From 73d6979e725635d43354dc2dc06ca3fef60c7a11 Mon Sep 17 00:00:00 2001 From: Ludovic Poujol Date: Tue, 5 Oct 2021 15:48:57 +0200 Subject: [PATCH] Various changes on mongodb (support 5.0) + fixes & compatibility MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * mongodb: Deny the install on Debian 11 « Bullseye » when the version is unsupported * mongodb: Support version 5.0 (for buster) * mongodb: Allow to specify a mongodb version for buster & bullseye * mongodb: Add missing remount-usr for munin plugins --- CHANGELOG.md | 4 +++ mongodb/defaults/main.yml | 2 ++ mongodb/files/server-5.0.asc | 29 ++++++++++++++++++++++ mongodb/tasks/main.yml | 5 ---- mongodb/tasks/main_bullseye.yml | 43 +++++++++++++++++++++------------ mongodb/tasks/main_buster.yml | 11 ++++++--- 6 files changed, 69 insertions(+), 25 deletions(-) create mode 100644 mongodb/files/server-5.0.asc diff --git a/CHANGELOG.md b/CHANGELOG.md index a6ae9958..718ac464 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,10 @@ The **patch** part changes is incremented if multiple releases happen the same m ### Changed +* mongodb: Deny the install on Debian 11 « Bullseye » when the version is unsupported +* mongodb: Support version 5.0 (for buster) +* mongodb: Allow to specify a mongodb version for buster & bullseye + ### Fixed ### Removed diff --git a/mongodb/defaults/main.yml b/mongodb/defaults/main.yml index ec255349..c118f588 100644 --- a/mongodb/defaults/main.yml +++ b/mongodb/defaults/main.yml @@ -6,3 +6,5 @@ mongodb_bind: 127.0.0.1 # Warning: config must not be overwritten by default # otherwise it can disable important settings, like authorization :/ mongodb_force_config: False + +mongodb_version: 4.4 \ No newline at end of file diff --git a/mongodb/files/server-5.0.asc b/mongodb/files/server-5.0.asc new file mode 100644 index 00000000..44ea4919 --- /dev/null +++ b/mongodb/files/server-5.0.asc @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGAsKNUBEAClMqPCvvqm6gFmbiorEN9qp00GI8oaECkwbxtGGbqX9sqMSrKe +AB3sGI7kqG2Fl0K+xmmiq1QDjhNgFDA1jjXq+Bd66RNPtvu747IRxVs+9fX7bk67 +8Bruha7U3M5l4193x5oYLlbcZL9aC7RSJE2mggTyS6LarmF6vKQN9LMXDicnageV +KCPpF2i3jkZaGnLPzAisW/pOjPQpWCbatTVqKOKvtOyP3Fz1spYd4obu6ELu1PXa +gmhSfvWJYt1irpchOl29LWZfcmXuJszmb00bqm4gLcK12VrnK191iXv46A8h2hSO +f3eQqrkc+pF/kw4RyG54EV7QtHXyTe9TVCbJUfgtliWIQt/bCoJYfPLHJaWIMs83 +bzA6ZvOjCKIfMS0CY5ZJyVaBfiI3wURSjgZIYFZAXVwbreQIfOKKuik7UVVn3xUO +nWpmQ2zyI0W7cJMquxwLNjkI+RckPhIqxWFo5iNSV4v6pzrlHD1WmIfFGBKEn7m+ +edwVyHG53fNIFZjxyShO6Pf1vgb9Js/XmXB4lxYnNyx1tB+hQhXTjLlY6N5gPpw5 +Z/PWQc7vfYekUZGQMXhTyRxU0QTwmdEeKcb+fb9r23OH59bbAfzE10xTMzhqCd2L +lgSozMBvMmkHb1xs1x6FFuv/U/X7LjHTrHIf4M//DNwdP4l4I1jhPlTAxwARAQAB +tDdNb25nb0RCIDUuMCBSZWxlYXNlIFNpZ25pbmcgS2V5IDxwYWNrYWdpbmdAbW9u +Z29kYi5jb20+iQI+BBMBAgAoBQJgLCjVAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsE +FgIDAQIeAQIXgAAKCRCwCgvR4sY8EawdD/0ewkyx3yE99K9n3y7gdvh5+2U8BsqU +7SWEfup7kPpf+4pF5xWqMaciEV/wRAGt7TiKlfVyAv3Q9iNsaLFN+s3kMaIcKhwD +8+q/iGfziIuOSTeo20dAxn9vF6YqrKGc7TbHdXf9AtYuJCfIU5j02uVZiupx+P9+ +rG39dEnjOXm3uY0Fv3pRGCpuGubDlWB1DYh0R5O481kDVGoMqBxmc3iTALu14L/u +g+AKxFYfT4DmgdzPVMDhppgywfyd/IOWxoOCl4laEhVjUt5CygBa7w07qdKwWx2w +gTd9U0KGHxnnSmvQYxrRrS5RX3ILPJShivTSZG+rMqnUe6RgCwBrKHCRU1L728Yv +1B3ZFJLxB1TlVT2Hjr+oigp0RY9W1FCIdO2uhb9GImpaJ1Y0ZZqUkt/d9D8U2wcw +SW6/6WYeO7wAi/zlJ25hrBwhxS2+88gM6wJ1yL9yrM9v8JUb7Kq0rCGsEO5kqscV +AmX90wsF2cZ6gHR53eGIDbAJK0MO5RHR73aQ4bpTivPnoTx4HTj5fyhW9z8yCSOe +BlQABoFFqFvOS7KBxoyIS3pxlDetWOSc6yQrvA1CwxnkB81OHNmJfWAbNbEtZkLm +xs2c8CIh2R81yi6HUzAaxyDH7mrThbwX3hUe/wsaD1koV91G6bDD4Xx3zpa9DG/O +HyB98+e983gslg== +=IQQF +-----END PGP PUBLIC KEY BLOCK----- diff --git a/mongodb/tasks/main.yml b/mongodb/tasks/main.yml index 1d238b00..3054ccfe 100644 --- a/mongodb/tasks/main.yml +++ b/mongodb/tasks/main.yml @@ -1,10 +1,5 @@ --- -# - fail: -# msg: only compatible with Debian 8 -# when: -# - ansible_distribution != "Debian" or ansible_distribution_release != "jessie" - - include: main_jessie.yml when: ansible_distribution_release == "jessie" diff --git a/mongodb/tasks/main_bullseye.yml b/mongodb/tasks/main_bullseye.yml index d9e6e0eb..e31ffed3 100644 --- a/mongodb/tasks/main_bullseye.yml +++ b/mongodb/tasks/main_bullseye.yml @@ -1,9 +1,11 @@ --- -- name: Look for legacy apt keyring - stat: - path: /etc/apt/trusted.gpg - register: _trusted_gpg_keyring +- fail: + msg: Not compatible with Debian 11 (Bullseye) + when: + - ansible_distribution_release == "bullseye" + - mongodb_version is version_compare('5.0', '<=') + - name: MongoDB embedded GPG key is absent apt_key: @@ -14,8 +16,8 @@ - name: Add MongoDB GPG key copy: - src: server-4.4.asc - dest: /etc/apt/trusted.gpg.d/mongodb-server-4.4.asc + src: "server-{{mongodb_version}}.asc" + dest: "/etc/apt/trusted.gpg.d/mongodb-server-{{mongodb_version}}.asc" force: yes mode: "0644" owner: root @@ -23,9 +25,9 @@ - name: enable APT sources list apt_repository: - repo: deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main + repo: "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/{{mongodb_version}} main" state: present - filename: mongodb-org-4.4 + filename: "mongodb-org-{{mongodb_version}}" update_cache: yes - name: Install packages @@ -40,30 +42,39 @@ name: mongod enabled: yes state: started - when: _mongodb_install_package.changed + when: _mongodb_install_package is changed - name: install dependency for monitoring apt: - name: python3-pymongo + name: python-pymongo state: present - name: Custom configuration template: - src: mongodb_bullseye.conf.j2 + src: mongodb_buster.conf.j2 dest: "/etc/mongod.conf" force: "{{ mongodb_force_config | bool | ternary('yes', 'no') }}" notify: restart mongod - name: Configure logrotate template: - src: logrotate_bullseye.j2 + src: logrotate_buster.j2 dest: /etc/logrotate.d/mongodb force: yes backup: no -- name: Munin plugins local directory exists +- include_role: + name: evolix/remount-usr + +- name: Create plugin directory file: - dest: /usr/local/share/munin/plugins/ + name: /usr/local/share/munin/ + state: directory + mode: "0755" + +- name: Create plugin directory + file: + name: /usr/local/share/munin/plugins/ state: directory mode: "0755" @@ -72,7 +83,7 @@ src: "munin/{{ item }}" dest: '/usr/local/share/munin/plugins/{{ item }}' force: yes - with_items: + loop: - mongo_btree - mongo_collections - mongo_conn @@ -88,7 +99,7 @@ src: '/usr/local/share/munin/plugins/{{ item }}' dest: /etc/munin/plugins/{{ item }} state: link - with_items: + loop: - mongo_btree - mongo_collections - mongo_conn diff --git a/mongodb/tasks/main_buster.yml b/mongodb/tasks/main_buster.yml index fc7ac7ed..cf5ce2ae 100644 --- a/mongodb/tasks/main_buster.yml +++ b/mongodb/tasks/main_buster.yml @@ -14,8 +14,8 @@ - name: Add MongoDB GPG key copy: - src: server-4.2.asc - dest: /etc/apt/trusted.gpg.d/mongodb-server-4.2.asc + src: "server-{{mongodb_version}}.asc" + dest: "/etc/apt/trusted.gpg.d/mongodb-server-{{mongodb_version}}.asc" force: yes mode: "0644" owner: root @@ -23,9 +23,9 @@ - name: enable APT sources list apt_repository: - repo: deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.2 main + repo: "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/{{mongodb_version}} main" state: present - filename: mongodb-org-4.2 + filename: "mongodb-org-{{mongodb_version}}" update_cache: yes - name: Install packages @@ -61,6 +61,9 @@ force: yes backup: no +- include_role: + name: evolix/remount-usr + - name: Create plugin directory file: name: /usr/local/share/munin/