summaryrefslogtreecommitdiffstats
path: root/collections-debian-merged/ansible_collections/community/mongodb/roles
diff options
context:
space:
mode:
Diffstat (limited to 'collections-debian-merged/ansible_collections/community/mongodb/roles')
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/.yamllint33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/README.md56
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/defaults/main.yml27
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/meta/main.yml30
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/molecule.yml50
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/playbook.yml65
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/tests/test_default.py56
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/molecule.yml54
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/playbook.yml66
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/prepare.yml40
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/tests/test_default.py56
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/main.yml94
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/mongodb_auth_user.yml29
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-7.yml2
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-8.yml2
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/default.yml2
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/main.yml2
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/.yamllint33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/README.md50
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/defaults/main.yml28
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/handlers.yml10
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/main.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/meta/main.yml58
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/molecule.yml74
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/playbook.yml38
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/prepare.yml10
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/tests/test_default.py67
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/molecule.yml54
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/playbook.yml38
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/prepare.yml39
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/tests/test_default.py66
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/main.yml74
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/redhat_docker.yml18
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/templates/configsrv.conf.j246
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/Debian.yml6
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/RedHat.yml6
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/default.yml6
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/main.yml2
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/.yamllint33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/README.md33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/meta/main.yml58
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/molecule.yml42
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/playbook.yml7
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/tests/test_default.py31
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/Dockerfile.j222
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/molecule.yml32
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/playbook.yml8
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/tests/test_default.py37
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/molecule.yml54
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/playbook.yml8
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/prepare.yml43
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/tests/test_default.py31
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/tasks/main.yml41
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/README.md42
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/defaults/main.yml10
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/files/thp-disable.service9
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/meta/main.yml58
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/molecule.yml68
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/playbook.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/prepare.yml11
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/tests/test_default.py75
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/molecule.yml36
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/playbook.yml7
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/prepare.yml12
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/tests/test_default.py73
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/tasks/main.yml139
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/Debian.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat-8.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/default.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/.yamllint33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/README.md52
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/defaults/main.yml30
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/handlers.yml10
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/main.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/meta/main.yml58
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/molecule.yml68
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/playbook.yml37
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/prepare.yml10
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/tests/test_default.py71
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/molecule.yml54
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/playbook.yml34
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/prepare.yml40
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/tests/test_default.py72
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/main.yml75
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/redhat_docker.yml18
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/templates/mongod.conf.j253
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/Debian.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/RedHat.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/default.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/main.yml2
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/.yamllint33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/README.md53
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/defaults/main.yml28
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/handlers.yml10
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/main.yml4
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/meta/main.yml58
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/molecule.yml76
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/playbook.yml63
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/tests/test_default.py65
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/molecule.yml60
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/playbook.yml70
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/prepare.yml48
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/tests/test_default.py65
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/tasks/main.yml87
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.conf.j214
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.service.j222
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos_pre.sh.j25
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/Debian.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/RedHat.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/default.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/.yamllint33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/README.md31
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/defaults/main.yml6
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/meta/main.yml58
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/molecule.yml34
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/playbook.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/tests/test_default.py67
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/molecule.yml54
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/playbook.yml6
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/tests/test_default.py67
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/Debian.yml30
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/RedHat.yml20
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/main.yml4
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/.yamllint33
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/README.md29
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/files/compile_mongodb_selinux.sh9
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/meta/main.yml58
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/Dockerfile.j239
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/molecule.yml34
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/playbook.yml5
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/tests/test_default.py13
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/molecule.yml36
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/playbook.yml6
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/tests/test_default.py14
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/tasks/main.yml44
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Debian.yml9
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-7.yml9
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-8.yml9
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Ubuntu-16.04.yml9
-rw-r--r--collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/default.yml5
148 files changed, 4999 insertions, 0 deletions
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/.yamllint b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/.yamllint
new file mode 100644
index 00000000..88276760
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ comments: disable
+ comments-indentation: disable
+ document-start: disable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation: disable
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: disable
+ new-lines:
+ type: unix
+ trailing-spaces: disable
+ truthy: disable
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/README.md
new file mode 100644
index 00000000..3fc91610
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/README.md
@@ -0,0 +1,56 @@
+mongodb_auth
+============
+
+This role to enables auth on MongoDB servers, adds the first admin user, and adds a list of other users.
+If your mongo instance requires ssl or an alternative auth_mechanism, please use
+[`module_defaults`](https://docs.ansible.com/ansible/latest/user_guide/playbooks_module_defaults.html)
+to provide the default auth details for `community.mongodb.mongodb_user` (these defaults are ignored
+when adding the initial admin user with the localhost exception).
+
+If running this on a MongoDB server that already has an admin user (ie when using this role to audit
+an alternate install method), you must touch `/root/mongodb_admin.success` or you will get an error
+when this role tries to add the admin user again.
+
+Role Variables
+--------------
+
+mongod_host: The domain or ip to use to communicate with mongod. Default localhost.
+mongod_port: The port used by the mongod process. Default 27017.
+mongod_package: The mongod package to install. Default mongodb-org-server.
+authorization: Enable authorization. Default enabled.
+mongodb_admin_db: MongoDB admin database (for adding users). Default admin.
+mongodb_admin_user: MongoDB admin username. Default admin.
+mongodb_admin_pwd: MongoDB admin password. Defaults to value of mongodb_admin_default_pwd.
+mongodb_admin_default_pwd: MongoDB admin password (for parent roles to override without overriding user's password). Default admin.
+mongodb_users: List of additional users to add. Each user dict should include fields: db, user, pwd, roles
+mongodb_force_update_password: Whether or not to force a password update for any users in mongodb_users. Setting this to yes will result in 'changed' on every run, even if the password is the same. Setting this to no only adds a password when creating the user.
+
+IMPORTANT NOTE: It is expected that mongodb_admin_user & mongodb_admin_pwd values be overridden in your own file protected by Ansible Vault. Any production environments should protect these values. For more information see [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html)
+
+Dependencies
+------------
+
+mongodb_repository
+
+Example Playbook
+----------------
+
+Install MongoDB preparing hosts for a Sharded Cluster.
+
+```yaml
+ - hosts: servers
+ roles:
+ - { role: mongodb_repository }
+ - { role: mongodb_mongod, mongod_port: 27018, sharding: true }
+ - { role: mongodb_auth, mongod_port: 27018, mongod_host: 127.0.0.1, mongodb_admin_pwd: f00b@r }
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Jacob Floyd (https://github.com/cognifloyd)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/defaults/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/defaults/main.yml
new file mode 100644
index 00000000..2612ee7b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/defaults/main.yml
@@ -0,0 +1,27 @@
+---
+# defaults file for mongodb_auth
+mongod_port: 27017
+mongod_package: "mongodb-org-server"
+
+authorization: "enabled"
+
+# when adding auth, the login credentials to use
+mongodb_admin_user: admin
+# For production use - please change the admin password!
+mongodb_admin_pwd: "{{ mongodb_default_admin_pwd }}"
+# The default is separate so other roles can provide a default without overriding a user provided password.
+mongodb_default_admin_pwd: admin
+# allow for alternate admin roles (eg userAdminAnyDatabase)
+mongodb_admin_roles: "root"
+
+# Additional users to add.
+mongodb_users: []
+# - db: somedatabase
+# user: someuser
+# pwd: "S0meP@ss"
+# roles: readWrite
+
+# whether or not to force a password update for any users in mongodb_users
+# Setting this to yes will result in 'changed' on every run, even if the password is the same.
+# See the comment in tasks/main.yml for more details.
+mongodb_force_update_password: no
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/meta/main.yml
new file mode 100644
index 00000000..c2ab9e8b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/meta/main.yml
@@ -0,0 +1,30 @@
+---
+galaxy_info:
+ author: Jacob Floyd
+ description: Configure auth on MongoDB servers
+
+ license: BSD
+
+ min_ansible_version: 2.9
+
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/molecule.yml
new file mode 100644
index 00000000..783a1cdd
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/molecule.yml
@@ -0,0 +1,50 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ image: centos:7
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - name: centos_8
+ image: centos:8
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ command: /sbin/init
+ privileged: True
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ command: /sbin/init
+ privileged: True
+ - name: debian_buster
+ image: debian:buster
+ command: /sbin/init
+ privileged: True
+ - name: debian_stretch
+ image: debian:stretch
+ command: /sbin/init
+ privileged: True
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/playbook.yml
new file mode 100644
index 00000000..ca136e75
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/playbook.yml
@@ -0,0 +1,65 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+ vars:
+ # for this test, each machine is an isolated mongod instance
+ replicaset: false
+ sharding: false
+
+ # initially disable authorization on some hosts
+ hosts_with_auth_disabled:
+ - ubuntu_18
+ - debian_buster
+
+ # add some users for some of the hosts
+ hosts_with_extra_user:
+ - centos_8
+ - ubuntu_16
+ - debian_buster
+ mongodb_users_empty: []
+ mongodb_users_full:
+ - db: somedatabase
+ user: someuser
+ pwd: "S0meP@ss"
+ roles: readWrite
+ - db: somedatabase
+ user: otheruser
+ pwd: "0th3rP@ss"
+ roles: readWrite
+ mongodb_users: "{% if inventory_hostname in hosts_with_extra_user %}{{ mongodb_users_full }}{% else %}{{ mongodb_users_empty }}{% endif %}"
+
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_mongod
+ authorization: "{% if inventory_hostname in hosts_with_auth_disabled %}disabled{% else %}enabled{% endif %}"
+ tags: molecule-idempotence-notest # avoids false positive where replacing conf file disables authorization again
+
+ tasks:
+ - name: Add EPEL repo to CentOS 7 to allow installing pip package
+ become: yes
+ yum:
+ name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_facts.distribution_major_version }}.noarch.rpm"
+ state: present
+ when: inventory_hostname == 'centos_7'
+
+ - name: Install python stuff
+ package:
+ name:
+ - "python{% if needs_3 %}3{% endif %}-setuptools"
+ - "python{% if needs_3 %}3{% endif %}-pip"
+ vars:
+ needs_3: "{{ ansible_facts.python.version.major == 3 }}"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+
+ - name: Enable mongo auth
+ include_role:
+ name: mongodb_auth
+
+ - name: Install MongoDB Shell
+ package:
+ name: mongodb-org-shell
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..933015a0
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/default/tests/test_default.py
@@ -0,0 +1,56 @@
+import os
+import yaml
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ["MOLECULE_INVENTORY_FILE"]
+).get_hosts("all")
+
+
+def include_vars(host):
+ ansible = host.ansible("include_vars",
+ 'file="../../defaults/main.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ f = host.file("/etc/mongod.conf")
+
+ assert f.exists
+ assert yaml.safe_load(f.content)["security"]["authorization"] == "enabled"
+
+
+def test_mongod_service(host):
+ mongod_service = include_vars(host)["ansible_facts"].get("mongod_service", "mongod")
+ s = host.service(mongod_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ port = include_vars(host)["ansible_facts"].get("mongod_port", 27017)
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+ assert s.is_listening
+
+
+def test_mongo_shell_connectivity(host):
+ """
+ Tests that we can connect to mongos via the shell annd run a cmd
+ """
+ facts = include_vars(host)["ansible_facts"]
+ port = facts.get("mongod_port", 27017)
+ user = facts.get("mongod_admin_user", "admin")
+ pwd = facts.get("mongod_default_admin_pwd", "admin")
+
+ cmd = host.run(
+ "mongo admin --username {user} --password {pwd} --port {port} --eval 'db.runCommand({{listDatabases: 1}})'".format(
+ user=user, pwd=pwd, port=port
+ )
+ )
+
+ assert cmd.rc == 0
+ assert "admin" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..14d29680
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/molecule.yml
@@ -0,0 +1,54 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-buster
+ box: debian/buster64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..5a0e4614
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/playbook.yml
@@ -0,0 +1,66 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+ vars:
+ # for this test, each machine is an isolated mongod instance
+ replicaset: false
+ sharding: false
+
+ # initially disable authorization on some hosts
+ hosts_with_auth_disabled:
+ - ubuntu_18
+ - debian_buster
+
+ # add some users for some of the hosts
+ hosts_with_extra_user:
+ - centos_8
+ - ubuntu_16
+ - debian_buster
+ mongodb_users_empty: []
+ mongodb_users_full:
+ - db: somedatabase
+ user: someuser
+ pwd: "S0meP@ss"
+ roles: readWrite
+ - db: somedatabase
+ user: otheruser
+ pwd: "0th3rP@ss"
+ roles: readWrite
+ mongodb_users: "{% if inventory_hostname in hosts_with_extra_user %}{{ mongodb_users_full }}{% else %}{{ mongodb_users_empty }}{% endif %}"
+
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_mongod
+ vars:
+ authorization: "{% if inventory_hostname in hosts_with_auth_disabled %}disabled{% else %}enabled{% endif %}"
+ tags: molecule-idempotence-notest # avoids false positive where replacing conf file disables authorization again
+
+ tasks:
+ - name: Add EPEL repo to CentOS 7 to allow installing pip package
+ become: yes
+ yum:
+ name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_facts.distribution_major_version }}.noarch.rpm"
+ state: present
+ when: inventory_hostname == 'centos_7'
+
+ - name: Install python stuff
+ package:
+ name:
+ - "python{% if needs_3 %}3{% endif %}-setuptools"
+ - "python{% if needs_3 %}3{% endif %}-pip"
+ vars:
+ needs_3: "{{ ansible_facts.python.version.major == 3 }}"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+
+ - name: Enable mongo auth
+ include_role:
+ name: mongodb_auth
+
+ - name: Install MongoDB Shell
+ package:
+ name: mongodb-org-shell
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/prepare.yml
new file mode 100644
index 00000000..0f186973
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/prepare.yml
@@ -0,0 +1,40 @@
+---
+- name: Prepare
+ hosts: all
+ become: yes
+ vars:
+ avahi_packages_redhat:
+ - "avahi"
+ - "nss-mdns"
+ avahi_packages_debian:
+ - "avahi-daemon"
+ - "avahi-discover"
+ - "libnss-mdns"
+ tasks:
+
+ - name: Ensure epel is available
+ yum:
+ name: epel-release
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_redhat }}"
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_debian }}"
+ state: present
+ when: ansible_os_family == "Debian"
+
+ # debian-stretch seems to require a reboot for avahi-daemon to run
+ - name: Reboot host
+ reboot:
+
+ - name: Ensure avahi-daemon is started
+ service:
+ name: avahi-daemon
+ state: started
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..933015a0
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,56 @@
+import os
+import yaml
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ["MOLECULE_INVENTORY_FILE"]
+).get_hosts("all")
+
+
+def include_vars(host):
+ ansible = host.ansible("include_vars",
+ 'file="../../defaults/main.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ f = host.file("/etc/mongod.conf")
+
+ assert f.exists
+ assert yaml.safe_load(f.content)["security"]["authorization"] == "enabled"
+
+
+def test_mongod_service(host):
+ mongod_service = include_vars(host)["ansible_facts"].get("mongod_service", "mongod")
+ s = host.service(mongod_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ port = include_vars(host)["ansible_facts"].get("mongod_port", 27017)
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+ assert s.is_listening
+
+
+def test_mongo_shell_connectivity(host):
+ """
+ Tests that we can connect to mongos via the shell annd run a cmd
+ """
+ facts = include_vars(host)["ansible_facts"]
+ port = facts.get("mongod_port", 27017)
+ user = facts.get("mongod_admin_user", "admin")
+ pwd = facts.get("mongod_default_admin_pwd", "admin")
+
+ cmd = host.run(
+ "mongo admin --username {user} --password {pwd} --port {port} --eval 'db.runCommand({{listDatabases: 1}})'".format(
+ user=user, pwd=pwd, port=port
+ )
+ )
+
+ assert cmd.rc == 0
+ assert "admin" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/main.yml
new file mode 100644
index 00000000..4ead377c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/main.yml
@@ -0,0 +1,94 @@
+---
+# tasks file for mongodb_auth
+- name: Include OS-specific vars
+ include_vars:
+ file: "{{ lookup('first_found', params) }}"
+ vars:
+ params:
+ paths:
+ - "vars"
+ files:
+ - "{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml"
+ - "{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml"
+ - "{{ ansible_facts.distribution }}.yml"
+ - "{{ ansible_facts.os_family }}.yml"
+ - default.yml
+
+- name: Ensure mongod and pyyaml packages are installed
+ package:
+ name:
+ - "{{ mongod_package }}"
+ # pyyaml is used to validate yaml files on change
+ - "{{ pyyaml_package }}"
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Warn about default credentials
+ when: mongodb_admin_pwd == mongodb_default_admin_pwd
+ debug:
+ msg: "[WARNING] Using default admin credentials for mongodb admin account! Please change them!"
