mirror of https://github.com/Aidaho12/haproxy-wi
86 lines
2.1 KiB
YAML
86 lines
2.1 KiB
YAML
- name: Change wrong HAProxy service file
|
|
template:
|
|
src: haproxy.service.j2
|
|
dest: /usr/lib/systemd/system/haproxy.service
|
|
mode: 0644
|
|
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and haproxy_from_wi is defined
|
|
|
|
- name: test to see if selinux is running
|
|
command: getenforce
|
|
register: sestatus
|
|
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS')
|
|
changed_when: false
|
|
ignore_errors: yes
|
|
debugger: never
|
|
|
|
- name: Disable SELINUX in config
|
|
template:
|
|
src: selinux.j2
|
|
dest: /etc/selinux/config
|
|
ignore_errors: yes
|
|
when:
|
|
- sestatus.stdout is defined
|
|
- '"Enforcing" in sestatus.stdout'
|
|
|
|
- name: Disable SELINUX in env
|
|
shell: setenforce 0 &> /dev/null
|
|
ignore_errors: yes
|
|
debugger: never
|
|
when:
|
|
- sestatus.stdout is defined
|
|
- '"Enforcing" in sestatus.stdout'
|
|
|
|
- name: Open stat port for firewalld
|
|
firewalld:
|
|
port: "{{ item }}/tcp"
|
|
state: enabled
|
|
permanent: yes
|
|
immediate: yes
|
|
ignore_errors: yes
|
|
no_log: True
|
|
debugger: never
|
|
when:
|
|
- '"firewalld" in ansible_facts.packages'
|
|
- ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS'
|
|
- ansible_facts.services["firewalld.service"]['state'] == "running"
|
|
with_items: [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}", "10000" ]
|
|
|
|
- name: Open stat port for iptables
|
|
iptables:
|
|
chain: INPUT
|
|
destination_port: "{{ item }}"
|
|
jump: ACCEPT
|
|
protocol: tcp
|
|
ignore_errors: yes
|
|
with_items: [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}", "10000" ]
|
|
|
|
- name: Creates HAProxy directory
|
|
file:
|
|
path: /etc/haproxy
|
|
owner: "{{ansible_user}}"
|
|
group: "{{ansible_user}}"
|
|
state: directory
|
|
ignore_errors: yes
|
|
|
|
- name: Copy HAProxy configuration in place.
|
|
template:
|
|
src: haproxy.cfg.j2
|
|
dest: /etc/haproxy/haproxy.cfg
|
|
mode: 0644
|
|
force: no
|
|
|
|
- name: Copy HAProxy state file in place.
|
|
template:
|
|
src: haproxy.state.j2
|
|
dest: /etc/haproxy/haproxy.state
|
|
mode: 0644
|
|
force: no
|
|
|
|
- name: Creates HAProxy stats directory
|
|
file:
|
|
path: /var/lib/haproxy
|
|
owner: haproxy
|
|
group: haproxy
|
|
state: directory
|
|
ignore_errors: yes
|