ansible 根据主机处理不同case 博客分类: ansible
程序员文章站
2024-03-19 20:09:52
...
Ansible 根据主机的不同,有时候需要处理不同的场景,例如存在如下场景,配置多台VM的Compoment 不同的 TLS证书和Password。
inventory 文件
configure.yml 文件
vars 变量文件
common/connector-mqtt-tls-enable.yml
common/connector-http-tls-enable.yml
Result
第二种方式
inventory 文件
vars 变量文件
configure.yml文件
common/connector-mqtt-tls-enable.yml
common/connector-http-tls-enable.yml
结果是一样的
inventory 文件
[dispatcher-connector] 192.168.99.17 192.168.99.5 [dispatcher-manager] 192.168.99.17 [dispatcher-tools] 192.168.99.17
configure.yml 文件
---
- name: tls enable for connector
hosts: dispatcher-connector
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ connector_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-connector/conf/connector.properties"
become: yes
become_user: root
tasks:
- debug: var=hostvars[inventory_hostname]['ansible_default_ipv4']['address']
- debug: var=connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location']
- debug: var={{connector_mqtt_key_store_password_base64[inventory_hostname]}}
- name: add mqtt configure tls config
include: "{{ playbook_dir }}/common/connector-mqtt-tls-enable.yml"
when: connector_mqtt_tls_enable
- name: add http configure tls config
include: "{{ playbook_dir }}/common/connector-http-tls-enable.yml"
when: connector_http_tls_enable
tags: dispatcher-connector
vars 变量文件
############################## Dispatcher Installation Basic Info ###############
latest_version: 4.1.1
origin_version: 4.1.1
dispatcher_installation_home: /opt/ddi/dispatcher
dispatcher_user_name: dispatcher
dispatcher_group_name: dispatcher
dispatcher_user_home: /home/dispatcher
dispatcher_connector_http_host: "{{ groups['dispatcher-connector'][0] }}"
############################## Dispatcher EP Installation Info #################
connector_ep_list:
manager_ep_list:
connector_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/lib"
manager_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/webapps/WEB-INF/lib"
certs_from_path: "{{ playbook_dir }}/files"
connector_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/conf/certs"
manager_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/conf/certs"
tools_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-tools/cli/conf/certs"
############################## tls setting for dispatcher ######################
connector_mqtt_tls_enable: true
connector_mqtt:
192.168.99.17:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "/opt/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "/opt/connector-mqtt.server.truststore.jks"
192.168.99.5:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "/opt/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "/opt/connector-mqtt.server.truststore.jks"
connector_http_tls_enable: true
connector_http:
192.168.99.17:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "{{ playbook_dir }}/files/192.168.99.17/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "{{ playbook_dir }}/files/192.168.99.17/connector-mqtt.server.truststore.jks"
192.168.99.5:
key_store_password_base64: MTEyMjMz
key_manager_password_base64: MTEyMjMz
trust_store_password_base64: Y2hhbmdlaXQ=
ssl.keystore.location: "{{ playbook_dir }}/files/192.168.99.5/connector-mqtt.server.keystore.jks"
ssl.truststore.location: "{{ playbook_dir }}/files/192.168.99.5/connector-mqtt.server.truststore.jks"
#connector_mqtt_key_store_password_base64: MTEyMjMz
#connector_mqtt_key_manager_password_base64: MTEyMjMz
#connector_mqtt_trust_store_password_base64: Y2hhbmdlaXQ=
#connector_http_key_store_password_base64: MTEyMjMz
#connector_http_key_manager_password_base64: MTEyMjMz
#connector_http_trust_store_password_base64: Y2hhbmdlaXQ=
connectivity_https_port: 8443
monitor_https_port: 8444
connectivity_http_port: 8080
monitor_http_port: 8161
common/connector-mqtt-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location'] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.truststore.location'] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
insertafter: '^mqtt.authentication.certificate.deviceId.key'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
insertafter: '^mqtt.ssl.key.store.path'
state: present
- name: modify connector key manager password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
insertafter: '^mqtt.ssl.key.store.password'
state: present
- name: modify connector truststore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
insertafter: '^mqtt.ssl.key.manager.password'
state: present
- name: modify connector truststore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
insertafter: '^mqtt.ssl.trust.store.path'
state: present
common/connector-http-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location'] }}"
dest: "{{ certs_store_path }}/connector-http.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.truststore.location'] }}"
dest: "{{ certs_store_path }}/connector-http.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
insertafter: '^mqtt.ssl.trust.store.password'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}"
insertafter: '^http.ssl.key.store.path'
state: present
- name: modify connector key manager password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector key manager password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}"
insertafter: '^http.ssl.key.store.password'
state: present
- name: modify connector truststore path for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
insertafter: '^http.ssl.key.manager.password'
state: present
- name: modify connector truststore password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}"
insertafter: '^http.ssl.trust.store.path'
state: present
Result
第二种方式
inventory 文件
[dispatcher-connector] 192.168.99.17 192.168.99.5 [dispatcher-manager] 192.168.99.17 [dispatcher-tools] 192.168.99.17
vars 变量文件
---
############################## Dispatcher Installation Basic Info ###############
latest_version: 4.1.1
origin_version: 4.1.1
dispatcher_installation_home: /opt/ddi/dispatcher
dispatcher_user_name: dispatcher
dispatcher_group_name: dispatcher
dispatcher_user_home: /home/dispatcher
dispatcher_connector_http_host: "{{ groups['dispatcher-connector'][0] }}"
############################## Dispatcher EP Installation Info #################
connector_ep_list:
manager_ep_list:
connector_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/lib"
manager_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/webapps/WEB-INF/lib"
certs_from_path: "{{ playbook_dir }}/files"
connector_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/conf/certs"
manager_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/conf/certs"
tools_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-tools/cli/conf/certs"
############################## tls setting for dispatcher ######################
connector_mqtt_tls_enable: true
connector_http_tls_enable: true
connector_mqtt_key_store_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_mqtt_key_manager_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_mqtt_trust_store_password_base64:
host1: Y2hhbmdlaXQ=1
host2: Y2hhbmdlaXQ=2
connector_mqtt_ssl_keystore_location:
host1: /opt/ssl/connector-mqtt.server.keystore1.jks
host2: /opt/ssl/connector-mqtt.server.keystore2.jks
connector_mqtt_ssl_truststore_location:
host1: /opt/ssl/connector-mqtt.server.truststore1.jks
host2: /opt/ssl/connector-mqtt.server.truststore2.jks
connector_http_key_store_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_http_key_manager_password_base64:
host1: MTEyMjMz1
host2: MTEyMjMz2
connector_http_trust_store_password_base64:
host1: Y2hhbmdlaXQ=1
host2: Y2hhbmdlaXQ=2
connector_http_ssl_keystore_location:
host1: /opt/ssl/connector-http.server.keystore1.jks
host2: /opt/ssl/connector-http.server.keystore2.jks
connector_http_ssl_truststore_location:
host1: /opt/ssl/connector-http.server.truststore1.jks
host2: /opt/ssl/connector-http.server.truststore2.jks
configure.yml文件
---
- name: tls enable for connector
hosts: dispatcher-connector
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ connector_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-connector/conf/connector.properties"
become: yes
become_user: root
tasks:
- name: add kafka tls config
include: "{{ playbook_dir }}/common/kafka-tls-enable.yml"
when: kafka_tls_enable
- name: add cassandra tls config
include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml"
when: cassandra_tls_enable
- name: add mqtt configure tls config
include: "{{ playbook_dir }}/common/connector-mqtt-tls-enable.yml"
when: connector_mqtt_tls_enable
- name: add http configure tls config
include: "{{ playbook_dir }}/common/connector-http-tls-enable.yml"
when: connector_http_tls_enable
tags: dispatcher-connector
- name: tls enable for manager
hosts: dispatcher-manager
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ manager_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-manager/conf/manager.properties"
become: yes
become_user: root
tasks:
- name: add kafka tls config
include: "{{ playbook_dir }}/common/kafka-tls-enable.yml"
when: kafka_tls_enable
- name: add cassandra tls config
include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml"
when: cassandra_tls_enable
tags: dispatcher-manager
- name: tls enable for tools
