156 lines
4.9 KiB
YAML
156 lines
4.9 KiB
YAML
---
|
|
|
|
- name: Install needed tools
|
|
package:
|
|
name:
|
|
- tar
|
|
- zstd
|
|
- unzip
|
|
- acl
|
|
tags: nomad
|
|
|
|
- name: Install task driver packages
|
|
package: name={{ nomad_task_driver_packages[item] }}
|
|
loop: "{{ nomad_enabled_task_drivers }}"
|
|
when: nomad_task_driver_packages[item] is defined and nomad_conf.client.enabled
|
|
notify: restart nomad
|
|
tags: nomad
|
|
|
|
- when: nomad_install_mode == 'upgrade'
|
|
name: Clear plugin dir on upgrades
|
|
file: path={{ nomad_root_dir }}/plugins state={{ item }} owner={{ nomad_user }} group={{ nomad_user }}
|
|
loop:
|
|
- absent
|
|
- directory
|
|
tags: nomad
|
|
|
|
- when: nomad_install_mode != 'none'
|
|
block:
|
|
- name: Download nomad
|
|
get_url:
|
|
url: "{{ nomad_archive_url }}"
|
|
dest: "{{ nomad_root_dir }}/tmp"
|
|
checksum: sha256:{{ nomad_archive_sha256 }}
|
|
|
|
- name: Extract the archive
|
|
unarchive:
|
|
src: "{{ nomad_root_dir }}/tmp/nomad_{{ nomad_version }}_linux_amd64.zip"
|
|
dest: "{{ nomad_root_dir }}/tmp"
|
|
remote_src: True
|
|
|
|
- name: Install nomad binary
|
|
copy:
|
|
src: "{{ nomad_root_dir }}/tmp/nomad"
|
|
dest: "{{ nomad_root_dir }}/bin/nomad"
|
|
remote_src: True
|
|
mode: 755
|
|
notify: restart nomad
|
|
|
|
- name: Link in /usr/local/bin
|
|
file: src={{ nomad_root_dir }}/bin/nomad dest=/usr/local/bin/nomad state=link force=True
|
|
|
|
tags: nomad
|
|
|
|
- when: nomad_install_mode != 'none' and nomad_conf.client.enabled
|
|
block:
|
|
|
|
- name: Download plugins
|
|
get_url:
|
|
url: "{{ nomad_plugins[item].archive_url }}"
|
|
dest: "{{ nomad_root_dir }}/tmp"
|
|
checksum: sha256:{{ nomad_plugins[item].sha256 }}
|
|
register: nomad_plugin_dl
|
|
loop: "{{ nomad_plugins.keys() | list }}"
|
|
|
|
- name: Extract nomad plugins
|
|
unarchive:
|
|
src: "{{ item.dest }}"
|
|
dest: "{{ nomad_root_dir }}/plugins/"
|
|
remote_src: True
|
|
loop: "{{ nomad_plugin_dl.results }}"
|
|
when: item.dest | basename | splitext | last in ['.zip','.tgz', '.txz', '.tar.gz', '.tar.xz']
|
|
notify: restart nomad
|
|
|
|
- name: Copy nomad plugins
|
|
copy:
|
|
src: "{{ item.dest }}"
|
|
dest: "{{ nomad_root_dir }}/plugins/"
|
|
remote_src: True
|
|
loop: "{{ nomad_plugin_dl.results }}"
|
|
when: item.dest | basename | splitext | last not in ['.zip','.tgz', '.txz', '.tar.gz', '.tar.xz']
|
|
notify: restart nomad
|
|
|
|
- name: List installed plugins
|
|
command: ls {{ nomad_root_dir }}/plugins/
|
|
register: nomad_installed_plugins
|
|
changed_when: False
|
|
|
|
- name: Set permissions on plugins
|
|
file: path={{ nomad_root_dir }}/plugins/{{ item }} owner=root group=root mode=755
|
|
loop: "{{ nomad_installed_plugins.stdout_lines }}"
|
|
|
|
tags: nomad
|
|
|
|
# Nomad looks for the qemu-system-x86_64 bin in $PATH
|
|
# so it needs to be available for Nomad to detect it
|
|
- name: Link qemu-kvm to qemu-system-x86_64
|
|
file:
|
|
src: /usr/libexec/qemu-kvm
|
|
dest: /usr/local/bin/qemu-system-x86_64
|
|
state: link
|
|
when: nomad_conf.client.enabled and 'qemu' in nomad_enabled_task_drivers
|
|
tags: nomad
|
|
|
|
- name: Install bash completion support
|
|
copy:
|
|
content: |
|
|
complete -C {{ nomad_root_dir }}/bin/nomad nomad
|
|
dest: /etc/bash_completion.d/nomad
|
|
mode: 0644
|
|
tags: nomad
|
|
|
|
- name: Deploy systemd service unit
|
|
template: src=nomad.service.j2 dest=/etc/systemd/system/nomad.service
|
|
register: nomad_unit
|
|
notify: restart nomad
|
|
tags: nomad
|
|
|
|
- name: Install consul-template unit
|
|
template: src=consul-template-nomad.service.j2 dest=/etc/systemd/system/consul-template-nomad.service
|
|
register: nomad_consul_tpl_unit
|
|
notify: restart consul-template-nomad
|
|
when: nomad_vault_secrets.pki.enabled or nomad_vault_secrets.consul_pki.enabled
|
|
tags: nomad
|
|
|
|
- name: Install backup hooks
|
|
template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/nomad mode=755
|
|
loop:
|
|
- pre
|
|
- post
|
|
tags: nomad
|
|
|
|
- name: Install iptables cleanup script
|
|
copy: src=iptables_cleanup.pl dest={{ nomad_root_dir }}/bin/iptables_cleanup.pl mode=755
|
|
tags: nomad
|
|
|
|
- name: Install iptables-nomad-cleanup unit
|
|
template: src=iptables-nomad-cleanup.service.j2 dest=/etc/systemd/system/iptables-nomad-cleanup.service
|
|
register: nomad_ipt_cleanup_unit
|
|
tags: nomad
|
|
|
|
- name: Reload systemd
|
|
systemd: daemon_reload=True
|
|
when: nomad_unit.changed or nomad_ipt_cleanup_unit.changed or (nomad_consul_tpl_unit is defined and nomad_consul_tpl_unit.changed)
|
|
tags: nomad
|
|
|
|
# This is needed for containers to be able to reach their own services through the host published port
|
|
- name: Install a script to set nomad bridge in promisc mode
|
|
copy: src=50-nomad-promisc dest=/etc/NetworkManager/dispatcher.d/50-nomad-promisc mode=755
|
|
tags: nomad
|
|
|
|
- name: Create host_volume directories
|
|
file: path={{ item.path }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
|
|
loop: "{{ nomad_conf.client.host_volumes | default([]) }}"
|
|
when: item.create | default(False)
|
|
tags: nomad
|