--- - name: Ensure local Hermes ACP build directory exists ansible.builtin.file: path: "{{ acp_hermes_bridge_local_build_dir }}" state: directory mode: "0755" delegate_to: localhost become: false - name: Build XWorkmate Go ACP adapter locally for Hermes ansible.builtin.command: cmd: go build -o "{{ acp_hermes_bridge_local_binary_path }}" . chdir: "{{ acp_hermes_bridge_local_source_dir }}" environment: GOOS: "{{ acp_hermes_bridge_build_goos }}" GOARCH: "{{ acp_hermes_bridge_build_goarch }}" CGO_ENABLED: "0" GO111MODULE: "on" delegate_to: localhost become: false check_mode: false - name: Inspect Hermes bridge binary attributes ansible.builtin.command: cmd: lsattr "{{ acp_hermes_bridge_binary_path }}" register: acp_hermes_bridge_binary_attrs changed_when: false failed_when: false check_mode: false - name: Remove immutable flag from Hermes bridge binary when present ansible.builtin.command: cmd: chattr -i "{{ acp_hermes_bridge_binary_path }}" when: - "'i' in (acp_hermes_bridge_binary_attrs.stdout | default(''))" changed_when: true become: true - name: Upload XWorkmate Go ACP adapter binary for Hermes ansible.builtin.copy: src: "{{ acp_hermes_bridge_local_binary_path }}" dest: "{{ acp_hermes_bridge_binary_path }}" owner: "{{ acp_hermes_service_user }}" group: "{{ acp_hermes_service_group }}" mode: "0755" notify: Restart acp hermes - name: Restore immutable flag on Hermes bridge binary ansible.builtin.command: cmd: chattr +i "{{ acp_hermes_bridge_binary_path }}" when: - "'i' in (acp_hermes_bridge_binary_attrs.stdout | default(''))" changed_when: true become: true - name: Deploy Hermes ACP adapter service ansible.builtin.command: cmd: lsattr "/etc/systemd/system/{{ acp_hermes_service_name }}.service" register: acp_hermes_service_attrs changed_when: false failed_when: false check_mode: false - name: Remove immutable flag from Hermes ACP systemd service when present ansible.builtin.command: cmd: chattr -i "/etc/systemd/system/{{ acp_hermes_service_name }}.service" when: - "'i' in (acp_hermes_service_attrs.stdout | default(''))" changed_when: true become: true - name: Read existing Hermes ACP auth token from systemd service ansible.builtin.shell: | set -eu service_path="/etc/systemd/system/{{ acp_hermes_service_name }}.service" if [ -f "$service_path" ]; then sed -n 's/^Environment=HERMES_ADAPTER_AUTH_TOKEN=\(.*\)$/\1/p' "$service_path" | head -n 1 fi args: executable: /bin/sh register: acp_hermes_existing_auth_token changed_when: false failed_when: false no_log: true check_mode: false - name: Resolve Hermes ACP auth token ansible.builtin.set_fact: acp_hermes_effective_auth_token: >- {{ acp_hermes_auth_token if (acp_hermes_auth_token | trim | length > 0) else (acp_hermes_existing_auth_token.stdout | default('')) }} no_log: true - name: Deploy Hermes ACP adapter service ansible.builtin.template: src: hermes-acp-adapter.service.j2 dest: "/etc/systemd/system/{{ acp_hermes_service_name }}.service" owner: root group: root mode: "0644" notify: Restart acp hermes - name: Restore immutable flag on Hermes ACP systemd service ansible.builtin.command: cmd: chattr +i "/etc/systemd/system/{{ acp_hermes_service_name }}.service" when: - "'i' in (acp_hermes_service_attrs.stdout | default(''))" changed_when: true become: true - name: Reload systemd manager configuration for Hermes ACP ansible.builtin.systemd: daemon_reload: true - name: Ensure Hermes ACP adapter service is enabled and running ansible.builtin.systemd: name: "{{ acp_hermes_service_name }}" enabled: true state: started when: - not ansible_check_mode