santerikainulainen/ansible-role-elasticsearch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role-elasticsearch/tasks/xpack/shield/elasticsearch-shield.yml
Dale McDiarmid 5d3616bd20 Support for removal for shield and license
2016-07-23 21:47:27 +01:00

57 lines
2.1 KiB
YAML
Raw Blame History

---
#Test if shield is installed
- shell: "{{es_home}}/bin/plugin list | sed -n '1!p' | grep shield"
register: shield_installed
changed_when: False
ignore_errors: yes
environment:
CONF_DIR: "{{ conf_dir }}"
ES_INCLUDE: "{{ instance_default_file }}"
#Remove Shield if installed and its not been requested
- name: Remove shield plugin
command: >
{{es_home}}/bin/plugin remove shield
register: shield_change
failed_when: "'ERROR' in shield_change.stdout"
changed_when: shield_change.rc == 0
when: shield_installed.rc == 0 and (not es_enable_xpack or not '"shield" in es_xpack_features')
notify: restart elasticsearch
environment:
CONF_DIR: "{{ conf_dir }}"
ES_INCLUDE: "{{ instance_default_file }}"
#Install Shield if not installed and its been requested
- name: Install shield plugin
command: >
{{es_home}}/bin/plugin install shield
register: shield_change
failed_when: "'ERROR' in shield_change.stdout"
changed_when: shield_change.rc == 0
when: shield_installed.rc == 1 and es_enable_xpack and '"shield" in es_xpack_features'
notify: restart elasticsearch
environment:
CONF_DIR: "{{ conf_dir }}"
ES_INCLUDE: "{{ instance_default_file }}"
#TODO: 1. Skip users with no password defined or error 2. Passwords | length > 6
#-----------------------------FILE BASED REALM----------------------------------------
- include: elasticsearch-shield-file.yml
when: (es_users is defined and es_users.file) or (es_roles is defined and es_roles.file is defined)
#-----------------------------NATIVE BASED REALM----------------------------------------
# The native realm requires the node to be started so we do as a handler
- command: /bin/true
notify: load-native-realms
when: (es_users is defined and es_users.native is defined) or (es_roles is defined and es_roles.native is defined)
#Ensure shield conf directory is created
- name: Ensure shield conf directory exists
file: path={{ conf_dir }}/shield state=directory owner={{ es_user }} group={{ es_group }}
changed_when: False
when: es_enable_xpack and '"shield" in es_xpack_features'
Reference in a new issue View git blame Copy permalink