72 lines
1.4 KiB
YAML
72 lines
1.4 KiB
YAML
---
|
|
- import_playbook: "include/deploy-kvm-guest.yml myhosts=nms"
|
|
|
|
- name: configure instance
|
|
hosts: nms
|
|
user: root
|
|
gather_facts: true
|
|
|
|
pre_tasks:
|
|
- name: mount /export
|
|
mount:
|
|
name: /export
|
|
src: LABEL=/export
|
|
fstype: xfs
|
|
opts: noatime,noexec,nosuid,nodev
|
|
passno: "0"
|
|
dump: "0"
|
|
state: mounted
|
|
|
|
vars_files:
|
|
- "{{ ansible_private }}/vars.yml"
|
|
|
|
roles:
|
|
- base
|
|
- sssd
|
|
- mkhomedir
|
|
- tftp
|
|
|
|
tasks:
|
|
- import_role:
|
|
name: rsyslog
|
|
tasks_from: udp-listen
|
|
- import_role:
|
|
name: postfix
|
|
tasks_from: relay
|
|
vars:
|
|
relay_domains: [foo.sh]
|
|
|
|
- name: copy dns zone files
|
|
copy:
|
|
dest: "/var/lib/unbound/{{ item }}"
|
|
src: "/srv/dns/{{ item }}"
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
tags: dns
|
|
notify: Restart unbound
|
|
with_items:
|
|
- 25.20.172.in-addr.arpa
|
|
- oob.foo.sh
|
|
- import_role:
|
|
name: unbound
|
|
|
|
# convert this to role for restart support
|
|
- name: enable ntp server for oob network
|
|
lineinfile:
|
|
path: /etc/chrony.conf
|
|
regexp: "^#?allow .*"
|
|
line: "allow 172.20.25.0/24"
|
|
|
|
- name: install extra tools
|
|
package:
|
|
name: "{{ item }}"
|
|
state: installed
|
|
with_items:
|
|
- net-snmp-utils
|
|
- nmap
|
|
- rcs
|
|
- scanssh
|
|
- sslscan
|
|
- unzip
|
|
- wget
|