54 lines
1.5 KiB
YAML
54 lines
1.5 KiB
YAML
---
|
|
- name: Deploy KVM virtual machines
|
|
ansible.builtin.import_playbook: include/deploy-kvm-guest.yml
|
|
vars:
|
|
myhosts: static
|
|
|
|
- name: Configure instance
|
|
hosts: static
|
|
user: root
|
|
gather_facts: true
|
|
|
|
vars_files:
|
|
- "{{ ansible_private }}/vars.yml"
|
|
|
|
roles:
|
|
- base
|
|
- role: keytab
|
|
keytab_principals:
|
|
- "host/{{ inventory_hostname }}@FOO.SH"
|
|
- "nfs/{{ inventory_hostname }}@FOO.SH"
|
|
- nfs_client
|
|
- sssd
|
|
- autofs
|
|
- apache
|
|
|
|
tasks:
|
|
- name: Allow apache to access nfs mounts from selinux
|
|
ansible.posix.seboolean:
|
|
name: httpd_use_nfs
|
|
state: true
|
|
persistent: true
|
|
|
|
- name: Share role and home directories to apache
|
|
ansible.builtin.copy:
|
|
dest: /etc/httpd/conf.local.d/public_html.conf
|
|
content: |
|
|
UserDir enabled
|
|
UserDir public_html
|
|
<Directory "/home/*/public_html">
|
|
Options SymLinksIfOwnerMatch IncludesNoExec Indexes MultiViews
|
|
AllowOverride AuthConfig FileInfo Indexes Limit
|
|
Require all granted
|
|
</Directory>
|
|
|
|
AliasMatch ^/roles/([a-z]*)/(.*) /roles/$1/public/public_html/$2
|
|
<Directory "/roles/*/public/public_html">
|
|
Options FollowSymLinks IncludesNoExec Indexes MultiViews
|
|
AllowOverride AuthConfig FileInfo Indexes Limit
|
|
Require all granted
|
|
</Directory>
|
|
mode: "0644"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
notify: Restart apache
|