_dir.rc != 0 tags: - nova-dirs - nova-logs - name: Create nova log dir file: path: "{{ nova_log_dir }}" state: directory owner: "{{ nova_system_user_name }}" group: "{{ nova_system_group_name }}" mode: "0755" when: - log_dir.rc != 0 tags: - nova-dirs - nova-logs - name: Drop sudoers file template: src: "sudoers.j2" dest: "/etc/sudoers.d/{{ nova_system_user_name }}_sudoers" mode: "0440" owner: "root" group: "root" tags: - sudoers - nova-sudoers - name: Set default nova console for ppc64le set_fact: nova_console_type: "novnc" when: ansible_architecture == 'ppc64le'