ansible/tasks/cloud_setup_basic.yml
Miroslav Suchý c96b973b60 remove deprecation warning
addressing:
TASK [Install desired extra packages (dnf)] *********************************************************************************************
Friday 14 February 2020  14:03:04 +0000 (0:00:00.062)       0:00:12.297 *******
[DEPRECATION WARNING]: Invoking "dnf" only once while using a loop via squash_actions is deprecated. Instead of using a loop to supply
multiple items and specifying `pkg: "{{ item }}"`, please use `pkg: ['ntpdate', 'libselinux-python']` and remove the loop. This feature
will be removed in version 2.11. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
2020-04-24 21:34:23 +02:00

83 lines
2.4 KiB
YAML

---
- name: Install desired extra packages (yum)
package: state=present pkg={{ item }}
with_items:
- ntpdate
- ntp
- libsemanage-python
- libselinux-python
when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
tags:
- packages
- name: Install desired extra packages (dnf)
dnf:
state: present
pkg:
- ntpdate
- libselinux-python
when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
tags:
- packages
- name: Include basessh
include_role: name=basessh
#- name: edit hostname to be instance name - prefix hostbase var if it exists
# shell: hostname {{ hostbase }}`curl -s http://169.254.169.254/latest/meta-data/instance-id`
# tags:
# - config
- name: add ansible root key
authorized_key: user=root key="{{ item }}"
with_file:
- /srv/web/infra/ansible/roles/base/files/ansible-pub-key
tags:
- config
- sshkeys
- name: add root keys for sysadmin-main and other allowed users
authorized_key: user=root key="{{ item }}"
with_lines:
- "/srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{ root_auth_users }}"
tags:
- config
- sshkeys
ignore_errors: true
- name: enable ssh_sysadm_login sebool
seboolean: name=ssh_sysadm_login state=yes persistent=yes
ignore_errors: true
# note - kinda should be a handler - but handlers need args
- name: restorecon
file: path=/root/.ssh setype=ssh_home_t recurse=yes
tags:
- config
- name: update all
command: yum -y update creates=/etc/sysconfig/global-update-applied
register: updated
when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
tags:
- packages
- name: update all
command: dnf -y update creates=/etc/sysconfig/global-update-applied
register: updated
when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
tags:
- packages
- name: update all
command: dnf -y update creates=/etc/sysconfig/global-update-applied
register: updated
when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
tags:
- packages
- name: write out global-update-applied file if we updated
copy: content="updated" dest=/etc/sysconfig/global-update-applied
when: updated is defined
tags:
- packages