71 lines
2.2 KiB
YAML
71 lines
2.2 KiB
YAML
- name: Ensure data directories exist
|
|
ansible.builtin.file:
|
|
path: "{{ container_lldap_directory }}/{{ item }}"
|
|
state: directory
|
|
mode: '0755'
|
|
loop:
|
|
- "data"
|
|
- "secrets"
|
|
become: false
|
|
|
|
- name: Check if jwt_secret file exists
|
|
ansible.builtin.stat:
|
|
path: "{{ container_lldap_directory }}/secrets/jwt_secret"
|
|
register: jwt_secret_stat
|
|
|
|
- name: Check if key_seed file exists
|
|
ansible.builtin.stat:
|
|
path: "{{ container_lldap_directory }}/secrets/key_seed"
|
|
register: key_seed_stat
|
|
|
|
- name: Generate JWT secret if not exists
|
|
set_fact:
|
|
jwt_secret: "{{ lookup('community.general.random_string', 'length=32 upper=true lower=true digits=true special=true override_special=!#%&()*+,-./:;<=>?@[]^_{|}~') }}"
|
|
when: not jwt_secret_stat.stat.exists
|
|
run_once: true
|
|
|
|
- name: Generate Key Seed if not exists
|
|
set_fact:
|
|
key_seed: "{{ lookup('community.general.random_string', 'length=32 upper=true lower=true digits=true special=true override_special=!#%&()*+,-./:;<=>?@[]^_{|}~') }}"
|
|
when: not key_seed_stat.stat.exists
|
|
run_once: true
|
|
|
|
- name: Copy JWT secret to host if generated
|
|
ansible.builtin.copy:
|
|
content: "{{ jwt_secret }}"
|
|
dest: "{{ container_lldap_directory }}/secrets/jwt_secret"
|
|
mode: '0644'
|
|
when: jwt_secret is defined
|
|
become: false
|
|
|
|
- name: Copy Key Seed to host if generated
|
|
ansible.builtin.copy:
|
|
content: "{{ key_seed }}"
|
|
dest: "{{ container_lldap_directory }}/secrets/key_seed"
|
|
mode: '0644'
|
|
when: key_seed is defined
|
|
become: false
|
|
|
|
- name: Write LDAP admin user password to file if not exists
|
|
ansible.builtin.copy:
|
|
content: "{{ container_lldap_ldap_user_pass }}"
|
|
dest: "{{ container_lldap_directory }}/secrets/ldap_user_pass"
|
|
mode: '0644'
|
|
become: false
|
|
|
|
- name: Deploy Docker Compose and .env files
|
|
ansible.builtin.template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ container_lldap_directory }}/{{ item.dest }}"
|
|
mode: '0644'
|
|
loop:
|
|
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
|
- { src: '.env.j2', dest: '.env' }
|
|
become: false
|
|
|
|
- name: Start Container
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ container_lldap_directory }}"
|
|
pull: always
|
|
docker_host: "unix:///run/user/1000/docker.sock"
|
|
become: false
|