consul/tasks/config.yaml

67 lines
2.3 KiB
YAML

---
- name: Merge encrypt key with config for Consul
set_fact:
consul_config: "{{ consul_config | combine(consul_config_encrypt, recursive=true) }}"
vars:
consul_config_encrypt:
encrypt: "{{ consul_raw_key }}"
when:
- consul_config.encrypt is not defined
- name: Merge config for Consul server
when: inventory_hostname in groups[consul_server_group]
block:
- name: Merge config for Consul server
set_fact:
consul_config_combined: "{{ consul_default_config | combine(consul_config, recursive=true) }}"
- name: Merge SSL options for Consul server
set_fact:
consul_server_ssl_config_combined: "{{ consul_server_ssl_default_config | combine(consul_server_ssl_config, recursive=true) }}"
when: consul_ssl
- name: Merge SSL options with config for Consul server
set_fact:
consul_config_combined: "{{ consul_config_combined | combine(consul_server_ssl_config_combined, recursive=true) }}"
when: consul_ssl
- name: Merge config for Consul agent
when:
- groups[consul_agent_group] is defined
- inventory_hostname in groups[consul_agent_group]
block:
- name: Merge config for Consul agent
set_fact:
consul_config_combined: "{{ consul_default_config | combine(consul_config, recursive=true) }}"
- name: Merge SSL options for Consul agent
set_fact:
consul_agent_ssl_config_combined: "{{ consul_agent_ssl_default_config | combine(consul_agent_ssl_config, recursive=true) }}"
when: consul_ssl
- name: Merge SSL options with config for Consul agent
set_fact:
consul_config_combined: "{{ consul_config_combined | combine(consul_agent_ssl_config_combined, recursive=true) }}"
when: consul_ssl
- name: Propagate consul config
copy:
content: "{{ consul_config_combined | to_nice_json }}"
dest: "{{ consul_config_path }}/consul.json"
owner: "{{ consul_user }}"
group: "{{ consul_group }}"
mode: 0644
register: consul_config_file
notify: Restart consul
- name: Remove old files
file:
path: "{{ item }}"
state: absent
loop:
- "{{ consul_config_path }}/config.json"
- "{{ consul_data_path }}/serf/local.keyring"
- "{{ consul_data_path }}/serf/remote.keyring"
- "{{ consul_data_path }}/serf/local.snapshot"
when: consul_config_file.changed