Merge pull request #3249 from edx/bbeggs/TE-1430

TE-1430: add gomatic automation user

Merge pull request #3249 from edx/bbeggs/TE-1430
TE-1430: add gomatic automation user
c20209ec · Brian Beggs · GitHub · 3115c196 · 8dbf4c89 · c20209ec
Commit c20209ec authored Jul 18, 2016 by Brian Beggs Committed by GitHub Jul 18, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 12 deletions

playbooks/roles/go-server/defaults/main.yml
+2 -0

playbooks/roles/go-server/tasks/main.yml
+15 -12

playbooks/roles/go-server/templates/edx/app/go-server/password.txt.j2
+1 -0

No files found.
--- a/playbooks/roles/go-server/defaults/main.yml
+++ b/playbooks/roles/go-server/defaults/main.yml
@@ -50,6 +50,8 @@ GO_SERVER_ADMIN_USERNAME: ""
 GO_SERVER_ADMIN_PASSWORD: ""
 GO_SERVER_BACKUP_USERNAME: ""
 GO_SERVER_BACKUP_PASSWORD: ""
+GO_SERVER_GOMATIC_USERNAME: ""
+GO_SERVER_GOMATIC_PASSWORD: ""

 # go-server network settings
 GO_SERVER_PORT: 8153

--- a/playbooks/roles/go-server/tasks/main.yml
+++ b/playbooks/roles/go-server/tasks/main.yml
@@ -87,6 +87,12 @@
  register: backup_user_password_line
  when: GO_SERVER_BACKUP_USERNAME and GO_SERVER_BACKUP_PASSWORD

+- name: generate line for go-server password file for gomatic user
+  command: >
+    /usr/bin/htpasswd -nbs "{{ GO_SERVER_GOMATIC_USERNAME }}" "{{ GO_SERVER_GOMATIC_PASSWORD }}"
+  register: gomatic_user_password_line
+  when: GO_SERVER_GOMATIC_USERNAME and GO_SERVER_GOMATIC_PASSWORD
+
 - name: setup password file
  template:
    src: edx/app/go-server/password.txt.j2
@@ -95,7 +101,7 @@
    owner: "{{ GO_SERVER_USER }}"
    group: "{{ GO_SERVER_GROUP }}"
    force: no
-  when: GO_SERVER_ADMIN_PASSWORD and GO_SERVER_BACKUP_PASSWORD
+  when: GO_SERVER_ADMIN_PASSWORD and GO_SERVER_BACKUP_PASSWORD AND GO_SERVER_GOMATIC_PASSWORD

 - name: install go-server configuration
  template:
@@ -109,19 +115,16 @@
 - include: download_backup.yml
  when: GO_SERVER_BACKUP_S3_BUCKET and GO_SERVER_BACKUP_S3_OBJECT and GO_SERVER_RESTORE_BACKUP

- name: replace the admin line in the password file post-restore
-  lineinfile:
-    dest: "{{ GO_SERVER_CONF_HOME }}/{{ GO_SERVER_PASSWORD_FILE_NAME }}"
-    regexp: "^{{ GO_SERVER_ADMIN_USERNAME }}"
-    line: "{{ admin_user_password_line.stdout }}"
-  when: GO_SERVER_ADMIN_USERNAME and GO_SERVER_ADMIN_PASSWORD
-
- name: replace the backup line in the password file post-restore
+- name: replace the password lines in the password file post-restore
  lineinfile:
    dest: "{{ GO_SERVER_CONF_HOME }}/{{ GO_SERVER_PASSWORD_FILE_NAME }}"
-    regexp: "^{{ GO_SERVER_BACKUP_USERNAME }}"
-    line: "{{ backup_user_password_line.stdout }}"
-  when: GO_SERVER_BACKUP_USERNAME and GO_SERVER_BACKUP_PASSWORD
+    regexp: "^{{ item.username }}"
+    line: "{{ item.password_hash.stdout }}"
+  with_items:
+    - { username: GO_SERVER_ADMIN_USERNAME, password: GO_SERVER_ADMIN_PASSWORD, password_hash: admin_user_password_line }
+    - { username: GO_SERVER_BACKUP_USERNAME, password: GO_SERVER_BACKUP_PASSWORD, password_hash: backup_user_password_line }
+    - { username: GO_SERVER_GOMATIC_USERNAME, password: GO_SERVER_GOMATIC_PASSWORD, password_hash: gomatic_user_password_line }
+  when: item.username and item.password and item.password_hash

 - name: restart go-server
  service:

--- a/playbooks/roles/go-server/templates/edx/app/go-server/password.txt.j2
+++ b/playbooks/roles/go-server/templates/edx/app/go-server/password.txt.j2
 {{ admin_user_password_line.stdout }}
 {{ backup_user_password_line.stdout }}
+{{ gomatic_user_password_line.stdout }}