mirror of
https://github.com/natelandau/ansible-homelab-config.git
synced 2025-11-17 17:33:41 -05:00
250 lines
8.4 KiB
YAML
250 lines
8.4 KiB
YAML
---
|
|
# TASK DESCRIPTION:
|
|
# Downloads, installs, and configures Hashicorp Nomad.
|
|
|
|
- name: "Set variables needed to install Nomad"
|
|
block:
|
|
- name: "Set variable: check if we have a mounted USB drive (Debian)"
|
|
ansible.builtin.stat:
|
|
path: "{{ rpi_usb_drive_mount_point }}"
|
|
register: have_usb_drive
|
|
changed_when: false
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
|
|
- name: "Set variable: Use USB drive for nomad /opt (Debian)"
|
|
ansible.builtin.set_fact:
|
|
nomad_opt_dir_location: "{{ rpi_usb_drive_mount_point }}/opt/nomad"
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
- have_usb_drive.stat.exists
|
|
|
|
- name: "Set variable: Use root dist for nomad /opt (Debian)"
|
|
ansible.builtin.set_fact:
|
|
nomad_opt_dir_location: "/opt/nomad"
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
- not have_usb_drive.stat.exists
|
|
|
|
- name: "Set variable: Use ~/library for /opt files (macOSX)"
|
|
ansible.builtin.set_fact:
|
|
nomad_opt_dir_location: "/Users/{{ ansible_user }}/Library/nomad"
|
|
when:
|
|
- ansible_os_family == 'Darwin'
|
|
|
|
- name: "Set variable: Set Nomad download Binary (armv7l)"
|
|
ansible.builtin.set_fact:
|
|
nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_arm.zip"
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
- ansible_architecture == 'armv7l'
|
|
|
|
- name: "Set variable: Set Nomad download Binary (aarch64)"
|
|
ansible.builtin.set_fact:
|
|
nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_arm64.zip"
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
- ansible_architecture == 'aarch64'
|
|
|
|
- name: "Set variable: Set Nomad download Binary (MacOSX)"
|
|
ansible.builtin.set_fact:
|
|
nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_darwin_amd64.zip"
|
|
when:
|
|
- mac_intel
|
|
|
|
- name: Assert that we can install Nomad
|
|
ansible.builtin.assert:
|
|
that:
|
|
- nomad_download_file_uri is defined
|
|
- nomad_opt_dir_location is defined
|
|
fail_msg: "Unable to install Nomad on this host"
|
|
|
|
- name: "Create Nomad user and group (Debian)"
|
|
when: ansible_os_family == 'Debian'
|
|
block:
|
|
- name: "Ensure group 'nomad' exists (Debian)"
|
|
become: true
|
|
ansible.builtin.group:
|
|
name: nomad
|
|
state: present
|
|
|
|
- name: "Add the user 'nomad' with group 'nomad' (Debian)"
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: nomad
|
|
group: nomad
|
|
|
|
- name: "Add user 'nomad' to docker and sudo groups (Debian)"
|
|
become: true
|
|
ansible.builtin.user:
|
|
user: nomad
|
|
groups: docker,sudo
|
|
append: true
|
|
|
|
- name: "Create Nomad /opt storage"
|
|
block:
|
|
- name: "Create {{ nomad_opt_dir_location }} directories"
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
recurse: true
|
|
mode: 0755
|
|
loop:
|
|
- "{{ nomad_opt_dir_location }}/logs"
|
|
- "{{ nomad_opt_dir_location }}/plugins"
|
|
- "{{ nomad_opt_dir_location }}/certs"
|
|
|
|
- name: Copy server certs
|
|
become: true
|
|
ansible.builtin.copy:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
mode: 0755
|
|
loop:
|
|
- { src: certs/nomad/nomad-ca.pem, dest: "{{ nomad_opt_dir_location }}/certs/nomad-ca.pem" }
|
|
- { src: certs/nomad/server.pem, dest: "{{ nomad_opt_dir_location }}/certs/server.pem" }
|
|
- { src: certs/nomad/server-key.pem, dest: "{{ nomad_opt_dir_location }}/certs/server-key.pem" }
|
|
notify: "restart nomad"
|
|
when: is_nomad_server
|
|
|
|
- name: Copy client certs
|
|
become: true
|
|
ansible.builtin.copy:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
mode: 0755
|
|
loop:
|
|
- { src: certs/nomad/nomad-ca.pem, dest: "{{ nomad_opt_dir_location }}/certs/nomad-ca.pem" }
|
|
