base: Convert modules to use FQCN and use smartd role
This commit is contained in:
parent
b9aeb7ee06
commit
711cec9b54
3 changed files with 33 additions and 41 deletions
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: configure mirror for packages and updates
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/installurl
|
||||
content: "https://ftp.eu.openbsd.org/pub/OpenBSD/\n"
|
||||
mode: 0644
|
||||
|
|
@ -9,7 +9,7 @@
|
|||
when: ansible_datacenter == "home"
|
||||
|
||||
- name: install packages
|
||||
package:
|
||||
ansible.builtin.package:
|
||||
name: "{{ item }}"
|
||||
state: installed
|
||||
with_items:
|
||||
|
|
@ -19,7 +19,7 @@
|
|||
- vim--no_x11 # we need real vim
|
||||
|
||||
- name: disable nightly cron noise
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ item }}"
|
||||
content: "VERBOSESTATUS=0\n"
|
||||
mode: 0644
|
||||
|
|
@ -31,18 +31,18 @@
|
|||
- /etc/monthly.local
|
||||
|
||||
- name: disable unused services
|
||||
service:
|
||||
ansible.builtin.service:
|
||||
name: sndiod
|
||||
enabled: false
|
||||
state: stopped
|
||||
|
||||
- name: do not run check_quotas on boot
|
||||
service:
|
||||
ansible.builtin.service:
|
||||
name: check_quotas
|
||||
enabled: false
|
||||
|
||||
- name: create /srv directory hierarcy
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
name: /srv
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
|
@ -50,7 +50,7 @@
|
|||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: install os specific roles
|
||||
include_role:
|
||||
ansible.builtin.include_role:
|
||||
name: "{{ role }}"
|
||||
with_items:
|
||||
- opensmtpd
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: install os specific roles
|
||||
include_role:
|
||||
ansible.builtin.include_role:
|
||||
name: "{{ role }}"
|
||||
with_items:
|
||||
- selinux # selinux first to get fcontexts working
|
||||
|
|
@ -10,12 +10,12 @@
|
|||
loop_var: role
|
||||
|
||||
- name: fix selinux context from /export
|
||||
sefcontext:
|
||||
community.general.sefcontext:
|
||||
path: "/export"
|
||||
setype: var_t
|
||||
|
||||
- name: check selinux context from /export
|
||||
command:
|
||||
ansible.builtin.command:
|
||||
argv:
|
||||
- matchpathcon
|
||||
- -V
|
||||
|
|
@ -26,7 +26,7 @@
|
|||
failed_when: false
|
||||
|
||||
- name: apply selinux context to /export
|
||||
command:
|
||||
ansible.builtin.command:
|
||||
argv:
|
||||
- restorecon
|
||||
- -iv
|
||||
|
|
@ -34,18 +34,18 @@
|
|||
when: "' should be ' in result.stdout"
|
||||
|
||||
- name: enable tmpfs mount for /tmp
|
||||
service:
|
||||
ansible.builtin.service:
|
||||
name: tmp.mount
|
||||
state: started
|
||||
enabled: true
|
||||
|
||||
- name: install postfix
|
||||
include_role:
|
||||
ansible.builtin.include_role:
|
||||
name: postfix
|
||||
when: "'mail' not in group_names"
|
||||
|
||||
- name: install packages
|
||||
package:
|
||||
ansible.builtin.package:
|
||||
name: "{{ item }}"
|
||||
state: installed
|
||||
with_items:
|
||||
|
|
@ -70,12 +70,12 @@
|
|||
- xterm # resize
|
||||
|
||||
- name: disable grep colors
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
dest: /etc/GREP_COLORS
|
||||
state: absent
|
||||
|
||||
- name: store date and time for bash history
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/profile.d/history.sh
|
||||
content: 'export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "'
|
||||
mode: 0644
|
||||
|
|
@ -83,7 +83,7 @@
|
|||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: cron job for downloading yum updates
|
||||
cron:
|
||||
ansible.builtin.cron:
|
||||
name: yum-downloadonly
|
||||
user: root
|
||||
hour: "3"
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: setup ansible custom facts
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
dest: "{{ item }}"
|
||||
mode: 0755
|
||||
owner: root
|
||||
|
|
@ -11,7 +11,7 @@
|
|||
- /etc/ansible/facts.d
|
||||
|
||||
- name: add ansible_export fact
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/ansible/facts.d/export.fact
|
||||
content: |
|
||||
#!/bin/sh
|
||||
|
|
@ -25,18 +25,19 @@
|
|||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: reload facts
|
||||
setup:
|
||||
ansible.builtin.setup:
|
||||
filter: ansible_local
|
||||
|
||||
- name: set correct hostname
|
||||
hostname:
|
||||
ansible.builtin.hostname:
|
||||
name: "{{ inventory_hostname }}"
|
||||
|
||||
- name: include os specific tasks
|
||||
include_tasks: "{{ ansible_os_family }}.yml"
|
||||
ansible.builtin.include_tasks:
|
||||
file: "{{ ansible_os_family }}.yml"
|
||||
|
||||
- name: disable at from all users
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
content: "\n"
|
||||
dest: "/etc/at.allow"
|
||||
mode: 0600
|
||||
|
|
@ -44,7 +45,7 @@
|
|||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: install basic roles
|
||||
include_role:
|
||||
ansible.builtin.include_role:
|
||||
name: "{{ role }}"
|
||||
with_items:
|
||||
- munin_node
|
||||
|
|
@ -55,23 +56,14 @@
|
|||
loop_control:
|
||||
loop_var: role
|
||||
|
||||
- block:
|
||||
- name: install roles for physical hardware
|
||||
include_role:
|
||||
name: "{{ role }}"
|
||||
with_items:
|
||||
- lm_sensors
|
||||
loop_control:
|
||||
loop_var: role
|
||||
- name: install smartmontools
|
||||
package:
|
||||
name: smartmontools
|
||||
state: installed
|
||||
- name: enable smartd
|
||||
service:
|
||||
name: smartd
|
||||
state: started
|
||||
enabled: true
|
||||
- name: install roles for physical hardware
|
||||
ansible.builtin.include_role:
|
||||
name: "{{ role }}"
|
||||
with_items:
|
||||
- lm_sensors
|
||||
- smartd
|
||||
loop_control:
|
||||
loop_var: role
|
||||
when:
|
||||
- ansible_virtualization_role != "guest"
|
||||
- ansible_virtualization_type != "vmm"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue