--- - name: Ensuring config directories exist file: path: "{{ node_config_directory }}/{{ item.key }}" state: "directory" owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" mode: "0770" become: true when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ barbican_services }}" - name: Ensuring vassals config directories exist vars: service: "{{ barbican_services['barbican-api'] }}" file: path: "{{ node_config_directory }}/{{ item }}" state: "directory" owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" mode: "0770" become: true when: - inventory_hostname in groups[service.group] - service.enabled | bool with_items: - "barbican-api/vassals" - name: Check if policies shall be overwritten stat: path: "{{ item }}" run_once: True delegate_to: localhost register: barbican_policy with_first_found: - files: "{{ supported_policy_format_list }}" paths: - "{{ node_custom_config }}/barbican/" skip: true - name: Set barbican policy file set_fact: barbican_policy_file: "{{ barbican_policy.results.0.stat.path | basename }}" barbican_policy_file_path: "{{ barbican_policy.results.0.stat.path }}" when: - barbican_policy.results - include_tasks: copy-certs.yml when: - kolla_copy_ca_into_containers | bool or barbican_enable_tls_backend | bool - name: Copying over config.json files for services template: src: "{{ item.key }}.json.j2" dest: "{{ node_config_directory }}/{{ item.key }}/config.json" mode: "0660" become: true when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ barbican_services }}" notify: - Restart {{ item.key }} container - name: Copying over barbican-api.ini vars: service: "{{ barbican_services['barbican-api'] }}" merge_configs: sources: - "{{ role_path }}/templates/barbican-api.ini.j2" - "{{ node_custom_config }}/barbican-api/barbican-api.ini" - "{{ node_custom_config }}/barbican-api/{{ inventory_hostname }}/barbican-api.ini" dest: "{{ node_config_directory }}/barbican-api/vassals/barbican-api.ini" mode: "0660" become: true when: - inventory_hostname in groups[service.group] - service.enabled | bool notify: - Restart barbican-api container - name: Checking whether barbican-api-paste.ini file exists vars: service: "{{ barbican_services['barbican-api'] }}" stat: path: "{{ node_custom_config }}/barbican/barbican-api-paste.ini" run_once: True delegate_to: localhost register: check_barbican_api_paste_ini when: - inventory_hostname in groups[service.group] - service.enabled | bool - name: Copying over barbican-api-paste.ini vars: service: "{{ barbican_services['barbican-api'] }}" template: src: "{{ node_custom_config }}/barbican/barbican-api-paste.ini" dest: "{{ node_config_directory }}/barbican-api/barbican-api-paste.ini" mode: "0660" become: true when: - inventory_hostname in groups[service.group] - service.enabled | bool - check_barbican_api_paste_ini.stat.exists notify: - Restart barbican-api container - name: Copying over barbican.conf vars: service_name: "{{ item.key }}" merge_configs: sources: - "{{ role_path }}/templates/barbican.conf.j2" - "{{ node_custom_config }}/global.conf" - "{{ node_custom_config }}/barbican.conf" - "{{ node_custom_config }}/barbican/{{ item.key }}.conf" - "{{ node_custom_config }}/barbican/{{ inventory_hostname }}/barbican.conf" dest: "{{ node_config_directory }}/{{ item.key }}/barbican.conf" mode: "0660" become: true when: - item.value.enabled | bool - inventory_hostname in groups[item.value.group] with_dict: "{{ barbican_services }}" notify: - Restart {{ item.key }} container - name: Copying over existing policy file template: src: "{{ barbican_policy_file_path }}" dest: "{{ node_config_directory }}/{{ item.key }}/{{ barbican_policy_file }}" mode: "0660" become: true when: - barbican_policy_file is defined - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ barbican_services }}" notify: - Restart {{ item.key }} container