+
+- name: Add mongo admin user with localhost exception
+ community.mongodb.mongodb_user:
+ state: present
+
+ # on_create triggers additional queries that are not compatible with localhost exception
+ update_password: always
+
+ name: "{{ mongodb_admin_user }}"
+ password: "{{ mongodb_admin_pwd }}"
+ database: admin
+ roles: "{{ mongodb_admin_roles }}"
+
+ login_host: localhost
+ login_port: "{{ mongod_port | string }}" # silence implicit int->str conversion warning
+ create_for_localhost_exception: /root/mongodb_admin.success
+ module_defaults:
+ community.mongodb.mongodb_user: {}
+
+- name: Enable security section in mongod.conf
+ lineinfile:
+ path: /etc/mongod.conf
+ regexp: |-
+ ^[#'"\s]*security['"]?\s*:
+ line: 'security:'
+ validate: |
+ {{ mongodb_python }} -c '
+ import yaml, io
+ if "security" not in yaml.safe_load(io.open("%s")):
+ exit(1)
+ '
+
+- name: Enable authentication in mongod.conf
+ lineinfile:
+ path: /etc/mongod.conf
+ insertafter: '^security:'
+ # two space indentation (the default) assumed
+ line: ' authorization: {{ authorization }}'
+ regexp: |-
+ ^[#'"\s]+authorization['"]?\s*:
+ validate: |
+ {{ mongodb_python }} -c '
+ import yaml, io
+ if yaml.safe_load(io.open("%s"))["security"]["authorization"] != "{{ authorization }}":
+ exit(1)
+ '
+ register: _enable_mongo_auth
+
+# This is a task instead of a handler so we can add users right away
+- name: Restart mongodb to enable auth before adding additional users
+ # This allows us to safely assume auth is already enabled when adding more users
+ when: _enable_mongo_auth is changed
+ service:
+ name: mongod
+ state: restarted
+
+- name: Add additional mongo users
+ include_tasks: mongodb_auth_user.yml
+ loop: "{{ mongodb_users }}"
+ loop_control:
+ loop_var: _mongodb_user
+ # using loop_control: label does not obscure the password in output for verbosity > 1
+ # So, loop over an include where the task name will include the username + db, but the loop var won't print out.
+ no_log: yes
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/mongodb_auth_user.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/mongodb_auth_user.yml
new file mode 100644
index 00000000..285a0dc8
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/tasks/mongodb_auth_user.yml
@@ -0,0 +1,29 @@
+---
+- name: "Add mongo auth user - {{ _mongodb_user.user }} on {{ _mongodb_user.db }}"
+ community.mongodb.mongodb_user:
+ state: present
+
+ # NOTE: on_create is idempotent, always is not.
+ # With `update_password: on_create`, mongodb_user checks to see if the user
+ # (a) exists on the db, and (b) has the same roles,
+ # and then it only adds the user if it's not there or the roles have changed.
+ # With `update_password: always`, mongodb_user cannot tell if the password
+ # needs to be changed without attempting a login with those credentials.
+ # But mongodb_user does not currently implement such a check.
+ # A comment in mongodb_user points to https://jira.mongodb.org/browse/SERVER-22848
+ update_password: "{{ mongodb_force_update_password|ternary('always', 'on_create') }}"
+
+ name: "{{ _mongodb_user.user }}"
+ password: "{{ _mongodb_user.pwd }}"
+ database: "{{ _mongodb_user.db }}"
+ roles: "{{ _mongodb_user.roles|default('readWrite') }}"
+
+ login_host: localhost
+ login_port: "{{ mongod_port | string }}" # silence implicit int->str conversion warning
+ login_user: "{{ mongodb_admin_user }}"
+ login_password: "{{ mongodb_admin_pwd }}"
+ login_database: admin
+ # to provide additional auth details (eg for ssl* or auth_mechanism, set module_defaults in playbook)
+ # module_defaults:
+ # community.mongodb.mongodb_user:
+ # auth_mechanism: ...
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-7.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-7.yml
new file mode 100644
index 00000000..190d2622
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-7.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: PyYAML
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-8.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-8.yml
new file mode 100644
index 00000000..ba3964da
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/RedHat-8.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: python3-pyyaml
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/default.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/default.yml
new file mode 100644
index 00000000..af98d755
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/default.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: "python{% if ansible_facts.python.version.major == 3 %}3{% endif %}-yaml"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/main.yml
new file mode 100644
index 00000000..458cdc63
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_auth/vars/main.yml
@@ -0,0 +1,2 @@
+---
+mongodb_python: "{{ ansible_python_interpreter | default( (ansible_python|default({})).get('executable', 'python') ) }}"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/.yamllint b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/.yamllint
new file mode 100644
index 00000000..88276760
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ comments: disable
+ comments-indentation: disable
+ document-start: disable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation: disable
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: disable
+ new-lines:
+ type: unix
+ trailing-spaces: disable
+ truthy: disable
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/README.md
new file mode 100644
index 00000000..4c177d38
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/README.md
@@ -0,0 +1,50 @@
+mongodb_config
+==============
+
+A simple role to aid in setting up a CSRS Config Server Replicaset for a MongoDB sharded cluster.
+
+Role Variables
+--------------
+
+* `config_port`: The port used by the mongos process. Default 27019.
+* `mongod_service`: The name of the mongod service. Default mongod.
+* `mongodb_user`: The Linux OS user for MongoDB. Default mongod.
+* `mongodb_group`: The Linux OS user group for MongoDB. Default mongod.
+* `pid_file`: The pid file for mongos. Default /run/mongodb/mongos.pid.
+* `bind_ip`: The IP address mongos will bind to. Default 0.0.0.0.
+* `config_repl_set_name`: The replicaset name for the config servers. Default cfg.
+* `authorization`: Enable authorization. Default enabled.
+* `openssl_keyfile_content`: The kexfile content that MongoDB uses to authenticate within a replicaset. Generate with cmd: openssl rand -base64 756.
+* `mongod_package`: The name of the mongod installation package. Default mongodb-org-server.
+replicaset: When enabled add a replication section to the configuration. Default true.
+* `mongod_config_template`: If defined allows to override path to mongod config template with custom configuration. Default "mongod.conf.j2"
+* `skip_restart`: If set to `true` will skip restarting mongod service when config file or the keyfile content changes. Default `true`.
+
+Dependencies
+------------
+
+mongodb_repository
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables
+passed in as parameters) is always nice for users too:
+
+
+```yaml
+ - hosts: servers
+ roles:
+ - { role: mongodb_repository }
+ - { role: mongodb_config, config_repl_set_name: "mycustomrs" }
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Rhys Campbell (https://github.com/rhysmeister)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/defaults/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/defaults/main.yml
new file mode 100644
index 00000000..5bf772a2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/defaults/main.yml
@@ -0,0 +1,28 @@
+---
+# defaults file for mongodb_config
+pid_file: /var/run/mongodb/mongod.pid
+bind_ip: 0.0.0.0
+# config_port is in vars to facilitate molecule tests
+config_repl_set_name: cfg
+authorization: enabled
+openssl_keyfile_content: |
+ Z2CeA9BMcoY5AUWoegjv/XWL2MA1SQcL4HvmRjYaTjSp/xosJy+LL2X3OQb1xVWC
+ rO2e6Tu6A3R4muunitI6Vr0IKeU5UbTpR0N4hSU6HDrV9z2PIEWlkQqKh01ZRLEY
+ V3hR73acj0jA8eWIWeiV039d18jvMb8X2h8409lfcD6PPJJGjyaC8S4LY/TrsK2z
+ tx+l/vqOOAMhGB5mEMjx1LXUMsRG9ot6vFu9I5LPd1A4q9xw9jddYK5C6YTLccun
+ ZyCDsv7ImkCprV0+0vhTyxIEnfaNtvOlWypuvmRr/DEyd2NPowd1n6C+rgk8gs1t
+ SGLCZP93gXza0rIoQzHtuf5pOJK9qyKjuNtuuLa/KFsida8a69JXn7fmS0IIja0m
+ Ir0OrQ2Ta3n4VbQwQo97BWODWmkgzz0mUd6VmMps5zLsCW1vVqYFQHuAAbLekW0q
+ 8JRm8OQ6n2hp8j4zYd3/Qw7vqsVj8sHicNB0bCW29b64H4f2J/AcUA/cm0xSUQyb
+ +myeCB4vWvydh5AfFVnw7sXvzU6egaYRomdmrl59QrTDneJu13hwzIchsFparoWJ
+ XjpldopGeDaJLU18ga7MSL02ozB+EoJ14DJxQU7E5MQk7fDMPeitXKZ8ymxb7LeA
+ k0Rtc/JQM8aDLoRklhLZRRARBrv1RLo8DM8CB2q4s+FwVU4QJl7mFyiwk3eTN6sN
+ PTgFRo3/dHsEA2OwGG+hnGFGnoYf2mkECR5jqai83CXgva9v2rPNjDTJYHpmd3I0
+ fNijueXZZdzUA58y8mcoSGVYdRhr0g8jaWQ12PZEgX5Nnlekh5GHG0j8HT4qj/0Y
+ D3xVuE3WvrhldY5EOsaTt2ZXZx5REmJDIW1KcnvQKiVDJ2QzP5xdXYA0hh3TdTVE
+ sb4UreMw/WyBpANiICMlJRBgSd0f0VGMlYzLX2BL14YpNnLhmoQqKzfBN6v2XAEG
+ mJfrCUVuP1nBEklk23lYkNi/ohe+aodNjdN+2DHp42sGZHYP
+mongod_package: "mongodb-org-server"
+replicaset: true
+mongod_config_template: "configsrv.conf.j2"
+skip_restart: true
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/handlers.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/handlers.yml
new file mode 100644
index 00000000..8b654cea
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/handlers.yml
@@ -0,0 +1,10 @@
+---
+
+- name: Restart mongod service
+ service:
+ name: "{{ mongod_service }}"
+ state: restarted
+
+- name: Wait for port to become active
+ wait_for:
+ port: "{{ config_port }}"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/main.yml
new file mode 100644
index 00000000..d1a7a569
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+
+- name: Restart mongod service
+ import_tasks: handlers.yml
+ when: not skip_restart
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/meta/main.yml
new file mode 100644
index 00000000..1d46e31c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/meta/main.yml
@@ -0,0 +1,58 @@
+---
+galaxy_info:
+ author: Rhys Campbell
+ description: your description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Some suggested licenses:
+ # - BSD (default)
+ # - MIT
+ # - GPLv2
+ # - GPLv3
+ # - Apache
+ # - CC-BY
+ license: license (GPLv2, CC-BY, etc)
+
+ min_ansible_version: 1.2
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ # Optionally specify the branch Galaxy will use when accessing the GitHub
+ # repo for this role. During role install, if no tags are available,
+ # Galaxy will use this branch. During import Galaxy will access files on
+ # this branch. If Travis integration is configured, only notifications for this
+ # branch will be accepted. Otherwise, in all cases, the repo's default branch
+ # (usually master) will be used.
+ # github_branch:
+
+ #
+ # platforms is a list of platforms, and each platform has a name and a list of versions.
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/molecule.yml
new file mode 100644
index 00000000..528c2be0
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/molecule.yml
@@ -0,0 +1,74 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ hostname: centos_7
+ image: centos:7
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ networks:
+ - name: "mymongo"
+ network_mode: "mymongo"
+ - name: centos_8
+ hostname: centos_8
+ image: centos:8
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ networks:
+ - name: "mymongo"
+ network_mode: "mymongo"
+ - name: ubuntu_16
+ hostname: ubuntu_16
+ image: ubuntu:16.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongo"
+ network_mode: "mymongo"
+ - name: ubuntu_18
+ hostname: ubuntu_18
+ image: ubuntu:18.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongo"
+ network_mode: "mymongo"
+ - name: debian_buster
+ hostname: debian_buster
+ image: debian:buster
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongo"
+ network_mode: "mymongo"
+ - name: debian_stretch
+ hostname: debian_stretch
+ image: debian:stretch
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongo"
+ network_mode: "mymongo"
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/playbook.yml
new file mode 100644
index 00000000..ba4749b7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/playbook.yml
@@ -0,0 +1,38 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_config
+
+ tasks:
+
+ - name: Install python stuff
+ package:
+ name: ["python-setuptools", "python-pip"]
+ when: ansible_hostname == "ubuntu_16"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+ when: ansible_hostname == "ubuntu_16"
+
+ - name: Install MongoDB Shell
+ package:
+ name: mongodb-org-shell
+
+ - name: Init config server replicaset
+ community.mongodb.mongodb_replicaset:
+ login_host: localhost
+ login_port: 27019
+ replica_set: cfg
+ validate: no
+ members:
+ - centos_7:27019
+ - centos_8:27019
+ - ubuntu_16:27019
+ - ubuntu_18:27019
+ #- debian_stretch:27019 # need odd number, so drop stretch
+ - debian_buster:27019
+ when: ansible_hostname == "ubuntu_16"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/prepare.yml
new file mode 100644
index 00000000..abdf26a2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/prepare.yml
@@ -0,0 +1,10 @@
+---
+- name: Prepare
+ hosts: all
+
+ tasks:
+
+ - name: Create is_docker.txt file
+ file:
+ path: is_docker.txt
+ state: touch
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..25db94ea
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/default/tests/test_default.py
@@ -0,0 +1,67 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/RedHat.yml"',
+ False,
+ False)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/Debian.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ mongodb_user = include_vars(host)['ansible_facts']['mongodb_user']
+ mongodb_group = include_vars(host)['ansible_facts']['mongodb_group']
+ f = host.file('/etc/mongod.conf')
+
+ assert f.exists
+ assert f.user == mongodb_user
+ assert f.group == mongodb_group
+
+
+def test_mongod_service(host):
+ mongod_service = include_vars(host)['ansible_facts']['mongod_service']
+ s = host.service(mongod_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ port = include_vars(host)['ansible_facts']['config_port']
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+
+ assert s.is_listening
+
+
+def test_mongod_replicaset(host):
+ '''
+ Ensure that the MongoDB config replicaset has been created successfully
+ '''
+ port = include_vars(host)['ansible_facts']['config_port']
+ cmd = "mongo --port {0} --eval 'rs.status()'".format(port)
+ # We only want to run this once
+ if host.ansible.get_variables()['inventory_hostname'] == "ubuntu_16":
+ r = host.run(cmd)
+
+ assert "cfg" in r.stdout
+ assert "centos_7:{0}".format(port) in r.stdout
+ assert "centos_8:{0}".format(port) in r.stdout
+ assert "ubuntu_16:{0}".format(port) in r.stdout
+ assert "ubuntu_18:{0}".format(port) in r.stdout
+ assert "debian_buster:{0}".format(port) in r.stdout
+ # assert "debian_stretch:{0}".format(port) in r.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..14d29680
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/molecule.yml
@@ -0,0 +1,54 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-buster
+ box: debian/buster64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..92cefb0c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/playbook.yml
@@ -0,0 +1,38 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_config
+
+ tasks:
+
+ - name: Install python stuff
+ package:
+ name: ["python-setuptools", "python-pip"]
+ when: ansible_hostname == "ubuntu-16"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+ when: ansible_hostname == "ubuntu-16"
+
+ - name: Install MongoDB Shell
+ package:
+ name: mongodb-org-shell
+
+ - name: Init config server replicaset
+ community.mongodb.mongodb_replicaset:
+ login_host: localhost
+ login_port: 27019
+ replica_set: cfg
+ members:
+ - ubuntu-16.local:27019
+ - ubuntu-18.local:27019
+ - debian-stretch.local:27019
+ - debian-buster.local:27019
+ - centos-7.local:27019
+ when: ansible_hostname == "ubuntu-16"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/prepare.yml
new file mode 100644
index 00000000..acf089f2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/prepare.yml
@@ -0,0 +1,39 @@
+---
+- name: Prepare
+ hosts: all
+ become: yes
+ vars:
+ avahi_packages_redhat:
+ - "avahi"
+ - "nss-mdns"
+ avahi_packages_debian:
+ - "avahi-daemon"
+ - "avahi-discover"
+ - "libnss-mdns"
+ tasks:
+
+ - name: Ensure epel is available
+ yum:
+ name: epel-release
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_redhat }}"
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_debian }}"
+ state: present
+ when: ansible_os_family == "Debian"
+
+ - name: Reboot host for avahi-daemon
+ reboot:
+
+ - name: Ensure avahi-daemon is started
+ service:
+ name: avahi-daemon
+ state: started
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..944004d2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,66 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/RedHat.yml"',
+ False,
+ False)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/Debian.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ mongodb_user = include_vars(host)['ansible_facts']['mongodb_user']
+ mongodb_group = include_vars(host)['ansible_facts']['mongodb_group']
+ f = host.file('/etc/mongod.conf')
+
+ assert f.exists
+ assert f.user == mongodb_user
+ assert f.group == mongodb_group
+
+
+def test_mongod_service(host):
+ mongod_service = include_vars(host)['ansible_facts']['mongod_service']
+ s = host.service(mongod_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ port = include_vars(host)['ansible_facts']['config_port']
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+
+ assert s.is_listening
+
+
+def test_mongod_cfg_replicaset(host):
+ '''
+ Ensure that the MongoDB config replicaset has been created successfully
+ '''
+ port = include_vars(host)['ansible_facts']['config_port']
+ cmd = "mongo --port {0} --eval 'rs.status()'".format(port)
+ # We only want to run this once
+ if host.ansible.get_variables()['inventory_hostname'] == "ubuntu_16":
+ r = host.run(cmd)
+
+ assert "cfg" in r.stdout
+ assert "ubuntu-16.local:{0}".format(port) in r.stdout
+ assert "ubuntu-18.local:{0}".format(port) in r.stdout
+ assert "debian-buster.local:{0}".format(port) in r.stdout
+ assert "debian-stretch.local:{0}".format(port) in r.stdout
+ assert "centos-7.local:{0}".format(port) in r.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/main.yml
new file mode 100644
index 00000000..03d72f86
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/main.yml
@@ -0,0 +1,74 @@
+---
+# tasks file for mongodb_config
+- name: Include OS-specific vars
+ include_vars:
+ file: "{{ lookup('first_found', params) }}"
+ vars:
+ params:
+ paths:
+ - "vars"
+ files:
+ - "{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml"
+ - "{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml"
+ - "{{ ansible_facts.distribution }}.yml"
+ - "{{ ansible_facts.os_family }}.yml"
+ - default.yml
+
+- name: Check if we are in docker
+ stat:
+ path: is_docker.txt
+ register: is_docker
+
+- name: Ensure mongod package is installed
+ package:
+ name: "{{ mongod_package }}"
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Ensure db_path dir exists
+ file:
+ path: "{{ db_path }}"
+ state: directory
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+
+- name: Copy config file
+ template:
+ src: "{{ mongod_config_template }}"
+ dest: /etc/mongod.conf
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ notify:
+ - Restart mongod service
+
+- name: Copy keyfile to host
+ copy:
+ content: |
+ {{ openssl_keyfile_content }}
+ dest: /etc/keyfile
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ mode: 0400
+ notify:
+ - Restart mongod service
+
+- name: Check for github override
+ set_fact:
+ x_github_override: "{{ lookup('env', 'X_GITHUB_OVERRIDE') | default('0', True) }}"
+
+- name: Start mongod service
+ service:
+ name: "{{ mongod_service }}"
+ state: started
+ enabled: yes
+ when: not (ansible_facts.os_family == 'RedHat'
+ and ansible_facts.distribution_major_version|int == 8
+ and is_docker.stat.exists)
+
+- name: Include tasks for RedHat 8 docker issue
+ import_tasks: redhat_docker.yml
+ when:
+ - ansible_facts.os_family == 'RedHat'
+ - ansible_facts.distribution_major_version|int == 8
+ - is_docker.stat.exists
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/redhat_docker.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/redhat_docker.yml
new file mode 100644
index 00000000..d08c66a1
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/tasks/redhat_docker.yml
@@ -0,0 +1,18 @@
+---
+- name: Comment out PIDFile in systemd file
+ lineinfile:
+ path: /etc/systemd/system/multi-user.target.wants/mongod.service
+ regexp: '^PIDFile.*'
+ state: absent
+ register: systemd
+
+- name: Reload systemd
+ systemd:
+ daemon_reload: yes
+ when: systemd is changed
+
+- name: Start mongod service
+ service:
+ name: "{{ mongod_service }}"
+ state: started
+ enabled: yes
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/templates/configsrv.conf.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/templates/configsrv.conf.j2
new file mode 100644
index 00000000..8b6c7b35
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/templates/configsrv.conf.j2
@@ -0,0 +1,46 @@
+# mongod.conf
+
+# for documentation of all options, see:
+# http://docs.mongodb.org/manual/reference/configuration-options/
+
+# where to write logging data.
+systemLog:
+ destination: file
+ logAppend: true
+ path: /var/log/mongodb/mongod.log
+
+# Where and how to store data.
+storage:
+ dbPath: {{ db_path }}
+ journal:
+ enabled: true
+ engine: "wiredTiger"
+
+# how the process runs
+processManagement:
+{% if ansible_facts.os_family == "RedHat" %} # Breaks Ubuntu / Debian
+ fork: true
+ pidFilePath: /var/run/mongodb/mongod.pid
+{% endif %}
+ timeZoneInfo: /usr/share/zoneinfo
+
+# network interfaces
+net:
+ port: {{ config_port }}
+ bindIp: {{ bind_ip }}
+
+{% if authorization == "enabled" %}
+security:
+ authorization: {{ authorization }}
+ keyFile: /etc/keyfile
+{% endif %}
+
+#operationProfiling:
+
+{% if replicaset %}
+replication:
+ replSetName: {{ config_repl_set_name }}
+{% endif %}
+
+sharding:
+ clusterRole: configsvr
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/Debian.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/Debian.yml
new file mode 100644
index 00000000..a71c483b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/Debian.yml
@@ -0,0 +1,6 @@
+---
+config_port: 27019
+mongodb_user: "mongodb"
+mongodb_group: "mongodb"
+mongod_service: "mongod"
+db_path: /var/lib/mongodb
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/RedHat.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/RedHat.yml
new file mode 100644
index 00000000..a0426a95
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/RedHat.yml
@@ -0,0 +1,6 @@
+---
+config_port: 27019
+mongodb_user: "mongod"
+mongodb_group: "mongod"
+mongod_service: "mongod"
+db_path: /var/lib/mongo
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/default.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/default.yml
new file mode 100644
index 00000000..a0426a95
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/default.yml
@@ -0,0 +1,6 @@
+---
+config_port: 27019
+mongodb_user: "mongod"
+mongodb_group: "mongod"
+mongod_service: "mongod"
+db_path: /var/lib/mongo
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/main.yml
new file mode 100644
index 00000000..28ce3d22
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_config/vars/main.yml
@@ -0,0 +1,2 @@
+---
+is_redhat_8_in_docker: "{{ ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version|int == 8 and ansible_facts.virtualization_type == 'docker' }}"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/.yamllint b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/.yamllint
new file mode 100644
index 00000000..88276760
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ comments: disable
+ comments-indentation: disable
+ document-start: disable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation: disable
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: disable
+ new-lines:
+ type: unix
+ trailing-spaces: disable
+ truthy: disable
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/README.md
new file mode 100644
index 00000000..a3d149f5
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/README.md
@@ -0,0 +1,33 @@
+mongodb_install
+===============
+
+Install MongoDB packages on Debian and RedHat based platforms. Installs the mongodb-org meta-package which then installs the following packages: mongodb-org-server, mongodb-org-shell, mongodb-org-mongos, mongodb-org-tools.
+
+Role Variables
+--------------
+
+specific_mongodb_version - Install a specific version of mongodb i.e. 4.4.1. The specified version must be available in the system repositories. By default this variable is undefined.
+
+Dependencies
+------------
+mongodb_repository
+
+Example Playbook
+----------------
+
+```yaml
+ - hosts: servers
+ roles:
+ - mongodb_repository
+ - mongodb_install
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Rhys Campbell (https://github.com/rhysmeister)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/meta/main.yml
new file mode 100644
index 00000000..ba43fdd2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/meta/main.yml
@@ -0,0 +1,58 @@
+---
+galaxy_info:
+ author: your name
+ description: your description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Some suggested licenses:
+ # - BSD (default)
+ # - MIT
+ # - GPLv2
+ # - GPLv3
+ # - Apache
+ # - CC-BY
+ license: license (GPLv2, CC-BY, etc)
+
+ min_ansible_version: 1.2
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ # Optionally specify the branch Galaxy will use when accessing the GitHub
+ # repo for this role. During role install, if no tags are available,
+ # Galaxy will use this branch. During import Galaxy will access files on
+ # this branch. If Travis integration is configured, only notifications for this
+ # branch will be accepted. Otherwise, in all cases, the repo's default branch
+ # (usually master) will be used.
+ # github_branch:
+
+ #
+ # platforms is a list of platforms, and each platform has a name and a list of versions.
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/molecule.yml
new file mode 100644
index 00000000..65d86499
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/molecule.yml
@@ -0,0 +1,42 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ image: centos:7
+ - name: centos_8
+ image: centos:8
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ privileged: yes
+ command: "/sbin/init"
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ privileged: yes
+ command: "/sbin/init"
+ - name: debian_buster
+ image: debian:buster
+ privileged: yes
+ command: "/sbin/init"
+ - name: debian_stretch
+ image: debian:stretch
+ privileged: yes
+ command: "/sbin/init"
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/playbook.yml
new file mode 100644
index 00000000..cfcf732b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/playbook.yml
@@ -0,0 +1,7 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_install
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..b8a23ad4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/default/tests/test_default.py
@@ -0,0 +1,31 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def test_mongod_available(host):
+ cmd = host.run("mongod --version")
+ assert cmd.rc == 0
+ assert "db version" in cmd.stdout
+
+
+def test_mongo_available(host):
+ cmd = host.run("mongo --version")
+ assert cmd.rc == 0
+ assert "MongoDB shell version" in cmd.stdout
+
+
+def test_mongos_available(host):
+ cmd = host.run("mongos --version")
+ assert cmd.rc == 0
+ assert "mongos version" in cmd.stdout
+
+
+def test_mongodump_available(host):
+ cmd = host.run("mongodump --version")
+ assert cmd.rc == 0
+ assert "mongodump version" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/Dockerfile.j2
new file mode 100644
index 00000000..0de39e63
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/Dockerfile.j2
@@ -0,0 +1,22 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 && apt-get clean; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/molecule.yml
new file mode 100644
index 00000000..6fe3b428
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/molecule.yml
@@ -0,0 +1,32 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ image: centos:7
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ - name: debian_buster
+ image: debian:buster
+ - name: debian_stretch
+ image: debian:stretch
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/playbook.yml
new file mode 100644
index 00000000..f3386712
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/playbook.yml
@@ -0,0 +1,8 @@
+---
+- name: Converge
+ hosts: all
+ vars:
+ specific_mongodb_version: "4.2.2"
+ roles:
+ - role: mongodb_repository
+ - role: mongodb_install
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/tests/test_default.py
new file mode 100644
index 00000000..1b369fbf
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/specific_mongodb_version/tests/test_default.py
@@ -0,0 +1,37 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def test_mongod_available(host):
+ cmd = host.run("mongod --version")
+ assert cmd.rc == 0
+ assert "db version" in cmd.stdout
+
+
+def test_mongo_available(host):
+ cmd = host.run("mongo --version")
+ assert cmd.rc == 0
+ assert "MongoDB shell version" in cmd.stdout
+
+
+def test_mongos_available(host):
+ cmd = host.run("mongos --version")
+ assert cmd.rc == 0
+ assert "mongos version" in cmd.stdout
+
+
+def test_mongodump_available(host):
+ cmd = host.run("mongodump --version")
+ assert cmd.rc == 0
+ assert "mongodump version" in cmd.stdout
+
+
+def test_specific_mongodb_version(host):
+ cmd = host.run("mongod --version")
+ assert cmd.rc == 0
+ assert "4.2.2" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..14d29680
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/molecule.yml
@@ -0,0 +1,54 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-buster
+ box: debian/buster64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..1b64ffc5
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/playbook.yml
@@ -0,0 +1,8 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_install
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/prepare.yml
new file mode 100644
index 00000000..98711356
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/prepare.yml
@@ -0,0 +1,43 @@
+---
+- name: Prepare
+ hosts: all
+ become: yes
+ vars:
+ avahi_packages_redhat:
+ - "avahi"
+ - "nss-mdns"
+ avahi_packages_debian:
+ - "avahi-daemon"
+ - "avahi-discover"
+ - "libnss-mdns"
+ tasks:
+
+ - name: Ensure epel is available
+ yum:
+ name: epel-release
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_redhat }}"
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_debian }}"
+ state: present
+ when: ansible_os_family == "Debian"
+
+ # debian-stretch seems to require a reboot for avahi-daemon to run
+ - name: Reboot host
+ reboot:
+
+ - name: Ensure services are started
+ service:
+ name: "{{ item }}"
+ state: started
+ with_items:
+ #- dbus
+ - avahi-daemon
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..b8a23ad4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,31 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def test_mongod_available(host):
+ cmd = host.run("mongod --version")
+ assert cmd.rc == 0
+ assert "db version" in cmd.stdout
+
+
+def test_mongo_available(host):
+ cmd = host.run("mongo --version")
+ assert cmd.rc == 0
+ assert "MongoDB shell version" in cmd.stdout
+
+
+def test_mongos_available(host):
+ cmd = host.run("mongos --version")
+ assert cmd.rc == 0
+ assert "mongos version" in cmd.stdout
+
+
+def test_mongodump_available(host):
+ cmd = host.run("mongodump --version")
+ assert cmd.rc == 0
+ assert "mongodump version" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/tasks/main.yml
new file mode 100644
index 00000000..59d5cdc6
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_install/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+# tasks file for mongodb_install
+- name: Install MongoDB Packages
+ package:
+ name: mongodb-org
+ state: present
+ when: specific_mongodb_version is not defined
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Install MongoDB Packages (Specific version)
+ package:
+ name: "mongodb-org-{{ specific_mongodb_version }}"
+ state: present
+ when:
+ - specific_mongodb_version is defined
+ - ansible_facts.os_family == "RedHat"
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+# apt silliness:
+# In order to upgrade/downgrade to a specific version of mongodb-org,
+# we must also specifiy version of mongodb-org deps.
