115 lines
3.3 KiB
YAML
115 lines
3.3 KiB
YAML
- name: Download and Install SeaweedFS
|
|
include_tasks: download.yaml
|
|
|
|
- name: Create system user for SeaweedFS
|
|
user:
|
|
name: "{{ seaweed_user }}"
|
|
shell: /usr/sbin/nologin
|
|
system: yes
|
|
create_home: no
|
|
|
|
- name: Create SeaweedFS configuration directory
|
|
file:
|
|
path: "{{ seaweed_config_dir }}"
|
|
state: directory
|
|
mode: '0755'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
|
|
- name: Create SeaweedFS data directory
|
|
file:
|
|
path: "{{ seaweed_data_dir }}"
|
|
state: directory
|
|
mode: '0755'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
|
|
- name: Create SeaweedFS log directory
|
|
file:
|
|
path: "{{ seaweed_log_dir }}"
|
|
state: directory
|
|
mode: '0755'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
|
|
- name: Create SeaweedFS data directories
|
|
file:
|
|
path: "{{ seaweed_data_dir }}/{{ item.name }}"
|
|
state: directory
|
|
mode: '0755'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
loop: "{{ seaweed_services }}"
|
|
|
|
- name: Create certificates
|
|
include_tasks: certificates.yaml
|
|
|
|
- name: Generate seaweed JWT signing secrets
|
|
set_fact:
|
|
seaweed_jwt_signing: "{{ lookup('password', '/dev/null length=64 chars=ascii_letters,digits') }}"
|
|
seaweed_jwt_filer_signing: "{{ lookup('password', '/dev/null length=64 chars=ascii_letters,digits') }}"
|
|
|
|
- name: Configure security configuration
|
|
template:
|
|
src: security.toml.j2
|
|
dest: "{{ seaweed_config_dir }}/security.toml"
|
|
mode: '0644'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
vars:
|
|
seaweed_master_cert: "{{ seaweed_cert_dir }}/master01.crt"
|
|
seaweed_master_key: "{{ seaweed_cert_dir }}/master01.key"
|
|
seaweed_volume_cert: "{{ seaweed_cert_dir }}/volume01.crt"
|
|
seaweed_volume_key: "{{ seaweed_cert_dir }}/volume01.key"
|
|
seaweed_filer_cert: "{{ seaweed_cert_dir }}/filer01.crt"
|
|
seaweed_filer_key: "{{ seaweed_cert_dir }}/filer01.key"
|
|
seaweed_client_cert: "{{ seaweed_cert_dir }}/client01.crt"
|
|
seaweed_client_key: "{{ seaweed_cert_dir }}/client01.key"
|
|
|
|
- name: Configure filer
|
|
template:
|
|
src: filer.toml.j2
|
|
dest: "{{ seaweed_config_dir }}/filer.toml"
|
|
mode: '0644'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
|
|
- name: Generate S3 access key
|
|
set_fact:
|
|
s3_access_key: "{{ lookup('password', '/dev/null length=20 chars=ascii_letters,digits') }}"
|
|
|
|
- name: Generate S3 secret key
|
|
set_fact:
|
|
s3_secret_key: "{{ lookup('password', '/dev/null length=40 chars=ascii_letters,digits') }}"
|
|
|
|
- name: Configure s3
|
|
template:
|
|
src: s3.json.j2
|
|
dest: "{{ seaweed_config_dir }}/s3.json"
|
|
mode: '0644'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
|
|
- name: Install SeaweedFS services
|
|
template:
|
|
src: seaweed.service.j2
|
|
dest: "/etc/systemd/system/seaweed-{{ item.name }}.service"
|
|
mode: '0644'
|
|
owner: "{{ seaweed_user }}"
|
|
group: "{{ seaweed_group }}"
|
|
loop: "{{ seaweed_services }}"
|
|
vars:
|
|
seaweed_service: "{{ item.name }}"
|
|
seaweed_command: "{{ item.name }}"
|
|
seaweed_args: "{{ item.args }}"
|
|
|
|
- name: Reload systemd daemon
|
|
systemd:
|
|
daemon_reload: yes
|
|
|
|
- name: Enable and start SeaweedFS services
|
|
systemd:
|
|
name: "seaweed-{{ item.name }}"
|
|
enabled: yes
|
|
state: restarted
|
|
loop: "{{ seaweed_services }}" |