mirror of https://github.com/ceph/ceph-ansible.git
Merge pull request #2174 from fultonj/chmod-facl-on-all-mon
Set permissions and ACLs of OpenStack keys on all ceph-monspull/2180/head
commit
28a158e7a2
|
@ -50,24 +50,25 @@
|
||||||
- openstack_config
|
- openstack_config
|
||||||
- item.0 != groups[mon_group_name] | last
|
- item.0 != groups[mon_group_name] | last
|
||||||
|
|
||||||
- name: chmod openstack key(s)
|
- name: chmod openstack key(s) on the other mons and this mon
|
||||||
file:
|
file:
|
||||||
path: "/etc/ceph/{{ cluster }}.{{ item.name }}.keyring"
|
path: "/etc/ceph/{{ cluster }}.{{ item.1.name }}.keyring"
|
||||||
mode: "{{ item.mode|default(omit) }}" # if mode not in list, uses mode from ps umask
|
mode: "{{ item.1.mode|default(omit) }}" # if mode not in list, uses mode from ps umask
|
||||||
with_items: "{{ openstack_keys }}"
|
with_nested:
|
||||||
when:
|
- "{{ groups[mon_group_name] }}"
|
||||||
- openstack_config
|
|
||||||
- cephx
|
|
||||||
|
|
||||||
- name: setfacl for openstack key(s)
|
|
||||||
acl:
|
|
||||||
path: "/etc/ceph/{{ cluster }}.{{ item.0.name }}.keyring"
|
|
||||||
entry: "{{ item.1 }}"
|
|
||||||
state: present
|
|
||||||
with_subelements:
|
|
||||||
- "{{ openstack_keys }}"
|
- "{{ openstack_keys }}"
|
||||||
- acls
|
delegate_to: "{{ item.0 }}"
|
||||||
- skip_missing: true
|
|
||||||
when:
|
when:
|
||||||
- openstack_config
|
- openstack_config
|
||||||
- cephx
|
- cephx
|
||||||
|
|
||||||
|
- name: setfacl for openstack key(s) on the other mons and this mon
|
||||||
|
command: "setfacl -m {{ item.1.acls | join(',') }} /etc/ceph/{{ cluster }}.{{ item.1.name }}.keyring"
|
||||||
|
with_nested:
|
||||||
|
- "{{ groups[mon_group_name] }}"
|
||||||
|
- "{{ openstack_keys }}"
|
||||||
|
delegate_to: "{{ item.0 }}"
|
||||||
|
when:
|
||||||
|
- item.1.acls | length > 0
|
||||||
|
- openstack_config
|
||||||
|
- cephx
|
||||||
|
|
Loading…
Reference in New Issue