+# https://dba.stackexchange.com/questions/197336/how-to-install-specific-mongo-version-from-the-ppa
+- name: Install MongoDB Packages (Specific version)
+ package:
+ name:
+ - "mongodb-org={{ specific_mongodb_version }}"
+ - "mongodb-org-server={{ specific_mongodb_version }}"
+ - "mongodb-org-shell={{ specific_mongodb_version }}"
+ - "mongodb-org-mongos={{ specific_mongodb_version }}"
+ - "mongodb-org-tools={{ specific_mongodb_version }}"
+ state: present
+ when:
+ - specific_mongodb_version is defined
+ - ansible_facts.os_family == "Debian"
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/README.md
new file mode 100644
index 00000000..7cc37be4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/README.md
@@ -0,0 +1,42 @@
+mongodb_linux
+=============
+
+A simple role to configure Linux Operating System settings, for Debian and RedHat systems, as advised in the [MongoDB Production Notes](https://docs.mongodb.com/manual/administration/production-notes/).
+
+A brief description of what we do in this role:
+
+* Set swappiness.
+* Ensure NTP (or equivalent) service is installed and running.
+* Ensure GNU C Library is the latest available.
+* Disable NUMA reclaim zone.
+* Add script to disable transparent-huge-pages and setup as a service.
+* Set pam limits.
+* Set various sysctl values.
+
+Role Variables
+--------------
+
+swappiness: OS swappiness value. Default "1".
+ntp_package: Name of ntp package. Default ntp.
+ntp_service: Name of ntp service. Default ntpd.
+
+* On RedHat 8 and higher systems ntp_package and ntp_service are set to chrony and chronyd respectively.
+
+Example Playbook
+----------------
+
+```yaml
+ - hosts: servers
+ roles:
+ - mongodb_linux
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Rhys Campbell (https://github.com/rhysmeister)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/defaults/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/defaults/main.yml
new file mode 100644
index 00000000..7b2a0a68
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/defaults/main.yml
@@ -0,0 +1,10 @@
+---
+# defaults file for mongodb_linux
+
+# swappiness is 0-100; 60 is the default on many distros.
+# 0=disable swapping; 1=swap only to avoid OOM; 60=swap often; 100=swap aggressively
+swappiness: "1"
+
+nproc_and_nofile_limit: 64000
+# TODO: mongo suggests infinity here
+memlock_limit: 1024
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/files/thp-disable.service b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/files/thp-disable.service
new file mode 100644
index 00000000..3602ed7b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/files/thp-disable.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Disable Transparent Huge Pages
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/env sh -c "echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled && echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag"
+
+[Install]
+WantedBy=multi-user.target
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/meta/main.yml
new file mode 100644
index 00000000..ba43fdd2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/meta/main.yml
@@ -0,0 +1,58 @@
+---
+galaxy_info:
+ author: your name
+ description: your description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Some suggested licenses:
+ # - BSD (default)
+ # - MIT
+ # - GPLv2
+ # - GPLv3
+ # - Apache
+ # - CC-BY
+ license: license (GPLv2, CC-BY, etc)
+
+ min_ansible_version: 1.2
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ # Optionally specify the branch Galaxy will use when accessing the GitHub
+ # repo for this role. During role install, if no tags are available,
+ # Galaxy will use this branch. During import Galaxy will access files on
+ # this branch. If Travis integration is configured, only notifications for this
+ # branch will be accepted. Otherwise, in all cases, the repo's default branch
+ # (usually master) will be used.
+ # github_branch:
+
+ #
+ # platforms is a list of platforms, and each platform has a name and a list of versions.
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/molecule.yml
new file mode 100644
index 00000000..d8b69358
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/molecule.yml
@@ -0,0 +1,68 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ image: centos:7
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ networks:
+ - name: "mongodb_linux"
+ network_mode: "mongodb_linux"
+ - name: centos_8
+ image: centos:8
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ networks:
+ - name: "mongodb_linux"
+ network_mode: "mongodb_linux"
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongodb_linux"
+ network_mode: "mongodb_linux"
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongodb_linux"
+ network_mode: "mongodb_linux"
+ - name: debian_buster
+ image: debian:buster
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongodb_linux"
+ network_mode: "mongodb_linux"
+ - name: debian_stretch
+ image: debian:stretch
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongodb_linux"
+ network_mode: "mongodb_linux"
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/playbook.yml
new file mode 100644
index 00000000..89bccd5e
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/playbook.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: mongodb_linux
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/prepare.yml
new file mode 100644
index 00000000..cdadcdbe
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/prepare.yml
@@ -0,0 +1,11 @@
+---
+- name: Prepare
+ hosts: all
+ become: yes
+
+ tasks:
+
+ - name: Create is_docker.txt file
+ file:
+ path: is_docker.txt
+ state: touch
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..9b80de32
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/default/tests/test_default.py
@@ -0,0 +1,75 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def test_ntp_package(host):
+ ntp = host.package("ntp")
+ chrony = host.package("chrony")
+ assert ntp.is_installed or chrony.is_installed
+
+
+def test_ntpd_service(host):
+ ntpd = host.service("ntpd")
+
+ if ntpd.is_running:
+ assert ntpd.is_enabled
+ else:
+ ntp = host.service("ntp")
+ if ntp.is_running:
+ assert ntp.is_enabled
+ else:
+ chronyd = host.service("chronyd")
+ assert chronyd.is_running
+ assert chronyd.is_enabled
+
+
+def test_swappiness_value(host):
+ cmd = host.run("cat /proc/sys/vm/swappiness")
+
+ assert cmd.rc == 0
+ assert cmd.stdout.strip() == "1"
+
+
+def test_thp_service_file(host):
+ f = host.file("/etc/systemd/system/disable-transparent-huge-pages.service")
+
+ assert f.exists
+ assert f.user == "root"
+ assert f.group == "root"
+
+
+def test_thp_service(host):
+ '''
+ Validates the service actually works
+ '''
+ switches = ["/sys/kernel/mm/transparent_hugepage/enabled",
+ "/sys/kernel/mm/transparent_hugepage/defrag"]
+
+ f = host.file("is_docker.txt")
+
+ if not f.exists:
+ for d in switches:
+ cmd = host.run("cat {0}".format(d))
+
+ assert cmd.rc == 0
+ assert "[never]" in cmd.stdout
+
+
+def test_limit_file(host):
+ f = host.file("/etc/security/limits.conf")
+
+ assert f.exists
+ assert f.user == "root"
+ assert f.group == "root"
+
+ assert f.contains("mongodb hard nproc 64000")
+ assert f.contains("mongodb hard nofile 64000")
+ assert f.contains("mongodb soft nproc 64000")
+ assert f.contains("mongodb soft nofile 64000")
+ assert f.contains("mongodb hard memlock 1024")
+ assert f.contains("mongodb soft memlock 1024")
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..bcaaf4c4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/molecule.yml
@@ -0,0 +1,36 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ - name: centos-8
+ box: generic/centos8
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ - name: debian-buster
+ box: debian/buster64
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..8e9d4e75
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/playbook.yml
@@ -0,0 +1,7 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+
+ roles:
+ - role: mongodb_linux
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/prepare.yml
new file mode 100644
index 00000000..58b16460
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/prepare.yml
@@ -0,0 +1,12 @@
+---
+- name: Prepare
+ hosts: all
+ become: yes
+
+ tasks:
+
+ - name: Ensure epel-release is installed
+ package:
+ name: epel-release
+ state: present
+ when: ansible_os_family == "RedHat"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..b16522ff
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,73 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def test_ntp_package(host):
+ ntp = host.package("ntp")
+ chrony = host.package("chrony")
+ assert ntp.is_installed or chrony.is_installed
+
+
+def test_ntpd_service(host):
+ ntpd = host.service("ntpd")
+
+ if ntpd.is_running:
+ assert ntpd.is_enabled
+ else:
+ ntp = host.service("ntp")
+ if ntp.is_running:
+ assert ntp.is_enabled
+ else:
+ chronyd = host.service("chronyd")
+ assert chronyd.is_running
+ assert chronyd.is_enabled
+
+
+def test_swappiness_value(host):
+ cmd = host.run("cat /proc/sys/vm/swappiness")
+
+ assert cmd.rc == 0
+ assert cmd.stdout.strip() == "1"
+
+
+def test_thp_service_file(host):
+ f = host.file("/etc/systemd/system/disable-transparent-huge-pages.service")
+
+ assert f.exists
+ assert f.user == "root"
+ assert f.group == "root"
+
+
+def test_thp_service(host):
+ '''
+ Validates the service actually works
+ '''
+ switches = ["/sys/kernel/mm/transparent_hugepage/enabled",
+ "/sys/kernel/mm/transparent_hugepage/defrag"]
+
+ if host.ansible("setup")["ansible_facts"]["ansible_virtualization_type"] not in ['docker', 'container']:
+ for d in switches:
+ cmd = host.run("cat {0}".format(d))
+
+ assert cmd.rc == 0
+ assert "[never]" in cmd.stdout
+
+
+def test_limit_file(host):
+ f = host.file("/etc/security/limits.conf")
+
+ assert f.exists
+ assert f.user == "root"
+ assert f.group == "root"
+
+ assert f.contains("mongodb hard nproc 64000")
+ assert f.contains("mongodb hard nofile 64000")
+ assert f.contains("mongodb soft nproc 64000")
+ assert f.contains("mongodb soft nofile 64000")
+ assert f.contains("mongodb hard memlock 1024")
+ assert f.contains("mongodb soft memlock 1024")
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/tasks/main.yml
new file mode 100644
index 00000000..7d5beeb7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/tasks/main.yml
@@ -0,0 +1,139 @@
+---
+# tasks file for mongodb_linux
+
+- name: Include OS-specific vars
+ include_vars:
+ file: "{{ lookup('first_found', params) }}"
+ vars:
+ params:
+ paths:
+ - "vars"
+ files:
+ - "{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml"
+ - "{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml"
+ - "{{ ansible_facts.distribution }}.yml"
+ - "{{ ansible_facts.os_family }}.yml"
+ - default.yml
+
+- name: Check if we are in docker
+ stat:
+ path: is_docker.txt
+ register: is_docker
+
+# Tasks based on: https://docs.mongodb.com/manual/administration/production-notes/
+
+- name: Set swappiness
+ sysctl:
+ name: vm.swappiness
+ value: "{{ swappiness }}"
+ state: present
+
+- name: Ensure ntp service is installed
+ package:
+ name: "{{ ntp_package }}"
+ state: present
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Update perms on chrony pid dir on RedHat 8
+ file:
+ path: /run/chrony/
+ owner: root
+ group: root
+ state: directory
+ when:
+ - ansible_facts.os_family == "RedHat"
+ - ansible_facts.distribution_major_version|int >= 8
+
+- name: Ensure ntp service is configured
+ service:
+ name: "{{ ntp_service }}"
+ state: started
+ enabled: yes
+
+- name: Ensure GNU C Library is the latest
+ package:
+ name: "{{ gnu_c_lib }}"
+ state: latest
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Ensure NUMA zone reclaim is disabled
+ sysctl:
+ name: vm.zone_reclaim_mode
+ value: 0
+ state: present
+ reload: yes
+ when: not is_docker.stat.exists
+
+# https://docs.mongodb.com/manual/tutorial/transparent-huge-pages/
+- name: Ensure thp-disable service exists
+ copy:
+ src: thp-disable.service
+ dest: /etc/systemd/system/disable-transparent-huge-pages.service
+ owner: root
+ group: root
+ register: thp
+
+- name: Reload systemd
+ systemd:
+ daemon_reexec: yes
+ when: thp is changed
+
+- name: Check if disable-transparent-huge-pages service is already run
+ shell: cat /sys/kernel/mm/transparent_hugepage/enabled | grep -o "never"
+ register: _huge_page_status
+ ignore_errors: yes
+ changed_when: _huge_page_status.stdout == ""
+
+- name: Enable disable-transparent-huge-pages service
+ service:
+ name: disable-transparent-huge-pages
+ state: started
+ enabled: yes
+ when: (not is_docker.stat.exists) and (_huge_page_status.stdout == "")
+
+# Tasks based on: https://docs.mongodb.com/manual/reference/ulimit/
+
+- name: Set pam limits (nproc and nofile)
+ pam_limits:
+ domain: "{{ item[0] }}"
+ limit_type: "{{ item[1] }}"
+ limit_item: "{{ item[2] }}"
+ value: "{{ item[3] }}"
+ with_nested:
+ - ["root", "mongodb"]
+ - ["hard", "soft"]
+ - ["nproc", "nofile"]
+ - ["{{ nproc_and_nofile_limit }}"]
+
+- name: Set pam limits (memlock)
+ pam_limits:
+ domain: "{{ item[0] }}"
+ limit_type: "{{ item[1] }}"
+ limit_item: "{{ item[2] }}"
+ value: "{{ item[3] }}"
+ with_nested:
+ - ["root", "mongodb"]
+ - ["hard", "soft"]
+ - ["memlock"]
+ - ["{{ memlock_limit }}"]
+
+# Other tuning settings
+
+- name: Set sysctl values
+ sysctl:
+ name: "{{ item['name'] }}"
+ value: "{{ item['value'] }}"
+ state: present
+ loop:
+ # TODO: These may need to be configurable for different usage patterns.
