917571a140
- Rename a task in the consul role to better reflect the actions being taken - Add passwordless sudo as a configurable option to the ssh role, include base configuration for that
73 lines
1.4 KiB
YAML
73 lines
1.4 KiB
YAML
---
|
|
- name: Install or update consul
|
|
become: true
|
|
apt:
|
|
name: consul
|
|
state: latest
|
|
update_cache: yes
|
|
when: ansible_check_mode == false
|
|
|
|
- name: Add consul user
|
|
become: true
|
|
user:
|
|
name: consul
|
|
system: yes
|
|
shell: /bin/false
|
|
|
|
- name: Create consul directories
|
|
become: true
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: consul
|
|
group: consul
|
|
with_items:
|
|
- /etc/consul.d
|
|
- /opt/consul
|
|
|
|
- include_tasks: configure.yml
|
|
|
|
- name: Enable and start consul
|
|
become: true
|
|
systemd:
|
|
name: consul
|
|
enabled: yes
|
|
state: started
|
|
when: ansible_check_mode == false
|
|
|
|
- name: Ensure systemd-resolved config directory exists
|
|
become: true
|
|
file:
|
|
path: /etc/systemd/resolved.conf.d
|
|
state: directory
|
|
|
|
- name: Configure Consul DNS in systemd-resolved
|
|
become: true
|
|
copy:
|
|
dest: /etc/systemd/resolved.conf.d/consul.conf
|
|
content: |
|
|
[Resolve]
|
|
DNS=127.0.0.1:8600
|
|
DNSSEC=false
|
|
Domains=~consul node.consul service.consul
|
|
|
|
- name: Restart systemd-resolved
|
|
become: true
|
|
systemd:
|
|
name: systemd-resolved
|
|
enabled: yes
|
|
state: restarted
|
|
when: ansible_check_mode == false
|
|
|
|
- name: Remove resolv.conf symlink
|
|
become: true
|
|
file:
|
|
path: /etc/resolv.conf
|
|
state: absent
|
|
|
|
- name: Create resolv.conf symlink
|
|
become: true
|
|
file:
|
|
src: /run/systemd/resolve/stub-resolv.conf
|
|
dest: /etc/resolv.conf
|
|
state: link
|