infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

Fix majority of remaining yamllint warnings and errors

Browse source 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
This commit is contained in:
Ryan Lercho 2024-11-27 13:48:08 +10:00
parent 1073f70bce
commit 89f6f1fc32
591 changed files with 1491 additions and 1168 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tasks/cloud_setup_basic.yml
View file

@ -14,7 +14,7 @@
- name: Install desired extra packages (dnf)
dnf:
state: present
pkg:
pkg:
- chrony
- python3-libselinux
when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
@ -24,7 +24,7 @@
- name: Include basessh
include_role: name=basessh
#- name: edit hostname to be instance name - prefix hostbase var if it exists
# - name: edit hostname to be instance name - prefix hostbase var if it exists
# shell: hostname {{ hostbase }}`curl -s http://169.254.169.254/latest/meta-data/instance-id`
# tags:
# - config
@ -40,7 +40,7 @@
- name: add root keys for sysadmin-main and other allowed users
authorized_key: user=root key="{{ item }}"
with_lines:
- "/srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{ root_auth_users }}"
- "/srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{ root_auth_users }}"
tags:
- config
- sshkeys

3
tasks/happy_birthday.yml
View file

@ -1,6 +1,7 @@
---
- name: gather ssh host key from new instance
local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
ignore_errors: True
ignore_errors: true
register: hostkey
when: birthday is defined

2
tasks/openvpn_client.yml
View file

@ -12,7 +12,7 @@
notify:
- restart openvpn
#- name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem
# - name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem
# copy: src="{{ private }}/vpn/openvpn/keys/crl.pem" dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root
# tags:
# - config

2
tasks/openvpn_client_7.yml
View file

@ -12,7 +12,7 @@
notify:
- restart openvpn 7
#- name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem
# - name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem
# copy: src="{{ private }}/vpn/openvpn/keys/crl.pem" dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root
# tags:
# - config

50
tasks/persistent_cloud.yml
View file

@ -1,5 +1,5 @@
# New tasks to spin up instance in https://fedorainfracloud.org
---
- include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
- name: check it out
@ -10,23 +10,23 @@
check_mode: no
- name: spin UP VM using nova_compute
become: False
become: false
local_action:
module: nova_compute
auth_url: "{{os_auth_url}}"
login_username: "admin"
login_password: "{{ADMIN_PASS}}"
login_tenant_name: "{{inventory_tenant}}"
name: "{{inventory_instance_name}}"
image_id: "{{ image|image_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}"
wait_for: 600
flavor_id: "{{ instance_type|flavor_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}"
security_groups: "{{security_group}}"
key_name: "{{ keypair }}"
nics: "{{ cloud_networks }}"
user_data: "#cloud-config\ndisable_root: 0"
floating_ips:
- "{{public_ip}}"
module: nova_compute
auth_url: "{{os_auth_url}}"
login_username: "admin"
login_password: "{{ADMIN_PASS}}"
login_tenant_name: "{{inventory_tenant}}"
name: "{{inventory_instance_name}}"
image_id: "{{ image|image_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}"
wait_for: 600
flavor_id: "{{ instance_type|flavor_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}"
security_groups: "{{security_group}}"
key_name: "{{ keypair }}"
nics: "{{ cloud_networks }}"
user_data: "#cloud-config\ndisable_root: 0"
floating_ips:
- "{{public_ip}}"
register: nova_result
when: host_is_up is failed
@ -40,7 +40,7 @@
register: volume_available
failed_when: volume_available.rc == 2
changed_when: volume_available.rc == 0
ignore_errors: True
ignore_errors: true
when: volumes is defined
check_mode: no
@ -49,8 +49,8 @@
#
- local_action: shell nova --os-auth-url="{{os_auth_url}}" --os-username="admin" --os-password="{{ADMIN_PASS}}" --os-tenant-name={{inventory_tenant}} volume-attach "{{inventory_instance_name}}" "{{item.volume_id}}" "{{item.device}}"
with_items: "{{ volume_available.results|default([]) }}"
ignore_errors: True
failed_when: False
ignore_errors: true
failed_when: false
when: volumes is defined and volume_available is defined and item.changed
- name: wait for he host to be hot
@ -66,13 +66,13 @@
- name: gather ssh host key from new instance
local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
ignore_errors: True
ignore_errors: true
register: hostkey
when: host_is_up is failed
- name: add new ssh host key (until we can sign it)
local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
ignore_errors: True
ignore_errors: true
with_items:
- /root/.ssh/known_hosts
when: host_is_up is failed
@ -84,7 +84,7 @@
- name: gather facts
setup:
check_mode: no
ignore_errors: True
ignore_errors: true
register: facts
#
@ -97,13 +97,13 @@
# TODO - somehow guess when keypair is finally deployed and return little bit earlier
## We need to specify user, here we trying with fedora or root
#- name: wait until ssh is available
# - name: wait until ssh is available
# # local_action: shell false; until [ "$?" -eq "0" ]; do sleep 2; ssh -o PasswordAuthentication=no fedora@{{ public_ip }} 'echo foobar' || ssh -o PasswordAuthentication=no root@{{ public_ip }} 'echo foobar'; done
# # local_action: shell false; until [ "$?" -eq "0" ]; do sleep 2; ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no fedora@{{ public_ip }} 'echo foobar'; done
# local_action: shell whoami && ssh -vvvv -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no fedora@{{ public_ip }} 'echo foobar'
# # async: 20
# # poll: 5
# ignore_errors: True
# ignore_errors: true
#
- name: Include SSH config
import_role: name=basessh

1
tasks/postfix_basic.yml
View file

@ -1,3 +1,4 @@
---
- name: install postfix
package: name=postfix state=present
tags:

1
tasks/reg-server.yml
View file

@ -1,3 +1,4 @@
---
- name: install reg-server
package:
name: reg

5
tasks/swap.yml
View file

@ -2,6 +2,7 @@
# swap_file_size_mb
# swap_file_path
---
- name: Touch an empty file that we will use for swap
copy:
content: ""
@ -41,7 +42,7 @@
- name: Check swap file type
command: file {{ swap_file_path }}
register: swapfile
changed_when: False
changed_when: false
tags:
- swap.file.mkswap
- swap
@ -70,7 +71,7 @@
- name: Mount swap
command: "swapon -a"
#when: ansible_swaptotal_mb|int < 1
# when: ansible_swaptotal_mb|int < 1
when: swap_fstab_added.changed
tags:
- swap.file.swapon

9
tasks/virt_instance_create.yml
View file

@ -1,6 +1,7 @@
#
# This task is the thing that creates a vm for later use
#
---
- include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
- name: get vm list
@ -40,7 +41,7 @@
- name: make sure there is no old ssh host key for the host still around
local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
ignore_errors: True
ignore_errors: true
with_items:
- /root/.ssh/known_hosts
when: inventory_hostname not in result.list_vms
@ -51,13 +52,13 @@
- name: gather ssh host key from new instance
local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
ignore_errors: True
ignore_errors: true
register: hostkey
when: inventory_hostname not in result.list_vms
- name: add new ssh host key (until we can sign it)
local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
ignore_errors: True
ignore_errors: true
with_items:
- /root/.ssh/known_hosts
when: inventory_hostname not in result.list_vms
@ -65,6 +66,6 @@
- name: gather facts
setup:
check_mode: no
ignore_errors: True
ignore_errors: true
register: facts
when: inventory_hostname not in result.list_vms