diff --git a/.collection/README.md b/.collection/README.md index 605ba560..b9e51027 100644 --- a/.collection/README.md +++ b/.collection/README.md @@ -28,4 +28,5 @@ You can find the documentation for the microsoft.sql.server role in its reposito ## Supported Ansible Versions -The supported Ansible versions are aligned with currently maintained Ansible versions that support Collections - Ansible 2.9 and later. You can find the list of maintained Ansible versions [here](https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#release-status). +The supported Ansible versions are aligned with currently maintained Ansible versions that support Collections - Ansible 2.9 and later. +You can find the list of maintained Ansible versions [here](https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#release-status). diff --git a/README.md b/README.md index 95997aa4..cbfdbc4c 100644 --- a/README.md +++ b/README.md @@ -4,29 +4,24 @@ This role installs, configures, and starts Microsoft SQL Server. -The role also optimizes the operating system to improve performance and -throughput for SQL Server by applying the `mssql` Tuned profile. +The role also optimizes the operating system to improve performance and throughput for SQL Server by applying the `mssql` Tuned profile. The role currently works with SQL Server 2017 and 2019. ## Requirements * SQL Server requires a machine with at least 2000 megabytes of memory. -* You must configure the firewall to enable connections on the SQL Server TCP port that - you set with the `mssql_tcp_port` variable. The default port is 1443. -* Optional: If you want to input T-SQL statements and stored procedures to SQL Server, - you must create a file with the `.sql` extension containing these SQL - statements and procedures. +* You must configure the firewall to enable connections on the SQL Server TCP port that you set with the `mssql_tcp_port` variable. + The default port is 1443. +* Optional: If you want to input T-SQL statements and stored procedures to SQL Server, you must create a file with the `.sql` extension containing these SQL statements and procedures. ## Role Variables ### `mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula` -Set this variable to `true` to indicate that you accept EULA for installing the -`msodbcsql17` package. +Set this variable to `true` to indicate that you accept EULA for installing the `msodbcsql17` package. -The license terms for this product can be downloaded -from and found in `/usr/share/doc/msodbcsql17/LICENSE.txt`. +The license terms for this product can be downloaded from and found in `/usr/share/doc/msodbcsql17/LICENSE.txt`. Default: `false` @@ -34,12 +29,9 @@ Type: `bool` ### `mssql_accept_microsoft_cli_utilities_for_sql_server_eula` -Set this variable to `true` to indicate that you accept EULA for installing the -`mssql-tools` package. +Set this variable to `true` to indicate that you accept EULA for installing the `mssql-tools` package. -The license terms for this product can be downloaded -from and found in -`/usr/share/doc/mssql-tools/LICENSE.txt`. +The license terms for this product can be downloaded from and found in `/usr/share/doc/mssql-tools/LICENSE.txt`. Default: `false` @@ -47,13 +39,10 @@ Type: `bool` ### `mssql_accept_microsoft_sql_server_standard_eula` -Set this variable to `true` to indicate that you accept EULA for using -Microsoft SQL Server. +Set this variable to `true` to indicate that you accept EULA for using Microsoft SQL Server. -The license terms for this product can be found in `/usr/share/doc/mssql-server` -or downloaded from . -The privacy statement can be viewed at -. +The license terms for this product can be found in `/usr/share/doc/mssql-server` or downloaded from . +The privacy statement can be viewed at . Default: `false` @@ -61,8 +50,8 @@ Type: `bool` ### `mssql_version` -The version of the SQL Server to configure. The role currently supports versions -2017 and 2019. +The version of the SQL Server to configure. +The role currently supports versions 2017 and 2019. Default: `2019` @@ -70,8 +59,7 @@ Type: `int` ### `mssql_upgrade` -If you want to upgrade your SQL Server 2017 to 2019, set the `mssql_version` -variable to `2019` and this variable to `true`. +If you want to upgrade your SQL Server 2017 to 2019, set the `mssql_version` variable to `2019` and this variable to `true`. Note that the role does not support downgrading SQL Server. @@ -81,16 +69,13 @@ Type: `bool` ### `mssql_password` -The password for the database sa user. The password must have a minimum length -of 8 characters, include uppercase and lowercase letters, base 10 digits or -non-alphanumeric symbols. Do not use single quotes ('), double quotes ("), and -spaces in the password because `sqlcmd` cannot authorize when the password -includes those symbols. +The password for the database sa user. +The password must have a minimum length of 8 characters, include uppercase and lowercase letters, base 10 digits or non-alphanumeric symbols. +Do not use single quotes ('), double quotes ("), and spaces in the password because `sqlcmd` cannot authorize when the password includes those symbols. This variable is required when you run the role to install SQL Server. -When running this role on a host that has SQL Server installed, the `mssql_password` -variable overwrites the existing sa user password to the one that you specified. +When running this role on a host that has SQL Server installed, the `mssql_password` variable overwrites theexisting sa user password to the one that you specified. Default: `null` @@ -110,10 +95,8 @@ Use one of the following values: * `Developer` * `Express` * `Evaluation` -* A product key in the form `#####-#####-#####-#####-#####`, where `#` is a - number or a letter. - For more information, see - . +* A product key in the form `#####-#####-#####-#####-#####`, where `#` is a number or a letter. + For more information, see . Default: `null` @@ -123,14 +106,11 @@ Type: `str` The port that SQL Server listens on. -If you define this variable, the role configures SQL Server with the defined TCP -port. +If you define this variable, the role configures SQL Server with the defined TCP port. -If you do not define this variable when installing SQL Server, the role configures -SQL Server to listen on the SQL Server default TCP port `1443`. +If you do not define this variable when installing SQL Server, the role configures SQL Server to listen on the SQL Server default TCP port `1443`. -If you do not define this variable when configuring running SQL Server, the role does -not change the TCP port setting on SQL Server. +If you do not define this variable when configuring running SQL Server, the role does not change the TCP port setting on SQL Server. Default: `null` @@ -140,15 +120,11 @@ Type: `str` The IP address that SQL Server listens on. -If you define this variable, the role configures SQL Server with the defined IP -address. +If you define this variable, the role configures SQL Server with the defined IP address. -If you do not define this variable when installing SQL Server, the role configures -SQL Server to listen on the SQL Server default IP address `0.0.0.0`, that is, to listen on -every available network interface. +If you do not define this variable when installing SQL Server, the role configures SQL Server to listen on the SQL Server default IP address `0.0.0.0`, that is, to listen on every available network interface. -If you do not define this variable when configuring running SQL Server, the role does -not change the IP address setting on SQL Server. +If you do not define this variable when configuring running SQL Server, the role does not change the IP address setting on SQL Server. Default: `null` @@ -156,18 +132,17 @@ Type: `str` ### `mssql_input_sql_file` -You can use the role to input a file containing SQL statements or procedures into -SQL Server. With this variable, enter the path to the SQL file containing the -database configuration. +You can use the role to input a file containing SQL statements or procedures into SQL Server. +With this variable, enter the path to the SQL file containing the database configuration. When specifying this variable, you must also specify the `mssql_password` variable because authentication is required to input an SQL file to SQL Server. -If you do not pass this variable, the role only configures the SQL Server -and does not input any SQL file. +If you do not pass this variable, the role only configures the SQL Server and does not input any SQL file. -Note that this task is not idempotent, the role always inputs an SQL file if -this variable is defined. +Note that this task is not idempotent, the role always inputs an SQL file if this variable is defined. + +When this variable is defined, `mssql_debug` is set to true to print the output of the `sqlcmd` command. You can find an example of the SQL file at `tests/sql_script.sql`. @@ -175,6 +150,15 @@ Default: `null` Type: `str` +### `mssql_debug` + +Whether or not to print the output of sqlcmd commands. +The role inputs SQL scripts with the sqlcmd command to configure SQL Server for HA or to input users' SQL scripts when the `mssql_input_sql_file` variable is provided. + +Default: `true` if `mssql_input_sql_file` is defined else `false` + +Type: `bool` + ### `mssql_enable_sql_agent` Set this variable to `true` or `false` to enable or disable the SQL agent. @@ -185,8 +169,7 @@ Type: `bool` ### `mssql_install_fts` -Set this variable to `true` or `false` to install or remove the -`mssql-server-fts` package that provides full-text search. +Set this variable to `true` or `false` to install or remove the `mssql-server-fts` package that provides full-text search. Default: `null` @@ -202,8 +185,7 @@ Type: `bool` ### `mssql_enable_ha` -Set this variable to `true` or `false` to install or remove the -`mssql-server-ha` package and enable or disable the `hadrenabled` setting. +Set this variable to `true` or `false` to install or remove the `mssql-server-ha` package and enable or disable the `hadrenabled` setting. Default: `null` @@ -211,28 +193,23 @@ Type: `bool` ### `mssql_tune_for_fua_storage` -Set this variable to `true` or `false` to enable or disable settings that -improve performance on hosts that support Forced Unit Access (FUA) capability. +Set this variable to `true` or `false` to enable or disable settings that improve performance on hosts that support Forced Unit Access (FUA) capability. -Only set this variable to `true` if your hosts are configured for FUA -capability. +Only set this variable to `true` if your hosts are configured for FUA capability. When set to `true`, the role applies the following settings: -* Set the `traceflag 3979 on` setting to enable trace flag 3979 as a startup -parameter +* Set the `traceflag 3979 on` setting to enable trace flag 3979 as a startup parameter * Set the `control.alternatewritethrough` setting to `0` * Set the `control.writethrough` setting to `1` When set to `false`, the role applies the following settings: -* Set the `traceflag 3982 off` parameter to disable trace flag 3979 as a -startup parameter +* Set the `traceflag 3982 off` parameter to disable trace flag 3979 as a startup parameter * Set the `control.alternatewritethrough` setting to its default value `0` * Set the `control.writethrough` setting to its default value `0` -For more details, see SQL Server and Forced Unit Access (FUA) I/O subsystem -capability at . +For more details, see SQL Server and Forced Unit Access (FUA) I/O subsystem capability at . Default: `null` @@ -240,36 +217,31 @@ Type: `bool` ### `mssql_tls_enable` -Use the variables starting with `mssql_tls` to configure SQL Server to encrypt -connections using TLS certificates. +Use the variables starting with `mssql_tls` to configure SQL Server to encrypt connections using TLS certificates. -You are responsible for creating and securing TLS certificate and private -key files. It is assumed you have a CA that can issue these files. If not, you -can use the `openssl` command to create these files. +You are responsible for creating and securing TLS certificate and private key files. +It is assumed you have a CA that can issue these files. +If not, you can use the `openssl` command to create these files. You must have TLS certificate and private key files on the Ansible control node. -When you use this variable, the role copies TLS cert and private key files to -SQL Server and configures SQL Server to use these files to encrypt connections. +When you use this variable, the role copies TLS cert and private key files to SQL Server and configures SQL Server to use these files to encrypt connections. Set to `true` or `false` to enable or disable TLS encryption. When set to `true`, the role performs the following tasks: -1. Copies TLS certificate and private key files to SQL Server to the -`/etc/pki/tls/certs/` and `/etc/pki/tls/private/` directories respectively -2. Configures SQL Server to encrypt connections using the copied TLS certificate and -private key +1. Copies TLS certificate and private key files to SQL Server to the `/etc/pki/tls/certs/` and `/etc/pki/tls/private/` directories respectively +2. Configures SQL Server to encrypt connections using the copied TLS certificate and private key When set to `false`, the role configures SQL Server to not use TLS encryption. -The role does not remove the existing certificate and private key files if this -variable is set to `false`. +The role does not remove the existing certificate and private key files if this variable is set to `false`. Default: `null` Type: `bool` -### `mssql_tls_cert` +#### `mssql_tls_cert` Path to the certificate file to copy to SQL Server. @@ -277,29 +249,26 @@ Default: `null` Type: `str` -### `mssql_tls_private_key` +#### `mssql_tls_private_key` Path to the private key file to copy to SQL Server. Default: `null` Type: `str` -### 