diff --git a/handlers/main.yml b/handlers/main.yml index c362c65..450a046 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -3,14 +3,12 @@ - name: "Reload service file" ansible.builtin.systemd: daemon_reload: true - become: true listen: "systemctl-daemon-reload" - name: "Enable nomad-certs service" ansible.builtin.service: name: nomad-certs enabled: true - become: true listen: "systemctl-enable-nomad-certs" - name: "Start nomad-certs service" @@ -19,4 +17,3 @@ state: restarted listen: "systemctl-restart-nomad-certs" when: renew_nomad_certificates_start_service - become: true diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index e272496..e8e2a16 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_nomad_certificates" ansible.builtin.include_role: diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 702c21d..99851c4 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group nomad" ansible.builtin.group: name: "nomad" state: present - become: true - name: "Create user nomad" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "nomad" shell: /bin/false state: present - become: true diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 8462cf2..7cf5f0d 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -1,7 +1,8 @@ --- - name: Verify hosts: all - gather_facts: false + gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/nomad" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/nomad/nomad_config.hcl" register: slurp_etc_consul_template_d_nomad_nomad_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/nomad" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/nomad-certs.service" register: slurp_etc_systemd_system_nomad_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service nomad-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_nomad_certs_service.stat.exists diff --git a/molecule/default_vagrant/converge.yml b/molecule/default_vagrant/converge.yml index e272496..e8e2a16 100644 --- a/molecule/default_vagrant/converge.yml +++ b/molecule/default_vagrant/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_nomad_certificates" ansible.builtin.include_role: diff --git a/molecule/default_vagrant/prepare.yml b/molecule/default_vagrant/prepare.yml index 702c21d..99851c4 100644 --- a/molecule/default_vagrant/prepare.yml +++ b/molecule/default_vagrant/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group nomad" ansible.builtin.group: name: "nomad" state: present - become: true - name: "Create user nomad" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "nomad" shell: /bin/false state: present - become: true diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_vagrant/verify.yml index 584ad7b..7cf5f0d 100644 --- a/molecule/default_vagrant/verify.yml +++ b/molecule/default_vagrant/verify.yml @@ -2,6 +2,7 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/nomad" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/nomad/nomad_config.hcl" register: slurp_etc_consul_template_d_nomad_nomad_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/nomad" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/nomad-certs.service" register: slurp_etc_systemd_system_nomad_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service nomad-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_nomad_certs_service.stat.exists diff --git a/molecule/with_custom_config/converge.yml b/molecule/with_custom_config/converge.yml index e272496..e8e2a16 100644 --- a/molecule/with_custom_config/converge.yml +++ b/molecule/with_custom_config/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_nomad_certificates" ansible.builtin.include_role: diff --git a/molecule/with_custom_config/prepare.yml b/molecule/with_custom_config/prepare.yml index 702c21d..99851c4 100644 --- a/molecule/with_custom_config/prepare.yml +++ b/molecule/with_custom_config/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group nomad" ansible.builtin.group: name: "nomad" state: present - become: true - name: "Create user nomad" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "nomad" shell: /bin/false state: present - become: true diff --git a/molecule/with_custom_config/verify.yml b/molecule/with_custom_config/verify.yml index 30a8dfe..a7a44b6 100644 --- a/molecule/with_custom_config/verify.yml +++ b/molecule/with_custom_config/verify.yml @@ -1,7 +1,8 @@ --- - name: Verify hosts: all - gather_facts: false + gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/nomad" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/nomad/nomad_config.hcl" register: slurp_etc_consul_template_d_nomad_nomad_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/nomad" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/nomad-certs.service" register: slurp_etc_systemd_system_nomad_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service nomad-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_nomad_certs_service.stat.exists diff --git a/molecule/with_custom_config_vagrant/converge.yml b/molecule/with_custom_config_vagrant/converge.yml index e272496..e8e2a16 100644 --- a/molecule/with_custom_config_vagrant/converge.yml +++ b/molecule/with_custom_config_vagrant/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.renew_nomad_certificates" ansible.builtin.include_role: diff --git a/molecule/with_custom_config_vagrant/prepare.yml b/molecule/with_custom_config_vagrant/prepare.yml index 702c21d..99851c4 100644 --- a/molecule/with_custom_config_vagrant/prepare.yml +++ b/molecule/with_custom_config_vagrant/prepare.yml @@ -1,12 +1,12 @@ --- - name: Prepare hosts: all + become: true tasks: - name: "Create group nomad" ansible.builtin.group: name: "nomad" state: present - become: true - name: "Create user nomad" ansible.builtin.user: @@ -14,4 +14,3 @@ group: "nomad" shell: /bin/false state: present - become: true diff --git a/molecule/with_custom_config_vagrant/verify.yml b/molecule/with_custom_config_vagrant/verify.yml index 4bb103a..a7a44b6 100644 --- a/molecule/with_custom_config_vagrant/verify.yml +++ b/molecule/with_custom_config_vagrant/verify.yml @@ -2,6 +2,7 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - name: "Test: directory /etc/consul-template.d/nomad" block: @@ -19,7 +20,6 @@ ansible.builtin.slurp: src: "/etc/consul-template.d/nomad/nomad_config.hcl" register: slurp_etc_consul_template_d_nomad_nomad_config_hcl - become: true - name: "Verify directory /etc/consul-template.d/nomad" ansible.builtin.assert: @@ -60,7 +60,6 @@ src: "{{ item.path }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" register: slurp_etc_consul_template_d_nomad_templates - become: true - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" vars: @@ -125,9 +124,8 @@ ansible.builtin.slurp: src: "/etc/systemd/system/nomad-certs.service" register: slurp_etc_systemd_system_nomad_certs_service - become: true - - name: "Verify service nomad" + - name: "Verify service nomad-certs" ansible.builtin.assert: that: - stat_etc_systemd_system_nomad_certs_service.stat.exists diff --git a/tasks/configure.yml b/tasks/configure.yml index 9f68bee..4c576ee 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -1,7 +1,6 @@ --- # task/configure file for renew_nomad_certificates - name: "Configure files for nomad certificate renewal" - become: true notify: - "systemctl-enable-nomad-certs" - "systemctl-restart-nomad-certs" @@ -45,6 +44,5 @@ owner: root group: root mode: '0644' - become: true notify: - "systemctl-daemon-reload" diff --git a/tasks/prerequisites.yml b/tasks/prerequisites.yml index fb2836b..f1bce54 100644 --- a/tasks/prerequisites.yml +++ b/tasks/prerequisites.yml @@ -7,7 +7,6 @@ owner: "{{ renew_nomad_certificates_nomad_user }}" group: "{{ renew_nomad_certificates_nomad_group }}" mode: '0755' - become: true - name: "Create directory templates directory in {{ renew_nomad_certificates_config_dir }}" ansible.builtin.file: @@ -16,7 +15,6 @@ owner: "{{ renew_nomad_certificates_nomad_user }}" group: "{{ renew_nomad_certificates_nomad_group }}" mode: '0755' - become: true - name: "Ensure certificate/key directory(ies) exist(s)" ansible.builtin.file: @@ -29,4 +27,3 @@ - "{{ renew_nomad_certificates_cert_dest }}" - "{{ renew_nomad_certificates_key_dest }}" - "{{ renew_nomad_certificates_ca_dest }}" - become: true