-
Notifications
You must be signed in to change notification settings - Fork 1
/
CentOS7x_Install-stunnel5x-via-source-for-Redis-Client-playbook.yml
143 lines (114 loc) · 4.8 KB
/
CentOS7x_Install-stunnel5x-via-source-for-Redis-Client-playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
---
################################################################################
# description: Installs stunnel 5x via source for Redis Client on CentOS7x
# usage: ansible-playbook CentOS7x_Install-stunnel5x-via-source-for-Redis-Client-playbook.yml --extra-vars 'HostOrGroup=YourServerOrGroupNameGoesHere'
# author: Ernest G. Wilson II <[email protected]> (https://github.com/ernestgwilsonii)
# license: MIT
################################################################################
# Ansible Playbook options
# REF: http://docs.ansible.com/ansible/playbooks.html
#####################################################
- name: Install stunnel 5x via source for Redis Client on CentOS7x
hosts: "{{ HostOrGroup|default ('FATAL ERROR --> HostOrGroup NOT SET! You must specify either a Host or a Group name!') }}"
serial: "100%"
gather_facts: False
tasks:
# Install yum packages
# REF: http://docs.ansible.com/ansible/yum_module.html
######################################################
- name: Install Development Tools group packages
yum:
name="@Development Tools"
state=present
# Note: Two (2) types of group lists exist "package groups" and "environment groups"
# Use: yum group list
# REF: http://docs.ansible.com/ansible/yum_module.html#notes
- name: Install OpenSSL Development package needed to compile stunnel
yum:
name=openssl-devel.x86_64
state=latest
# unarchive - Unpacks an archive after (optionally) copying it from the local machine
# REF: http://docs.ansible.com/ansible/unarchive_module.html
############################################################
- name: Download and extract the source code into /tmp/stunnel-5.x
unarchive:
src: https://www.stunnel.org/downloads/stunnel-5.35.tar.gz
dest: /tmp
copy: no
# Execute raw command(s)
# REF: http://docs.ansible.com/ansible/raw_module.html
##########################################################
- name: Compile and install stunnel 5x to /usr/local/bin/stunnel
raw: cd /tmp/stunnel-5.35; ./configure && make install
# SSH comman line verification:
# /usr/local/bin/stunnel -version
# Use the file module
# REF: http://docs.ansible.com/ansible/file_module.html
#######################################################
# /usr/local/etc/stunnel/conf.d
- name: mkdir /usr/local/etc/stunnel/conf.d
file:
path: /usr/local/etc/stunnel/conf.d
state: directory
mode: 0644
# /usr/local/etc/stunnel/stunnel.conf-sample
- name: rm /usr/local/etc/stunnel/stunnel.conf-sample
file:
path: /usr/local/etc/stunnel/stunnel.conf-sample
state: absent
# Use the template module to populate files with data
# REF: http://docs.ansible.com/ansible/template_module.html
###########################################################
# /etc/systemd/system/stunnel.service
- name: Fill in the variables and copy templates/stunnel/stunnel.service.j2 to remote /etc/systemd/system/stunnel.service
template:
src: templates/stunnel/stunnel.service.j2
dest: /etc/systemd/system/stunnel.service
owner: root
group: root
mode: 0644
# /usr/local/etc/stunnel/stunnel.conf
- name: Fill in the variables and copy templates/stunnel/stunnel.conf.j2 to remote /usr/local/etc/stunnel/stunnel.conf
template:
src: templates/stunnel/stunnel.conf.j2
dest: /usr/local/etc/stunnel/stunnel.conf
owner: root
group: root
mode: 0644
# Use the copy module to copy various files into place
# REF: http://docs.ansible.com/ansible/copy_module.html
#######################################################
# /usr/local/etc/stunnel/conf.d/redis-client.conf
- name: Copy files/stunnel/redis-client.conf to remote /usr/local/etc/stunnel/conf.d/redis-client.conf
copy:
src: files/stunnel/redis-client.conf
dest: /usr/local/etc/stunnel/conf.d/redis-client.conf
owner: root
group: root
mode: 0644
# /usr/local/etc/stunnel/redis-private.pem
- name: Copy files/stunnel/redis-private.pem to remote /usr/local/etc/stunnel/redis-private.pem
copy:
src: files/stunnel/redis-private.pem
dest: /usr/local/etc/stunnel/redis-private.pem
owner: root
group: root
mode: 0640
# /usr/local/etc/stunnel/psk.txt
- name: Copy files/stunnel/psk.txt to remote /usr/local/etc/stunnel/psk.txt
copy:
src: files/stunnel/psk.txt
dest: /usr/local/etc/stunnel/psk.txt
owner: root
group: root
mode: 0640
# Enable and start (or restart) stunnel
# REF: http://docs.ansible.com/ansible/service_module.html
##########################################################
- name: Enable but do not yet start stunnel
service:
name: stunnel.service
enabled: yes
state: restarted
# Note: Verify via SSH command line:
# systemctl status stunnel.service