94 lines
3.7 KiB
YAML
94 lines
3.7 KiB
YAML
---
|
|
# NOTE: the DMG gets installed as ansible_user, but we then configure it to run
|
|
# under datadog_macos_user and remove the user-specific config for ansible_user
|
|
- name: Load user data
|
|
shell:
|
|
cmd: "dscacheutil -q user -a name {{ datadog_macos_user }} | awk 'BEGIN { RS=\"\\n\"; ORS=\" \" } /uid:/ { print \"{ \\\"uid\\\": \" $2\",\" } /gid:/ { print \"\\\"gid\\\": \" $2 \" }\"}'"
|
|
executable: /bin/bash
|
|
changed_when: false
|
|
register: macos_user_output
|
|
check_mode: no
|
|
|
|
# This task is used to more cleanly format the variable contents.The ABOVE task's shell command returns a JSON
|
|
# object as a string but nested in `.stdout`. Ansible has built in behavior that if it receives JSON data as
|
|
# a string it will automatically convert it to the corresponding object. This enables us to get multiple values
|
|
# out of the ABOVE task preventing us from having to run 2 similar commands.
|
|
- name: Extract JSON user data as variable object
|
|
set_fact:
|
|
macos_user_data: "{{ macos_user_output.stdout }}"
|
|
|
|
- name: Load user group data
|
|
shell:
|
|
cmd: "dscacheutil -q group -a gid {{ macos_user_data.gid }} | grep '^name: ' | awk '{ print $2 }'"
|
|
register: macos_user_group
|
|
changed_when: false
|
|
|
|
# If the ansible_user was logged in via GUI during installation, the postinstall package script
|
|
# created launchctl service for the user and also a login item
|
|
|
|
- name: Find out if user LaunchAgent is running
|
|
shell:
|
|
cmd: "launchctl print gui/$(id -u)/{{ datadog_macos_service_name }}"
|
|
register: user_service_created
|
|
changed_when: false
|
|
failed_when: false
|
|
|
|
- name: Unload and stop user LaunchAgent
|
|
shell:
|
|
cmd: "launchctl bootout gui/$(id -u)/{{ datadog_macos_service_name }}"
|
|
when: user_service_created.rc == 0
|
|
|
|
- name: Remove user login item
|
|
command: |-
|
|
osascript -e 'tell application "System Events" to if login item "Datadog Agent" exists then delete login item "Datadog Agent"'
|
|
when: user_service_created.rc == 0
|
|
|
|
- name: Remove user LaunchAgent plist file
|
|
file:
|
|
path: "/Users/{{ ansible_user }}/{{ datadog_macos_user_plist_file_path }}"
|
|
state: absent
|
|
|
|
# We could take the plist file from user LaunchAgent location and just add UID/GID,
|
|
# but when the version is pinned and agent is already installed, that file had
|
|
# already been removed and won't be recreated and so we won't be able to use it.
|
|
#
|
|
# The disadvantage of using a template obviously is that if we changed the plist
|
|
# file in the .dmg, we would also have to update this. Fortunately this seems
|
|
# to basically never happen, so I think it's an acceptable downside.
|
|
- name: Add system LaunchDaemon plist file
|
|
template:
|
|
src: com.datadoghq.agent.plist.j2
|
|
dest: "{{ datadog_macos_system_plist_file_path }}"
|
|
owner: 0
|
|
group: 0
|
|
mode: 0644
|
|
become: true
|
|
notify: restart datadog-agent-macos
|
|
vars:
|
|
# NOTE: https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLaunchdJobs.html
|
|
# docs say both UID/GID and UserName/GroupName work, but only UserName/GroupName actually work.
|
|
username: "{{ datadog_macos_user }}"
|
|
groupname: "{{ macos_user_group.stdout }}"
|
|
|
|
- name: Include configuration setup tasks
|
|
import_tasks: "_agent-linux-macos-shared.yml"
|
|
vars:
|
|
_dd_config_dir: "{{ datadog_macos_etc_dir }}"
|
|
_dd_user: "{{ macos_user_data.uid }}"
|
|
_dd_group: "{{ macos_user_data.gid }}"
|
|
_dd_notify_agent: "restart datadog-agent-macos"
|
|
become: true
|
|
|
|
- name: Set permissions for DataDog Directories
|
|
file:
|
|
path: "{{ item }}"
|
|
owner: "{{ macos_user_data.uid }}"
|
|
group: "{{ macos_user_data.gid }}"
|
|
recurse: yes
|
|
with_items:
|
|
- "{{ datadog_macos_etc_dir }}"
|
|
- "{{ datadog_macos_logs_dir }}"
|
|
- "{{ datadog_macos_run_dir }}"
|
|
notify: restart datadog-agent-macos
|
|
become: true
|