server.garden privileged automation agent (mirror of https://git.sequentialread.com/forest/rootsystem)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

65 lines
1.7 KiB

- name: Ensure threshold user group exists
group:
name: threshold
state: present
- name: Ensure threshold user exists
user:
name: threshold
state: present
group: threshold
- name: ensure threshold folder exists
file:
path: /opt/threshold
state: directory
owner: threshold
group: threshold
mode: '0600'
- name: checksum the Threshold binary
stat:
path: /opt/threshold/threshold
checksum_algorithm: sha256
register: threshold_binary
- name: log the checksum
debug:
var: threshold_binary.stat.checksum
when: threshold_binary.stat.checksum is defined
- name: Download & validate the Threshold tar.gz file (if reinstall is desired)
get_url:
url: 'https://f000.backblazeb2.com/file/server-garden-artifacts/threshold-{{ arch }}.tar.gz'
dest: '/tmp/threshold-{{ arch }}.tar.gz'
checksum: "sha256:{{ tar_sha256[arch] }}"
when: threshold_binary.stat.checksum is not defined or threshold_binary.stat.checksum != bin_sha256[arch]
- name: unarchive threshold tar.gz file (if reinstall is desired)
unarchive:
remote_src: yes
src: '/tmp/threshold-{{ arch }}.tar.gz'
dest: /opt/threshold
when: threshold_binary.stat.checksum is not defined or threshold_binary.stat.checksum != bin_sha256[arch]
- name: set owner, group and permissions on threshold binary
file:
path: /opt/threshold/threshold
owner: threshold
group: threshold
mode: '0700'
- name: clean up threshold tar.gz file
file:
path: '/tmp/threshold-{{ arch }}.tar.gz'
state: absent
- name: set owner, group and permissions on threshold service unit file
copy:
src: threshold.service
dest: /etc/systemd/system/threshold.service
owner: threshold
group: threshold
mode: '0755'