From a53c4aec720e4e9b098662c94602e96f0db8aa98 Mon Sep 17 00:00:00 2001
From: Thedro Neely <thedroneely@gmail.com>
Date: Mon, 30 Dec 2019 02:43:48 -0500
Subject: roles/vault/main.yml: Cleanup Wait for services to become active
 before restarting

---
 roles/vault/main.yml | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

(limited to 'roles/vault')

diff --git a/roles/vault/main.yml b/roles/vault/main.yml
index 06e45f3..87c7326 100644
--- a/roles/vault/main.yml
+++ b/roles/vault/main.yml
@@ -24,17 +24,13 @@
         - sudo
         - supervisor
         - libcap
+        - unzip
   - block:
-    - name: Downloading application
-      get_url:
-        url: "https://releases.hashicorp.com/vault/{{ version }}/vault_{{ version }}_linux_amd64.zip"
+    - name: Downloading and extracting application
+      unarchive:
+        src: "https://releases.hashicorp.com/vault/{{ version }}/vault_{{ version }}_linux_amd64.zip"
         dest: "{{ deploy_path }}"
-    - name: Extracting the application
-      shell: unzip vault_{{ version }}_linux_amd64.zip
-      args: 
-        chdir: "{{ deploy_path }}"
-        creates: vault
-        warn: false
+        remote_src: yes
     - name: Creating data folder
       file:
         path: "{{ deploy_path }}/data"
@@ -44,13 +40,11 @@
       copy:
         src: config.json
         dest: "{{ deploy_path }}"
-        owner: "{{ username }}"
-        group: "{{ username }}"
         mode: '0644'
       register: vaultConfig
     become: true
     become_user: "{{ username }}"
-  - name: Allowing program to call mlock
+  - name: Allowing application to call mlock
     capabilities:
       path: "{{ deploy_path }}/vault"
       capability: cap_ipc_lock=+ep
@@ -59,14 +53,16 @@
     copy:
       src: supervisord.conf
       dest: /etc/supervisord.conf
-      owner: root
-      group: root
       mode: '0644'
     register: supervisorConfig
-  - name: Ensuring supervisord has been started
+  - name: Ensuring supervisord has been started and enabled
     service:
       name: supervisord
       state: started
+      enabled: yes
+  - name: Waiting for supervisor to become active
+    wait_for:
+      port: 9100
   - name: Restarting supervisord due to config change
     service:
       name: supervisord
@@ -76,6 +72,9 @@
     supervisorctl:
       name: vault
       state: started
+  - name: Waiting for application to become active
+    wait_for:
+      port: 8100
   - name: Restarting vault due to config change
     supervisorctl:
       name: vault
-- 
cgit v1.2.3