b3d6a90b9a
migrated notes from infra/hosts motd changes; excluding CSI infos removed csi_* vars from group_vars; converted csi_purpose & csi_relationship into notes fixed merge conflicts minor changes; var updating YAMLs & playbooks udpated YAMLs & playbooks again updated correctly; buildhw.yml fixing merge conflicts dest added in motd.yml
69 lines
1.5 KiB
YAML
69 lines
1.5 KiB
YAML
# This is a basic playbook
|
|
|
|
---
|
|
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml"
|
|
vars:
|
|
myhosts: "noc-cc01.rdu-cc.fedoraproject.org"
|
|
|
|
- name: Make cloud noc hardware
|
|
hosts: noc-cc01.rdu-cc.fedoraproject.org
|
|
user: root
|
|
gather_facts: true
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- "/srv/private/ansible/vars.yml"
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
roles:
|
|
- base
|
|
- rkhunter
|
|
- nagios_client
|
|
- hosts
|
|
- openvpn/client
|
|
- ipa/client
|
|
- collectd/base
|
|
- sudo
|
|
- dhcp_server
|
|
- tftp_server
|
|
|
|
pre_tasks:
|
|
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
|
|
|
|
tasks:
|
|
- name: install some packages which arent in playbooks
|
|
ansible.builtin.package:
|
|
state: present
|
|
name:
|
|
- nmap
|
|
- tcpdump
|
|
- dhcp-server
|
|
|
|
- name: Check if ntpd port is already known by selinux
|
|
ansible.builtin.shell: semanage port -l | grep ntp
|
|
register: ntp_selinux_port
|
|
check_mode: no
|
|
changed_when: false
|
|
failed_when: false
|
|
tags:
|
|
- config
|
|
- selinux
|
|
|
|
- name: Allow alternate ntpd port
|
|
ansible.builtin.command: semanage port -a -t ntp_port_t -p tcp 124
|
|
when: '"124" not in ntp_selinux_port'
|
|
failed_when: false
|
|
tags:
|
|
- config
|
|
- selinux
|
|
|
|
- name: Allow alternate ntpd port
|
|
ansible.builtin.command: semanage port -a -t ntp_port_t -p udp 124
|
|
when: '"124" not in ntp_selinux_port'
|
|
failed_when: false
|
|
tags:
|
|
- config
|
|
- selinux
|
|
|
|
handlers:
|
|
- import_tasks: "{{ handlers_path }}/restart_services.yml"
|