run_once: true
changed_when: false
+- name: check dashboard password in file option command
+ command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard ac-user-set-password"
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ run_once: true
+ changed_when: false
+ failed_when: false
+ register: dashboard_password_in_file_option
+
+- name: set_fact dashboard_password_from_stdin
+ set_fact:
+ dashboard_password_from_stdin: "{{ ' -i ' in dashboard_password_in_file_option.stderr }}"
+ run_once: true
+
- name: check if dashboard admin user exists
command: timeout --foreground -s KILL 10 {{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard ac-user-show {{ dashboard_admin_user | quote }}
register: dashboard_admin_user_exist
until: dashboard_admin_user_exist.rc == 0
- name: update dashboard admin password
- command: timeout --foreground -s KILL 10 {{ ceph_cmd }} --cluster {{ cluster }} dashboard ac-user-set-password -i - {{ dashboard_admin_user | quote }}
+ command: timeout --foreground -s KILL 10 {{ ceph_cmd }} --cluster {{ cluster }} dashboard ac-user-set-password -i - {{ dashboard_admin_user | quote }} # noqa 304
args:
stdin: "{{ dashboard_admin_password }}"
stdin_add_newline: no
run_once: true
delegate_to: "{{ groups[mon_group_name][0] }}"
until: update_dashboard_admin_user.rc == 0
- when: dashboard_admin_user_exist.rc == 0
+ when:
+ - dashboard_admin_user_exist.rc == 0
+ - dashboard_password_from_stdin | bool
+
+- name: update dashboard admin password (legacy)
+ command: timeout --foreground -s KILL 10 {{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard ac-user-set-password {{ dashboard_admin_user | quote }} {{ dashboard_admin_password | quote }} # noqa 304
+ register: update_dashboard_admin_user
+ retries: 6
+ delay: 5
+ run_once: true
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ until: update_dashboard_admin_user.rc == 0
+ when:
+ - dashboard_admin_user_exist.rc == 0
+ - not dashboard_password_from_stdin | bool
- name: create dashboard admin user
- command: timeout --foreground -s KILL 10 {{ ceph_cmd }} --cluster {{ cluster }} dashboard ac-user-create -i - {{ dashboard_admin_user | quote }}
+ command: timeout --foreground -s KILL 10 {{ ceph_cmd }} --cluster {{ cluster }} dashboard ac-user-create -i - {{ dashboard_admin_user | quote }} # noqa 304
args:
stdin: "{{ dashboard_admin_password }}"
stdin_add_newline: no
run_once: true
delegate_to: "{{ groups[mon_group_name][0] }}"
until: create_dashboard_admin_user.rc == 0
- when: dashboard_admin_user_exist.rc != 0
+ when:
+ - dashboard_admin_user_exist.rc != 0
+ - dashboard_password_from_stdin | bool
+
+- name: create dashboard admin user (legacy)
+ command: timeout --foreground -s KILL 10 {{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard ac-user-create {{ dashboard_admin_user | quote }} {{ dashboard_admin_password | quote }}
+ register: create_dashboard_admin_user
+ retries: 6
+ delay: 5
+ run_once: true
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ until: create_dashboard_admin_user.rc == 0
+ when:
+ - dashboard_admin_user_exist.rc != 0
+ - not dashboard_password_from_stdin | bool
- name: set dashboard admin user role
command: timeout --foreground -s KILL 10 {{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard ac-user-set-roles {{ dashboard_admin_user | quote }} {{ 'read-only' if dashboard_admin_user_ro | bool else 'administrator' }}
changed_when: false
- name: set grafana api password
- command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard set-grafana-api-password -i -"
+ command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard set-grafana-api-password -i -" # noqa 304
args:
stdin: "{{ grafana_admin_password }}"
stdin_add_newline: no
delegate_to: "{{ groups[mon_group_name][0] }}"
run_once: true
changed_when: false
+ when: dashboard_password_from_stdin | bool
+
+- name: set grafana api password (legacy)
+ command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard set-grafana-api-password {{ grafana_admin_password }}"
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ run_once: true
+ changed_when: false
+ when: not dashboard_password_from_stdin | bool
- name: disable ssl verification for grafana
command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard set-grafana-api-ssl-verify False"
changed_when: false
- name: set the rgw access key
- command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard set-rgw-api-access-key -i -"
+ command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard set-rgw-api-access-key -i -" # noqa 304
args:
stdin: "{{ rgw_access_key }}"
