From caab75121529d8068b4dcc83f2b2181dbb3e699e Mon Sep 17 00:00:00 2001 From: JoelKle <34544090+JoelKle@users.noreply.github.com> Date: Tue, 19 May 2020 09:26:03 +0200 Subject: [PATCH 1/2] Added the ability, to set the broadcast_websocket_secret variable. This is nessesary if you would like to rerun the playbook. Signed-off-by: JoelKle <34544090+JoelKle@users.noreply.github.com> --- installer/inventory | 5 +++++ installer/roles/kubernetes/tasks/main.yml | 1 + installer/roles/local_docker/tasks/main.yml | 1 + 3 files changed, 7 insertions(+) diff --git a/installer/inventory b/installer/inventory index 85a875eb0a..de001730eb 100644 --- a/installer/inventory +++ b/installer/inventory @@ -117,6 +117,11 @@ create_preload_data=True # your credentials secret_key=awxsecret +# By default a broadcast websocket secret will be generated. +# If you would like to *rerun the playbook*, you need to set a unique password. +# Otherwise it would generate a new one every playbook run. +# broadcast_websocket_secret= + # Build AWX with official logos # Requires cloning awx-logos repo as a sibling of this project. # Review the trademark guidelines at https://github.com/ansible/awx-logos/blob/master/TRADEMARKS.md diff --git a/installer/roles/kubernetes/tasks/main.yml b/installer/roles/kubernetes/tasks/main.yml index bb4065f211..6a9d9a2deb 100644 --- a/installer/roles/kubernetes/tasks/main.yml +++ b/installer/roles/kubernetes/tasks/main.yml @@ -4,6 +4,7 @@ broadcast_websocket_secret: "{{ lookup('password', '/dev/null', length=128) }}" run_once: true no_log: true + when: broadcast_websocket_secret is not defined - fail: msg: "Only set one of kubernetes_context or openshift_host" diff --git a/installer/roles/local_docker/tasks/main.yml b/installer/roles/local_docker/tasks/main.yml index ad87f16fb4..aab1260a36 100644 --- a/installer/roles/local_docker/tasks/main.yml +++ b/installer/roles/local_docker/tasks/main.yml @@ -4,6 +4,7 @@ broadcast_websocket_secret: "{{ lookup('password', '/dev/null', length=128) }}" run_once: true no_log: true + when: broadcast_websocket_secret is not defined - import_tasks: upgrade_postgres.yml when: From 699f1868904a6def505bf8b825c63b1dc3bc3c3e Mon Sep 17 00:00:00 2001 From: JoelKle <34544090+JoelKle@users.noreply.github.com> Date: Tue, 19 May 2020 09:26:30 +0200 Subject: [PATCH 2/2] Fixed a bug, where the redis.conf first would be stored with mod 0600 and in the next task changed to 0666. This has broke the ability to rerun the playbook. Signed-off-by: JoelKle <34544090+JoelKle@users.noreply.github.com> --- .../roles/local_docker/tasks/compose.yml | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/installer/roles/local_docker/tasks/compose.yml b/installer/roles/local_docker/tasks/compose.yml index 120b81cc1a..9a95ddabc3 100644 --- a/installer/roles/local_docker/tasks/compose.yml +++ b/installer/roles/local_docker/tasks/compose.yml @@ -12,22 +12,22 @@ - name: Create Docker Compose Configuration template: - src: "{{ item }}.j2" - dest: "{{ docker_compose_dir }}/{{ item }}" - mode: 0600 - with_items: - - environment.sh - - credentials.py - - docker-compose.yml - - nginx.conf - - redis.conf + src: "{{ item.file }}.j2" + dest: "{{ docker_compose_dir }}/{{ item.file }}" + mode: "{{ item.mode }}" + loop: + - file: environment.sh + mode: "0600" + - file: credentials.py + mode: "0600" + - file: docker-compose.yml + mode: "0600" + - file: nginx.conf + mode: "0600" + - file: redis.conf + mode: "0664" register: awx_compose_config -- name: Set redis config to other group readable to satisfy redis-server - file: - path: "{{ docker_compose_dir }}/redis.conf" - mode: 0666 - - name: Render SECRET_KEY file copy: content: "{{ secret_key }}"