+ - { "name": "vm.dirty_ratio", "value": "15" }
+ - { "name": "vm.dirty_background_ratio", "value": "5" }
+ - { "name": "net.core.somaxconn ", "value": "4096" }
+ - { "name": "net.ipv4.tcp_fin_timeout", "value": "30" }
+ - { "name": "net.ipv4.tcp_keepalive_intvl", "value": "30" }
+ - { "name": "net.ipv4.tcp_keepalive_time", "value": "120" }
+ - { "name": "net.ipv4.tcp_max_syn_backlog ", "value": "4096" }
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/Debian.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/Debian.yml
new file mode 100644
index 00000000..375c7983
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/Debian.yml
@@ -0,0 +1,5 @@
+---
+# Packages for Debian distros
+ntp_package: ntp
+ntp_service: ntp
+gnu_c_lib: libc6
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat-8.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat-8.yml
new file mode 100644
index 00000000..bc70604b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat-8.yml
@@ -0,0 +1,5 @@
+---
+# Packages for RedHat-8 distros
+ntp_package: chrony
+ntp_service: chronyd
+gnu_c_lib: glibc
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat.yml
new file mode 100644
index 00000000..57ebecc8
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/RedHat.yml
@@ -0,0 +1,5 @@
+---
+# Packages for RedHat distros
+ntp_package: ntp
+ntp_service: ntpd
+gnu_c_lib: glibc
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/default.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/default.yml
new file mode 100644
index 00000000..0f0db5a7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_linux/vars/default.yml
@@ -0,0 +1,5 @@
+---
+# Packages (default fallthrough)
+ntp_package: ntp
+ntp_service: ntpd
+gnu_c_lib: libc6
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/.yamllint b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/.yamllint
new file mode 100644
index 00000000..88276760
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ comments: disable
+ comments-indentation: disable
+ document-start: disable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation: disable
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: disable
+ new-lines:
+ type: unix
+ trailing-spaces: disable
+ truthy: disable
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/README.md
new file mode 100644
index 00000000..ae8dea5b
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/README.md
@@ -0,0 +1,52 @@
+mongodb_mongod
+==============
+
+A simple role to aid in the setup of a MongoDB replicaset.
+
+Role Variables
+--------------
+
+* `mongod_port`: The port used by the mongod process. Default 27017.
+* `mongod_service`: The name of the mongod service. Default mongod.
+* `mongodb_user`: The Linux OS user for MongoDB. Default mongod.
+* `mongodb_group`: The Linux OS user group for MongoDB. Default mongod.
+* `bind_ip`: The IP address mongos will bind to. Default 0.0.0.0.
+* `repl_set_name`: The name of the replicaset the member will participate in. Default rs0.
+* `authorization`: Enable authorization. Default enabled.
+* `openssl_keyfile_content`: The keyfile content that MongoDB uses to authenticate within a replicaset. Generate with cmd: openssl rand -base64 756.
+* `mongodb_admin_user`: MongoDB admin username. Default admin.
+* `mongodb_admin_pwd`: MongoDB admin password. Default admin.
+* `mongod_package`: The mongod package to install. Default mongodb-org-server.
+* `replicaset`: When enabled add a replication section to the configuration. Default true.
+* `sharding`: If this replicaset member will form part of a sharded cluster. Default false.
+* `mongod_config_template`: If defined allows to override path to mongod config template with custom configuration. Default "mongod.conf.j2"
+* `skip_restart`: If set to `true` will skip restarting mongod service when config file or the keyfile content changes. Default `true`.
+
+IMPORTANT NOTE: It is expected that `mongodb_admin_user` & `mongodb_admin_pwd` values be overridden in your own file protected by Ansible Vault. These values are primary included here for Molecule/Travis CI integration. Any production environments should protect these values. For more information see [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html)
+
+Dependencies
+------------
+
+mongodb_repository
+
+Example Playbook
+----------------
+
+Install MongoDB preparing hosts for a Sharded Cluster.
+
+```yaml
+ - hosts: servers
+ roles:
+ - { role: mongodb_repository }
+ - { role: mongodb_mongod, mongod_port: 27018, sharding: true }
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Rhys Campbell (https://github.com/rhysmeister)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/defaults/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/defaults/main.yml
new file mode 100644
index 00000000..c15d6f4a
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/defaults/main.yml
@@ -0,0 +1,30 @@
+---
+# defaults file for mongodb_mongod
+mongod_port: 27017
+bind_ip: 0.0.0.0
+repl_set_name: rs0
+authorization: "enabled"
+openssl_keyfile_content: |
+ Z2CeA9BMcoY5AUWoegjv/XWL2MA1SQcL4HvmRjYaTjSp/xosJy+LL2X3OQb1xVWC
+ rO2e6Tu6A3R4muunitI6Vr0IKeU5UbTpR0N4hSU6HDrV9z2PIEWlkQqKh01ZRLEY
+ V3hR73acj0jA8eWIWeiV039d18jvMb8X2h8409lfcD6PPJJGjyaC8S4LY/TrsK2z
+ tx+l/vqOOAMhGB5mEMjx1LXUMsRG9ot6vFu9I5LPd1A4q9xw9jddYK5C6YTLccun
+ ZyCDsv7ImkCprV0+0vhTyxIEnfaNtvOlWypuvmRr/DEyd2NPowd1n6C+rgk8gs1t
+ SGLCZP93gXza0rIoQzHtuf5pOJK9qyKjuNtuuLa/KFsida8a69JXn7fmS0IIja0m
+ Ir0OrQ2Ta3n4VbQwQo97BWODWmkgzz0mUd6VmMps5zLsCW1vVqYFQHuAAbLekW0q
+ 8JRm8OQ6n2hp8j4zYd3/Qw7vqsVj8sHicNB0bCW29b64H4f2J/AcUA/cm0xSUQyb
+ +myeCB4vWvydh5AfFVnw7sXvzU6egaYRomdmrl59QrTDneJu13hwzIchsFparoWJ
+ XjpldopGeDaJLU18ga7MSL02ozB+EoJ14DJxQU7E5MQk7fDMPeitXKZ8ymxb7LeA
+ k0Rtc/JQM8aDLoRklhLZRRARBrv1RLo8DM8CB2q4s+FwVU4QJl7mFyiwk3eTN6sN
+ PTgFRo3/dHsEA2OwGG+hnGFGnoYf2mkECR5jqai83CXgva9v2rPNjDTJYHpmd3I0
+ fNijueXZZdzUA58y8mcoSGVYdRhr0g8jaWQ12PZEgX5Nnlekh5GHG0j8HT4qj/0Y
+ D3xVuE3WvrhldY5EOsaTt2ZXZx5REmJDIW1KcnvQKiVDJ2QzP5xdXYA0hh3TdTVE
+ sb4UreMw/WyBpANiICMlJRBgSd0f0VGMlYzLX2BL14YpNnLhmoQqKzfBN6v2XAEG
+ mJfrCUVuP1nBEklk23lYkNi/ohe+aodNjdN+2DHp42sGZHYP
+mongodb_admin_user: admin
+mongodb_admin_pwd: admin
+mongod_package: "mongodb-org-server"
+replicaset: true
+sharding: false
+mongod_config_template: "mongod.conf.j2"
+skip_restart: true
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/handlers.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/handlers.yml
new file mode 100644
index 00000000..1bbd837c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/handlers.yml
@@ -0,0 +1,10 @@
+---
+
+- name: Restart mongod service
+ service:
+ name: "{{ mongod_service }}"
+ state: restarted
+
+- name: Wait for port to become active
+ wait_for:
+ port: "{{ mongod_port }}"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/main.yml
new file mode 100644
index 00000000..d1a7a569
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+
+- name: Restart mongod service
+ import_tasks: handlers.yml
+ when: not skip_restart
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/meta/main.yml
new file mode 100644
index 00000000..1d46e31c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/meta/main.yml
@@ -0,0 +1,58 @@
+---
+galaxy_info:
+ author: Rhys Campbell
+ description: your description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Some suggested licenses:
+ # - BSD (default)
+ # - MIT
+ # - GPLv2
+ # - GPLv3
+ # - Apache
+ # - CC-BY
+ license: license (GPLv2, CC-BY, etc)
+
+ min_ansible_version: 1.2
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ # Optionally specify the branch Galaxy will use when accessing the GitHub
+ # repo for this role. During role install, if no tags are available,
+ # Galaxy will use this branch. During import Galaxy will access files on
+ # this branch. If Travis integration is configured, only notifications for this
+ # branch will be accepted. Otherwise, in all cases, the repo's default branch
+ # (usually master) will be used.
+ # github_branch:
+
+ #
+ # platforms is a list of platforms, and each platform has a name and a list of versions.
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/molecule.yml
new file mode 100644
index 00000000..2f0e4ac8
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/molecule.yml
@@ -0,0 +1,68 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ image: centos:7
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ networks:
+ - name: "mongod"
+ network_mode: "mongod"
+ - name: centos_8
+ image: centos:8
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ networks:
+ - name: "mongod"
+ network_mode: "mongod"
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongod"
+ network_mode: "mongod"
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongod"
+ network_mode: "mongod"
+ - name: debian_buster
+ image: debian:buster
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongod"
+ network_mode: "mongod"
+ - name: debian_stretch
+ image: debian:stretch
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mongod"
+ network_mode: "mongod"
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/playbook.yml
new file mode 100644
index 00000000..038632a4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/playbook.yml
@@ -0,0 +1,37 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_mongod
+
+ tasks:
+
+ - name: Install python stuff
+ package:
+ name: ["python-setuptools", "python-pip"]
+ when: ansible_hostname == "ubuntu_16"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+ when: ansible_hostname == "ubuntu_16"
+
+ - name: Install MongoDB Shell
+ package:
+ name: mongodb-org-shell
+
+ - name: Initialise replicaset
+ community.mongodb.mongodb_replicaset:
+ login_host: localhost
+ replica_set: rs0
+ validate: yes
+ members:
+ - centos_7:27017
+ - centos_8:27017
+ - ubuntu_16:27017
+ - ubuntu_18:27017
+ #- debian_stretch:27017 # need odd number, so drop stretch
+ - debian_buster:27017
+ when: ansible_hostname == "ubuntu_16"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/prepare.yml
new file mode 100644
index 00000000..abdf26a2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/prepare.yml
@@ -0,0 +1,10 @@
+---
+- name: Prepare
+ hosts: all
+
+ tasks:
+
+ - name: Create is_docker.txt file
+ file:
+ path: is_docker.txt
+ state: touch
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..9eb482bd
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/default/tests/test_default.py
@@ -0,0 +1,71 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/RedHat.yml"',
+ False,
+ False)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/Debian.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ mongodb_user = include_vars(host)['ansible_facts']['mongodb_user']
+ mongodb_group = include_vars(host)['ansible_facts']['mongodb_group']
+ f = host.file('/etc/mongod.conf')
+
+ assert f.exists
+ assert f.user == mongodb_user
+ assert f.group == mongodb_group
+
+
+def test_mongod_service(host):
+ mongod_service = include_vars(host)['ansible_facts']['mongod_service']
+ s = host.service(mongod_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ try:
+ port = include_vars(host)['ansible_facts']['mongod_port']
+ except KeyError:
+ port = 27017
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+ assert s.is_listening
+
+
+def test_mongod_replicaset(host):
+ '''
+ Ensure that the MongoDB replicaset has been created successfully
+ '''
+ try:
+ port = include_vars(host)['ansible_facts']['mongod_port']
+ except KeyError:
+ port = 27017
+ cmd = "mongo --port {0} --eval 'rs.status()'".format(port)
+ # We only want to run this once
+ if host.ansible.get_variables()['inventory_hostname'] == "ubuntu_16":
+ r = host.run(cmd)
+ assert "rs0" in r.stdout
+ assert "centos_7:{0}".format(port) in r.stdout
+ assert "centos_8:{0}".format(port) in r.stdout
+ assert "ubuntu_16:{0}".format(port) in r.stdout
+ assert "ubuntu_18:{0}".format(port) in r.stdout
+ assert "debian_buster:{0}".format(port) in r.stdout
+ # assert "debian_stretch:{0}".format(port) in r.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..14d29680
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/molecule.yml
@@ -0,0 +1,54 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-buster
+ box: debian/buster64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..6a31e1fc
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/playbook.yml
@@ -0,0 +1,34 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_mongod
+
+ tasks:
+
+ - name: Install python stuff
+ package:
+ name: ["python-setuptools", "python-pip"]
+ when: ansible_hostname == "ubuntu-16"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+ when: ansible_hostname == "ubuntu-16"
+
+ - name: Initialise replicaset
+ community.mongodb.mongodb_replicaset:
+ login_host: localhost
+ replica_set: rs0
+ validate: yes
+ members:
+ - ubuntu-16.local:27017
+ - ubuntu-18.local:27017
+ - debian-stretch.local:27017
+ - debian-buster.local:27017
+ - centos-7.local:27017
+ when: ansible_hostname == "ubuntu-16"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/prepare.yml
new file mode 100644
index 00000000..0f186973
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/prepare.yml
@@ -0,0 +1,40 @@
+---
+- name: Prepare
+ hosts: all
+ become: yes
+ vars:
+ avahi_packages_redhat:
+ - "avahi"
+ - "nss-mdns"
+ avahi_packages_debian:
+ - "avahi-daemon"
+ - "avahi-discover"
+ - "libnss-mdns"
+ tasks:
+
+ - name: Ensure epel is available
+ yum:
+ name: epel-release
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_redhat }}"
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_debian }}"
+ state: present
+ when: ansible_os_family == "Debian"
+
+ # debian-stretch seems to require a reboot for avahi-daemon to run
+ - name: Reboot host
+ reboot:
+
+ - name: Ensure avahi-daemon is started
+ service:
+ name: avahi-daemon
+ state: started
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..d7e79cfc
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,72 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/RedHat.yml"',
+ False,
+ False)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/Debian.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ mongodb_user = include_vars(host)['ansible_facts']['mongodb_user']
+ mongodb_group = include_vars(host)['ansible_facts']['mongodb_group']
+ f = host.file('/etc/mongod.conf')
+
+ assert f.exists
+ assert f.user == mongodb_user
+ assert f.group == mongodb_group
+
+
+def test_mongod_service(host):
+ mongod_service = include_vars(host)['ansible_facts']['mongod_service']
+ s = host.service(mongod_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ try:
+ port = include_vars(host)['ansible_facts']['mongod_port']
+ except KeyError:
+ port = 27017
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+
+ assert s.is_listening
+
+
+def test_mongod_replicaset(host):
+ '''
+ Ensure that the MongoDB replicaset has been created successfully
+ '''
+ try:
+ port = include_vars(host)['ansible_facts']['mongod_port']
+ except KeyError:
+ port = 27017
+ cmd = "mongo --port {0} --eval 'rs.status()'".format(port)
+ # We only want to run this once
+ if host.ansible.get_variables()['inventory_hostname'] == "ubuntu_16":
+ r = host.run(cmd)
+
+ assert "rs0" in r.stdout
+ assert "ubuntu-16:{0}".format(port) in r.stdout
+ assert "ubuntu-18:{0}".format(port) in r.stdout
+ assert "debian-stretch:{0}".format(port) in r.stdout
+ assert "debian-buster:{0}".format(port) in r.stdout
+ assert "centos-7:{0}".format(port) in r.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/main.yml
new file mode 100644
index 00000000..881a1491
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/main.yml
@@ -0,0 +1,75 @@
+---
+# tasks file for mongodb_mongod
+- name: Include OS-specific vars
+ include_vars:
+ file: "{{ lookup('first_found', params) }}"
+ vars:
+ params:
+ paths:
+ - "vars"
+ files:
+ - "{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml"
+ - "{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml"
+ - "{{ ansible_facts.distribution }}.yml"
+ - "{{ ansible_facts.os_family }}.yml"
+ - default.yml
+
+- name: Check if we are in docker
+ stat:
+ path: is_docker.txt
+ register: is_docker
+
+- name: Ensure mongod package is installed
+ package:
+ name: "{{ mongod_package }}"
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Ensure db_path dir exists
+ file:
+ path: "{{ db_path }}"
+ state: directory
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+
+- name: Copy config file
+ template:
+ src: "{{ mongod_config_template }}"
+ dest: /etc/mongod.conf
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ notify:
+ - Restart mongod service
+
+- name: Copy keyfile to host
+ copy:
+ content: |
+ {{ openssl_keyfile_content }}
+ dest: /etc/keyfile
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ mode: 0400
+ when: authorization == "enabled"
+ notify:
+ - Restart mongod service
+
+- name: Check for github override
+ set_fact:
+ x_github_override: "{{ lookup('env', 'X_GITHUB_OVERRIDE') | default('0', True) }}"
+
+- name: Start mongod service
+ service:
+ name: "{{ mongod_service }}"
+ state: started
+ enabled: yes
+ when: not (ansible_facts.os_family == 'RedHat'
+ and ansible_facts.distribution_major_version|int == 8
+ and is_docker.stat.exists)
+
+- name: Include tasks for RedHat 8 docker issue
+ import_tasks: redhat_docker.yml
+ when:
+ - ansible_facts.os_family == 'RedHat'
+ - ansible_facts.distribution_major_version|int == 8
+ - is_docker.stat.exists
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/redhat_docker.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/redhat_docker.yml
new file mode 100644
index 00000000..d08c66a1
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/tasks/redhat_docker.yml
@@ -0,0 +1,18 @@
+---
+- name: Comment out PIDFile in systemd file
+ lineinfile:
+ path: /etc/systemd/system/multi-user.target.wants/mongod.service
+ regexp: '^PIDFile.*'
+ state: absent
+ register: systemd
+
+- name: Reload systemd
+ systemd:
+ daemon_reload: yes
+ when: systemd is changed
+
+- name: Start mongod service
+ service:
+ name: "{{ mongod_service }}"
+ state: started
+ enabled: yes
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/templates/mongod.conf.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/templates/mongod.conf.j2
new file mode 100644
index 00000000..a4300e5e
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/templates/mongod.conf.j2
@@ -0,0 +1,53 @@
+# mongod.conf
+
+# for documentation of all options, see:
+# http://docs.mongodb.org/manual/reference/configuration-options/
+
+# where to write logging data.
