85 lines
3.3 KiB
YAML
85 lines
3.3 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# tasks file for roles/omada-controller
|
|
# roles/omada-controller/tasks/main.yml
|
|
- name: Check if Omada Controller package 'tpeap' is already installed (using command)
|
|
command: dpkg-query -W -f='${Status}' tpeap
|
|
register: omada_pkg_status
|
|
# Fail silently if package is not found, and never report a change.
|
|
failed_when: false
|
|
changed_when: false
|
|
|
|
- name: Install Omada Controller
|
|
when: "'install ok installed' not in omada_pkg_status.stdout"
|
|
block:
|
|
- name: Install dependencies for Omada Controller
|
|
# Der Controller benötigt Java, jsvc (Java Service Wrapper) und curl.
|
|
# MongoDB wird vom Controller-Paket selbst mitgebracht und muss nicht separat installiert werden.
|
|
apt:
|
|
name:
|
|
- "{{ omada_controller_java_package }}"
|
|
- jsvc
|
|
- gnupg # Benötigt für gpg --dearmor
|
|
- curl
|
|
state: present
|
|
update_cache: yes
|
|
register: apt_install
|
|
retries: 3
|
|
until: apt_install is success
|
|
|
|
- name: Ensure apt can use repositories over HTTPS
|
|
ansible.builtin.apt:
|
|
name: apt-transport-https
|
|
state: present
|
|
|
|
- name: Download MongoDB GPG key
|
|
ansible.builtin.get_url:
|
|
url: https://www.mongodb.org/static/pgp/server-6.0.asc
|
|
dest: /tmp/mongodb-server-6.0.asc
|
|
mode: '0644'
|
|
|
|
- name: Dearmor MongoDB GPG key and place in /usr/share/keyrings
|
|
ansible.builtin.command:
|
|
cmd: "gpg --dearmor -o /usr/share/keyrings/mongodb-archive-keyring.gpg /tmp/mongodb-server-6.0.asc"
|
|
creates: /usr/share/keyrings/mongodb-archive-keyring.gpg
|
|
# Hinweis: Der Pfad /usr/share/keyrings/ ist der empfohlene Ort für Schlüssel, die mit 'signed-by' verwendet werden.
|
|
|
|
- name: Add MongoDB repository
|
|
ansible.builtin.apt_repository:
|
|
repo: "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-archive-keyring.gpg ] https://repo.mongodb.org/apt/ubuntu {{ omada_controller_mongodb_repo_release }}/mongodb-org/6.0 multiverse"
|
|
state: present
|
|
filename: mongodb-org-6.0
|
|
update_cache: yes
|
|
# Der 'signed-by'-Parameter verweist auf den zuvor dearmored Schlüssel.
|
|
# Dies ist die moderne und sichere Methode, GPG-Schlüssel für APT-Repositories zu handhaben.
|
|
|
|
- name: Install MongoDB server
|
|
# Der Omada Controller benötigt MongoDB >= 3.0.0.
|
|
# Wir installieren 'mongodb-org-server' aus dem offiziellen MongoDB-Repository.
|
|
# Das Omada Controller-Paket wird diese Abhängigkeit dann finden.
|
|
ansible.builtin.apt:
|
|
name: mongodb-org-server
|
|
state: present
|
|
register: mongodb_install
|
|
retries: 3
|
|
until: mongodb_install is success
|
|
# Hinweis: Der MongoDB-Dienst wird bei der Installation automatisch gestartet.
|
|
# Der Omada Controller verwaltet seine Interaktion mit MongoDB.
|
|
|
|
|
|
# Das .deb-Paket wird direkt von der URL installiert.
|
|
- name: Install Omada Controller from URL
|
|
apt:
|
|
deb: "{{ omada_controller_deb_url }}"
|
|
state: present
|
|
register: omada_install
|
|
retries: 3
|
|
until: omada_install is success
|
|
notify: Restart Omada Controller
|
|
|
|
- name: Ensure Omada Controller service (tpeap) is running and enabled on boot
|
|
service:
|
|
name: tpeap
|
|
state: started
|
|
enabled: yes
|