diff options
| author | Thedro Neely <thedroneely@gmail.com> | 2019-12-30 02:43:48 -0500 |
|---|---|---|
| committer | Thedro Neely <thedroneely@gmail.com> | 2019-12-30 02:43:48 -0500 |
| commit | a53c4aec720e4e9b098662c94602e96f0db8aa98 (patch) | |
| tree | 904eac412682532b2a2ae7a03b64255fe9d523ae /roles/vault | |
| parent | a5052fffec5686350bb7ce438632df44ba1374a5 (diff) | |
| download | playbooks-a53c4aec720e4e9b098662c94602e96f0db8aa98.tar.gz playbooks-a53c4aec720e4e9b098662c94602e96f0db8aa98.tar.bz2 playbooks-a53c4aec720e4e9b098662c94602e96f0db8aa98.zip | |
roles/vault/main.yml: Cleanup
Wait for services to become active before restarting
Diffstat (limited to 'roles/vault')
| -rw-r--r-- | roles/vault/main.yml | 29 |
1 files changed, 14 insertions, 15 deletions
diff --git a/roles/vault/main.yml b/roles/vault/main.yml index 06e45f3..87c7326 100644 --- a/roles/vault/main.yml +++ b/roles/vault/main.yml @@ -24,17 +24,13 @@ - sudo - supervisor - libcap + - unzip - block: - - name: Downloading application - get_url: - url: "https://releases.hashicorp.com/vault/{{ version }}/vault_{{ version }}_linux_amd64.zip" + - name: Downloading and extracting application + unarchive: + src: "https://releases.hashicorp.com/vault/{{ version }}/vault_{{ version }}_linux_amd64.zip" dest: "{{ deploy_path }}" - - name: Extracting the application - shell: unzip vault_{{ version }}_linux_amd64.zip - args: - chdir: "{{ deploy_path }}" - creates: vault - warn: false + remote_src: yes - name: Creating data folder file: path: "{{ deploy_path }}/data" @@ -44,13 +40,11 @@ copy: src: config.json dest: "{{ deploy_path }}" - owner: "{{ username }}" - group: "{{ username }}" mode: '0644' register: vaultConfig become: true become_user: "{{ username }}" - - name: Allowing program to call mlock + - name: Allowing application to call mlock capabilities: path: "{{ deploy_path }}/vault" capability: cap_ipc_lock=+ep @@ -59,14 +53,16 @@ copy: src: supervisord.conf dest: /etc/supervisord.conf - owner: root - group: root mode: '0644' register: supervisorConfig - - name: Ensuring supervisord has been started + - name: Ensuring supervisord has been started and enabled service: name: supervisord state: started + enabled: yes + - name: Waiting for supervisor to become active + wait_for: + port: 9100 - name: Restarting supervisord due to config change service: name: supervisord @@ -76,6 +72,9 @@ supervisorctl: name: vault state: started + - name: Waiting for application to become active + wait_for: + port: 8100 - name: Restarting vault due to config change supervisorctl: name: vault |