added ansible task to open encrypted drive

2020-07-27 14:39:13 +02:00 · 2020-07-27 14:39:13 +02:00 · ae715c20dc
parent baa99e9e5b
commit ae715c20dc
4 changed files with 33 additions and 3 deletions
--- a/deployer/group_vars/all/vars.yml
+++ b/deployer/group_vars/all/vars.yml
@ -1,6 +1,9 @@
 ---

-encrypted_drive_password: "{{ vault_encrypted_drive_password }}"
+encrypted_drive:
+    name: "vault"
+    location: "/vault"
+    password: "{{ vault_encrypted_drive_password }}"

 mysql_root_password: "{{ vault_mysql_root_password }}"
 adrien_serenity_password: "{{ vault_adrien_serenity_password }}"
--- a/deployer/roles/host/handlers/main.yml
+++ b/deployer/roles/host/handlers/main.yml
@ -1,8 +1,19 @@
 ---

+- name: Restart MySQL 
+  service:
+    name: mysql 
+    state: restarted
+  become: yes
+
+- name: Restart PostgreSQL
+  service:
+    name: postgresql
+    state: restarted
+  become: yes
+
 - name: Restart Docker 
  service:
    name: docker 
    state: restarted
-  become: yes
-  tags: docker
+  become: yes
--- a/deployer/roles/host/tasks/encrypted_drive.yml
+++ b/deployer/roles/host/tasks/encrypted_drive.yml
@ -0,0 +1,12 @@
+
+- name: "Open encrypted drive"
+  commane: 
+    cmd: "/sbin/mount_vault"
+    stdin: "{{ encrypted_drive.password }}" # The drive's password
+    creates: "{{ www_path }}" # Will not run if path already exists
+    stdin_add_newline: yes
+  become: true 
+  notify: 
+  - Restart MySQL 
+  - Restart PostgreSQL
+  - Restart Docker
--- a/deployer/roles/host/tasks/main.yml
+++ b/deployer/roles/host/tasks/main.yml
@ -2,6 +2,10 @@

 # TODO: Ensure anacron is installed

+- name: Open encrypted drive 
+  include_tasks: encrypted_drive.yml 
+  tags: always
+
 - name: Configure logrotate 
  include_tasks: logrotate.yml
  tags: logrotate