Skip to content

Commit f8142e6

Browse files
MemberITMemberIT
committed
Add correct support mode requireSLL.
1 parent e5caa29 commit f8142e6

File tree

4 files changed

+23
-1
lines changed

4 files changed

+23
-1
lines changed

defaults/main.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ mongodb_net_port: 27017 # Specify port number
3131
mongodb_net_ssl: disabled # Enable or disable ssl connections
3232
mongodb_net_ssl_mode: "" # Set the ssl mode (RequireSSL / preferSSL / AllowSSL / disabled)
3333
mongodb_net_ssl_pemfile: "" # Location of the pemfile to use for ssl
34+
mongodb_net_ssl_host: "" # Valid ssl hostname
3435

3536
## processManagement Options
3637
# Fork server process

tasks/main.yml

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,18 @@
11
---
22

3+
- name: Check value of variable mongodb_net_ssl_host
4+
fail:
5+
msg: 'Set mongodb_net_ssl_mode is preferSSL or set valid hostname for mongodb_net_ssl_host!'
6+
when: ( mongodb_net_ssl_mode == 'requireSSL'
7+
and mongodb_net_ssl_host == '' )
8+
9+
- name: Check value of variable mongodb_login_host
10+
fail:
11+
msg: 'Set mongodb_login_host equal mongodb_net_ssl_host!'
12+
when: ( mongodb_net_ssl_mode == 'requireSSL'
13+
and mongodb_net_ssl_host != mongodb_login_host
14+
and not mongodb_replication_replset )
15+
316
- name: Include OS-specific variables
417
include_vars: "{{ item }}"
518
with_first_found:
@@ -32,7 +45,7 @@
3245

3346
- name: Check where admin user already exists
3447
command: >
35-
mongo --quiet -u {{ mongodb_user_admin_name }} \
48+
mongo --quiet {{ '--ssl --host ' + mongodb_net_ssl_host if mongodb_net_ssl_mode == 'requireSSL' else '' }} -u {{ mongodb_user_admin_name }} \
3649
-p {{ mongodb_user_admin_password }} --port {{ mongodb_net_port }} --eval 'db.version()' admin
3750
register: mongodb_user_admin_check
3851
changed_when: false
@@ -61,6 +74,7 @@
6174
login_password: "{{ mongodb_user_admin_password }}"
6275
login_port: "{{ mongodb_login_port|default(27017) }}"
6376
login_host: "{{ mongodb_login_host|default('localhost') }}"
77+
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
6478
with_items:
6579
- "{{ mongodb_users | default([]) }}"
6680
when: ( mongodb_replication_replset
@@ -79,6 +93,8 @@
7993
login_user: "{{ mongodb_user_admin_name }}"
8094
login_password: "{{ mongodb_user_admin_password }}"
8195
login_port: "{{ mongodb_net_port }}"
96+
login_host: "{{ mongodb_login_host|default('localhost') }}"
97+
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
8298
with_items:
8399
- "{{ mongodb_users | default([]) }}"
84100
when: ( mongodb_security_authorization == 'enabled'
@@ -99,6 +115,7 @@
99115
login_password: "{{ mongodb_user_admin_password }}"
100116
login_port: "{{ mongodb_login_port|default(27017) }}"
101117
login_host: "{{ mongodb_login_host|default('localhost') }}"
118+
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
102119
with_items:
103120
- "{{ mongodb_oplog_users | default([]) }}"
104121
when: ( mongodb_replication_replset | length > 0

tasks/replication.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
hidden: "{{ item.hidden|default(false) }}"
1515
priority: "{{ item.priority|default(1.0) }}"
1616
votes: "{{ item.votes|default(omit) }}"
17+
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
1718
when: mongodb_security_authorization == 'enabled'
1819
with_items:
1920
- "{{ mongodb_replication_params|default([]) }}"
@@ -30,6 +31,7 @@
3031
hidden: "{{ item.hidden|default(false) }}"
3132
priority: "{{ item.priority|default(1.0) }}"
3233
votes: "{{ item.votes|default(omit) }}"
34+
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
3335
when: mongodb_security_authorization == 'disabled'
3436
with_items:
3537
- "{{ mongodb_replication_params|default([]) }}"

tasks/replication_init_auth.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313
hidden: "{{ item.hidden|default(false) }}"
1414
priority: "{{ item.priority|default(1.0) }}"
1515
votes: "{{ item.votes|default(omit) }}"
16+
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
1617
with_items:
1718
- "{{ mongodb_replication_params|default([]) }}"
1819
register: mongodb_replica_init
@@ -35,6 +36,7 @@
3536
hidden: "{{ item.hidden|default(false) }}"
3637
priority: "{{ item.priority|default(1.0) }}"
3738
votes: "{{ item.votes|default(omit) }}"
39+
ssl: "{{ True if mongodb_net_ssl_mode == 'requireSSL' else False }}"
3840
when: mongodb_replica_init is failed
3941
with_items:
4042
- "{{ mongodb_replication_params|default([]) }}"

0 commit comments

Comments
 (0)