diff --git a/handlers/main.yml b/handlers/main.yml index 23f6589..6c9f41b 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -3,20 +3,17 @@ - name: "Reload service file" ansible.builtin.systemd: daemon_reload: true - become: true listen: "systemctl-daemon-reload" - name: "Enable consul-certs service" ansible.builtin.service: name: consul-certs enabled: true - become: true listen: "systemctl-enable-consul-certs" - name: "Start consul-certs service" ansible.builtin.service: name: consul-certs state: restarted - become: true listen: "systemctl-restart-consul-certs" when: renew_consul_certificates_start_service diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index d9ad3ce..c1e3e1e 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_consul_certificates" ansible.builtin.include_role: diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index fb88717..f2e71c5 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group consul" ansible.builtin.group: name: "consul" state: present - become: true - name: "Create user consul" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "consul" shell: /bin/false state: present - become: true diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 300fcc7..7338f39 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -2,6 +2,7 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/consul" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/consul/consul_config.hcl" register: slurp_etc_consul_template_d_consul_consul_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/consul" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/consul-certs.service" register: slurp_etc_systemd_system_consul_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service consul-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_consul_certs_service.stat.exists diff --git a/molecule/default_vagrant/converge.yml b/molecule/default_vagrant/converge.yml index d9ad3ce..c1e3e1e 100644 --- a/molecule/default_vagrant/converge.yml +++ b/molecule/default_vagrant/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_consul_certificates" ansible.builtin.include_role: diff --git a/molecule/default_vagrant/prepare.yml b/molecule/default_vagrant/prepare.yml index fb88717..f2e71c5 100644 --- a/molecule/default_vagrant/prepare.yml +++ b/molecule/default_vagrant/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group consul" ansible.builtin.group: name: "consul" state: present - become: true - name: "Create user consul" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "consul" shell: /bin/false state: present - become: true diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_vagrant/verify.yml index 300fcc7..7338f39 100644 --- a/molecule/default_vagrant/verify.yml +++ b/molecule/default_vagrant/verify.yml @@ -2,6 +2,7 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/consul" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/consul/consul_config.hcl" register: slurp_etc_consul_template_d_consul_consul_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/consul" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/consul-certs.service" register: slurp_etc_systemd_system_consul_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service consul-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_consul_certs_service.stat.exists diff --git a/molecule/with_custom_config/converge.yml b/molecule/with_custom_config/converge.yml index d9ad3ce..c1e3e1e 100644 --- a/molecule/with_custom_config/converge.yml +++ b/molecule/with_custom_config/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_consul_certificates" ansible.builtin.include_role: diff --git a/molecule/with_custom_config/prepare.yml b/molecule/with_custom_config/prepare.yml index fb88717..f2e71c5 100644 --- a/molecule/with_custom_config/prepare.yml +++ b/molecule/with_custom_config/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group consul" ansible.builtin.group: name: "consul" state: present - become: true - name: "Create user consul" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "consul" shell: /bin/false state: present - become: true diff --git a/molecule/with_custom_config/verify.yml b/molecule/with_custom_config/verify.yml index 39d7a34..3056cd2 100644 --- a/molecule/with_custom_config/verify.yml +++ b/molecule/with_custom_config/verify.yml @@ -2,6 +2,7 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/consul" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/consul/consul_config.hcl" register: slurp_etc_consul_template_d_consul_consul_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/consul" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/consul-certs.service" register: slurp_etc_systemd_system_consul_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service consul-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_consul_certs_service.stat.exists diff --git a/molecule/with_custom_config_vagrant/converge.yml b/molecule/with_custom_config_vagrant/converge.yml index d9ad3ce..c1e3e1e 100644 --- a/molecule/with_custom_config_vagrant/converge.yml +++ b/molecule/with_custom_config_vagrant/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_consul_certificates" ansible.builtin.include_role: diff --git a/molecule/with_custom_config_vagrant/prepare.yml b/molecule/with_custom_config_vagrant/prepare.yml index fb88717..f2e71c5 100644 --- a/molecule/with_custom_config_vagrant/prepare.yml +++ b/molecule/with_custom_config_vagrant/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group consul" ansible.builtin.group: name: "consul" state: present - become: true - name: "Create user consul" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "consul" shell: /bin/false state: present - become: true diff --git a/molecule/with_custom_config_vagrant/verify.yml b/molecule/with_custom_config_vagrant/verify.yml index 39d7a34..3056cd2 100644 --- a/molecule/with_custom_config_vagrant/verify.yml +++ b/molecule/with_custom_config_vagrant/verify.yml @@ -2,6 +2,7 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/consul" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/consul/consul_config.hcl" register: slurp_etc_consul_template_d_consul_consul_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/consul" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/consul-certs.service" register: slurp_etc_systemd_system_consul_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service consul-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_consul_certs_service.stat.exists diff --git a/tasks/configure.yml b/tasks/configure.yml index 0c26971..7ef5491 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -1,7 +1,6 @@ --- # task/configure file for renew_consul_certificates - name: "Configure files for consul certificate renewal" - become: true notify: - "systemctl-enable-consul-certs" - "systemctl-restart-consul-certs" @@ -39,7 +38,6 @@ mode: '0600' - name: "Configure consul-certs systemd service" - become: true notify: - "systemctl-daemon-reload" block: diff --git a/tasks/prerequisites.yml b/tasks/prerequisites.yml index c8496ac..32d7c20 100644 --- a/tasks/prerequisites.yml +++ b/tasks/prerequisites.yml @@ -7,7 +7,6 @@ owner: "{{ renew_consul_certificates_consul_user }}" group: "{{ renew_consul_certificates_consul_group }}" mode: '0755' - become: true - name: "Create directory templates directory in {{ renew_consul_certificates_config_dir }}" ansible.builtin.file: @@ -16,7 +15,6 @@ owner: "{{ renew_consul_certificates_consul_user }}" group: "{{ renew_consul_certificates_consul_group }}" mode: '0755' - become: true - name: "Ensure certificate/key directory(ies) exist(s)" ansible.builtin.file: @@ -25,7 +23,6 @@ owner: "{{ renew_consul_certificates_consul_user }}" group: "{{ renew_consul_certificates_consul_group }}" mode: '0755' - become: true loop: - "{{ renew_consul_certificates_cert_dest }}" - "{{ renew_consul_certificates_key_dest }}"