'mssql_tls_remote_src' +#### `mssql_tls_remote_src` -Influence whether files provided with `mssql_tls_cert` and -`mssql_tls_private_key` need to be transferred or already are present remotely. +Influence whether files provided with `mssql_tls_cert` and `mssql_tls_private_key` need to be transferred or already are present remotely. -If `false`, the role searches for `mssql_tls_cert` and `mssql_tls_private_key` -files on the controller node. +If `false`, the role searches for `mssql_tls_cert` and `mssql_tls_private_key` files on the controller node. -If `true`, the role searches for `mssql_tls_cert` and `mssql_tls_private_key` -on managed nodes. +If `true`, the role searches for `mssql_tls_cert` and `mssql_tls_private_key` on managed nodes. Default: `false` Type: `bool` -### `mssql_tls_version` +#### `mssql_tls_version` TLS version to use. @@ -307,10 +276,9 @@ Default: `1.2` Type: `str` -### `mssql_tls_force` +#### `mssql_tls_force` -Set to `true` to replace the existing certificate and private key files on host -if they exist at `/etc/pki/tls/certs/` and `/etc/pki/tls/private/` respectively. +Set to `true` to replace the existing certificate and private key files on host if they exist at `/etc/pki/tls/certs/` and `/etc/pki/tls/private/` respectively. Default: `false` @@ -348,8 +316,7 @@ This section outlines example playbooks that you can use as a reference. ### Setting up SQL Server -This example shows how to use the role to set up SQL Server with the minimum -required variables. +This example shows how to use the role to set up SQL Server with the minimum required variables. ```yaml - hosts: all @@ -365,8 +332,7 @@ required variables. ### Setting up SQL Server with Custom Network Parameters -This example shows how to use the role to set up SQL Server and configure it to -use custom IP address and TCP port. +This example shows how to use the role to set up SQL Server and configure it to use custom IP address and TCP port. ```yaml - hosts: all @@ -384,8 +350,7 @@ use custom IP address and TCP port. ### Setting Up SQL Server and Enabling Additional Functionality -This example shows how to use the role to set up SQL Server and enable the -following additional functionality: +This example shows how to use the role to set up SQL Server and enable the following additional functionality: * Enable the SQL Agent * Install FTS @@ -412,8 +377,7 @@ following additional functionality: ### Setting Up SQL Server with TLS Encryption -This example shows how to use the role to set up SQL Server and configure it to -use TLS encryption. +This example shows how to use the role to set up SQL Server and configure it to use TLS encryption. ```yaml - hosts: all diff --git a/defaults/main.yml b/defaults/main.yml index f4cebac3..41b744fb 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -10,6 +10,7 @@ mssql_edition: null mssql_tcp_port: null mssql_ip_address: null mssql_input_sql_file: null +mssql_debug: "{{ true if mssql_input_sql_file is not none else false }}" mssql_enable_sql_agent: null mssql_install_fts: null mssql_install_powershell: null diff --git a/tasks/input_sql_file.yml b/tasks/input_sql_file.yml new file mode 100644 index 00000000..7dd5843a --- /dev/null +++ b/tasks/input_sql_file.yml @@ -0,0 +1,92 @@ +# SPDX-License-Identifier: MIT +# This task files inputs sql file into MSSQL. +# If you feed a file with .j2 extension, it generates a template from it. +# If you feed a file with other extension, it just copies the file and runs it. +--- +- name: Verify that the mssql_password variable is defined + assert: + that: + - mssql_password is not none + fail_msg: >- + You must define the mssql_password variable because MSSQL requires + the sa user to authenticate to input SQL files. + +- name: Input {{ __mssql_input_sql_file }} to MSSQL + block: + # changed_when: false for idempotency because the file is always removed + - name: Create a tempfile for the SQL file on the host + tempfile: + state: file + register: __mssql_sql_tempfile + changed_when: false + + # changed_when: false for idempotency because the file is always removed + - name: Copy the {{ __mssql_input_sql_file }} file to the host + copy: + src: "{{ __mssql_input_sql_file }}" + dest: "{{ __mssql_sql_tempfile.path }}" + mode: preserve + when: __mssql_input_sql_file is not search(".*\.j2") + changed_when: false + + # changed_when: false for idempotency because the file is always removed + - name: Generate the {{ __mssql_input_sql_file }} template on the host + template: + src: "{{ __mssql_input_sql_file }}" + dest: "{{ __mssql_sql_tempfile.path }}" + mode: 0664 + when: __mssql_input_sql_file is search(".