--- - name: Deploy KVM virtual machines ansible.builtin.import_playbook: include/deploy-kvm-guest.yml vars: myhosts: nms - name: Configure instance hosts: nms user: root gather_facts: true pre_tasks: - name: Mount /export ansible.posix.mount: name: /export src: LABEL=/export fstype: xfs opts: noatime,noexec,nosuid,nodev passno: "0" dump: "0" state: mounted vars_files: - "{{ ansible_private }}/vars.yml" roles: - base - cups - nginx - role: nginx_site nginx_site_name: oob.foo.sh nginx_site_plaintext: false - role: keytab keytab_principals: - "host/{{ inventory_hostname }}@{{ kerberos_realm }}" - nfs_client - role: autofs autofs_home: false - sssd - mkhomedir - aten_pdu - routeros - snmp_exporter tasks: - name: Enable UDP rsyslog server ansible.builtin.import_role: name: rsyslog tasks_from: udp-listen - name: Enable postfix mail relay ansible.builtin.import_role: name: postfix tasks_from: relay vars: relay_domains: [foo.sh] - name: Import unbound role ansible.builtin.import_role: name: unbound - name: Import dhcpd role ansible.builtin.import_role: name: dhcpd # convert this to role for restart support - name: Enable NTP server for oob network ansible.builtin.lineinfile: path: /etc/chrony.conf regexp: "^#?allow .*" line: "allow 172.20.25.0/24" - name: Install extra packages ansible.builtin.package: name: "{{ item }}" state: installed with_items: - nmap - rcs - unzip - wget - name: Create sw-backup script ansible.builtin.copy: dest: /usr/local/bin/sw-backup content: | #!/bin/sh set -eu ssh "admin@${1}" /export > "/srv/backup/${1}.rsc" mode: "0755" owner: root group: "{{ ansible_wheel }}"