openstack-ansible/playbooks/roles/os_cinder/tasks/cinder_pre_install.yml

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: create the system group
  group:
    name: "{{ cinder_system_group_name }}"
    state: "present"
    system: "yes"
  tags:
    - cinder-group

- name: Create the cinder system user
  user:
    name: "{{ cinder_system_user_name }}"
    group: "{{ cinder_system_group_name }}"
    comment: "{{ cinder_system_comment }}"
    shell: "{{ cinder_system_shell }}"
    system: "yes"
    createhome: "yes"
    home: "{{ cinder_system_home_folder }}"
  tags:
    - cinder-user

- name: Create cinder dir
  file:
    path: "{{ item.path }}"
    state: directory
    owner: "{{ item.owner|default(cinder_system_user_name) }}"
    group: "{{ item.group|default(cinder_system_group_name) }}"
  with_items:
    - { path: "/var/cache/cinder", mode: "0700" }
    - { path: "/etc/cinder" }
    - { path: "/etc/cinder/rootwrap.d" }
    - { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" }
    - { path: "{{ cinder_system_home_folder }}" }
  tags:
    - cinder-dirs

- name: Test for log directory or link
  shell: |
    if [ -h "/var/log/cinder"  ]; then
      chown -h {{ cinder_system_user_name }}:{{ cinder_system_group_name }} "/var/log/cinder"
      chown -R {{ cinder_system_user_name }}:{{ cinder_system_group_name }} "$(readlink /var/log/cinder)"
    else
      exit 1
    fi    
  register: log_dir
  failed_when: false
  changed_when: log_dir.rc != 0
  tags:
    - cinder-dirs
    - cinder-logs

- name: Create cinder log dir
  file:
    path: "{{ item.path }}"
    state: directory
    owner: "{{ item.owner|default(cinder_system_user_name) }}"
    group: "{{ item.group|default(cinder_system_group_name) }}"
    mode: "{{ item.mode|default('0755') }}"
  with_items:
    - { path: "/var/log/cinder" }
  when: log_dir.rc != 0
  tags:
    - cinder-dirs
    - cinder-logs

- name: Drop sudoers file
  template:
    src: "sudoers.j2"
    dest: "/etc/sudoers.d/{{ cinder_system_user_name }}_sudoers"
    mode: "0440"
    owner: "root"
    group: "root"
  tags:
    - sudoers
    - cinder-sudoers