From 7a2024398f223a49fc061576512fe2619bfc1d02 Mon Sep 17 00:00:00 2001 From: Nils Philippsen Date: Thu, 1 Apr 2021 16:27:57 +0200 Subject: [PATCH] hosts: do the right thing for VPN hosts Move the vpn ./. base logic from the ipa/client role into the hosts role, so that applying the latter doesn't apply the base profile on VPN hosts. Fixes: fedora-infrastructure#9822 Signed-off-by: Nils Philippsen --- roles/hosts/tasks/main.yml | 21 ++++++++++++++------- roles/ipa/client/tasks/vpn.yml | 3 --- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/roles/hosts/tasks/main.yml b/roles/hosts/tasks/main.yml index ff2e4316da..801154cbdc 100644 --- a/roles/hosts/tasks/main.yml +++ b/roles/hosts/tasks/main.yml @@ -10,14 +10,21 @@ # Note that if it's not set it will just skip this play and do nothing. # - name: setup /etc/hosts for some clients + vars: + hosts_candidates_static: + - "{{ inventory_hostname }}-hosts" + - "{{ ansible_hostname }}-hosts" + - "{{ host_group }}-hosts" + - "{{ ansible_domain }}-hosts" + - "{{ datacenter }}-hosts" copy: src={{ item }} dest=/etc/hosts - with_first_found: - - "{{ inventory_hostname }}-hosts" - - "{{ ansible_hostname }}-hosts" - - "{{ host_group }}-hosts" - - "{{ ansible_domain }}-hosts" - - "{{ datacenter }}-hosts" - - "{{ hosts_base | default('base') }}" + with_first_found: >- + {{ + (hosts_candidates_static + ["vpn"]) + if (vpn | default(false)) and (datacenter | default('iad2')) != 'iad2' + else + (hosts_candidates_static + ["base"]) + }} tags: - config - hosts diff --git a/roles/ipa/client/tasks/vpn.yml b/roles/ipa/client/tasks/vpn.yml index 38e06a5beb..32a4e2c502 100644 --- a/roles/ipa/client/tasks/vpn.yml +++ b/roles/ipa/client/tasks/vpn.yml @@ -1,6 +1,5 @@ --- - name: Install /etc/hosts for VPN clients - when: "(vpn | default(false)) and (datacenter | default('iad2')) != 'iad2'" include_role: name: hosts apply: @@ -8,5 +7,3 @@ - ipa/client - config - vpn-client-enablement - vars: - hosts_base: vpn