stdin_add_newline: no
delegate_to: "{{ groups[mon_group_name][0] }}"
run_once: true
changed_when: false
+ when: dashboard_password_from_stdin | bool
+
+ - name: set the rgw access key (legacy)
+ command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard set-rgw-api-access-key {{ rgw_access_key }}"
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ changed_when: false
+ when: not dashboard_password_from_stdin | bool
- name: set the rgw secret key
- command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard set-rgw-api-secret-key -i -"
+ command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard set-rgw-api-secret-key -i -" # noqa 304
args:
stdin: "{{ rgw_secret_key }}"
stdin_add_newline: no
delegate_to: "{{ groups[mon_group_name][0] }}"
run_once: true
changed_when: false
+ when: dashboard_password_from_stdin | bool
+
+ - name: set the rgw secret key (legacy)
+ command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard set-rgw-api-secret-key {{ rgw_secret_key }}"
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ changed_when: false
+ when: not dashboard_password_from_stdin | bool
- name: set the rgw host
command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard set-rgw-api-host {{ hostvars[groups[rgw_group_name][0]]['rgw_instances'][0]['radosgw_address'] }}"
- generate_crt | default(false) | bool
- name: add iscsi gateways - ipv4
- command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard iscsi-gateway-add -i -"
+ command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard iscsi-gateway-add -i -" # noqa 304
args:
stdin: "{{ 'https' if hostvars[item]['api_secure'] | default(false) | bool else 'http' }}://{{ hostvars[item]['api_user'] | default('admin') }}:{{ hostvars[item]['api_password'] | default('admin') }}@{{ hostvars[item]['ansible_all_ipv4_addresses'] | ips_in_ranges(public_network.split(',')) | first }}:{{ hostvars[item]['api_port'] | default(5000) }}"
stdin_add_newline: no
delegate_to: "{{ groups[mon_group_name][0] }}"
with_items: "{{ groups[iscsi_gw_group_name] }}"
run_once: true
- when: ip_version == 'ipv4'
+ when:
+ - ip_version == 'ipv4'
+ - dashboard_password_from_stdin | bool
+
+ - name: add iscsi gateways - ipv4 (legacy)
+ command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard iscsi-gateway-add {{ 'https' if hostvars[item]['api_secure'] | default(false) | bool else 'http' }}://{{ hostvars[item]['api_user'] | default('admin') }}:{{ hostvars[item]['api_password'] | default('admin') }}@{{ hostvars[item]['ansible_all_ipv4_addresses'] | ips_in_ranges(public_network.split(',')) | first }}:{{ hostvars[item]['api_port'] | default(5000) }}"
+ changed_when: false
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ with_items: "{{ groups[iscsi_gw_group_name] }}"
+ run_once: true
+ when:
+ - ip_version == 'ipv4'
+ - not dashboard_password_from_stdin | bool
- name: add iscsi gateways - ipv6
- command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard iscsi-gateway-add -i -"
+ command: "{{ ceph_cmd }} --cluster {{ cluster }} dashboard iscsi-gateway-add -i -" # noqa 304
args:
stdin: "{{ 'https' if hostvars[item]['api_secure'] | default(false) | bool else 'http' }}://{{ hostvars[item]['api_user'] | default('admin') }}:{{ hostvars[item]['api_password'] | default('admin') }}@{{ hostvars[item]['ansible_all_ipv6_addresses'] | ips_in_ranges(public_network.split(',')) | last | ipwrap }}:{{ hostvars[item]['api_port'] | default(5000) }}"
stdin_add_newline: no
delegate_to: "{{ groups[mon_group_name][0] }}"
with_items: "{{ groups[iscsi_gw_group_name] }}"
run_once: true
- when: ip_version == 'ipv6'
+ when:
+ - ip_version == 'ipv6'
+ - dashboard_password_from_stdin | bool
+
+ - name: add iscsi gateways - ipv6 (legacy)
+ command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} dashboard iscsi-gateway-add {{ 'https' if hostvars[item]['api_secure'] | default(false) | bool else 'http' }}://{{ hostvars[item]['api_user'] | default('admin') }}:{{ hostvars[item]['api_password'] | default('admin') }}@{{ hostvars[item]['ansible_all_ipv6_addresses'] | ips_in_ranges(public_network.split(',')) | last | ipwrap }}:{{ hostvars[item]['api_port'] | default(5000) }}"
+ changed_when: false
+ delegate_to: "{{ groups[mon_group_name][0] }}"
+ with_items: "{{ groups[iscsi_gw_group_name] }}"
+ run_once: true
+ when:
+ - ip_version == 'ipv6'
+ - not dashboard_password_from_stdin | bool
- name: disable mgr dashboard module (restart)
command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} mgr module disable dashboard"
projects / ceph-ansible.git / commitdiff