--- - block: - name: Include vars for {{ ansible_os_family }} include_vars: "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml" - name: Change /bin/sh link on Ubuntu file: src: "bash" dest: "/bin/sh" owner: root group: root state: link when: - "ansible_distribution == 'Ubuntu'" - name: Install EPEL repo definition packages for {{ ansible_os_family }} on x86_64 and aarch64 plateform package: name: "{{ item }}" update_cache: yes state: present with_items: - epel-release when: - ansible_os_family == "RedHat" - not ansible_machine == "armv7l" - not ansible_machine == "armv6l" - name: Install EPEL repo definition for {{ ansible_os_family }} on ARM 32b plateform template: src: etc/yum.repos.d/epel_arm.repo.j2 dest: /etc/yum.repos.d/epel.repo owner: root group: root mode: 0644 when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == '7' - ansible_machine == "armv7l" # or ansible_machine == "armv6l" - name: Install base packages for {{ ansible_os_family }} package: name: "{{ base_packages }}" update_cache: yes state: present - name: echo 'LANG="{{ locale }}"' > /etc/locale.conf template: src: locale.conf.j2 dest: /etc/locale.conf owner: root group: root mode: 0644 # ln -sf ../usr/share/zoneinfo/Europe/Paris /etc/localtime - name: timedatectl set-timezone "{{ timezone }}"; timedatectl set-local-rtc no timezone: name: "{{ timezone }}" hwclock: UTC # echo UTC >> /etc/adjtime # cat /etc/adjtime # 0.0 0 0.0 # 0 # UTC - name: "Configure auto update for RHEL 7 linux family" template: src: etc/yum/yum-cron.conf.j2 dest: /etc/yum/yum-cron.conf owner: root group: root mode: 0644 when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == '7' - name: "Configure auto update for RHEL 8 linux family" template: src: etc/dnf/automatic.conf.j2 dest: /etc/dnf/automatic.conf owner: root group: root mode: 0644 when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == '8' - name: enable a timer for dnf-automatic for RHEL 8 linux family systemd: name: dnf-automatic.timer state: started enabled: yes when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == '8' # - name: upgrade all packages # package: # name: "*" # update_cache: yes # state: latest - name: Install install_pxe.sh script copy: src: usr/local/sbin/install_pxe.sh dest: /usr/local/sbin/install_pxe.sh owner: root group: root mode: 0755 - name: Enable rngd service service: name: rngd state: started enabled: yes - name: Ensure rngd service is started service: name: rngd state: started - name: Compress logs replace: path: /etc/logrotate.conf regexp: '^#compress' replace: 'compress' - block: - name: Verify if hosts.deny TCP_Wrappers file exists stat: path: "/etc/hosts.deny" register: hostsdeny - name: Verify if hosts.allow TCP_Wrappers file exists stat: path: "/etc/hosts.allow" register: hostsallow - name: Install hosts.deny TCP_Wrappers file copy: src: "hosts.deny" dest: "/etc/hosts.deny" owner: root group: root mode: 0644 when: - not hostsdeny.stat.exists - name: Install hosts.allow TCP_Wrappers file copy: src: "hosts.allow" dest: "/etc/hosts.allow" owner: root group: root mode: 0644 when: - not hostsallow.stat.exists when: - ansible_os_family == "RedHat" - ansible_distribution_major_version < '8' tags: - base