- { src: certs/nomad/client.pem, dest: "{{ nomad_opt_dir_location }}/certs/client.pem" }
|
|
- { src: certs/nomad/client-key.pem, dest: "{{ nomad_opt_dir_location }}/certs/client-key.pem" }
|
|
notify: "restart nomad"
|
|
when: is_nomad_client
|
|
|
|
- name: "Set owner of files to nomad:nomad (debian)"
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: "{{ nomad_opt_dir_location }}"
|
|
owner: nomad
|
|
group: nomad
|
|
recurse: true
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: "Set owner of files to {{ ansible_user_uid }}:{{ ansible_user_gid }} (MacOSX)"
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: "{{ nomad_opt_dir_location }}"
|
|
owner: "{{ ansible_user_uid }}"
|
|
group: "{{ ansible_user_gid }}"
|
|
recurse: true
|
|
when: ansible_os_family != 'Debian'
|
|
|
|
- name: "Template out the configuration file"
|
|
block:
|
|
- name: "Create {{ nomad_configuration_dir }}"
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: "{{ nomad_configuration_dir }}"
|
|
state: directory
|
|
mode: 0755
|
|
|
|
- name: Copy base config file
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: nomad.hcl.j2
|
|
dest: "{{ nomad_configuration_dir }}/nomad.hcl"
|
|
mode: 0644
|
|
notify: "restart nomad"
|
|
|
|
- name: "Set owner of files to nomad:nomad (Debian)"
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: "{{ nomad_configuration_dir }}"
|
|
owner: nomad
|
|
group: nomad
|
|
recurse: true
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
|
|
- name: Install or Update Nomad
|
|
block:
|
|
- name: "Set fact: do we need a nomad install?"
|
|
ansible.builtin.set_fact:
|
|
need_nomad_install: false
|
|
|
|
- name: Check if nomad is installed
|
|
ansible.builtin.stat:
|
|
path: /usr/local/bin/nomad
|
|
register: nomad_binary_file_location
|
|
|
|
- name: "Set fact: do we need a nomad install"
|
|
ansible.builtin.set_fact:
|
|
need_nomad_install: true
|
|
when:
|
|
- not nomad_binary_file_location.stat.exists
|
|
|
|
- name: Check current version of Nomad
|
|
ansible.builtin.shell: /usr/local/bin/nomad --version | grep -oE '[0-9]+\.[0-9]+\.[0-9]+'
|
|
ignore_errors: true
|
|
register: current_nomad_version
|
|
check_mode: false
|
|
changed_when: false
|
|
when:
|
|
- not need_nomad_install
|
|
|
|
- name: "Set fact: do we need a nomad install"
|
|
ansible.builtin.set_fact:
|
|
need_nomad_install: true
|
|
when:
|
|
- not need_nomad_install
|
|
- current_nomad_version.stdout is version(nomad_version, '<')
|
|
|
|
- name: Install Nomad
|
|
become: true
|
|
ansible.builtin.unarchive:
|
|
src: "{{ nomad_download_file_uri }}"
|
|
dest: /usr/local/bin
|
|
remote_src: true
|
|
notify: "restart nomad"
|
|
when:
|
|
- need_nomad_install
|
|
|
|
- name: "Copy system.d or launchctrl service files"
|
|
block:
|
|
- name: Ensure /Library/LaunchAgents exists (MacOSX)
|
|
ansible.builtin.file:
|
|
path: "{{ nomad_plist_macos | dirname }}"
|
|
state: directory
|
|
mode: 0755
|
|
when:
|
|
- ansible_os_family == 'Darwin'
|
|
|
|
- name: Create nomad launchd service (MacOSX)
|
|
ansible.builtin.template:
|
|
src: nomad.launchd.j2
|
|
dest: "{{ nomad_plist_macos }}"
|
|
mode: 0644
|
|
notify: "restart nomad"
|
|
when:
|
|
- ansible_os_family == 'Darwin'
|
|
|
|
- name: Create nomad service (Debian)
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: nomad.service.j2
|
|
dest: /etc/systemd/system/nomad.service
|
|
mode: 0644
|
|
notify: "restart nomad"
|
|
when:
|
|
- ansible_os_family == 'Debian'
|
|
|
|
- name: "Start nomad, if stopped"
|
|
ansible.builtin.shell:
|
|
cmd: "/usr/local/bin/nomad node status -self -short | grep {{ inventory_hostname }}"
|
|
register: node_status_response
|
|
ignore_errors: true
|
|
failed_when: false
|
|
changed_when: node_status_response.rc > 0
|
|
notify: "restart nomad"
|
|
when: "'nostart' not in ansible_run_tags"
|