# This playboook updates a virthost and all it's guests. # # requires --extra-vars="target=somevhostname yumcommand=update" # Might add nodns=true or nonagios=true at extra-vars # - name: find instances hosts: "{{ target }}" gather_facts: False user: root tasks: - name: get list of guests virt: command=list_vms register: vmlist - name: add them to myvms_new group local_action: add_host hostname={{ item }} groupname=myvms_new with_items: '{{vmlist.list_vms}}' # Call out to another playbook. Disable any proxies that may live here #- include_playbook: update-proxy-dns.yml status=disable proxies=myvms_new:&proxies - name: set downtime hosts: "{{ target }}:myvms_new" gather_facts: False user: root serial: 1 tasks: - name: schedule regular host downtime nagios: action=downtime minutes=30 service=host host={{ inventory_hostname_short }}{{ env_suffix }} delegate_to: noc01.iad2.fedoraproject.org ignore_errors: true failed_when: no when: nonagios is not defined or not "true" in nonagios - name: update the system hosts: "{{ target }}:myvms_new" gather_facts: True user: root tasks: - name: Apply updates package: state: latest name: "*" update_cache: true async: 7200 poll: 30 when: package_excludes is not defined - debug: msg: - '!!!!!!!!!!!!!!!!!!! host {{ inventory_hostname }} has EXCLUDES OF {{ package_excludes }} !!!!!!!!!!!!!' - '!!!!!!!!!!!!!!!!!!! DANGER DANGER DANGER ^ CHECK THAT EXCLUDES ARE STILL NEEDED ^ !!!!!!!!!!!!!!!!!!!!' when: package_excludes is defined changed_when: true - name: Apply updates with excludes package: state: latest name: "*" update_cache: true exclude: "{{ package_excludes }}" async: 7200 poll: 30 when: package_excludes is defined - name: run rkhunter if installed hosts: "{{ target }}:myvms_new" user: root tasks: - name: check for rkhunter command: /usr/bin/test -f /usr/bin/rkhunter register: rkhunter ignore_errors: true - name: run rkhunter --propupd command: /usr/bin/rkhunter --propupd when: rkhunter is success