102 lines
3.6 KiB
YAML
102 lines
3.6 KiB
YAML
---
|
|
# Copyright 2019 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
# Note:
|
|
# This role is used in a playbook that typically targets the undercloud
|
|
# and may target other hosts, so to ensure that it executes against the
|
|
# right src and dest it uses delegation throughout.
|
|
|
|
- name: tripleo_transfer tasks
|
|
run_once: true
|
|
block:
|
|
- name: install requirements in src and dest hosts
|
|
become: true
|
|
package:
|
|
name:
|
|
- rsync
|
|
- openssh-clients
|
|
state: present
|
|
delegate_to: "{{ item }}"
|
|
loop:
|
|
- "{{ tripleo_transfer_src_host }}"
|
|
- "{{ tripleo_transfer_dest_host }}"
|
|
|
|
- name: generate ssh key-pair in source host
|
|
openssh_keypair:
|
|
path: "{{ tripleo_transfer_key_location }}"
|
|
delegate_to: "{{ tripleo_transfer_src_host }}"
|
|
become: "{{ tripleo_transfer_src_become }}"
|
|
register: keypair_gen
|
|
|
|
- name: set authorized-keys in destination host
|
|
authorized_key:
|
|
comment: "Added by tripleo-transfer"
|
|
user: "{{ ansible_user|default(ansible_ssh_user|default(hostvars[tripleo_transfer_dest_host].ansible_user_id)) }}"
|
|
state: present
|
|
key: "{{ keypair_gen.public_key }}"
|
|
delegate_to: "{{ tripleo_transfer_dest_host }}"
|
|
when: keypair_gen is succeeded
|
|
|
|
- import_tasks: flag.yml
|
|
when:
|
|
- tripleo_transfer_flag_file != None
|
|
- tripleo_transfer_flag_file|length > 0
|
|
become: "{{ tripleo_transfer_dest_become }}"
|
|
delegate_to: "{{ tripleo_transfer_dest_host }}"
|
|
|
|
- name: synchronize both directories
|
|
vars:
|
|
hostvars_dest_host_ip: >-
|
|
{{ hostvars[tripleo_transfer_dest_host].ansible_host |
|
|
default(hostvars[tripleo_transfer_dest_host].inventory_hostname) }}
|
|
tripleo_transfer_dest_user: >-
|
|
{{ hostvars[tripleo_transfer_dest_host].ansible_user |
|
|
default(hostvars[tripleo_transfer_dest_host].ansible_ssh_user |
|
|
default(hostvars[tripleo_transfer_dest_host].ansible_user_id)) }}
|
|
shell: >-
|
|
/usr/bin/rsync
|
|
-v
|
|
--delay-updates
|
|
-F
|
|
--compress
|
|
--archive
|
|
--delete
|
|
--rsync-path='sudo rsync'
|
|
--rsh='ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i {{ tripleo_transfer_key_location }}'
|
|
{{ tripleo_transfer_src_dir_safe }}
|
|
{{ tripleo_transfer_dest_user }}@{{ hostvars_dest_host_ip }}:{{ tripleo_transfer_dest_dir_safe }}
|
|
become: "{{ tripleo_transfer_src_become }}"
|
|
delegate_to: "{{ tripleo_transfer_src_host }}"
|
|
always:
|
|
- name: clean up keys in source host
|
|
file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
delegate_to: "{{ tripleo_transfer_src_host }}"
|
|
become: "{{ tripleo_transfer_src_become }}"
|
|
loop:
|
|
- "{{ tripleo_transfer_key_location }}"
|
|
- "{{ tripleo_transfer_key_location }}.pub"
|
|
|
|
- name: remove public key from authorized keys in destination host
|
|
lineinfile:
|
|
path: "~/.ssh/authorized_keys"
|
|
state: absent
|
|
regexp: '.*Added by tripleo-transfer.*$'
|
|
delegate_to: "{{ tripleo_transfer_dest_host }}"
|
|
when: tripleo_transfer_cleanup_keys | bool
|