From 2611683d81215a591acc8d6991e9fc0631f9317c Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Wed, 19 Apr 2017 10:58:48 +0200
Subject: [PATCH] MongoDB (from 10Gen) : basic role

---
 mongodb-org/.kitchen.yml             |  35 +++++
 mongodb-org/README.md                |  16 ++
 mongodb-org/defaults/main.yml        |   5 +
 mongodb-org/handlers/main.yml        |  16 ++
 mongodb-org/meta/main.yml            | 222 +++++++++++++++++++++++++++
 mongodb-org/tasks/main.yml           |  53 +++++++
 mongodb-org/templates/logrotate.j2   |  15 ++
 mongodb-org/templates/mongod.conf.j2 |  42 +++++
 mongodb-org/tests/inventory          |   1 +
 mongodb-org/tests/test.yml           |   4 +
 10 files changed, 409 insertions(+)
 create mode 100644 mongodb-org/.kitchen.yml
 create mode 100644 mongodb-org/README.md
 create mode 100644 mongodb-org/defaults/main.yml
 create mode 100644 mongodb-org/handlers/main.yml
 create mode 100644 mongodb-org/meta/main.yml
 create mode 100644 mongodb-org/tasks/main.yml
 create mode 100644 mongodb-org/templates/logrotate.j2
 create mode 100644 mongodb-org/templates/mongod.conf.j2
 create mode 100644 mongodb-org/tests/inventory
 create mode 100644 mongodb-org/tests/test.yml

diff --git a/mongodb-org/.kitchen.yml b/mongodb-org/.kitchen.yml
new file mode 100644
index 00000000..8a6b56c6
--- /dev/null
+++ b/mongodb-org/.kitchen.yml
@@ -0,0 +1,35 @@
+---
+driver:
+  name: docker
+  privileged: true
+  use_sudo: false
+
+provisioner:
+  name: ansible_playbook
+  hosts: test-kitchen
+  roles_path: ../
+  ansible_verbose: true
+  require_ansible_source: true
+  install_source_rev: "stable-2.0.0.1"
+  require_chef_for_busser: false
+  idempotency_test: true
+
+platforms:
+  - name: debian-8
+
+# verifier:
+#   name: serverspec
+
+suites:
+  - name: default
+    provisioner:
+      name: ansible_playbook
+      playbook: ./tests/test.yml
+    # verifier:
+    #   patterns:
+    #   - mongodb-org/tests/spec/mongodb-org_spec.rb
+    #   bundler_path: '/usr/local/bin'
+    #   rspec_path: '/usr/local/bin'
+
+transport:
+  max_ssh_sessions: 6
diff --git a/mongodb-org/README.md b/mongodb-org/README.md
new file mode 100644
index 00000000..dd0680c8
--- /dev/null
+++ b/mongodb-org/README.md
@@ -0,0 +1,16 @@
+# mongodb-org
+
+Install latest MongoDB from 10Gen repository.
+
+## Tasks
+
+Everything is in the `tasks/main.yml` file.
+
+## Available variables
+
+* `mongodborg_pidfile_path`: PID file path (default: `/var/lib/mongodb/mongod.lock`)
+* `mongodborg_logfile_path`: log file path (default: `/var/log/mongodb/mongod.log`)
+* `mongodborg_port`: port to listen to (default: `27017`)
+* `mongodborg_bind`: IP to bind to (default: `127.0.0.1`)
+
+The full list of variables (with default values) can be found in `defaults/main.yml`.
diff --git a/mongodb-org/defaults/main.yml b/mongodb-org/defaults/main.yml
new file mode 100644
index 00000000..c507dc6c
--- /dev/null
+++ b/mongodb-org/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+mongodborg_pidfile_path: /var/lib/mongodb/mongod.lock
+mongodborg_logfile_path: /var/log/mongodb/mongod.log
+mongodborg_port: 27017
+mongodborg_bind: 127.0.0.1
diff --git a/mongodb-org/handlers/main.yml b/mongodb-org/handlers/main.yml
new file mode 100644
index 00000000..c651d98e
--- /dev/null
+++ b/mongodb-org/handlers/main.yml
@@ -0,0 +1,16 @@
+---
+# handlers file for mongodb
+- name: restart mongodb
+  service:
+    name: mongodb
+    state: restarted
+
+- name: reload squid
+  service:
+    name: squid
+    state: reloaded
+
+- name: reload squid3
+  service:
+    name: squid3
+    state: reloaded
diff --git a/mongodb-org/meta/main.yml b/mongodb-org/meta/main.yml
new file mode 100644
index 00000000..2e1a9144
--- /dev/null
+++ b/mongodb-org/meta/main.yml
@@ -0,0 +1,222 @@
+galaxy_info:
+  author: your name
+  description: your description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+
+  min_ansible_version: 1.2
+
+  # Optionally specify the branch Galaxy will use when accessing the GitHub
+  # repo for this role. During role install, if no tags are available,
+  # Galaxy will use this branch. During import Galaxy will access files on
+  # this branch. If travis integration is cofigured, only notification for this
+  # branch will be accepted. Otherwise, in all cases, the repo's default branch
+  # (usually master) will be used.
