Update for tags
This commit is contained in:
parent
84e84f9d93
commit
bc705e073c
1 changed files with 119 additions and 117 deletions
236
tasks/main.yml
236
tasks/main.yml
|
|
@ -1,129 +1,131 @@
|
|||
---
|
||||
- name: Include vars for {{ ansible_os_family }}
|
||||
include_vars: "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml"
|
||||
|
||||
- name: Install EPEL repo definition packages for {{ ansible_os_family }} on x86_64 and aarch64 plateform
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
update_cache: yes
|
||||
state: latest
|
||||
with_items:
|
||||
- epel-release
|
||||
when:
|
||||
- ansible_os_family == "RedHat"
|
||||
- not ansible_machine == "armv7l"
|
||||
- not ansible_machine == "armv6l"
|
||||
|
||||
- name: Install EPEL repo definition for {{ ansible_os_family }} on ARM 32b plateform
|
||||
template:
|
||||
src: etc/yum.repos.d/epel_arm.repo.j2
|
||||
dest: /etc/yum.repos.d/epel.repo
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
when:
|
||||
- ansible_os_family == "RedHat"
|
||||
- ansible_distribution_major_version = '7'
|
||||
- ansible_machine == "armv7l"
|
||||
# or ansible_machine == "armv6l"
|
||||
|
||||
- name: Install base packages for {{ ansible_os_family }}
|
||||
package:
|
||||
name: "{{ base_packages }}"
|
||||
update_cache: yes
|
||||
state: latest
|
||||
|
||||
- name: echo 'LANG="{{ locale }}"' > /etc/locale.conf
|
||||
template:
|
||||
src: locale.conf.j2
|
||||
dest: /etc/locale.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
# ln -sf ../usr/share/zoneinfo/Europe/Paris /etc/localtime
|
||||
- name: timedatectl set-timezone "{{ timezone }}"; timedatectl set-local-rtc no
|
||||
timezone:
|
||||
name: "{{ timezone }}"
|
||||
hwclock: UTC
|
||||
|
||||
# echo UTC >> /etc/adjtime
|
||||
|
||||
#cat /etc/adjtime
|
||||
#0.0 0 0.0
|
||||
#0
|
||||
#UTC
|
||||
|
||||
- name: "Configure auto update for RHEL linux family"
|
||||
template:
|
||||
src: etc/yum/yum-cron.conf.j2
|
||||
dest: /etc/yum/yum-cron.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
when:
|
||||
- ansible_os_family == "RedHat"
|
||||
- ansible_distribution_major_version = '7'
|
||||
|
||||
- name: upgrade all packages
|
||||
package:
|
||||
name: "*"
|
||||
update_cache: yes
|
||||
state: latest
|
||||
|
||||
- name: Install install_pxe.sh script
|
||||
copy:
|
||||
src: usr/local/sbin/install_pxe.sh
|
||||
dest: /usr/local/sbin/install_pxe.sh
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Enable rngd service
|
||||
service:
|
||||
name: rngd
|
||||
state: started
|
||||
enabled: yes
|
||||
- name: Ensure rngd service is started
|
||||
service:
|
||||
name: rngd
|
||||
state: started
|
||||
|
||||
- name: Compress logs
|
||||
replace:
|
||||
path: /etc/logrotate.conf
|
||||
regexp: '^#compress'
|
||||
replace: 'compress'
|
||||
|
||||
- block:
|
||||
- name: Verify if hosts.deny TCP_Wrappers file exists
|
||||
stat:
|
||||
path: "/etc/hosts.deny"
|
||||
register: hostsdeny
|
||||
- name: Verify if hosts.allow TCP_Wrappers file exists
|
||||
stat:
|
||||
path: "/etc/hosts.allow"
|
||||
register: hostsallow
|
||||
- name: Include vars for {{ ansible_os_family }}
|
||||
include_vars: "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml"
|
||||
|
||||
- name: Install hosts.deny TCP_Wrappers file
|
||||
copy:
|
||||
src: "hosts.deny"
|
||||
dest: "/etc/hosts.deny"
|
||||
- name: Install EPEL repo definition packages for {{ ansible_os_family }} on x86_64 and aarch64 plateform
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
