-
McConahy, Renee Margaret authoredThis skips several tasks that fail, at least in some conditions, when run in check mode but not when run in normal mode.
McConahy, Renee Margaret authoredThis skips several tasks that fail, at least in some conditions, when run in check mode but not when run in normal mode.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
main.yml 5.80 KiB
---
- name: Prevent changing GID of existing group.
block:
- name: Get groups.
getent:
database: group
- name: Assert that lockss group GID has not changed.
assert:
that:
"'lockss' not in ansible_facts.getent_group or
ansible_facts.getent_group.lockss[1] == lockss_gid | string"
fail_msg: GID must be corrected manually.
quiet: yes
when: lockss_gid is defined and lockss_gid is not none
- name: Add the lockss group.
group:
name: lockss
state: present
gid: "{{ lockss_gid | default(omit) }}"
- name: Prevent changing UID of existing user.
block:
- name: Get users.
getent:
database: passwd
- name: Assert that lockss user UID has not changed.
assert:
that:
"'lockss' not in ansible_facts.getent_passwd or
ansible_facts.getent_passwd.lockss[1] == lockss_uid | string"
fail_msg: UID must be corrected manually.
quiet: yes
when: lockss_uid is defined and lockss_uid is not none
- name: Add the lockss user.
user:
name: lockss
state: present
uid: "{{ lockss_uid | default(omit) }}"
group: lockss
shell: /sbin/nologin
home: /
create_home: false
comment: LOCKSS
- name: Add the lockss user to the docker group.
user:
name: lockss
state: present
groups: docker
append: true
- name: Configure the firewall.
include_tasks: firewall.yml
when: lockss_configure_firewall
- name: Check the storage driver used by Docker.
command:
cmd: docker info -f {% raw %}'{{.Driver}}'{% endraw %}
check_mode: false
changed_when: false
register: r
- name: Ensure Docker is using the OverlayFS storage driver.
assert:
that: r.stdout == "overlay2"