diff --git a/tasks/main.yml b/tasks/main.yml index 6d9edec..cdbc3a4 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,129 +1,131 @@ --- -- name: Include vars for {{ ansible_os_family }} - include_vars: "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml" - -- name: Install EPEL repo definition packages for {{ ansible_os_family }} on x86_64 and aarch64 plateform - package: - name: "{{ item }}" - update_cache: yes - state: latest - with_items: - - epel-release - when: - - ansible_os_family == "RedHat" - - not ansible_machine == "armv7l" - - not ansible_machine == "armv6l" - -- name: Install EPEL repo definition for {{ ansible_os_family }} on ARM 32b plateform - template: - src: etc/yum.repos.d/epel_arm.repo.j2 - dest: /etc/yum.repos.d/epel.repo - owner: root - group: root - mode: 0644 - when: - - ansible_os_family == "RedHat" - - ansible_distribution_major_version = '7' - - ansible_machine == "armv7l" -# or ansible_machine == "armv6l" - -- name: Install base packages for {{ ansible_os_family }} - package: - name: "{{ base_packages }}" - update_cache: yes - state: latest - -- name: echo 'LANG="{{ locale }}"' > /etc/locale.conf - template: - src: locale.conf.j2 - dest: /etc/locale.conf - owner: root - group: root - mode: 0644 - -# ln -sf ../usr/share/zoneinfo/Europe/Paris /etc/localtime -- name: timedatectl set-timezone "{{ timezone }}"; timedatectl set-local-rtc no - timezone: - name: "{{ timezone }}" - hwclock: UTC - -# echo UTC >> /etc/adjtime - -#cat /etc/adjtime -#0.0 0 0.0 -#0 -#UTC - -- name: "Configure auto update for RHEL linux family" - template: - src: etc/yum/yum-cron.conf.j2 - dest: /etc/yum/yum-cron.conf - owner: root - group: root - mode: 0644 - when: - - ansible_os_family == "RedHat" - - ansible_distribution_major_version = '7' - -- name: upgrade all packages - package: - name: "*" - update_cache: yes - state: latest - -- name: Install install_pxe.sh script - copy: - src: usr/local/sbin/install_pxe.sh - dest: /usr/local/sbin/install_pxe.sh - owner: root - group: root - mode: 0755 - -- name: Enable rngd service - service: - name: rngd - state: started - enabled: yes -- name: Ensure rngd service is started - service: - name: rngd - state: started - -- name: Compress logs - replace: - path: /etc/logrotate.conf - regexp: '^#compress' - replace: 'compress' - - block: - - name: Verify if hosts.deny TCP_Wrappers file exists - stat: - path: "/etc/hosts.deny" - register: hostsdeny - - name: Verify if hosts.allow TCP_Wrappers file exists - stat: - path: "/etc/hosts.allow" - register: hostsallow + - name: Include vars for {{ ansible_os_family }} + include_vars: "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml" - - name: Install hosts.deny TCP_Wrappers file - copy: - src: "hosts.deny" - dest: "/etc/hosts.deny" + - name: Install EPEL repo definition packages for {{ ansible_os_family }} on x86_64 and aarch64 plateform + package: + name: "{{ item }}" + update_cache: yes + state: latest + with_items: + - epel-release + when: + - ansible_os_family == "RedHat" + - not ansible_machine == "armv7l" + - not ansible_machine == "armv6l" + + - name: Install EPEL repo definition for {{ ansible_os_family }} on ARM 32b plateform + template: + src: etc/yum.repos.d/epel_arm.repo.j2 + dest: /etc/yum.repos.d/epel.repo owner: root group: root mode: 0644 when: - - not hostsdeny.stat.exists - - name: Install hosts.allow TCP_Wrappers file - copy: - src: "hosts.allow" - dest: "/etc/hosts.allow" + - ansible_os_family == "RedHat" + - ansible_distribution_major_version = '7' + - ansible_machine == "armv7l" +# or ansible_machine == "armv6l" + + - name: Install base packages for {{ ansible_os_family }} + package: + name: "{{ base_packages }}" + update_cache: yes + state: latest + + - name: echo 'LANG="{{ locale }}"' > /etc/locale.conf + template: + src: locale.conf.j2 + dest: /etc/locale.conf + owner: root + group: root + mode: 0644 + +# ln -sf ../usr/share/zoneinfo/Europe/Paris /etc/localtime + - name: timedatectl set-timezone "{{ timezone }}"; timedatectl set-local-rtc no + timezone: + name: "{{ timezone }}" + hwclock: UTC + +# echo UTC >> /etc/adjtime + +# cat /etc/adjtime +# 0.0 0 0.0 +# 0 +# UTC + + - name: "Configure auto update for RHEL linux family" + template: + src: etc/yum/yum-cron.conf.j2 + dest: /etc/yum/yum-cron.conf owner: root group: root mode: 0644 when: - - not hostsallow.stat.exists - when: - - ansible_os_family == "RedHat" - - ansible_distribution_major_version < '8' + - ansible_os_family == "RedHat" + - ansible_distribution_major_version = '7' + - name: upgrade all packages + package: + name: "*" + update_cache: yes + state: latest + + - name: Install install_pxe.sh script + copy: + src: usr/local/sbin/install_pxe.sh + dest: /usr/local/sbin/install_pxe.sh + owner: root + group: root + mode: 0755 + + - name: Enable rngd service + service: + name: rngd + state: started + enabled: yes + - name: Ensure rngd service is started + service: + name: rngd + state: started + + - name: Compress logs + replace: + path: /etc/logrotate.conf + regexp: '^#compress' + replace: 'compress' + + - block: + - name: Verify if hosts.deny TCP_Wrappers file exists + stat: + path: "/etc/hosts.deny" + register: hostsdeny + - name: Verify if hosts.allow TCP_Wrappers file exists + stat: + path: "/etc/hosts.allow" + register: hostsallow + + - name: Install hosts.deny TCP_Wrappers file + copy: + src: "hosts.deny" + dest: "/etc/hosts.deny" + owner: root + group: root + mode: 0644 + when: + - not hostsdeny.stat.exists + - name: Install hosts.allow TCP_Wrappers file + copy: + src: "hosts.allow" + dest: "/etc/hosts.allow" + owner: root + group: root + mode: 0644 + when: + - not hostsallow.stat.exists + when: + - ansible_os_family == "RedHat" + - ansible_distribution_major_version < '8' + tags: + - os