Mark Goddard a4bb8567da Fix up config file permissions on the host
Several config file permissions are incorrect on the host. In general,
files should be 0660, and directories and executables 0770.

Change-Id: Id276ac1864f280554e98b937f2845bb424d521de
Closes-Bug: #1821579
2019-04-02 17:23:31 +01:00

119 lines
3.5 KiB
YAML

---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ grafana_services }}"
- name: Check if extra configuration file exists
local_action: find path="{{ node_custom_config }}/grafana/"
changed_when: False
run_once: True
register: check_extra_conf_grafana
- name: Copying over config.json files
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
register: grafana_config_jsons
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ grafana_services }}"
notify:
- Restart grafana container
- name: Copying over grafana.ini
vars:
service_name: "{{ item.key }}"
merge_configs:
sources:
- "{{ role_path }}/templates/grafana.ini.j2"
- "{{ node_custom_config }}/{{ item.key }}.ini"
- "{{ node_custom_config }}/grafana/{{ inventory_hostname }}/{{ item.key }}.ini"
dest: "{{ node_config_directory }}/grafana/grafana.ini"
mode: "0660"
become: true
register: grafana_confs
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ grafana_services }}"
notify:
- Restart grafana container
- name: Copying over extra configuration file
become: true
template:
src: "{{ item.path }}"
dest: "{{ node_config_directory }}/grafana/{{ item.path | basename }}"
mode: "0660"
when:
- item is defined
with_items:
- "{{ check_extra_conf_grafana.files }}"
notify:
- Restart grafana container
- name: Check if custom grafana home dashboard exists
local_action: "stat path={{ node_custom_config }}/grafana/grafana_home_dashboard.json"
register: grafana_custom_dashboard_file
run_once: True
- name: Copying over grafana home dashboard if exists
template:
src: "{{ node_custom_config }}/grafana/grafana_home_dashboard.json"
dest: "{{ node_config_directory }}/grafana/grafana_home_dashboard.json"
mode: "0660"
register: grafana_home_dashboard
when: grafana_custom_dashboard_file.stat.exists
notify:
- Restart grafana container
- name: Configuring Prometheus as data source for Grafana
vars:
service: "{{ grafana_services['grafana'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/grafana/prometheus.yaml"
mode: "0660"
become: true
register: grafana_prometheus_data_source
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
- enable_prometheus | bool
with_first_found:
- "{{ node_custom_config }}/grafana/{{ inventory_hostname }}/prometheus.yaml"
- "{{ node_custom_config }}/grafana/prometheus.yaml"
- "prometheus.yaml.j2"
notify:
- Restart grafana container
- name: Check grafana containers
become: true
kolla_docker:
action: "compare_container"
common_options: "{{ docker_common_options }}"
name: "{{ item.value.container_name }}"
image: "{{ item.value.image }}"
volumes: "{{ item.value.volumes }}"
dimensions: "{{ item.value.dimensions }}"
register: check_grafana_containers
when:
- kolla_action != "config"
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ grafana_services }}"
notify:
- Restart grafana container