80 lines
1.8 KiB
YAML
80 lines
1.8 KiB
YAML
---
|
|
- name: install os specific roles
|
|
include_role:
|
|
name: "{{ role }}"
|
|
with_items:
|
|
- selinux # selinux first to get fcontexts working
|
|
- iptables
|
|
- rsyslog
|
|
loop_control:
|
|
loop_var: role
|
|
|
|
- name: fix selinux context from /export
|
|
sefcontext:
|
|
path: "/export"
|
|
setype: var_t
|
|
|
|
- name: check selinux context from /export
|
|
command:
|
|
argv:
|
|
- matchpathcon
|
|
- -V
|
|
- /export
|
|
register: result
|
|
check_mode: false
|
|
changed_when: false
|
|
failed_when: false
|
|
|
|
- name: apply selinux context to /export
|
|
command:
|
|
argv:
|
|
- restorecon
|
|
- -iv
|
|
- /export
|
|
when: "' should be ' in result.stdout"
|
|
|
|
- name: enable tmpfs mount for /tmp
|
|
service:
|
|
name: tmp.mount
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: install postfix
|
|
include_role:
|
|
name: postfix
|
|
when: "'mail' not in group_names"
|
|
|
|
- name: install packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: installed
|
|
with_items:
|
|
- bind-utils # dig
|
|
- bzip2 # bzip
|
|
- cronie # missing from fedora
|
|
- curl # curl
|
|
- iotop # monitor io usage
|
|
- mailx # send mail from cmd
|
|
- nc # netcat
|
|
- net-tools # ifconfig etc
|
|
- rsync # rsync
|
|
- strace # debugging
|
|
- sysstat # sa, sar
|
|
- tar # tar
|
|
- tcpdump # for network debugging
|
|
- telnet # test ports
|
|
- vim-enhanced # working vi :)
|
|
- xterm # resize
|
|
|
|
- name: disable grep colors
|
|
file:
|
|
dest: /etc/GREP_COLORS
|
|
state: absent
|
|
|
|
- name: cron job for downloading yum updates
|
|
cron:
|
|
name: yum-downloadonly
|
|
user: root
|
|
hour: "3"
|
|
minute: "{{ 59 | random(seed=inventory_hostname) }}"
|
|
job: "yum -d 0 -e 0 -y --downloadonly update > /dev/null"
|