+systemLog:
+ destination: file
+ logAppend: true
+ path: /var/log/mongodb/mongod.log
+
+# Where and how to store data.
+storage:
+ dbPath: {{ db_path }}
+ journal:
+ enabled: true
+ engine: "wiredTiger"
+
+
+# how the process runs
+processManagement:
+{% if ansible_facts.os_family == "RedHat" %} # Breaks Ubuntu / Debian
+ fork: true
+{% if not is_redhat_8_in_docker %}
+ pidFilePath: /var/run/mongodb/mongod.pid
+{% endif %}
+{% endif %}
+ timeZoneInfo: /usr/share/zoneinfo
+
+# network interfaces
+net:
+ port: {{ mongod_port }}
+ bindIp: {{ bind_ip }}
+
+{% if authorization == "enabled" %}
+security:
+ authorization: {{ authorization }}
+{% if replicaset or sharding %}
+ keyFile: /etc/keyfile
+{% endif %}
+{% endif %}
+
+#operationProfiling:
+
+{% if replicaset %}
+replication:
+ replSetName: {{ repl_set_name }}
+{% endif %}
+
+{% if sharding %}
+sharding:
+ clusterRole: shardsvr
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/Debian.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/Debian.yml
new file mode 100644
index 00000000..6b8eaa66
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/Debian.yml
@@ -0,0 +1,5 @@
+---
+mongodb_user: "mongodb"
+mongodb_group: "mongodb"
+mongod_service: "mongod"
+db_path: /var/lib/mongodb
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/RedHat.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/RedHat.yml
new file mode 100644
index 00000000..a48bb4c2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/RedHat.yml
@@ -0,0 +1,5 @@
+---
+mongodb_user: "mongod"
+mongodb_group: "mongod"
+mongod_service: "mongod"
+db_path: /var/lib/mongo
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/default.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/default.yml
new file mode 100644
index 00000000..a48bb4c2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/default.yml
@@ -0,0 +1,5 @@
+---
+mongodb_user: "mongod"
+mongodb_group: "mongod"
+mongod_service: "mongod"
+db_path: /var/lib/mongo
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/main.yml
new file mode 100644
index 00000000..28ce3d22
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongod/vars/main.yml
@@ -0,0 +1,2 @@
+---
+is_redhat_8_in_docker: "{{ ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version|int == 8 and ansible_facts.virtualization_type == 'docker' }}"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/.yamllint b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/.yamllint
new file mode 100644
index 00000000..88276760
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ comments: disable
+ comments-indentation: disable
+ document-start: disable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation: disable
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: disable
+ new-lines:
+ type: unix
+ trailing-spaces: disable
+ truthy: disable
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/README.md
new file mode 100644
index 00000000..b2a9aaf2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/README.md
@@ -0,0 +1,53 @@
+mongodb_mongos
+==============
+
+A role to setup a mongos server for a MongoDB sharded cluster.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should
+be mentioned here. For instance, if the role uses the EC2 module, it may be a
+good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+* `mongos_port`: The port used by the mongos process. Default 27017.
+* `mongos_service`: The name of the mongos service. Default mongos.
+* `mongodb_user`: The Linux OS user for MongoDB. Default mongod.
+* `mongodb_group`: The Linux OS user group for MongoDB. Default mongod.
+* `pid_file`: The pid file for mongos. Default /run/mongodb/mongos.pid.
+* `bind_ip`: The IP address mongos will bind to. Default 0.0.0.0.
+* `mypy`: Python interpretor. Default python
+* `mongos_package`: The name of the mongos installation package. Default mongodb-org-mongos.
+* `config_repl_set_name`: The name of the config server replicaset. Default cfg.
+* `config_servers`: "config1:27019, config2:27019, config3:27019"
+* `openssl_keyfile_content`: The kexfile content that MongoDB uses to authenticate within a replicaset. Generate with cmd: openssl rand -base64 756.
+* `mongos_config_template`: If defined allows to override path to mongod config template with custom configuration. Default "mongos.conf.j2"
+* `skip_restart`: If set to `true` will skip restarting mongos service when config file or the keyfile content changes. Default `true`.
+
+Dependencies
+------------
+
+mongodb_repository
+
+Example Playbook
+----------------
+
+```yaml
+ - hosts: servers
+ roles:
+ - mongodb_repository
+ - mongodb_mongos
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Rhys Campbell (https://github.com/rhysmeister)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/defaults/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/defaults/main.yml
new file mode 100644
index 00000000..abed36e3
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/defaults/main.yml
@@ -0,0 +1,28 @@
+---
+# defaults file for mongodb_mongos
+pid_file: /run/mongodb/mongos.pid
+bind_ip: 0.0.0.0
+# mongos_port in vars to facilitate molecule tests
+mypy: python
+mongos_package: "mongodb-org-mongos"
+config_repl_set_name: cfg
+config_servers: "config1:27019, config2:27019, config3:27019"
+openssl_keyfile_content: |
+ Z2CeA9BMcoY5AUWoegjv/XWL2MA1SQcL4HvmRjYaTjSp/xosJy+LL2X3OQb1xVWC
+ rO2e6Tu6A3R4muunitI6Vr0IKeU5UbTpR0N4hSU6HDrV9z2PIEWlkQqKh01ZRLEY
+ V3hR73acj0jA8eWIWeiV039d18jvMb8X2h8409lfcD6PPJJGjyaC8S4LY/TrsK2z
+ tx+l/vqOOAMhGB5mEMjx1LXUMsRG9ot6vFu9I5LPd1A4q9xw9jddYK5C6YTLccun
+ ZyCDsv7ImkCprV0+0vhTyxIEnfaNtvOlWypuvmRr/DEyd2NPowd1n6C+rgk8gs1t
+ SGLCZP93gXza0rIoQzHtuf5pOJK9qyKjuNtuuLa/KFsida8a69JXn7fmS0IIja0m
+ Ir0OrQ2Ta3n4VbQwQo97BWODWmkgzz0mUd6VmMps5zLsCW1vVqYFQHuAAbLekW0q
+ 8JRm8OQ6n2hp8j4zYd3/Qw7vqsVj8sHicNB0bCW29b64H4f2J/AcUA/cm0xSUQyb
+ +myeCB4vWvydh5AfFVnw7sXvzU6egaYRomdmrl59QrTDneJu13hwzIchsFparoWJ
+ XjpldopGeDaJLU18ga7MSL02ozB+EoJ14DJxQU7E5MQk7fDMPeitXKZ8ymxb7LeA
+ k0Rtc/JQM8aDLoRklhLZRRARBrv1RLo8DM8CB2q4s+FwVU4QJl7mFyiwk3eTN6sN
+ PTgFRo3/dHsEA2OwGG+hnGFGnoYf2mkECR5jqai83CXgva9v2rPNjDTJYHpmd3I0
+ fNijueXZZdzUA58y8mcoSGVYdRhr0g8jaWQ12PZEgX5Nnlekh5GHG0j8HT4qj/0Y
+ D3xVuE3WvrhldY5EOsaTt2ZXZx5REmJDIW1KcnvQKiVDJ2QzP5xdXYA0hh3TdTVE
+ sb4UreMw/WyBpANiICMlJRBgSd0f0VGMlYzLX2BL14YpNnLhmoQqKzfBN6v2XAEG
+ mJfrCUVuP1nBEklk23lYkNi/ohe+aodNjdN+2DHp42sGZHYP
+mongos_config_template: "mongos.conf.j2"
+skip_restart: true
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/handlers.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/handlers.yml
new file mode 100644
index 00000000..7d74ce9d
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/handlers.yml
@@ -0,0 +1,10 @@
+---
+
+- name: Restart mongos service
+ service:
+ name: "{{ mongos_service }}"
+ state: restarted
+
+- name: Wait for port to become active
+ wait_for:
+ port: "{{ mongos_port }}"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/main.yml
new file mode 100644
index 00000000..00c4f25c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+- name: Restart mongos service
+ import_tasks: handlers.yml
+ when: not skip_restart
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/meta/main.yml
new file mode 100644
index 00000000..ba43fdd2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/meta/main.yml
@@ -0,0 +1,58 @@
+---
+galaxy_info:
+ author: your name
+ description: your description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Some suggested licenses:
+ # - BSD (default)
+ # - MIT
+ # - GPLv2
+ # - GPLv3
+ # - Apache
+ # - CC-BY
+ license: license (GPLv2, CC-BY, etc)
+
+ min_ansible_version: 1.2
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ # Optionally specify the branch Galaxy will use when accessing the GitHub
+ # repo for this role. During role install, if no tags are available,
+ # Galaxy will use this branch. During import Galaxy will access files on
+ # this branch. If Travis integration is configured, only notifications for this
+ # branch will be accepted. Otherwise, in all cases, the repo's default branch
+ # (usually master) will be used.
+ # github_branch:
+
+ #
+ # platforms is a list of platforms, and each platform has a name and a list of versions.
