Ansible-Playbooks/OneAccess-Ansible-Playbook/roles/ssg-8.3/tasks/main.yml


								---


								  - name: This module only works on CentOS 6

								    assert:

								      that:

								        - "ansible_os_family == 'RedHat'"


								  - name: Install pexpect

								    yum: name=pexpect state=installed


								  - name: Copy the SSG 8.3 installation package

								    copy: src={{ item }} dest={{ sources_dir }}/rpms

								    with_items: [ 'ssg-8.3.00-2.noarch.rpm', 'ssg-mag-2.3.0-1.noarch.rpm' ]

								    register: rpmsdir

								    tags: rpm


								  - name: Update the RPM local repository

								    command: createrepo {{ sources_dir }}/rpms

								    when: rpmsdir.changed

								    tags: rpm


								  - name: Flush the yum caches

								    command: yum clean all

								    when: rpmsdir.changed

								    tags: rpm


								  - name: Install SSG 8.3

								    yum: name=ssg state=installed

								    tags: rpm


								  - name: Set SSH key for the "gateway" user

								    authorized_key: user={{ ssg_runtime_user }} key="{{ ansible_ssh_public_key }}" manage_dir=yes

								    tags: user


								  - name: Copy the SSG setup script

								    template: src=setup_ssg_83.py dest={{ sources_dir }}/setup_ssg_83.py mode=0755


								  - name: Setup SSG

								    command: creates=/opt/SecureSpan/Gateway/node/default/etc/conf/node.properties {{ sources_dir }}/setup_ssg_83.py


								  - name: Create the hierarchy for auto provisioning

								    file: path=/opt/SecureSpan/Gateway/node/default/etc/bootstrap state=directory owner={{ ssg_user }} group={{ ssg_group }} mode=0755


								  - name: Create the hierarchy for license auto provisioning

								    file: path=/opt/SecureSpan/Gateway/node/default/etc/bootstrap/license state=directory owner={{ ssg_user }} group={{ ssg_group }} mode=0755

								    tags: license


								  - name: Publish the licence for auto provisioning

								    copy: src={{ item }} dest=/opt/SecureSpan/Gateway/node/default/etc/bootstrap/license/

								    with_items: [ 'gw_license.xml', 'mag_license.xml' ]

								    tags: license


								  - name: Create the hierarchy for service auto provisioning

								    file: path=/opt/SecureSpan/Gateway/node/default/etc/bootstrap/services state=directory owner={{ ssg_user }} group={{ ssg_group }} mode=0755


								  - name: Publish the services for auto provisioning

								    file: state=touch owner={{ ssg_user }} group={{ ssg_group }} mode=0755 dest=/opt/SecureSpan/Gateway/node/default/etc/bootstrap/services/{{ item }}

								    with_items: [ 'restman' ]


								  - name: Start the Gateway service

								    command: /opt/SecureSpan/Gateway/runtime/bin/gateway.sh start


								  - name: Install the tcp_tune script

								    template: dest=/etc/init.d/tcp_tune src=tcp_tune mode=0755


								  - name: Make sure the tcp_tune service is started and enabled

								    service: name=tcp_tune enabled=yes state=restarted


								  - name: Generate certificates for Layer7

								    local_action: command creates="{{ lookup('env', 'BASEDIR') }}/roles/ssg-8.3/files/layer7.jks" "{{ lookup('env', 'BASEDIR') }}/pki/gen_certs.sh"

								    sudo: false

								    environment:

								      CERT_CN: "{{ ssg_ssl_certificate_cn }}"

								      PASSWORD: "{{ ssg_ssl_certificate_password }}"

								      BASENAME: "layer7"

								      OUTDIR: "{{ lookup('ENV', 'BASEDIR') }}/roles/ssg-8.3/files/"

								    tags: certificate

								    when: ssg_ssl_certificate_cn is defined


								  - name: Install MAG 2.3

								    yum: name=ssg-mag state=installed

								    tags: rpm


								  - name: Import the MAG DB Schema

								    mysql_db: login_user={{ ssg_otk_db_user }} login_password={{ ssg_otk_db_password }} name={{ ssg_otk_db_name }} state=import target=/opt/SecureSpan/Gateway/config/etc/sql/mag_db_schema.sql

								    tags:

								      - db

								      - db-schema