Playbook #3
/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-infrastructure.yml
Execution
Date 08 Dec 2025 13:33:24 +0000
Duration 00:06:14.05
Controller aio1.openstack.local
User root
Versions
Ansible 2.18.6
ara 1.7.4 / 1.7.4
Python 3.12.3
Summary
2 Hosts
374 Tasks
364 Results
37 Plays
208 Files
0 Records
check:False tags:all

File: /home/zuul/src/opendev.org/openstack/openstack-ansible-haproxy_server/tasks/haproxy_pre_install.yml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE(cloudnull):
#  While the haproxy distro packages provide for an haproxy
#  group this group is being created upfront to support
#  log aggregation links as well as ensure common user
#  functionality across various distros that we support.
- name: Create the haproxy system group
  ansible.builtin.group:
    name: "haproxy"
    state: "present"
    system: "yes"
  tags:
    - haproxy-group

# NOTE(cloudnull):
#  While the haproxy distro packages provide for an haproxy
#  user this user is being created upfront to support
#  log aggregation links as well as ensure common user
#  functionality across various distros that we support.
- name: Create the haproxy system user
  ansible.builtin.user:
    name: "haproxy"
    group: "haproxy"
    comment: "haproxy user"
    shell: "/bin/false"
    system: "yes"
    createhome: "yes"
    home: "/var/lib/haproxy"
  tags:
    - haproxy-user

- name: Create haproxy config directories
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: "0755"
    owner: root
    group: root
  with_items:
    - /etc/haproxy/conf.d
    - "{{ haproxy_ssl_cert_path }}"
    - "{{ haproxy_ssl_temp_path }}"

- name: Cleanup haproxy_ssl_cert_path if temp_path is used
  when: "haproxy_ssl_cert_path != haproxy_ssl_temp_path"
  block:
    - name: Find crt and key files in the cert_path
      ansible.builtin.find:
        paths: "{{ haproxy_ssl_cert_path }}"
        patterns: '*.crt,*.key'
      register: old_certs

    - name: Copy cert files to the temp_path
      vars:
        filename: "{{ item | basename }}"
      ansible.builtin.copy:
        remote_src: true
        src: "{{ item }}"
        dest: "{{ [haproxy_ssl_temp_path, filename] | path_join }}"
        mode: "0644"
      loop: "{{ old_certs['files'] | map(attribute='path') }}"

    - name: Remove file from the old place
      ansible.builtin.file:
        path: "{{ item }}"
        state: absent
      loop: "{{ old_certs['files'] | map(attribute='path') }}"

- name: Copy static files
  ansible.builtin.copy:
    content: "{{ item.content | default(omit) }}"
    dest: "{{ item.dest }}"
    src: "{{ item.src | default(omit) }}"
    mode: "0644"
    owner: haproxy
    group: haproxy
  when:
    - (item.condition | default(True))
  loop: "{{ haproxy_static_files }}"
  no_log: true
  notify:
    - Reload haproxy