Robert Helewka
b4d60f2f38
Replaces the minimal project description with a comprehensive README including a component overview table, quick start instructions, common Ansible operations, and links to detailed documentation. Aligns with Red Panda Approval™ standards.
104 lines
3.3 KiB
YAML
104 lines
3.3 KiB
YAML
---
|
|
- name: Deploy RabbitMQ with Docker Compose
|
|
hosts: ubuntu
|
|
become: true
|
|
vars:
|
|
required_service: rabbitmq
|
|
tasks:
|
|
- name: Check if host has rabbitmq service
|
|
ansible.builtin.set_fact:
|
|
has_rabbitmq_service: "{{required_service in services}}"
|
|
|
|
- name: Skip hosts without rabbitmq service
|
|
ansible.builtin.meta: end_host
|
|
when: not has_rabbitmq_service
|
|
|
|
- name: Create rabbitmq group
|
|
ansible.builtin.group:
|
|
name: "{{rabbitmq_group}}"
|
|
|
|
- name: Create rabbitmq user
|
|
ansible.builtin.user:
|
|
name: "{{rabbitmq_user}}"
|
|
comment: "{{rabbitmq_user}}"
|
|
group: "{{rabbitmq_group}}"
|
|
system: true
|
|
|
|
- name: Add group rabbitmq to user ponos
|
|
ansible.builtin.user:
|
|
name: ponos
|
|
groups: "{{rabbitmq_group}}"
|
|
append: true
|
|
|
|
- name: Create rabbitmq directory
|
|
ansible.builtin.file:
|
|
path: "{{rabbitmq_directory}}"
|
|
owner: "{{rabbitmq_user}}"
|
|
group: "{{rabbitmq_group}}"
|
|
state: directory
|
|
mode: '750'
|
|
|
|
- name: Template docker-compose file
|
|
ansible.builtin.template:
|
|
src: docker-compose.yml.j2
|
|
dest: "{{rabbitmq_directory}}/docker-compose.yml"
|
|
owner: "{{rabbitmq_user}}"
|
|
group: "{{rabbitmq_group}}"
|
|
mode: '550'
|
|
|
|
- name: Reset SSH connection to apply group changes
|
|
meta: reset_connection
|
|
|
|
- name: Start RabbitMQ service
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{rabbitmq_directory}}"
|
|
state: present
|
|
pull: always
|
|
|
|
- name: Always copy rabbitmqadmin out of RabbitMQ container to host (overwrite if newer)
|
|
ansible.builtin.command:
|
|
cmd: "docker cp rabbitmq:/usr/local/bin/rabbitmqadmin /usr/local/bin/rabbitmqadmin"
|
|
become: true
|
|
register: rabbitmqadmin_copy
|
|
changed_when: rabbitmqadmin_copy.rc == 0
|
|
failed_when: rabbitmqadmin_copy.rc != 0
|
|
|
|
- name: Ensure rabbitmqadmin is executable
|
|
ansible.builtin.file:
|
|
path: /usr/local/bin/rabbitmqadmin
|
|
mode: '0755'
|
|
owner: root
|
|
group: root
|
|
state: file
|
|
|
|
# --- RabbitMQ provisioning tasks (auto from inventory, run inside docker container) ---
|
|
|
|
- name: Ensure RabbitMQ vhosts exist
|
|
ansible.builtin.command:
|
|
cmd: "docker exec rabbitmq rabbitmqctl add_vhost {{ item.name }}"
|
|
loop: "{{ rabbitmq_vhosts }}"
|
|
register: vhost_result
|
|
changed_when: vhost_result.rc == 0
|
|
failed_when: vhost_result.rc != 0 and 'already exists' not in vhost_result.stderr
|
|
|
|
- name: Ensure RabbitMQ users exist
|
|
ansible.builtin.command:
|
|
cmd: "docker exec rabbitmq rabbitmqctl add_user {{ item.name }} {{ item.password }}"
|
|
loop: "{{ rabbitmq_users }}"
|
|
register: user_result
|
|
changed_when: user_result.rc == 0
|
|
failed_when: user_result.rc != 0 and 'already exists' not in user_result.stderr
|
|
no_log: true
|
|
|
|
- name: Set user tags
|
|
ansible.builtin.command:
|
|
cmd: "docker exec rabbitmq rabbitmqctl set_user_tags {{ item.name }} {{ item.tags | default([]) | join(' ') }}"
|
|
loop: "{{ rabbitmq_users }}"
|
|
when: item.tags is defined
|
|
no_log: true
|
|
|
|
- name: Ensure RabbitMQ user permissions are set
|
|
ansible.builtin.command:
|
|
cmd: "docker exec rabbitmq rabbitmqctl set_permissions -p {{ item.vhost }} {{ item.user }} '{{ item.configure_priv }}' '{{ item.write_priv }}' '{{ item.read_priv }}'"
|
|
loop: "{{ rabbitmq_permissions }}"
|