Commit 509993ff authored by Thorstein Buind Nordby's avatar Thorstein Buind Nordby
Browse files

Updated and tested to work with awx 9.2.0

parent 366f35d4
......@@ -16,6 +16,7 @@ awx_web_ssl_key_folder: /etc/ssl/private #the destination on the host where we'l
awx_awx_password: password # Admin password for logging in to AWX (you'll want to encrypt this)
awx_postgres_password: password # Password for postgres database (you'll want to encrypt this)
awx_rabbitmq_password: password # Password for rabbitmq (you'll want to encrypt this)
awx_secret_key: verysecretkey #Ansible secret key used to decrypt secrets. You'll definitly want to encrypt this.
awx_docker_registry: "" # If not using official docker registry, use this variable to define internal registry
......@@ -25,6 +26,7 @@ awx_docker_registry: "" # If not using official docker registry, use this variab
setup_epel: true #set to fale if setting up epel from other places than official yum !# REMOVE THIS AND PUT EPEL AS A REQUIREMENT
awx_required_pip_dependencies: # Required pip packages
- pip
- pyOpenSSL
- docker
- docker-compose
......
---
# handlers file for ansible-role-awx-docker
- name: Make pem from self-signed
shell: cat {{ awx_web_ssl_key_folder }}/{{ inventory_hostname }}.key {{ awx_web_ssl_cert_folder }}/{{ inventory_hostname }}.crt > {{ awx_web_ssl_cert_folder }}/{{ inventory_hostname }}.pem # noqa 204
\ No newline at end of file
---
- name: Change memcached docker registry
lineinfile:
path: "{{ awx_repo_dir }}/installer/roles/local_docker/defaults/main.yml"
......
......@@ -14,4 +14,22 @@
command: "ansible-playbook -i inventory install.yml -e postgres_data_dir={{ awx_postgres_data_dir }}"
args:
chdir: "{{ awx_repo_dir }}/installer"
when: awx_docker_registry == ""
\ No newline at end of file
when: awx_docker_registry == ""
- name: Set SELinux label
sefcontext:
target: '{{ awx_compose_dir }}(/.*)?'
setype: container_file_t
state: present
when: ansible_os_family == "RedHat"
register: selinux_change
- name: Apply new SELinux file context to filesystem
command: restorecon -irv {{ awx_compose_dir }}
when: selinux_change.changed
- name: restart the containers
docker_compose:
restarted: yes
project_src: '{{ awx_compose_dir }}'
when: selinux_change.changed
......@@ -30,11 +30,27 @@
privatekey_path: "{{ awx_web_ssl_key_folder }}/{{ inventory_hostname }}.key"
csr_path: "{{ awx_web_ssl_cert_folder }}/csr/{{ inventory_hostname }}.csr"
provider: selfsigned
notify: Make pem from self-signed
register: cert_created
- name: Make pem from self-signed
shell: cat {{ awx_web_ssl_key_folder }}/{{ inventory_hostname }}.key {{ awx_web_ssl_cert_folder }}/{{ inventory_hostname }}.crt > {{ awx_web_ssl_cert_folder }}/{{ inventory_hostname }}.pem # noqa 204
when: cert_created.changed
- name: Add cert to awx inventory file
lineinfile:
path: "{{ awx_repo_dir }}/installer/inventory"
line: "ssl_certificate={{ awx_web_ssl_cert_folder }}/{{ inventory_hostname }}.pem"
state: present
- name: Fix SElinux for certs
sefcontext:
target: '{{ awx_web_ssl_cert_folder }}/{{ inventory_hostname }}.pem'
setype: container_file_t
state: present
when: ansible_os_family == "RedHat"
register: ssl_selinux
- name: Apply new SELinux file context to filesystem
command: restorecon -irv {{ awx_web_ssl_cert_folder }}/{{ inventory_hostname }}.pem
when: ssl_selinux.changed
...
......@@ -20,7 +20,7 @@
- name: Install required pip packages
pip:
name: '{{ item }}'
state: present
state: latest
loop: '{{ awx_required_pip_dependencies|flatten(levels=1) }}'
- name: Clone AWX into configured directory.
......@@ -56,6 +56,12 @@
- awx_web_ssl_cert
- awx_web_ssl_key
- name: Ensure docker service is running
systemd:
name: docker
state: started
enabled: yes
- name: Setup awx
include: awx-install.yml
...
\ No newline at end of file
......@@ -6,4 +6,6 @@ passwords:
- regexp: '^pg_password='
line: "pg_password='{{ awx_postgres_password }}'"
- regexp: '^rabbitmq_password='
line: "rabbitmq_password='{{ awx_rabbitmq_password }}'"
\ No newline at end of file
line: "rabbitmq_password='{{ awx_rabbitmq_password }}'"
- regexp: '^secret_key='
line: "secret_key='{{ awx_secret_key }}'"
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment