Merge pull request elastic#75 from LaneCommunityCollege/optional_user

gingerwizard · gingerwizard · commit 7d941210179d · 2016-04-16T12:30:46.000+01:00
For elastic#36 - Add support for creating optional elasticsearch user and group
diff --git a/README.md b/README.md
@@ -221,6 +221,10 @@ If installing Marvel or Watcher, ensure the license plugin is also specified.  S
 
 * ```es_user``` - defaults to elasticsearch.
 * ```es_group``` - defaults to elasticsearch.
+* ```es_user_id``` - default is undefined.
+* ```es_group_id``` - default is undefined.
+
+Both ```es_user_id``` and ```es_group_id``` must be set for the user and group ids to be set. 
 
 By default, each node on a host will be installed to use unique pid, plugin, work, data and log directories.  These directories are created, using the instance and host name, beneath default locations ]
 controlled by the following parameters:
diff --git a/tasks/elasticsearch-optional-user.yml b/tasks/elasticsearch-optional-user.yml
@@ -0,0 +1,18 @@
+---
+#Add the elasticsearch user before installing from packages.
+- name: Ensure optional elasticsearch group is created with the correct id.
+  group:
+    state: present
+    name: "{{ es_group }}"
+    system: yes
+    gid: "{{ es_group_id }}"
+
+- name: Ensure optional elasticsearch user is created with the correct id.
+  user:
+    state: present
+    name: "{{ es_user }}"
+    comment: elasticsearch system user
+    system: yes
+    createhome: no
+    uid: "{{ es_user_id }}"
+    group: "{{ es_group }}"
diff --git a/tasks/elasticsearch.yml b/tasks/elasticsearch.yml
@@ -8,6 +8,10 @@
 
 - debug: msg="Node configuration {{ es_config }} "
 
+- name: Include optional user and group creation. 
+  when: (es_user_id is defined) and (es_group_id is defined)
+  include: elasticsearch-optional-user.yml
+
 #- name: Include specific Elasticsearch
 #  include: "elasticsearch-{{ansible_os_family}}.yml"
 
diff --git a/test/integration/config.yml b/test/integration/config.yml
@@ -4,7 +4,7 @@
   hosts: localhost
   roles:
     #expand to all available parameters
-    - { role: elasticsearch, es_instance_name: "node1", es_data_dirs: ["/opt/elasticsearch/data-1","/opt/elasticsearch/data-2"], es_log_dir: "/opt/elasticsearch/logs", es_work_dir: "/opt/elasticsearch/temp", es_config: {node.name: "node1", cluster.name: "custom-cluster", discovery.zen.ping.unicast.hosts: "localhost:9301", http.port: 9201, transport.tcp.port: 9301, node.data: false, node.master: true, bootstrap.mlockall: true, discovery.zen.ping.multicast.enabled: false } }
+    - { role: elasticsearch, es_instance_name: "node1", es_data_dirs: ["/opt/elasticsearch/data-1","/opt/elasticsearch/data-2"], es_log_dir: "/opt/elasticsearch/logs", es_work_dir: "/opt/elasticsearch/temp", es_user_id: 333, es_group_id: 333, es_config: {node.name: "node1", cluster.name: "custom-cluster", discovery.zen.ping.unicast.hosts: "localhost:9301", http.port: 9201, transport.tcp.port: 9301, node.data: false, node.master: true, bootstrap.mlockall: true, discovery.zen.ping.multicast.enabled: false } }
   vars:
     es_scripts: false
     es_templates: false
diff --git a/test/integration/helpers/serverspec/config_spec.rb b/test/integration/helpers/serverspec/config_spec.rb
@@ -5,6 +5,14 @@
   describe user('elasticsearch') do
     it { should exist }
   end
+  
+  describe group('elasticsearch') do
+    it { should have_gid 333 }
+  end
+
+  describe user('elasticsearch') do
+    it { should have_uid 333 }
+  end
 
   describe service('node1_elasticsearch') do
     it { should be_running }
