You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
2.5 KiB
84 lines
2.5 KiB
---
|
|
|
|
- name: Set initial facts
|
|
block:
|
|
- set_fact: crowdsec_install_mode='none'
|
|
- set_fact: crowdsec_current_version=''
|
|
tags: crowdsec
|
|
|
|
- name: Check if crowdsec is installed
|
|
stat: path=/usr/local/bin/crowdsec
|
|
register: crowdsec_bin
|
|
tags: crowdsec
|
|
|
|
- name: Check installed version
|
|
shell: |
|
|
crowdsec -version 2>&1 | perl -ne 'm/version: v(\d+(\.\d+)*)/ && print $1'
|
|
register: crowdsec_current_version
|
|
changed_when: False
|
|
when: crowdsec_bin.stat.exists
|
|
tags: crowdsec
|
|
|
|
- name: Set install mode
|
|
set_fact: crowdsec_install_mode='install'
|
|
when: not crowdsec_bin.stat.exists
|
|
tags: crowdsec
|
|
|
|
- name: Set upgrade mode
|
|
set_fact: crowdsec_install_mode='upgrade'
|
|
when:
|
|
- crowdsec_bin.stat.exists
|
|
- crowdsec_current_version.stdout != crowdsec_version
|
|
tags: crowdsec
|
|
|
|
# Create a random db password if needed
|
|
- block:
|
|
- import_tasks: ../includes/get_rand_pass.yml
|
|
vars:
|
|
- pass_file: "/etc/crowdsec/meta/ansible_db_pass"
|
|
- complex: False
|
|
- set_fact: crowdsec_db_pass={{ rand_pass }}
|
|
when:
|
|
- crowdsec_db_pass is not defined
|
|
- crowdsec_lapi_enabled
|
|
tags: crowdsec
|
|
|
|
# Check if local API credentials are available in the meta dir
|
|
- name: Check local API credential files
|
|
stat: path=/etc/crowdsec/meta/lapi_pass
|
|
register: crowdsec_lapi_pass_file
|
|
tags: crowdsec
|
|
|
|
- name: Read the local API pass
|
|
block:
|
|
- slurp: src=/etc/crowdsec/meta/lapi_pass
|
|
register: crowdsec_lapi_pass_meta
|
|
- set_fact: crowdsec_lapi_pass={{ crowdsec_lapi_pass_meta.content | b64decode | trim }}
|
|
when: crowdsec_lapi_pass is not defined and crowdsec_lapi_pass_file.stat.exists
|
|
tags: crowdsec
|
|
|
|
# Check if central API credentials are available in the meta dir
|
|
- name: Check central API credential files
|
|
block:
|
|
- stat: path=/etc/crowdsec/meta/capi_user
|
|
register: crowdsec_capi_user_file
|
|
- stat: path=/etc/crowdsec/meta/capi_pass
|
|
register: crowdsec_capi_pass_file
|
|
tags: crowdsec
|
|
|
|
- name: Read the central API user
|
|
block:
|
|
- slurp: src=/etc/crowdsec/meta/capi_user
|
|
register: crowdsec_capi_user_meta
|
|
- set_fact: crowdsec_capi_user={{ crowdsec_capi_user_meta.content | b64decode | trim }}
|
|
when: crowdsec_capi_user is not defined and crowdsec_capi_user_file.stat.exists
|
|
tags: crowdsec
|
|
|
|
- name: Read the central API pass
|
|
block:
|
|
- slurp: src=/etc/crowdsec/meta/capi_pass
|
|
register: crowdsec_capi_pass_meta
|
|
- set_fact: crowdsec_capi_pass={{ crowdsec_capi_pass_meta.content | b64decode | trim }}
|
|
when: crowdsec_capi_pass is not defined and crowdsec_capi_pass_file.stat.exists
|
|
tags: crowdsec
|
|
|
|
|