+  #github_branch:
+
+  #
+  # Below are all platforms currently available. Just uncomment
+  # the ones that apply to your role. If you don't see your
+  # platform on this list, let us know and we'll get it added!
+  #
+  #platforms:
+  #- name: OpenBSD
+  #  versions:
+  #  - all
+  #  - 5.6
+  #  - 5.7
+  #  - 5.8
+  #  - 5.9
+  #  - 6.0
+  #- name: Fedora
+  #  versions:
+  #  - all
+  #  - 16
+  #  - 17
+  #  - 18
+  #  - 19
+  #  - 20
+  #  - 21
+  #  - 22
+  #  - 23
+  #  - 24
+  #  - 25
+  #- name: DellOS
+  #  versions:
+  #  - all
+  #  - 10
+  #  - 6
+  #  - 9
+  #- name: MacOSX
+  #  versions:
+  #  - all
+  #  - 10.10
+  #  - 10.11
+  #  - 10.12
+  #  - 10.7
+  #  - 10.8
+  #  - 10.9
+  #- name: Synology
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Junos
+  #  versions:
+  #  - all
+  #  - any
+  #- name: GenericBSD
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Void Linux
+  #  versions:
+  #  - all
+  #  - any
+  #- name: GenericLinux
+  #  versions:
+  #  - all
+  #  - any
+  #- name: NXOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: IOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Amazon
+  #  versions:
+  #  - all
+  #  - 2013.03
+  #  - 2013.09
+  #  - 2016.03
+  #  - 2016.09
+  #- name: ArchLinux
+  #  versions:
+  #  - all
+  #  - any
+  #- name: FreeBSD
+  #  versions:
+  #  - all
+  #  - 10.0
+  #  - 10.1
+  #  - 10.2
+  #  - 10.3
+  #  - 11.0
+  #  - 8.0
+  #  - 8.1
+  #  - 8.2
+  #  - 8.3
+  #  - 8.4
+  #  - 9.0
+  #  - 9.1
+  #  - 9.1
+  #  - 9.2
+  #  - 9.3
+  #- name: Ubuntu
+  #  versions:
+  #  - all
+  #  - lucid
+  #  - maverick
+  #  - natty
+  #  - oneiric
+  #  - precise
+  #  - quantal
+  #  - raring
+  #  - saucy
+  #  - trusty
+  #  - utopic
+  #  - vivid
+  #  - wily
+  #  - xenial
+  #  - yakkety
+  #- name: Debian
+  #  versions:
+  #  - all
+  #  - etch
+  #  - jessie
+  #  - lenny
+  #  - sid
+  #  - squeeze
+  #  - stretch
+  #  - wheezy
+  #- name: Alpine
+  #  versions:
+  #  - all
+  #  - any
+  #- name: EL
+  #  versions:
+  #  - all
+  #  - 5
+  #  - 6
+  #  - 7
+  #- name: Windows
+  #  versions:
+  #  - all
+  #  - 2012R2
+  #- name: SmartOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: opensuse
+  #  versions:
+  #  - all
+  #  - 12.1
+  #  - 12.2
+  #  - 12.3
+  #  - 13.1
+  #  - 13.2
+  #- name: SLES
+  #  versions:
+  #  - all
+  #  - 10SP3
+  #  - 10SP4
+  #  - 11
+  #  - 11SP1
+  #  - 11SP2
+  #  - 11SP3
+  #  - 11SP4
+  #  - 12
+  #  - 12SP1
+  #- name: GenericUNIX
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Solaris
+  #  versions:
+  #  - all
+  #  - 10
+  #  - 11.0
+  #  - 11.1
+  #  - 11.2
+  #  - 11.3
+  #- name: eos
+  #  versions:
+  #  - all
+  #  - Any
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is
+    # a keyword that describes and categorizes the role.
