first commit

roles/seaweed/tasks/main.yaml

@@ -0,0 +1,115 @@
+- name: Download and Install SeaweedFS
+  include_tasks: download.yaml
+
+- name: Create system user for SeaweedFS
+  user:
+    name: "{{ seaweed_user }}"
+    shell: /usr/sbin/nologin
+    system: yes
+    create_home: no
+
+- name: Create SeaweedFS configuration directory
+  file:
+    path: "{{ seaweed_config_dir }}"
+    state: directory
+    mode: '0755'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+
+- name: Create SeaweedFS data directory
+  file:
+    path: "{{ seaweed_data_dir }}"
+    state: directory
+    mode: '0755'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+
+- name: Create SeaweedFS log directory
+  file:
+    path: "{{ seaweed_log_dir }}"
+    state: directory
+    mode: '0755'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+
+- name: Create SeaweedFS data directories
+  file:
+    path: "{{ seaweed_data_dir }}/{{ item.name }}"
+    state: directory
+    mode: '0755'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+  loop: "{{ seaweed_services }}"
+
+- name: Create certificates
+  include_tasks: certificates.yaml
+
+- name: Generate seaweed JWT signing secrets
+  set_fact:
+    seaweed_jwt_signing: "{{ lookup('password', '/dev/null length=64 chars=ascii_letters,digits') }}"
+    seaweed_jwt_filer_signing: "{{ lookup('password', '/dev/null length=64 chars=ascii_letters,digits') }}"
+
+- name: Configure security configuration
+  template:
+    src: security.toml.j2
+    dest: "{{ seaweed_config_dir }}/security.toml"
+    mode: '0644'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+  vars:
+    seaweed_master_cert: "{{ seaweed_cert_dir }}/master01.crt"
+    seaweed_master_key: "{{ seaweed_cert_dir }}/master01.key"
+    seaweed_volume_cert: "{{ seaweed_cert_dir }}/volume01.crt"
+    seaweed_volume_key: "{{ seaweed_cert_dir }}/volume01.key"
+    seaweed_filer_cert: "{{ seaweed_cert_dir }}/filer01.crt"
+    seaweed_filer_key: "{{ seaweed_cert_dir }}/filer01.key"
+    seaweed_client_cert: "{{ seaweed_cert_dir }}/client01.crt"
+    seaweed_client_key: "{{ seaweed_cert_dir }}/client01.key"
+
+- name: Configure filer
+  template:
+    src: filer.toml.j2
+    dest: "{{ seaweed_config_dir }}/filer.toml"
+    mode: '0644'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+
+- name: Generate S3 access key
+  set_fact:
+    s3_access_key: "{{ lookup('password', '/dev/null length=20 chars=ascii_letters,digits') }}"
+
+- name: Generate S3 secret key
+  set_fact:
+    s3_secret_key: "{{ lookup('password', '/dev/null length=40 chars=ascii_letters,digits') }}"
+
+- name: Configure s3
+  template:
+    src: s3.json.j2
+    dest: "{{ seaweed_config_dir }}/s3.json"
+    mode: '0644'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+
+- name: Install SeaweedFS services
+  template:
+    src: seaweed.service.j2
+    dest: "/etc/systemd/system/seaweed-{{ item.name }}.service"
+    mode: '0644'
+    owner: "{{ seaweed_user }}"
+    group: "{{ seaweed_group }}"
+  loop: "{{ seaweed_services }}"
+  vars:
+    seaweed_service: "{{ item.name }}"
+    seaweed_command: "{{ item.name }}"
+    seaweed_args: "{{ item.args }}"
+
+- name: Reload systemd daemon
+  systemd:
+    daemon_reload: yes
+
+- name: Enable and start SeaweedFS services
+  systemd:
+    name: "seaweed-{{ item.name }}"
+    enabled: yes
+    state: restarted
+  loop: "{{ seaweed_services }}"