ansible/tasks/cloud_setup_basic.yml

---
- name: update all
  command: yum -y update creates=/etc/sysconfig/global-update-applied
  register: updated
  tags:
  - packages

- name: write out global-update-applied file if we updated
  copy: content="updated" dest=/etc/sysconfig/global-update-applied 
  when: updated is defined
  tags:
  - packages
  
- name: ntp pkgs
  action: yum state=installed pkg=$item
  with_items:
  - ntpdate
  - ntp
  tags:
  - packages

- name: put step-tickers in place
  action: copy src=$files/common/step-tickers dest=/etc/ntp/step-tickers

- name: enable the service
  action: service name=ntpd state=running enabled=true

- name: edit hostname to be instance name - prefix hostbase var if it exists
  action: shell hostname  ${hostbase}`curl -s http://169.254.169.254/latest/meta-data/instance-id`
  tags:
  - config

- name: add ansible root key 
  action: authorized_key user=root key="{{ item }}"
  with_file:
  - ${files}/common/ansible-pub-key
  tags:
  - config
  
- name: add root keys for sysadmin-main and other allowed users
  action: authorized_key user=root key="{{ item }}"
  with_pipe:
  - "${auth_keys_from_fas} @sysadmin-main ${root_auth_users}"
  tags:
  - config
  ignore_errors: true

# note - kinda should be a handler - but handlers need args
- name: restorecon
  action: command restorecon -R /root/.ssh
  tags:
  - config
first commit to the ansible public repo 2012-10-08 19:35:54 +00:00			`---`
			`- name: update all`
upate != update 2013-06-25 18:34:57 +00:00			`command: yum -y update creates=/etc/sysconfig/global-update-applied`
- make the global update only run on first setup - make the ntp/date install faster 2013-06-25 18:31:36 +00:00			`register: updated`
first commit to the ansible public repo 2012-10-08 19:35:54 +00:00			`tags:`
			`- packages`
- make the global update only run on first setup - make the ntp/date install faster 2013-06-25 18:31:36 +00:00
make the name mean something 2013-06-25 18:35:42 +00:00			`- name: write out global-update-applied file if we updated`
- make the global update only run on first setup - make the ntp/date install faster 2013-06-25 18:31:36 +00:00			`copy: content="updated" dest=/etc/sysconfig/global-update-applied`
			`when: updated is defined`
first commit to the ansible public repo 2012-10-08 19:35:54 +00:00			`tags:`
			`- packages`
- make the global update only run on first setup - make the ntp/date install faster 2013-06-25 18:31:36 +00:00
			`- name: ntp pkgs`
			`action: yum state=installed pkg=$item`
			`with_items:`
			`- ntpdate`
			`- ntp`
make sure all cloud instances have ntp installed, configured and running 2012-12-05 06:19:23 +00:00			`tags:`
			`- packages`

			`- name: put step-tickers in place`
			`action: copy src=$files/common/step-tickers dest=/etc/ntp/step-tickers`

			`- name: enable the service`
			`action: service name=ntpd state=running enabled=true`

add the optiona $hostbase to the cloud setup schtick 2012-10-22 17:47:45 +00:00			`- name: edit hostname to be instance name - prefix hostbase var if it exists`
			action: shell hostname ${hostbase}`curl -s http://169.254.169.254/latest/meta-data/instance-id`
first commit to the ansible public repo 2012-10-08 19:35:54 +00:00			`tags:`
			`- config`
make the ansible key addition and other users key addition a little less scary 2012-11-02 06:22:19 +00:00
			`- name: add ansible root key`
ansible 1.2 breaks $FILE and $PIPE - so I went and fixed it everywhere :( 2013-06-17 13:54:17 +00:00			`action: authorized_key user=root key="{{ item }}"`
			`with_file:`
			`- ${files}/common/ansible-pub-key`
first commit to the ansible public repo 2012-10-08 19:35:54 +00:00			`tags:`
			`- config`
make the ansible key addition and other users key addition a little less scary 2012-11-02 06:22:19 +00:00
			`- name: add root keys for sysadmin-main and other allowed users`
ansible 1.2 breaks $FILE and $PIPE - so I went and fixed it everywhere :( 2013-06-17 13:54:17 +00:00			`action: authorized_key user=root key="{{ item }}"`
			`with_pipe:`
I have no idea what I'm doing. But maybe this will fix it. :) 2013-06-17 15:41:41 +00:00			`- "${auth_keys_from_fas} @sysadmin-main ${root_auth_users}"`
make the root auth_keys setup part of the cloud_setup_basic tasks 2012-10-26 17:31:32 +00:00			`tags:`
			`- config`
when putting the keys on - don't die if someone typos a username - just complain and move along 2013-07-02 19:26:24 +00:00			`ignore_errors: true`
make the ansible key addition and other users key addition a little less scary 2012-11-02 06:22:19 +00:00
add a restorecon on the ssh keys for those silly people who like selinux and security :) 2012-10-19 20:17:20 +00:00			`# note - kinda should be a handler - but handlers need args`
			`- name: restorecon`
			`action: command restorecon -R /root/.ssh`
			`tags:`
			`- config`