# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- - name: Include provision_idrac vars include_vars: "{{ playbook_dir }}/../roles/provision_idrac/vars/main.yml" run_once: true - name: Include control_plane_common vars include_vars: "{{ playbook_dir }}/../roles/control_plane_common/vars/main.yml" run_once: true - name: Include idrac_vars.yml include_vars: "{{ playbook_dir }}/../{{ idrac_input_filename }}" run_once: true - name: Warning - waiting for one minute pause: minutes: 1 prompt: "{{ enable_2fa_warning_msg }}" run_once: true - name: Set two_factor_authentication in lowercase set_fact: two_factor_authentication: "{{ two_factor_authentication | lower }}" - name: Assert two_factor_authentication value assert: that: - two_factor_authentication | length > 1 - two_factor_authentication == "enabled" or two_factor_authentication == "disabled" success_msg: "{{ simple_2fa_success_msg }}" fail_msg: "{{ simple_2fa_fail_msg }}" - name: Disable 2FA message fail: msg: "{{ idrac_2fa_disable_msg }}" when: two_factor_authentication == "disabled" - block: - name: Check idrac_tools_vars.yml file is encrypted command: cat "{{ playbook_dir }}/../{{ idrac_tools_vars_filename }}" changed_when: false run_once: true register: config_content - name: Decrpyt idrac_tools_vars.yml command: >- ansible-vault decrypt "{{ playbook_dir }}/../{{ idrac_tools_vars_filename }}" --vault-password-file "{{ playbook_dir }}/../{{ idrac_tools_vaultname }}" changed_when: false run_once: true when: "'$ANSIBLE_VAULT;' in config_content.stdout" - name: Include variable file idrac_tools_vars.yml include_vars: "{{ playbook_dir }}/../{{ idrac_tools_vars_filename }}" run_once: true no_log: true - name: Validate SMTP parameters are not empty fail: msg: "{{ smtp_input_fail_msg }}" when: - dns_domain_name | length < 1 or ipv4_static_dns1 | length < 1 or ipv4_static_dns2 | length < 1 or smtp_server_ip | length < 1 or use_email_address_2fa | length < 1 - name: Validate SMTP parameters if smtp_authentication is enabled fail: msg: "{{ smtp_input_fail_msg }} when smtp_authentication is enabled" when: - smtp_authentication | lower == "enabled" - smtp_username | length < 1 or smtp_password | length < 1 - name: Assert use_email_address_2fa value assert: that: '"@" in use_email_address_2fa' success_msg: "{{ email_address_success_msg }}" fail_msg: "{{ email_address_fail_msg }}" - name: Encrypt idrac_tools_vars.yml command: >- ansible-vault encrypt "{{ playbook_dir }}/../{{ idrac_tools_vars_filename }}" --vault-password-file "{{ playbook_dir }}/../{{ idrac_tools_vaultname }}" changed_when: false run_once: true when: "'$ANSIBLE_VAULT;' in config_content.stdout" when: two_factor_authentication == "enabled"