foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

base: Convert modules to use FQCN and use smartd role

Browse source
This commit is contained in:
Timo Makinen 2022-04-14 13:29:44 +00:00
parent b9aeb7ee06
commit 711cec9b54
3 changed files with 33 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
roles/base/tasks/OpenBSD.yml
View file

@ -1,6 +1,6 @@
--- ---
- name: configure mirror for packages and updates - name: configure mirror for packages and updates
copy: ansible.builtin.copy:
dest: /etc/installurl dest: /etc/installurl
content: "https://ftp.eu.openbsd.org/pub/OpenBSD/\n" content: "https://ftp.eu.openbsd.org/pub/OpenBSD/\n"
mode: 0644 mode: 0644
@ -9,7 +9,7 @@
when: ansible_datacenter == "home" when: ansible_datacenter == "home"
- name: install packages - name: install packages
package: ansible.builtin.package:
name: "{{ item }}" name: "{{ item }}"
state: installed state: installed
with_items: with_items:
@ -19,7 +19,7 @@
- vim--no_x11 # we need real vim - vim--no_x11 # we need real vim
- name: disable nightly cron noise - name: disable nightly cron noise
copy: ansible.builtin.copy:
dest: "{{ item }}" dest: "{{ item }}"
content: "VERBOSESTATUS=0\n" content: "VERBOSESTATUS=0\n"
mode: 0644 mode: 0644
@ -31,18 +31,18 @@
- /etc/monthly.local - /etc/monthly.local
- name: disable unused services - name: disable unused services
service: ansible.builtin.service:
name: sndiod name: sndiod
enabled: false enabled: false
state: stopped state: stopped
- name: do not run check_quotas on boot - name: do not run check_quotas on boot
service: ansible.builtin.service:
name: check_quotas name: check_quotas
enabled: false enabled: false
- name: create /srv directory hierarcy - name: create /srv directory hierarcy
file: ansible.builtin.file:
name: /srv name: /srv
state: directory state: directory
mode: 0755 mode: 0755
@ -50,7 +50,7 @@
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
- name: install os specific roles - name: install os specific roles
include_role: ansible.builtin.include_role:
name: "{{ role }}" name: "{{ role }}"
with_items: with_items:
- opensmtpd - opensmtpd

20
roles/base/tasks/RedHat.yml
View file

@ -1,6 +1,6 @@
--- ---
- name: install os specific roles - name: install os specific roles
include_role: ansible.builtin.include_role:
name: "{{ role }}" name: "{{ role }}"
with_items: with_items:
- selinux # selinux first to get fcontexts working - selinux # selinux first to get fcontexts working
@ -10,12 +10,12 @@
loop_var: role loop_var: role
- name: fix selinux context from /export - name: fix selinux context from /export
sefcontext: community.general.sefcontext:
path: "/export" path: "/export"
setype: var_t setype: var_t
- name: check selinux context from /export - name: check selinux context from /export
command: ansible.builtin.command:
argv: argv:
- matchpathcon - matchpathcon
- -V - -V
@ -26,7 +26,7 @@
failed_when: false failed_when: false
- name: apply selinux context to /export - name: apply selinux context to /export
command: ansible.builtin.command:
argv: argv:
- restorecon - restorecon
- -iv - -iv
@ -34,18 +34,18 @@
when: "' should be ' in result.stdout" when: "' should be ' in result.stdout"
- name: enable tmpfs mount for /tmp - name: enable tmpfs mount for /tmp
service: ansible.builtin.service:
name: tmp.mount name: tmp.mount
state: started state: started
enabled: true enabled: true
- name: install postfix - name: install postfix
include_role: ansible.builtin.include_role:
name: postfix name: postfix
when: "'mail' not in group_names" when: "'mail' not in group_names"
- name: install packages - name: install packages
package: ansible.builtin.package:
name: "{{ item }}" name: "{{ item }}"
state: installed state: installed
with_items: with_items:
@ -70,12 +70,12 @@
- xterm # resize - xterm # resize
- name: disable grep colors - name: disable grep colors
file: ansible.builtin.file:
dest: /etc/GREP_COLORS dest: /etc/GREP_COLORS
state: absent state: absent
- name: store date and time for bash history - name: store date and time for bash history
copy: ansible.builtin.copy:
dest: /etc/profile.d/history.sh dest: /etc/profile.d/history.sh
content: 'export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "' content: 'export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "'
mode: 0644 mode: 0644
@ -83,7 +83,7 @@
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
- name: cron job for downloading yum updates - name: cron job for downloading yum updates
cron: ansible.builtin.cron:
name: yum-downloadonly name: yum-downloadonly
user: root user: root
hour: "3" hour: "3"

30
roles/base/tasks/main.yml
View file

@ -1,6 +1,6 @@
--- ---
- name: setup ansible custom facts - name: setup ansible custom facts
file: ansible.builtin.file:
dest: "{{ item }}" dest: "{{ item }}"
mode: 0755 mode: 0755
owner: root owner: root
@ -11,7 +11,7 @@
- /etc/ansible/facts.d - /etc/ansible/facts.d
- name: add ansible_export fact - name: add ansible_export fact
copy: ansible.builtin.copy:
dest: /etc/ansible/facts.d/export.fact dest: /etc/ansible/facts.d/export.fact
content: | content: |
#!/bin/sh #!/bin/sh
@ -25,18 +25,19 @@
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
- name: reload facts - name: reload facts
setup: ansible.builtin.setup:
filter: ansible_local filter: ansible_local
- name: set correct hostname - name: set correct hostname
hostname: ansible.builtin.hostname:
name: "{{ inventory_hostname }}" name: "{{ inventory_hostname }}"
- name: include os specific tasks - name: include os specific tasks
include_tasks: "{{ ansible_os_family }}.yml" ansible.builtin.include_tasks:
file: "{{ ansible_os_family }}.yml"
- name: disable at from all users - name: disable at from all users
copy: ansible.builtin.copy:
content: "\n" content: "\n"
dest: "/etc/at.allow" dest: "/etc/at.allow"
mode: 0600 mode: 0600
@ -44,7 +45,7 @@
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
- name: install basic roles - name: install basic roles
include_role: ansible.builtin.include_role:
name: "{{ role }}" name: "{{ role }}"
with_items: with_items:
- munin_node - munin_node
@ -55,23 +56,14 @@
loop_control: loop_control:
loop_var: role loop_var: role
- block: - name: install roles for physical hardware
- name: install roles for physical hardware ansible.builtin.include_role:
include_role:
name: "{{ role }}" name: "{{ role }}"
with_items: with_items:
- lm_sensors - lm_sensors
- smartd
loop_control: loop_control:
loop_var: role loop_var: role
- name: install smartmontools
package:
name: smartmontools
state: installed
- name: enable smartd
service:
name: smartd
state: started
enabled: true
when: when:
- ansible_virtualization_role != "guest" - ansible_virtualization_role != "guest"
- ansible_virtualization_type != "vmm" - ansible_virtualization_type != "vmm"