vars and tasks swap

2023-07-15 00:25:46 -07:00 · 2023-07-15 00:25:46 -07:00 · ede3065837
commit ede3065837
parent cc42eb6dad
2 changed files with 89 additions and 90 deletions
--- a/tasks/rabbitmq/users.yml
+++ b/tasks/rabbitmq/users.yml
@ -1,61 +1,34 @@
 ---
-rabbitmq_users:
+- name: Remove users from rabbitmq
-  - user: guest
+  community.rabbitmq.rabbitmq_user:
    user: "{{ item.user }}"
    state: absent
-  - user: rockyadmin
+  when: item.state == 'absent'
-    state: present
+
-    tags: "administrator"
+- name: Add and configure single vhost users
-    permissions:
+  community.rabbitmq.rabbitmq_user:
-      - vhost: /
+    user: "{{ item.user }}"
-        configure_priv: ".*"
+    password: "{{ item.password | default(omit) }}"
-        read_priv: ".*"
+    update_password: "{{ item.update_password | default(omit) }}"
-        write_priv: ".*"
+    topic_permissions: "{{ item.topic_permissions | default(omit) }}"
-      - vhost: pubsub
+    configure_priv: "{{ item.configure_priv | default(omit) }}"
-        configure_priv: ".*"
+    write_priv: "{{ item.write_priv | default(omit) }}"
-        read_priv: ".*"
+    read_priv: "{{ item.read_priv | default(omit) }}"
-        write_priv: ".*"
+    vhost: "{{ item.vhost }}"
-      - vhost: public_pubsub
+    tags: "{{ item.tags | default(omit) }}"
-        configure_priv: ".*"
+  loop: "{{ rabbitmq_users }}"
-        read_priv: ".*"
+  when: item.vhost is defined
-        write_priv: ".*"
+
-      - vhost: mbs
+- name: Add and configure multi vhost users
-        configure_priv: ".*"
+  community.rabbitmq.rabbitmq_user:
-        read_priv: ".*"
+    user: "{{ item.user }}"
-        write_priv: ".*"
+    password: "{{ item.password | default(omit) }}"
-      - vhost: distrobuild
+    update_password: "{{ item.update_password | default(omit) }}"
-        configure_priv: ".*"
+    topic_permissions: "{{ item.topic_permissions | default(omit) }}"
-        read_priv: ".*"
+    permissions: "{{ item.permissions }}"
-        write_priv: ".*"
+    tags: "{{ item.tags | default(omit) }}"
-      - vhost: odcs
+  loop: "{{ rabbitmq_users }}"
-        configure_priv: ".*"
+  when:
-        read_priv: ".*"
+    - item.vhost is not defined
-        write_priv: ".*"
+    - item.permissions is defined
  - user: mbs
    state: present
    configure_priv: ".*"
    read_priv: ".*"
    write_priv: ".*"
    vhost: mbs
  - user: distrobuild
    state: present
    configure_priv: ".*"
    read_priv: ".*"
    write_priv: ".*"
    vhost: distrobuild
  - user: rockymonitor
    state: present
    permissions:
      - vhost: /
        configure_priv: "^$"
        read_priv: "^$"
        write_priv: "^$"
      - vhost: pubsub
        configure_priv: "^$"
        read_priv: "^$"
        write_priv: "^$"
      - vhost: public_pubsub
        configure_priv: "^$"
        read_priv: "^$"
        write_priv: "^$"
    tags: "monitoring"
 ...
--- a/vars/rabbitmq_users.yml
+++ b/vars/rabbitmq_users.yml
@ -1,35 +1,61 @@
 ---
- name: Remove users from rabbitmq
+rabbitmq_users:
-  community.rabbitmq.rabbitmq_user:
+  - user: guest
    user: "{{ item.user }}"
    state: absent
-  when: item.state == 'absent'
+  - user: rockyadmin
-
+    state: present
- name: Add and configure single vhost users
+    tags: "administrator"
-  community.rabbitmq.rabbitmq_user:
+    permissions:
-    user: "{{ item.user }}"
+      - vhost: /
-    password: "{{ item.password|default(omit) }}"
+        configure_priv: ".*"
-    update_password: "{{ item.update_password|default(omit) }}"
+        read_priv: ".*"
-    topic_permissions: "{{ item.topic_permissions|default(omit) }}"
+        write_priv: ".*"
-    configure_priv: "{{ item.configure_priv|default(omit) }}"
+      - vhost: pubsub
-    write_priv: "{{ item.write_priv|default(omit) }}"
+        configure_priv: ".*"
-    read_priv: "{{ item.read_priv|default(omit) }}"
+        read_priv: ".*"
-    vhost: "{{ item.vhost }}"
+        write_priv: ".*"
-    tags: "{{ item.tags|default(omit) }}"
+      - vhost: public_pubsub
-  loop: "{{ rabbitmq_users }}"
+        configure_priv: ".*"
-  when: item.vhost is defined
+        read_priv: ".*"
-
+        write_priv: ".*"
- name: Add and configure multi-vhost users
+      - vhost: mbs
-  community.rabbitmq.rabbitmq_user:
+        configure_priv: ".*"
-    user: "{{ item.user }}"
+        read_priv: ".*"
-    password: "{{ item.password|default(omit) }}"
+        write_priv: ".*"
-    update_password: "{{ item.update_password|default(omit) }}"
+      - vhost: distrobuild
-    permissions: "{{ item.permissions }}"
+        configure_priv: ".*"
-    topic_permissions: "{{ item.topic_permissions|default(omit) }}"
+        read_priv: ".*"
-    vhost: "{{ item.vhost }}"
+        write_priv: ".*"
-    tags: "{{ item.tags|default(omit) }}"
+      - vhost: odcs
-  loop: "{{ rabbitmq_users }}"
+        configure_priv: ".*"
-  when:
+        read_priv: ".*"
-    - item.vhost is not defined
+        write_priv: ".*"
-    - item.permissions is defined
+  - user: mbs
    state: present
    configure_priv: ".*"
    read_priv: ".*"
    write_priv: ".*"
    vhost: mbs
  - user: distrobuild
    state: present
    configure_priv: ".*"
    read_priv: ".*"
    write_priv: ".*"
    vhost: distrobuild
  - user: rockymonitor
    state: present
    permissions:
      - vhost: /
        configure_priv: "^$"
        read_priv: "^$"
        write_priv: "^$"
      - vhost: pubsub
        configure_priv: "^$"
        read_priv: "^$"
        write_priv: "^$"
      - vhost: public_pubsub
        configure_priv: "^$"
        read_priv: "^$"
        write_priv: "^$"
    tags: "monitoring"
 ...