Don't use the 'x-pack' subdir now that x-pack is part of core

2018-06-14 16:33:40 +02:00 · 2018-06-14 16:33:40 +02:00 · 77d47e3235
commit 77d47e3235
parent d8cf1d1f66
5 changed files with 32 additions and 19 deletions
--- a/tasks/xpack/security/elasticsearch-security-file.yml
+++ b/tasks/xpack/security/elasticsearch-security-file.yml
@ -2,10 +2,19 @@
 - name: set fact manage_file_users
  set_fact: manage_file_users=es_users is defined and es_users.file is defined and es_users.file.keys() | length > 0

+- name: Create the users file if it doesn't exist
+  copy:
+    content: ""
+    dest: "{{ conf_dir }}{{ es_xpack_conf_subdir }}/users"
+    force: no # this ensures it only creates it if it does not exist
+    group: "{{ es_group }}"
+    owner: "{{ es_user }}"
+    mode: 0555
+
 #List current users
 - name: List Users
  become: yes
-  shell: cat {{conf_dir}}/x-pack/users | awk -F':' '{print $1}'
+  shell: cat {{conf_dir}}{{es_xpack_conf_subdir}}/users | awk -F':' '{print $1}'
  register: current_file_users
  when: manage_file_users
  changed_when: False
@ -65,16 +74,16 @@
 #Copy Roles files
 - name: Copy roles.yml File for Instance
  become: yes
-  template: src=security/roles.yml.j2 dest={{conf_dir}}/x-pack/roles.yml owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
+  template: src=security/roles.yml.j2 dest={{conf_dir}}{{es_xpack_conf_subdir}}/roles.yml owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
  when: es_roles is defined and es_roles.file is defined

 #Overwrite users_roles file
 - name: Copy User Roles
  become: yes
-  template: src=security/users_roles.j2 dest={{conf_dir}}/x-pack/users_roles mode=0644 force=yes
+  template: src=security/users_roles.j2 dest={{conf_dir}}{{es_xpack_conf_subdir}}/users_roles mode=0644 force=yes
  when: manage_file_users and users_roles | length > 0

 #Set permission on security directory. E.g. if 2 nodes are installed on the same machine, the second node will not get the users file created at install, causing the files being created at es_users call and then having the wrong Permissions.
 - name: Set Security Directory Permissions Recursive
  become: yes
-  file: state=directory path={{conf_dir}}/x-pack/ owner={{ es_user }} group={{ es_group }} recurse=yes
+  file: state=directory path={{conf_dir}}{{es_xpack_conf_subdir}}/ owner={{ es_user }} group={{ es_group }} recurse=yes
--- a/tasks/xpack/security/elasticsearch-security.yml
+++ b/tasks/xpack/security/elasticsearch-security.yml
@ -5,7 +5,7 @@

 #Ensure x-pack conf directory is created if necessary
 - name: Ensure x-pack conf directory exists (file)
-  file: path={{ conf_dir }}/x-pack state=directory owner={{ es_user }} group={{ es_group }}
+  file: path={{ conf_dir }}{{ es_xpack_conf_subdir }} state=directory owner={{ es_user }} group={{ es_group }}
  changed_when: False
  when:
    - es_enable_xpack and "security" in es_xpack_features
@ -51,14 +51,14 @@
 #Copy Roles files
 - name: Copy role_mapping.yml File for Instance
  become: yes
-  template: src=security/role_mapping.yml.j2 dest={{conf_dir}}/x-pack/role_mapping.yml owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
+  template: src=security/role_mapping.yml.j2 dest={{conf_dir}}{{es_xpack_conf_subdir}}/role_mapping.yml owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
  when: es_role_mapping is defined

 #-----------------------------AUTH FILE----------------------------------------

 - name: Copy message auth key to elasticsearch
  become: yes
-  copy: src={{ es_message_auth_file }} dest={{conf_dir}}/x-pack/system_key owner={{ es_user }} group={{ es_group }} mode=0600 force=yes
+  copy: src={{ es_message_auth_file }} dest={{conf_dir}}{{es_xpack_conf_subdir}}/system_key owner={{ es_user }} group={{ es_group }} mode=0600 force=yes
  when: es_message_auth_file is defined

 #------------------------------------------------------------------------------------