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/molecule.yml
new file mode 100644
index 00000000..2f7b7d39
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/molecule.yml
@@ -0,0 +1,76 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ # centos_7 and debian_stretch disabled to reduce test time
+ #- name: centos_7
+ # image: centos:7
+ # command: /sbin/init
+ # privileged: True
+ # volumes:
+ # - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ # networks:
+ # - name: "mymongos"
+ # network_mode: "mymongos"
+ - name: centos_8
+ image: centos:8
+ command: /sbin/init
+ privileged: True
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ networks:
+ - name: "mymongos"
+ network_mode: "mymongos"
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongos"
+ network_mode: "mymongos"
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongos"
+ network_mode: "mymongos"
+ - name: debian_buster
+ image: debian:buster
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongos"
+ network_mode: "mymongos"
+ #- name: debian_stretch
+ # image: debian:stretch
+ # command: /sbin/init
+ # privileged: True
+ # networks:
+ # - name: "mymongos"
+ # network_mode: "mymongos"
+ - name: config1
+ image: ubuntu:16.04
+ command: /sbin/init
+ privileged: True
+ networks:
+ - name: "mymongos"
+ network_mode: "mymongos"
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/playbook.yml
new file mode 100644
index 00000000..12706d4f
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/playbook.yml
@@ -0,0 +1,63 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+
+ vars:
+ admin_user: "admin"
+ admin_user_password: "admin"
+
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_install
+ when: "'config' in ansible_hostname"
+ tags: molecule-idempotence-notest
+ - role: mongodb_config
+ when: "'config' in ansible_hostname"
+ tags: molecule-idempotence-notest
+ - role: mongodb_mongos
+ when: "'config' not in ansible_hostname"
+
+ tasks:
+
+ - name: Install python stuff
+ package:
+ name: ["python-setuptools", "python-pip"]
+ when: ansible_hostname == "config1"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+ when: ansible_hostname == "config1"
+
+ - name: Install MongoDB Shell
+ package:
+ name: mongodb-org-shell
+
+ - name: Init config server replicaset
+ community.mongodb.mongodb_replicaset:
+ login_host: localhost
+ login_port: "27019"
+ replica_set: cfg
+ validate: no
+ members:
+ - config1:27019
+ when: ansible_hostname == "config1"
+
+ - name: Restart the mongos service
+ service:
+ name: mongos
+ state: started
+ when: "'config' not in ansible_hostname"
+
+ - name: Add MongoDB Admin User using localhost exception on the mongos
+ community.mongodb.mongodb_user:
+ name: "{{ admin_user }}"
+ password: "{{ admin_user_password }}"
+ login_port: "27019"
+ database: admin
+ roles:
+ - "root"
+ create_for_localhost_exception: /root/mongodb_admin.success
+ when: ansible_hostname == "config1"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..0a421179
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/default/tests/test_default.py
@@ -0,0 +1,65 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/RedHat.yml"',
+ False,
+ False)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/Debian.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ mongodb_user = include_vars(host)['ansible_facts']['mongodb_user']
+ mongodb_group = include_vars(host)['ansible_facts']['mongodb_group']
+ f = host.file('/etc/mongos.conf')
+
+ assert f.exists
+ assert f.user == mongodb_user
+ assert f.group == mongodb_group
+
+
+def test_mongod_service(host):
+
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ mongos_service = include_vars(host)['ansible_facts']['mongos_service']
+ s = host.service(mongos_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ port = include_vars(host)['ansible_facts']['mongos_port']
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+
+ assert s.is_listening
+
+
+def test_mongos_shell_connectivity(host):
+ '''
+ Tests that we can connect to mongos via the shell annd run a cmd
+ '''
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ port = include_vars(host)['ansible_facts']['mongos_port']
+ cmd = host.run("mongo admin --username admin --password admin --port {0} --eval 'db.runCommand({{listDatabases: 1}})'".format(port))
+
+ assert cmd.rc == 0
+ assert "config" in cmd.stdout
+ assert "admin" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..f790062c
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/molecule.yml
@@ -0,0 +1,60 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-buster
+ box: debian/buster64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: config1
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..4b097947
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/playbook.yml
@@ -0,0 +1,70 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+
+ vars:
+ admin_user: "admin"
+ admin_user_password: "admin"
+
+ roles:
+ - role: mongodb_repository
+ tags: molecule-idempotence-notest
+ - role: mongodb_install
+ when: "'config' in ansible_hostname"
+ tags: molecule-idempotence-notest
+ - role: mongodb_config
+ when: "'config' in ansible_hostname"
+ tags: molecule-idempotence-notest
+ - role: mongodb_mongos
+ when: "'config' not in ansible_hostname"
+
+ tasks:
+
+ - name: Install python stuff
+ package:
+ name: ["python-setuptools", "python-pip"]
+ when: ansible_hostname == "config1"
+
+ - name: Install pymongo
+ pip:
+ name: pymongo
+ when: ansible_hostname == "config1"
+
+ - name: Install MongoDB Shell
+ package:
+ name: mongodb-org-shell
+
+ - name: Init config server replicaset
+ community.mongodb.mongodb_replicaset:
+ login_host: localhost
+ login_port: 27019
+ replica_set: cfg
+ validate: no
+ members:
+ - config1.local:27019
+ when: ansible_hostname == "config1"
+
+ - name: Set add .local prefix to service name
+ lineinfile:
+ path: /etc/mongos.conf
+ regexp: " *configDB: *"
+ line: ' configDB: "cfg/config1.local:27019"'
+ when: "'config' not in ansible_hostname"
+
+ - name: Restart the mongos service
+ service:
+ name: mongos
+ state: restarted
+ when: "'config' not in ansible_hostname"
+
+ - name: Add MongoDB Admin User using localhost exception on the mongos
+ community.mongodb.mongodb_user:
+ name: "{{ admin_user }}"
+ password: "{{ admin_user_password }}"
+ login_port: "27019"
+ database: admin
+ roles:
+ - "root"
+ create_for_localhost_exception: /root/mongodb_admin.success
+ when: ansible_hostname == "config1"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/prepare.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/prepare.yml
new file mode 100644
index 00000000..d56f58bb
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/prepare.yml
@@ -0,0 +1,48 @@
+---
+- name: Prepare
+ hosts: all
+ become: yes
+ vars:
+ avahi_packages_redhat:
+ - "avahi"
+ - "nss-mdns"
+ avahi_packages_debian:
+ - "avahi-daemon"
+ - "avahi-discover"
+ - "libnss-mdns"
+
+ tasks:
+
+ - name: Run apt update
+ shell: apt update
+ when: ansible_os_family == "Debian"
+
+ - name: Ensure epel is available
+ yum:
+ name: epel-release
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_redhat }}"
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Install avahi packages
+ package:
+ name: "{{ avahi_packages_debian }}"
+ state: present
+ when: ansible_os_family == "Debian"
+
+ # debian-stretch seems to require a reboot for avahi-daemon to run
+ - name: Reboot host
+ reboot:
+
+ - name: Ensure services are started
+ service:
+ name: "{{ item }}"
+ state: started
+ with_items:
+ #- dbus
+ - avahi-daemon
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..9f50a354
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,65 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/RedHat.yml"',
+ False,
+ False)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ ansible = host.ansible('include_vars',
+ 'file="../../vars/Debian.yml"',
+ False,
+ False)
+ return ansible
+
+
+def test_mongod_cnf_file(host):
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ mongodb_user = include_vars(host)['ansible_facts']['mongodb_user']
+ mongodb_group = include_vars(host)['ansible_facts']['mongodb_group']
+ f = host.file('/etc/mongos.conf')
+
+ assert f.exists
+ assert f.user == mongodb_user
+ assert f.group == mongodb_group
+
+
+def test_mongod_service(host):
+
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ mongos_service = include_vars(host)['ansible_facts']['mongos_service']
+ s = host.service(mongos_service)
+
+ assert s.is_running
+ assert s.is_enabled
+
+
+def test_mongod_port(host):
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ port = include_vars(host)['ansible_facts']['mongos_port']
+ s = host.socket("tcp://0.0.0.0:{0}".format(port))
+
+ assert s.is_listening
+
+
+def test_mongos_shell_connectivity(host):
+ '''
+ Tests that we can connect to mongos via the shell annd run a cmd
+ '''
+ if host.ansible.get_variables()['inventory_hostname'] != 'config1':
+ port = include_vars(host)['ansible_facts']['mongos_port']
+ cmd = host.run("mongo admin -username admin --password admin --port {0} --eval 'db.runCommand({{listDatabases: 1}})'".format(port))
+
+ assert cmd.rc == 0
+ assert "config" in cmd.stdout
+ assert "admin" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/tasks/main.yml
new file mode 100644
index 00000000..cabc76df
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/tasks/main.yml
@@ -0,0 +1,87 @@
+---
+# tasks file for mongodb_mongos
+- name: Include OS-specific vars
+ include_vars:
+ file: "{{ lookup('first_found', params) }}"
+ vars:
+ params:
+ paths:
+ - "vars"
+ files:
+ - "{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml"
+ - "{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml"
+ - "{{ ansible_facts.distribution }}.yml"
+ - "{{ ansible_facts.os_family }}.yml"
+ - default.yml
+
+- name: Create mongodb_group
+ group:
+ name: "{{ mongodb_group }}"
+ system: yes
+
+- name: Create mongodb_user
+ user:
+ name: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ system: yes
+ createhome: no
+
+- name: Copy keyfile to host
+ copy:
+ content: |
+ {{ openssl_keyfile_content }}
+ dest: /etc/keyfile
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ mode: 0400
+ notify:
+ - Restart mongos service
+
+- name: Ensure /usr/local/bin/ directory exists
+ file:
+ path: /usr/local/bin/
+ state: directory
+ recurse: yes
+
+- name: Ensure mongos service pre start script exists
+ template:
+ src: mongos_pre.sh.j2
+ dest: /usr/local/bin/mongos_pre.sh
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ mode: 0755
+
+- name: Ensure mongos.service file exists
+ template:
+ src: mongos.service.j2
+ dest: /etc/systemd/system/mongos.service
+ owner: root
+ group: root
+ register: sysd
+
+- name: Run systemctl daemon-reload
+ systemd:
+ daemon_reload: yes
+ when: sysd is changed
+
+- name: Ensure mongos.conf file exists
+ template:
+ src: "{{ mongos_config_template }}"
+ dest: /etc/mongos.conf
+ owner: "{{ mongodb_user }}"
+ group: "{{ mongodb_group }}"
+ notify:
+ - Restart mongos service
+
+- name: Ensure mongos package is installed
+ package:
+ name: "{{ mongos_package }}"
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Start mongos service
+ service:
+ name: "{{ mongos_service }}"
+ state: started
+ enabled: yes
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.conf.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.conf.j2
new file mode 100644
index 00000000..2b1d0112
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.conf.j2
@@ -0,0 +1,14 @@
+systemLog:
+ destination: file
+ path: /var/log/mongodb/mongos.log
+ logAppend: true
+ logRotate: reopen
+net:
+ bindIp: {{ bind_ip }}
+ port: {{ mongos_port }}
+sharding:
+ configDB: "{{ config_repl_set_name }}/{{ config_servers }}"
+processManagement:
+ timeZoneInfo: /usr/share/zoneinfo
+security:
+ keyFile: /etc/keyfile
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.service.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.service.j2
new file mode 100644
index 00000000..6f1a11bc
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos.service.j2
@@ -0,0 +1,22 @@
+[Unit]
+Description=mongos
+After=syslog.target
+After=network.target
+
+[Service]
+User={{ mongodb_user }}
+Group={{ mongodb_group }}
+PIDFile={{ pid_file }}
+PermissionsStartOnly=true
+ExecStartPre=/usr/local/bin/mongos_pre.sh
+ExecStart=/usr/bin/mongos --quiet \
+ --config /etc/mongos.conf
+LimitFSIZE=infinity
+LimitCPU=infinity
+LimitAS=infinity
+LimitNOFILE=64000
+LimitNPROC=64000
+TasksAccounting=false
+
+[Install]
+WantedBy=multi-user.target
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos_pre.sh.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos_pre.sh.j2
new file mode 100644
index 00000000..ea58c81a
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/templates/mongos_pre.sh.j2
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+if [ ! -d /var/log/mongodb ]; then
+ mkdir -p /var/log/mongodb && chown {{ mongodb_user }}:{{ mongodb_group }} /var/log/mongodb
+fi
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/Debian.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/Debian.yml
new file mode 100644
index 00000000..02e64683
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/Debian.yml
@@ -0,0 +1,5 @@
+---
+mongodb_user: "mongodb"
+mongodb_group: "mongodb"
+mongos_port: 27017
+mongos_service: "mongos"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/RedHat.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/RedHat.yml
new file mode 100644
index 00000000..47197a81
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/RedHat.yml
@@ -0,0 +1,5 @@
+---
+mongodb_user: "mongod"
+mongodb_group: "mongod"
+mongos_port: 27017
+mongos_service: "mongos"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/default.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/default.yml
new file mode 100644
index 00000000..47197a81
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_mongos/vars/default.yml
@@ -0,0 +1,5 @@
+---
+mongodb_user: "mongod"
+mongodb_group: "mongod"
+mongos_port: 27017
+mongos_service: "mongos"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/.yamllint b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/.yamllint
new file mode 100644
index 00000000..88276760
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ comments: disable
+ comments-indentation: disable
+ document-start: disable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation: disable
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: disable
+ new-lines:
+ type: unix
+ trailing-spaces: disable
+ truthy: disable
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/README.md
new file mode 100644
index 00000000..27af13ad
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/README.md
@@ -0,0 +1,31 @@
+mongodb_repository
+==================
+
+Configures a repository for MongoDB on Debian and RedHat based platforms.
+
+Role Variables
+--------------
+
+mongodb_version: Version of MongoDB. Default "4.2".
+debian_packages: Packages needs on Debian systems for this role.
+
+Example Playbook
+----------------
+
+Set mongodb_version to 4.0.
+
+```yaml
+ - hosts: servers
+ roles:
+ - { role: mongodb_repository, mongodb_version: "4.0" }
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Rhys Campbell (https://github.com/rhysmeister)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/defaults/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/defaults/main.yml
new file mode 100644
index 00000000..5534901f
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+mongodb_version: "4.2"
+debian_packages:
+ - apt-transport-https
+ - curl
+ - gnupg
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/meta/main.yml
new file mode 100644
index 00000000..ba43fdd2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/meta/main.yml
@@ -0,0 +1,58 @@
+---
+galaxy_info:
+ author: your name
+ description: your description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Some suggested licenses:
+ # - BSD (default)
+ # - MIT
+ # - GPLv2
+ # - GPLv3
+ # - Apache
+ # - CC-BY
+ license: license (GPLv2, CC-BY, etc)
+
+ min_ansible_version: 1.2
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ # Optionally specify the branch Galaxy will use when accessing the GitHub
+ # repo for this role. During role install, if no tags are available,
+ # Galaxy will use this branch. During import Galaxy will access files on
+ # this branch. If Travis integration is configured, only notifications for this
+ # branch will be accepted. Otherwise, in all cases, the repo's default branch
+ # (usually master) will be used.
+ # github_branch:
+
+ #
+ # platforms is a list of platforms, and each platform has a name and a list of versions.