hosts: dispatcher-tools
vars_files:
- ./vars/dispatcher.yml
vars:
certs_store_path: "{{ tools_certs_dir }}"
configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-tools/cli/conf/cli.conf"
become: yes
become_user: root
tasks:
- name: add cassandra tls config
include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml"
when: cassandra_tls_enable
tags: dispatcher-tools
common/connector-mqtt-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_mqtt_ssl_keystore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_mqtt_ssl_truststore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-mqtt.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+'
line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks'
insertafter: '^mqtt.authentication.certificate.deviceId.key'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt_key_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+'
line: "mqtt.ssl.key.store.password={{ connector_mqtt_key_store_password_base64[inventory_hostname] }}"
insertafter: '^mqtt.ssl.key.store.path'
state: present
- name: modify connector key manager password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt_key_manager_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector key manager password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+'
line: "mqtt.ssl.key.manager.password={{ connector_mqtt_key_manager_password_base64[inventory_hostname] }}"
insertafter: '^mqtt.ssl.key.store.password'
state: present
- name: modify connector truststore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+'
line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks'
insertafter: '^mqtt.ssl.key.manager.password'
state: present
- name: modify connector truststore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt_trust_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+'
line: "mqtt.ssl.trust.store.password={{ connector_mqtt_trust_store_password_base64[inventory_hostname] }}"
insertafter: '^mqtt.ssl.trust.store.path'
state: present
common/connector-http-tls-enable.yml
---
- name: create certs store directory
file:
path: "{{ certs_store_path }}"
owner: dispatcher
group: dispatcher
state: directory
- name: copy dispatcher-connector keystore certs
copy:
src: "{{ connector_http_ssl_keystore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-http.server.keystore.jks"
mode: 0644
- name: copy dispatcher-connector truststore certs
copy:
src: "{{ connector_http_ssl_truststore_location[inventory_hostname] }}"
dest: "{{ certs_store_path }}/connector-http.server.truststore.jks"
mode: 0644
- name: modify connector keystore path if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector keystore path if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.path=\s*/?\w+'
line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks'
insertafter: '^mqtt.ssl.trust.store.password'
state: present
- name: modify connector keystore password if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http_key_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector keystore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.store.password=\s*/?\w+'
line: "http.ssl.key.store.password={{ connector_http_key_store_password_base64[inventory_hostname] }}"
insertafter: '^http.ssl.key.store.path'
state: present
- name: modify connector key manager password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http_key_manager_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector key manager password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+'
line: "http.ssl.key.manager.password={{ connector_http_key_manager_password_base64[inventory_hostname] }}"
insertafter: '^http.ssl.key.store.password'
state: present
- name: modify connector truststore path for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
backrefs: yes
backup: yes
state: present
- name: add connector truststore path for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+'
line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks'
insertafter: '^http.ssl.key.manager.password'
state: present
- name: modify connector truststore password for http if exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http_trust_store_password_base64[inventory_hostname] }}"
backrefs: yes
backup: yes
state: present
- name: add connector truststore password for http if not exists
lineinfile:
path: "{{ configure_file }}"
regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+'
line: "http.ssl.trust.store.password={{ connector_http_trust_store_password_base64[inventory_hostname] }}"
insertafter: '^http.ssl.trust.store.path'
state: present
结果是一样的
下一篇: 【学生】知识总结