+    # Users find roles by searching for tags. Be sure to
+    # remove the '[]' above if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of
+    # alphanumeric characters. Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line.
+  # Be sure to remove the '[]' above if you add dependencies
+  # to this list.
\ No newline at end of file
diff --git a/mongodb-org/tasks/main.yml b/mongodb-org/tasks/main.yml
new file mode 100644
index 00000000..f3c0c244
--- /dev/null
+++ b/mongodb-org/tasks/main.yml
@@ -0,0 +1,53 @@
+---
+# tasks file for mongodb
+- name: Check if Squid is present
+  stat:
+    path: /etc/squid3/whitelist-custom.conf
+  register: _squid3_whitelist
+  check_mode: no
+
+- name: add keyserver to Squid whitelist
+  lineinfile:
+    dest: /etc/squid3/whitelist-custom.conf
+    line: "{{ item }}"
+  notify: reload squid3
+  with_items:
+  - "http://keyserver.ubuntu.com/.*"
+  - "hkp://keyserver.ubuntu.com/.*"
+  - "http://repo.mongodb.org/.*"
+  when: _squid3_whitelist.stat.exists
+
+- meta: flush_handlers
+
+# Attention à bien indiquer le protocole et le port, sinon le firewall ne laisse pas passer
+- name: MongoDB public GPG Key
+  apt_key:
+    keyserver: "hkp://keyserver.ubuntu.com:80"
+    id: "0C49F3730359A14518585931BC711F9BA15703C6"
+
+- name: enable APT sources list
+  apt_repository:
+    repo: deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/3.4 main
+    state: present
+    filename: mongodb
+    update_cache: yes
+
+- name: Install packages
+  apt:
+    name: mongodb-org
+    state: installed
+
+- name: Custom configuration
+  template:
+    src: mongod.conf.j2
+    dest: /etc/mongod.conf
+    force: yes
+    backup: no
+  notify: restart mongodb
+
+- name: Configure logrotate
+  template:
+    src: logrotate.j2
+    dest: /etc/logrotate.d/mongodb
+    force: yes
+    backup: no
diff --git a/mongodb-org/templates/logrotate.j2 b/mongodb-org/templates/logrotate.j2
new file mode 100644
index 00000000..222e14cf
--- /dev/null
+++ b/mongodb-org/templates/logrotate.j2
@@ -0,0 +1,15 @@
+# {{ ansible_managed }}
+
+{{ mongodborg_logfile_path }} {
+    daily
+    missingok
+    rotate 365
+    dateext
+    compress
+    delaycompress
+    notifempty
+    sharedscripts
+    postrotate
+        kill -0 $(cat {{ mongodborg_pidfile_path }}) && kill -USR1 $(cat {{ mongodborg_pidfile_path }})
+    endscript
+}
diff --git a/mongodb-org/templates/mongod.conf.j2 b/mongodb-org/templates/mongod.conf.j2
new file mode 100644
index 00000000..f8404c54
--- /dev/null
+++ b/mongodb-org/templates/mongod.conf.j2
@@ -0,0 +1,42 @@
+# mongod.conf - {{ ansible_managed }}
+
+# for documentation of all options, see:
+#   http://docs.mongodb.org/manual/reference/configuration-options/
+
+# Where and how to store data.
+storage:
+  dbPath: /var/lib/mongodb
+  journal:
+    enabled: true
+#  engine:
+#  mmapv1:
+#  wiredTiger:
+
+# where to write logging data.
+systemLog:
+  destination: file
+  logRotate: reopen
+  logAppend: true
+  path: {{ mongodborg_logfile_path }}
+
+# network interfaces
+net:
+  port: {{ mongodborg_port }}
+  bindIp: {{ mongodborg_bind }}
+
+processManagement:
+  pidFilePath: {{ mongodborg_pidfile_path }}
+
+#security:
+
+#operationProfiling:
+
+#replication:
+
+#sharding:
+
+## Enterprise-Only Options:
+
+#auditLog:
+
+#snmp:
diff --git a/mongodb-org/tests/inventory b/mongodb-org/tests/inventory
new file mode 100644
index 00000000..d18580b3
--- /dev/null
+++ b/mongodb-org/tests/inventory
@@ -0,0 +1 @@
+localhost
\ No newline at end of file
diff --git a/mongodb-org/tests/test.yml b/mongodb-org/tests/test.yml
new file mode 100644
index 00000000..05c33dc0
--- /dev/null
+++ b/mongodb-org/tests/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: test-kitchen
+  roles:
+    - role: mongodb-org