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/molecule.yml
new file mode 100644
index 00000000..403ff875
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/molecule.yml
@@ -0,0 +1,34 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ image: centos:7
+ - name: centos_8
+ image: centos:8
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ - name: debian_buster
+ image: debian:buster
+ - name: debian_stretch
+ image: debian:stretch
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/playbook.yml
new file mode 100644
index 00000000..75a509d1
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/playbook.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: mongodb_repository
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..bfe613a4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/default/tests/test_default.py
@@ -0,0 +1,67 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ ansible = host.ansible('include_vars',
+ 'file="../../defaults/main.yml"',
+ False,
+ False)
+ return ansible
+
+
+def get_mongodb_version(host):
+ return include_vars(host)['ansible_facts']['mongodb_version']
+
+
+def test_redhat_mongodb_repository_file(host):
+ # with capsys.disabled(): #Disable autocapture of output and send to stdout N.B capsys must be passed into function
+ # print(include_vars(host)['ansible_facts'])
+ mongodb_version = get_mongodb_version(host)
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ f = host.file("/etc/yum.repos.d/mongodb-{0}.repo".format(mongodb_version))
+ assert f.exists
+ assert f.user == 'root'
+ assert f.group == 'root'
+ assert f.mode == 0o644
+ assert f.md5sum == "71c3a725d5aad794793a4b599f7564c0"
+
+
+def test_redhat_yum_search(host):
+ mongodb_version = get_mongodb_version(host)
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ cmd = host.run("yum search mongodb --disablerepo='*' \
+ --enablerepo='mongodb-{0}'".format(mongodb_version))
+
+ assert cmd.rc == 0
+ assert "MongoDB database server" in cmd.stdout
+
+
+def test_debian_cassandra_repository_file(host):
+ mongodb_version = get_mongodb_version(host)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ f = host.file("/etc/apt/sources.list.d/mongodb-{0}.list".format(mongodb_version))
+
+ assert f.exists
+ assert f.user == 'root'
+ assert f.group == 'root'
+ assert f.mode == 0o644
+ assert "repo.mongodb.org" in f.content_string
+ assert mongodb_version in f.content_string
+
+
+def test_debian_apt_search(host):
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ cmd = host.run("apt search mongodb")
+
+ assert cmd.rc == 0
+ assert "mongodb-org-server" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..14d29680
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/molecule.yml
@@ -0,0 +1,54 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-buster
+ box: debian/buster64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+ interfaces:
+ - network_name: private_network
+ type: dhcp
+ auto_config: true
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..d49d9e23
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/playbook.yml
@@ -0,0 +1,6 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+ roles:
+ - role: mongodb_repository
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..bfe613a4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,67 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def include_vars(host):
+ ansible = host.ansible('include_vars',
+ 'file="../../defaults/main.yml"',
+ False,
+ False)
+ return ansible
+
+
+def get_mongodb_version(host):
+ return include_vars(host)['ansible_facts']['mongodb_version']
+
+
+def test_redhat_mongodb_repository_file(host):
+ # with capsys.disabled(): #Disable autocapture of output and send to stdout N.B capsys must be passed into function
+ # print(include_vars(host)['ansible_facts'])
+ mongodb_version = get_mongodb_version(host)
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ f = host.file("/etc/yum.repos.d/mongodb-{0}.repo".format(mongodb_version))
+ assert f.exists
+ assert f.user == 'root'
+ assert f.group == 'root'
+ assert f.mode == 0o644
+ assert f.md5sum == "71c3a725d5aad794793a4b599f7564c0"
+
+
+def test_redhat_yum_search(host):
+ mongodb_version = get_mongodb_version(host)
+ if host.system_info.distribution == "redhat" \
+ or host.system_info.distribution == "centos":
+ cmd = host.run("yum search mongodb --disablerepo='*' \
+ --enablerepo='mongodb-{0}'".format(mongodb_version))
+
+ assert cmd.rc == 0
+ assert "MongoDB database server" in cmd.stdout
+
+
+def test_debian_cassandra_repository_file(host):
+ mongodb_version = get_mongodb_version(host)
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ f = host.file("/etc/apt/sources.list.d/mongodb-{0}.list".format(mongodb_version))
+
+ assert f.exists
+ assert f.user == 'root'
+ assert f.group == 'root'
+ assert f.mode == 0o644
+ assert "repo.mongodb.org" in f.content_string
+ assert mongodb_version in f.content_string
+
+
+def test_debian_apt_search(host):
+ if host.system_info.distribution == "debian" \
+ or host.system_info.distribution == "ubuntu":
+ cmd = host.run("apt search mongodb")
+
+ assert cmd.rc == 0
+ assert "mongodb-org-server" in cmd.stdout
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/Debian.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/Debian.yml
new file mode 100644
index 00000000..e6b8159d
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/Debian.yml
@@ -0,0 +1,30 @@
+---
+# tasks file for mongodb_repository (Debian os_family)
+- name: Install debian packages
+ apt:
+ name: "{{ debian_packages }}"
+ state: present
+ register: _apt
+ until: _apt is succeeded
+ retries: 5
+
+- name: Add apt key for MongoDB repository
+ apt_key:
+ url: "https://www.mongodb.org/static/pgp/server-{{ mongodb_version }}.asc"
+ state: present
+ register: _apt
+ until: _apt is succeeded
+ retries: 5
+
+- name: Ensure MongoDB apt repository exists
+ apt_repository:
+ repo: "deb{{ repo_opts }} https://repo.mongodb.org/apt/{{ ansible_facts.distribution|lower }} {{ ansible_facts.distribution_release }}/mongodb-org/{{ mongodb_version }} {{ component }}"
+ state: present
+ filename: "mongodb-{{ mongodb_version }}"
+ vars:
+ # include initial space in repo_opts
+ repo_opts: "{% if ansible_facts.distribution == 'Ubuntu' %} [ arch=amd64,arm64 ]{% endif %}"
+ component: "{% if ansible_facts.distribution == 'Ubuntu' %}multiverse{% else %}main{% endif %}"
+ register: _apt
+ until: _apt is succeeded
+ retries: 5
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/RedHat.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/RedHat.yml
new file mode 100644
index 00000000..6a110e97
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/RedHat.yml
@@ -0,0 +1,20 @@
+---
+# tasks file for mongodb_repository (RedHat os_family)
+- name: Add mongodb.org gpgkey
+ rpm_key:
+ key: https://www.mongodb.org/static/pgp/server-{{ mongodb_version }}.asc
+ state: present
+ register: _yum
+ until: _yum is succeeded
+ retries: 5
+
+- name: Ensure MongoDB yum repository exists
+ yum_repository:
+ name: "mongodb-{{ mongodb_version }}"
+ description: "Official MongoDB {{ mongodb_version }} yum repo"
+ baseurl: "https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/{{ mongodb_version }}/x86_64/"
+ gpgcheck: true
+ gpgkey: "https://www.mongodb.org/static/pgp/server-{{ mongodb_version }}.asc"
+ register: _yum
+ until: _yum is succeeded
+ retries: 5
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/main.yml
new file mode 100644
index 00000000..bf77da35
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_repository/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+# tasks file for mongodb_repository
+- name: Include OS-specific tasks
+ include_tasks: "{{ ansible_facts.os_family }}.yml"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/.yamllint b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/.yamllint
new file mode 100644
index 00000000..88276760
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ colons:
+ max-spaces-after: -1
+ level: error
+ commas:
+ max-spaces-after: -1
+ level: error
+ comments: disable
+ comments-indentation: disable
+ document-start: disable
+ empty-lines:
+ max: 3
+ level: error
+ hyphens:
+ level: error
+ indentation: disable
+ key-duplicates: enable
+ line-length: disable
+ new-line-at-end-of-file: disable
+ new-lines:
+ type: unix
+ trailing-spaces: disable
+ truthy: disable
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/README.md b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/README.md
new file mode 100644
index 00000000..5f5b9f45
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/README.md
@@ -0,0 +1,29 @@
+mongodb_linux
+=============
+
+Configures SeLinux as per the instructions located at https://docs.mongodb.com/manual/tutorial/install-mongodb-on-red-hat/
+
+
+Role Variables
+--------------
+
+required_packages: Package required for this role. Currently checkpolicy & policycoreutils-python.
+
+Example Playbook
+----------------
+
+```yaml
+ - hosts: servers
+ roles:
+ - "mongodb_selinux"
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Rhys Campbell (https://github.com/rhysmeister)
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/files/compile_mongodb_selinux.sh b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/files/compile_mongodb_selinux.sh
new file mode 100644
index 00000000..c403b584
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/files/compile_mongodb_selinux.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+set -e;
+set -u;
+
+checkmodule -M -m -o /root/mongodb_cgroup_memory.mod /root/mongodb_cgroup_memory.te
+semodule_package -o /root/mongodb_cgroup_memory.pp -m /root/mongodb_cgroup_memory.mod
+semodule -i /root/mongodb_cgroup_memory.pp
+touch /root/mongodb_selinux.success;
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/meta/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/meta/main.yml
new file mode 100644
index 00000000..ba43fdd2
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/meta/main.yml
@@ -0,0 +1,58 @@
+---
+galaxy_info:
+ author: your name
+ description: your description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Some suggested licenses:
+ # - BSD (default)
+ # - MIT
+ # - GPLv2
+ # - GPLv3
+ # - Apache
+ # - CC-BY
+ license: license (GPLv2, CC-BY, etc)
+
+ min_ansible_version: 1.2
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ # Optionally specify the branch Galaxy will use when accessing the GitHub
+ # repo for this role. During role install, if no tags are available,
+ # Galaxy will use this branch. During import Galaxy will access files on
+ # this branch. If Travis integration is configured, only notifications for this
+ # branch will be accepted. Otherwise, in all cases, the repo's default branch
+ # (usually master) will be used.
+ # github_branch:
+
+ #
+ # platforms is a list of platforms, and each platform has a name and a list of versions.
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+# List your role dependencies here, one per line. Be sure to remove the '[]' above,
+# if you add dependencies to this list.
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/Dockerfile.j2 b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..935dd3d7
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/Dockerfile.j2
@@ -0,0 +1,39 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+# Add systemd-sysv package for Debian to get systemd working (and procps for sysctl) and netbase for firewalld
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 systemd-sysv procps netbase && apt-get clean; \
+ elif [ $(command -v dnf) ] && grep -q 'platform:el8' /etc/os-release ; then dnf makecache && dnf update -y && dnf --assumeyes install python3 sudo python3-devel bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && rm -Rf /usr/share/doc && rm -Rf /usr/share/man && dnf clean all && cp /bin/true /sbin/agetty; \
+ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash iproute && dnf clean all; \
+ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
+ elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+ elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+
+{% if item.image == 'centos:8' %}
+# Stuff for systemd https://hub.docker.com/_/centos
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
+ systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+ rm -f /lib/systemd/system/multi-user.target.wants/*;\
+ rm -f /etc/systemd/system/*.wants/*;\
+ rm -f /lib/systemd/system/local-fs.target.wants/*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+ rm -f /lib/systemd/system/basic.target.wants/*;\
+ rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]
+{% endif %}
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/molecule.yml
new file mode 100644
index 00000000..403ff875
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/molecule.yml
@@ -0,0 +1,34 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos_7
+ image: centos:7
+ - name: centos_8
+ image: centos:8
+ - name: ubuntu_16
+ image: ubuntu:16.04
+ - name: ubuntu_18
+ image: ubuntu:18.04
+ - name: debian_buster
+ image: debian:buster
+ - name: debian_stretch
+ image: debian:stretch
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/playbook.yml
new file mode 100644
index 00000000..94943c2a
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/playbook.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: mongodb_selinux
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..70c02eb6
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/default/tests/test_default.py
@@ -0,0 +1,13 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def test_mongodb_cgroup_module_installed(host):
+ cmd = host.run("semodule --list-modules | grep mongodb_cgroup_memory")
+
+ assert cmd.rc == 0
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/molecule.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/molecule.yml
new file mode 100644
index 00000000..bcaaf4c4
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/molecule.yml
@@ -0,0 +1,36 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+lint:
+ name: yamllint
+ options:
+ config-data:
+ line-length: disable
+platforms:
+ - name: centos-7
+ box: centos/7
+ - name: centos-8
+ box: generic/centos8
+ - name: ubuntu-16
+ box: ubuntu/xenial64
+ - name: ubuntu-18
+ box: ubuntu/bionic64
+ - name: debian-buster
+ box: debian/buster64
+ - name: debian-stretch
+ box: debian/contrib-stretch64 # Standard debian/stretch64 had issues: Unable to locate package linux-headers-4.9.0-9-amd64
+provisioner:
+ name: ansible
+ lint:
+ name: ansible-lint
+ enabled: false
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
+ options:
+ ignore: 'E501'
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/playbook.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/playbook.yml
new file mode 100644
index 00000000..929837d5
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/playbook.yml
@@ -0,0 +1,6 @@
+---
+- name: Converge
+ hosts: all
+ become: yes
+ roles:
+ - role: mongodb_selinux
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/tests/test_default.py b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/tests/test_default.py
new file mode 100644
index 00000000..1cee4af9
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/molecule/virtualbox/tests/test_default.py
@@ -0,0 +1,14 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']
+).get_hosts('all')
+
+
+def test_mongodb_cgroup_module_installed(host):
+ with host.sudo():
+ cmd = host.run("semodule --list-modules | grep mongodb_cgroup_memory")
+
+ assert cmd.rc == 0
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/tasks/main.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/tasks/main.yml
new file mode 100644
index 00000000..981e8ba8
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/tasks/main.yml
@@ -0,0 +1,44 @@
+---
+# tasks file for mongodb_selinux
+- name: Include OS-specific vars
+ include_vars:
+ file: "{{ lookup('first_found', params) }}"
+ vars:
+ params:
+ paths:
+ - "vars"
+ files:
+ - "{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml"
+ - "{{ ansible_facts.os_family }}-{{ ansible_facts.distribution_major_version }}.yml"
+ - "{{ ansible_facts.distribution }}.yml"
+ - "{{ ansible_facts.os_family }}.yml"
+ - default.yml
+
+- name: Install required packages
+ package:
+ name: "{{ required_packages }}"
+ register: _pkg
+ until: _pkg is succeeded
+ retries: 5
+
+- name: Copy custom MongoDB SeLinux Policy to Host
+ copy:
+ content: |
+ module mongodb_cgroup_memory 1.0;
+
+ require {
+ type cgroup_t;
+ type mongod_t;
+ class dir search;
+ class file { getattr open read };
+ }
+
+ #============= mongod_t ==============
+ allow mongod_t cgroup_t:dir search;
+ allow mongod_t cgroup_t:file { getattr open read };
+ dest: /root/mongodb_cgroup_memory.te
+
+- name: Compile & Install MongoDB Policy
+ script: files/compile_mongodb_selinux.sh
+ args:
+ creates: /root/mongodb_selinux.success
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Debian.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Debian.yml
new file mode 100644
index 00000000..838b5143
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Debian.yml
@@ -0,0 +1,9 @@
+---
+# defaults file for mongodb_selinux
+required_packages:
+ - "checkpolicy"
+ - "policycoreutils-python-utils"
+ - "selinux-policy-mls"
+ - "selinux-policy-default"
+ - "selinux-policy-src"
+ - "selinux-policy-doc"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-7.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-7.yml
new file mode 100644
index 00000000..2b36fa9e
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-7.yml
@@ -0,0 +1,9 @@
+---
+# defaults file for mongodb_selinux
+required_packages:
+ - "checkpolicy"
+ - "policycoreutils-python"
+ - "selinux-policy-mls"
+ - "selinux-policy"
+ - "selinux-policy-doc"
+ - "selinux-policy-targeted"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-8.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-8.yml
new file mode 100644
index 00000000..71aaccb1
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/RedHat-8.yml
@@ -0,0 +1,9 @@
+---
+# defaults file for mongodb_selinux
+required_packages:
+ - "checkpolicy"
+ - "policycoreutils-python-utils"
+ - "selinux-policy-mls"
+ - "selinux-policy"
+ - "selinux-policy-doc"
+ - "selinux-policy-targeted"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Ubuntu-16.04.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Ubuntu-16.04.yml
new file mode 100644
index 00000000..281472a8
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/Ubuntu-16.04.yml
@@ -0,0 +1,9 @@
+---
+# defaults file for mongodb_selinux
+required_packages:
+ - "checkpolicy"
+ - "policycoreutils"
+ - "selinux-policy-mls"
+ - "selinux-policy-default"
+ - "selinux-policy-src"
+ - "selinux-policy-doc"
diff --git a/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/default.yml b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/default.yml
new file mode 100644
index 00000000..bb5fce4a
--- /dev/null
+++ b/collections-debian-merged/ansible_collections/community/mongodb/roles/mongodb_selinux/vars/default.yml
@@ -0,0 +1,5 @@
+---
+# defaults file for mongodb_selinux
+required_packages:
+ - "checkpolicy"
+ - "policycoreutils-python"