*\.j2") + changed_when: false + + - name: Ensure that the mssql-server service is started + service: + name: mssql-server + state: started + + - name: Wait for mssql-server to prepare for client connections + wait_for: + path: /var/opt/mssql/log/errorlog + search_regex: SQL Server is now ready for client connections + timeout: 10 + + - name: Prepare MSSQL and facts for logging in + include_tasks: verify_password.yml + vars: + __mssql_password: "{{ mssql_password }}" + when: >- + (__mssql_sqlcmd_login_cmd is none) or + (__mssql_sqlcmd_login_cmd is not defined) + + - name: Input {{ __mssql_input_sql_file }} with the sqlcmd command + command: >- + {{ __mssql_sqlcmd_login_cmd }} -i {{ __mssql_sql_tempfile.path }} -b + register: __mssql_sqlcmd_input_file + changed_when: '"successfully" in __mssql_sqlcmd_input_file.stdout' + always: + - name: >- + Print the output of the sqlcmd command for {{ __mssql_input_sql_file }} + if not empty + debug: + var: __mssql_sqlcmd_input_file.stdout_lines + changed_when: false + when: + - __mssql_sqlcmd_input_file.stdout_lines | length > 0 + - mssql_debug | bool + + # Keep the file if the SQL command failed or when mssql_debug is true + # for debugging + - name: Remove the tempfile + file: + path: "{{ __mssql_sql_tempfile.path }}" + state: absent + when: + - __mssql_sqlcmd_input_file is succeeded + - not mssql_debug + changed_when: false + + # This is required because in the case when a task that precedes the input + # task fails, the print task prints a previous result + - name: Unset the __mssql_sqlcmd_input_file variable + set_fact: + __mssql_sqlcmd_input_file: "" + when: not mssql_debug diff --git a/tasks/main.yml b/tasks/main.yml index 6ce23683..6f4d3656 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,13 @@ # SPDX-License-Identifier: MIT --- - name: Ensure ansible_facts and variables used by role - include_tasks: tasks/set_vars.yml + include_tasks: set_vars.yml + +# This is required to prevent the role from using a __mssql_sqlcmd_login_cmd +# variable value from a previous role invocation +- name: Unset the __mssql_sqlcmd_login_cmd fact + set_fact: + __mssql_sqlcmd_login_cmd: null - name: Link the deprecated accept_microsoft_sql_server_2019_standard_eula fact set_fact: @@ -40,6 +46,7 @@ - name: Gather package facts package_facts: manager: auto + no_log: true - name: >- Verify if mssql_version is not smaller then the existing SQL Server version @@ -118,6 +125,7 @@ - name: Gather system services facts service_facts: + no_log: true - name: Set up MSSQL when: not __mssql_is_setup @@ -293,55 +301,6 @@ __mssql_conf_setting_value: "{{ mssql_tcp_port }}" when: mssql_tcp_port is not none -- name: Verify that the mssql_password variable is defined - assert: - that: - - mssql_password is not none - fail_msg: >- - You must define the mssql_password variable because MSSQL requires - the sa user to authenticate to input SQL files. - when: mssql_input_sql_file is not none - -- name: Input the {{ mssql_input_sql_file }} file to MSSQL - when: mssql_input_sql_file is not none - block: - - name: Create a tempfile for the SQL file on the host - tempfile: - state: file - register: __mssql_sql_tempfile - - - name: Copy the {{ mssql_input_sql_file }} file to the host - copy: - src: "{{ mssql_input_sql_file }}" - dest: "{{ __mssql_sql_tempfile.path }}" - mode: preserve - - - name: Ensure that the mssql-server service is started - service: - name: mssql-server - state: started - - - name: Prepare MSSQL and facts for logging in - include_tasks: verify_password.yml - vars: - __mssql_password: "{{ mssql_password }}" - - - name: Input the {{ mssql_input_sql_file }} file with the sqlcmd command - command: >- - {{ __mssql_sqlcmd_login_cmd }} -i {{ __mssql_sql_tempfile.path }} -b - register: __mssql_sqlcmd_input_file - ignore_errors: true - - always: - - name: Print the output of the sqlcmd command - debug: - var: __mssql_sqlcmd_input_file.stdout_lines - - - name: Remove the tempfile - file: - path: "{{ __mssql_sql_tempfile.path }}" - state: absent - - name: Configure the sqlagent setting include_tasks: mssql_conf_setting.yml vars: @@ -471,3 +430,12 @@ path: /var/opt/mssql/mssql.conf block: "{{ __lsr_ansible_managed }}" insertbefore: BOF + +# Keep this task at the bottom, it must be run at the end of the role +- name: Input the {{ mssql_input_sql_file }} sql file to SQL Server + vars: + __mssql_input_sql_file: "{{ mssql_input_sql_file }}" + include_tasks: input_sql_file.yml + when: + - mssql_input_sql_file is defined + - mssql_input_sql_file is not none diff --git a/tasks/mssql_conf_setting.yml b/tasks/mssql_conf_setting.yml index 90307b1c..9d59e85a 100644 --- a/tasks/mssql_conf_setting.yml +++ b/tasks/mssql_conf_setting.yml @@ -41,7 +41,8 @@ when: - __mssql_conf_setting_value == "unset" - '"No setting for the given" not in __mssql_conf_get_setting.stdout' - register: __mssql_conf_set + register: __mssql_conf_unset failed_when: >- - ("error" in __mssql_conf_set.stdout | lower) or (__mssql_conf_set is failed) + ("error" in __mssql_conf_unset.stdout | lower) or + (__mssql_conf_unset is failed) notify: Restart the mssql-server service diff --git a/tests/tasks/verify_package.yml b/tests/tasks/verify_package.yml index 9b05615e..0b02e859 100644 --- a/tests/tasks/verify_package.yml +++ b/tests/tasks/verify_package.yml @@ -7,6 +7,7 @@ - name: Gather package facts package_facts: manager: auto + no_log: true - name: Verify if the {{ __mssql_verify_package_name }} package is installed assert: diff --git a/tests/tasks/verify_settings.yml b/tests/tasks/verify_settings.yml index 54e4ad48..6da0b59f 100644 --- a/tests/tasks/verify_settings.yml +++ b/tests/tasks/verify_settings.yml @@ -36,14 +36,14 @@ that: __mssql_edition_matches.stdout | bool - name: Verify the IP address setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: ipaddress __mssql_conf_value: __mssql_ip_address_matches when: __mssql_ip_address_matches is defined - name: Verify the TCP port setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: tcpport __mssql_conf_value: __mssql_tcp_port_matches @@ -78,21 +78,21 @@ that: __mssql_password_query is success - name: Verify that the SQL agent is enabled - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: enabled __mssql_conf_value: "{{ __verify_mssql_agent_is_enabled }}" when: __verify_mssql_agent_is_enabled is defined - name: Verify the {{ __mssql_server_fts_packages }} package - include_tasks: tasks/verify_package.yml + include_tasks: verify_package.yml vars: __mssql_verify_package_name: "{{ __mssql_server_fts_packages }}" __mssql_verify_package_installed: "{{ __verify_mssql_fts_is_installed }}" when: __verify_mssql_fts_is_installed is defined - name: Verify the {{ __mssql_powershell_packages }} package - include_tasks: tasks/verify_package.yml + include_tasks: verify_package.yml vars: __mssql_verify_package_name: "{{ __mssql_powershell_packages }}" __mssql_verify_package_installed: >- @@ -103,13 +103,13 @@ when: __verify_mssql_ha_is_installed is defined block: - name: Verify if the {{ __mssql_server_ha_packages }} package is installed - include_tasks: tasks/verify_package.yml + include_tasks: verify_package.yml vars: __mssql_verify_package_name: "{{ __mssql_server_ha_packages }}" __mssql_verify_package_installed: "{{ __verify_mssql_ha_is_installed }}" - name: Verify the hadrenabled setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: hadrenabled __mssql_conf_value: >- @@ -135,13 +135,13 @@ # alternatewritethrough must be false according to MS docs - name: Verify that the alternatewritethrough setting is false - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: alternatewritethrough __mssql_conf_value: false - name: Verify the writethrough setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: writethrough __mssql_conf_value: >- @@ -151,7 +151,7 @@ when: __verify_mssql_is_tls_encrypted is defined block: - name: Verify the tlscert setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: tlscert __mssql_conf_value: >- @@ -159,7 +159,7 @@ else '' }} - name: Verify the tlskey setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: tlskey __mssql_conf_value: >- @@ -167,7 +167,7 @@ __verify_mssql_is_tls_encrypted else '' }} - name: Verify the tlsprotocols setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: tlsprotocols __mssql_conf_value: >- @@ -175,7 +175,7 @@ __verify_mssql_is_tls_encrypted else '' }} - name: Verify the forceencryption setting - include_tasks: tasks/mssql_conf_verify.yml + include_tasks: mssql_conf_verify.yml vars: __mssql_conf_setting: forceencryption __mssql_conf_value: >- diff --git a/vars/main.yml b/vars/main.yml index 782193c6..68ae5814 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,12 +1,12 @@ # SPDX-License-Identifier: MIT --- -__mssql_server_packages: mssql-server -__mssql_client_packages: [mssql-tools, unixODBC-devel] -__mssql_server_fts_packages: mssql-server-fts -__mssql_server_ha_packages: mssql-server-ha -__mssql_powershell_packages: powershell __mssql_required_facts: - distribution - distribution_major_version - distribution_version - os_family +__mssql_server_packages: mssql-server +__mssql_client_packages: [mssql-tools, unixODBC-devel] +__mssql_server_fts_packages: mssql-server-fts +__mssql_server_ha_packages: mssql-server-ha +__mssql_powershell_packages: powershell