update_cache: yes
|
||||
state: latest
|
||||
with_items:
|
||||
- epel-release
|
||||
when:
|
||||
- ansible_os_family == "RedHat"
|
||||
- not ansible_machine == "armv7l"
|
||||
- not ansible_machine == "armv6l"
|
||||
|
||||
- name: Install EPEL repo definition for {{ ansible_os_family }} on ARM 32b plateform
|
||||
template:
|
||||
src: etc/yum.repos.d/epel_arm.repo.j2
|
||||
dest: /etc/yum.repos.d/epel.repo
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
when:
|
||||
- not hostsdeny.stat.exists
|
||||
- name: Install hosts.allow TCP_Wrappers file
|
||||
copy:
|
||||
src: "hosts.allow"
|
||||
dest: "/etc/hosts.allow"
|
||||
- ansible_os_family == "RedHat"
|
||||
- ansible_distribution_major_version = '7'
|
||||
- ansible_machine == "armv7l"
|
||||
# or ansible_machine == "armv6l"
|
||||
|
||||
- name: Install base packages for {{ ansible_os_family }}
|
||||
package:
|
||||
name: "{{ base_packages }}"
|
||||
update_cache: yes
|
||||
state: latest
|
||||
|
||||
- name: echo 'LANG="{{ locale }}"' > /etc/locale.conf
|
||||
template:
|
||||
src: locale.conf.j2
|
||||
dest: /etc/locale.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
# ln -sf ../usr/share/zoneinfo/Europe/Paris /etc/localtime
|
||||
- name: timedatectl set-timezone "{{ timezone }}"; timedatectl set-local-rtc no
|
||||
timezone:
|
||||
name: "{{ timezone }}"
|
||||
hwclock: UTC
|
||||
|
||||
# echo UTC >> /etc/adjtime
|
||||
|
||||
# cat /etc/adjtime
|
||||
# 0.0 0 0.0
|
||||
# 0
|
||||
# UTC
|
||||
|
||||
- name: "Configure auto update for RHEL linux family"
|
||||
template:
|
||||
src: etc/yum/yum-cron.conf.j2
|
||||
dest: /etc/yum/yum-cron.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
when:
|
||||
- not hostsallow.stat.exists
|
||||
when:
|
||||
- ansible_os_family == "RedHat"
|
||||
- ansible_distribution_major_version < '8'
|
||||
- ansible_os_family == "RedHat"
|
||||
- ansible_distribution_major_version = '7'
|
||||
|
||||
- name: upgrade all packages
|
||||
package:
|
||||
name: "*"
|
||||
update_cache: yes
|
||||
state: latest
|
||||
|
||||
- name: Install install_pxe.sh script
|
||||
copy:
|
||||
src: usr/local/sbin/install_pxe.sh
|
||||
dest: /usr/local/sbin/install_pxe.sh
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Enable rngd service
|
||||
service:
|
||||
name: rngd
|
||||
state: started
|
||||
enabled: yes
|
||||
- name: Ensure rngd service is started
|
||||
service:
|
||||
name: rngd
|
||||
state: started
|
||||
|
||||
- name: Compress logs
|
||||
replace:
|
||||
path: /etc/logrotate.conf
|
||||
regexp: '^#compress'
|
||||
replace: 'compress'
|
||||
|
||||
- block:
|
||||
- name: Verify if hosts.deny TCP_Wrappers file exists
|
||||
stat:
|
||||
path: "/etc/hosts.deny"
|
||||
register: hostsdeny
|
||||
- name: Verify if hosts.allow TCP_Wrappers file exists
|
||||
stat:
|
||||
path: "/etc/hosts.allow"
|
||||
register: hostsallow
|
||||
|
||||
- name: Install hosts.deny TCP_Wrappers file
|
||||
copy:
|
||||
src: "hosts.deny"
|
||||
dest: "/etc/hosts.deny"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
when:
|
||||
- not hostsdeny.stat.exists
|
||||
- name: Install hosts.allow TCP_Wrappers file
|
||||
copy:
|
||||
src: "hosts.allow"
|
||||
dest: "/etc/hosts.allow"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
when:
|
||||
- not hostsallow.stat.exists
|
||||
when:
|
||||
- ansible_os_family == "RedHat"
|
||||
- ansible_distribution_major_version < '8'
|
||||
tags:
|
||||
- os
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue