Commit 965d109c authored by Oyvind.Gjesdal's avatar Oyvind.Gjesdal
Browse files

Merge branch '5-prepare-role-for-rocky-linux' into 'master'

Resolve "prepare role for rocky linux"

Closes #5

See merge request !2
parents 4ddeb992 f11f5904
Pipeline #114838 failed with stage
in 2 minutes and 8 seconds
......@@ -3,18 +3,17 @@ Centos7-system
A small role for generic system tasks common for UB
* Checks for Centos7/rhel7
* Checks for RHEL8/Rocky Linux 8/Almalinux 8
* adds a cron job to update and restart the system at a specified time.
* (Optional) add hostname (domain) to server
* (Optional) adds public keys to authorized_keys for box
* (Optional) adds environment variables
* (Optional) adds [IUS](https://ius.io/) default 'false' repo for centos7
* (Optional) adds chronic for system email and sets email in /var/spool/cron jobs
* (Optional) adds volumes (To attach, use os_client_uh-iaas role to create volumes.)
Requirements
------------
Requires centos 7
Requires RHEL8, RockyLinux 8 (for now, no properties added for Almalinux or Centos Stream)
Role Variables
--------------
......@@ -34,9 +33,8 @@ Example Playbook
name: centos7-system
vars:
hostname: marcus.uib.no
ius_repo: true
epel_repo: true
centos7_extra_packages: ["yum-utils","imagemagick"]
el8_extra_packages: ["yum-utils","imagemagick"]
ssh_public_keys:
- "ssh-rsa public-key1"
- "ssh-rsa public key2"
......
......@@ -2,7 +2,7 @@
# defaults file for centos7-system
#hostname:
volumes: []
rebootOnChange_minute: 01
rebootOnChange_minute: 01
rebootOnChange_hour: 01
system_user: centos
ius_repo: false
......@@ -14,8 +14,8 @@ cron_users:
nfs_share_mounts: []
nfs_mount_opts: "defaults,noatime,sec=sys"
nrec_instance: true
centos8_dependencies: ["cronie"]
cron_mailto:
el8_dependencies: ["cronie"]
cron_mailto:
- "oyvind.gjesdal@uib.no"
nfs_version: "4"
ssh_public_keys: []
......
---
# handlers file for centos7-system
# handlers file for el8-system
- name: "systemd daemon-reload"
systemd:
daemon_reload: true
......@@ -11,7 +11,7 @@
state: "restarted"
become: true
- name: "yum update cache"
yum:
- name: "dnf update cache"
dnf:
update_cache: yes
become: true
- name: "Enable ius repo"
yum:
name: "https://repo.ius.io/ius-release-el7.rpm"
- name: "Add ius gpg"
rpm_key:
key: "https://repo.ius.io/RPM-GPG-KEY-IUS-7"
state: present
fingerprint: "C958 7A09 A11F D706 4F0C A0F4 E558 0725 4B27 4DF2"
......@@ -2,26 +2,29 @@
# tasks file for centos7-system
- name: "fail if not centos or red-hat"
fail: msg="Operating System {{ ansible_distribution }}-{{ ansible_distribution_version }} not supported, use centos|redhat 8 "
when: (ansible_distribution|lower != "centos" and ansible_distribution|lower !=redhat) or ansible_distribution_major_version != "8"
when: (ansible_distribution|lower != 'centos' and ansible_distribution|lower !='redhat' and ansible_distribution|lower != 'rocky' and ansible_distribution|lower != 'alma') or ansible_distribution_major_version != '8'
- name: "include specific vars for EL8 versions"
include_vars: "vars/{{ ansible_distribution | lower }}.yml"
- name: "import volume.yml"
import_tasks: volume.yml
when: "volumes | length > 0 and nrec_instance | bool"
become: true
- name: "cron job for yum update and rebooting on kernel changes"
- name: "cron job for dnf update and rebooting on kernel changes"
cron:
name: "reboot on change needed"
minute: "{{ rebootOnChange_minute }}"
hour: "{{ rebootOnChange_hour }}"
user: "root"
job: '/usr/bin/sh -c "yum update -y && /usr/bin/needs-restarting -r || /usr/sbin/shutdown -r" > /dev/null'
job: '/usr/bin/sh -c "dnf update -y && /usr/bin/needs-restarting -r || /usr/sbin/shutdown -r" > /dev/null'
become: true
when: "nrec_instance | bool"
- name: Set authorized key from url
authorized_key:
user: centos
user: "{{ el8_user }}"
state: present
key: "{{ item }}"
with_items: "{{ ssh_public_keys }}"
......@@ -29,12 +32,12 @@
- name: "Configure environment ($PATH)."
template:
src: "centos-env.sh.j2"
dest: "/etc/profile.d/centos7.sh"
src: "el8-env.sh.j2"
dest: "/etc/profile.d/el8.sh"
become: true
- name: "install EPEL"
yum:
dnf:
name: epel-release
when: "cron_email | bool or epel_repo | bool"
become: true
......@@ -42,32 +45,27 @@
# from https://github.com/robertdebock/ansible-role-powertools/blob/master/tasks/main.yml
- name: enable powertools
ini_file:
path: "{{ powertools_path | default('/etc/yum.repos.d/CentOS-Linux-PowerTools.repo') }}"
path: "{{ powertools_path }}"
section: powertools
option: enabled
value: "1"
mode: "0644"
notify:
- yum update cache
- dnf update cache
when: "powertools | default(false) | bool"
become: true
- name: "install dependencies {{ centos8_dependencies }}"
- name: "install dependencies {{ el8_dependencies }}"
dnf:
name: "{{ centos8_dependencies }}"
name: "{{ el8_dependencies }}"
become: true
- name: "install moreutils (chronic)"
yum:
dnf:
name: "moreutils"
when: "cron_email | bool"
become: true
- name: "install IUS"
import_tasks: "ius.yml"
when: "ius_repo | bool"
become: true
- name: "Set timezone to Oslo"
timezone:
name: Europe/Oslo
......@@ -91,11 +89,13 @@
- name: "install postfix"
package:
name: ['postfix']
- name: "enable and start postfix"
systemd:
name: "postfix"
enabled: true
state: "started"
- name: "add ip adress and hostname to /etc/hosts/"
lineinfile:
insertafter: "EOF"
......@@ -109,9 +109,9 @@
become: true
when: "nfs_share_mounts | count > 0"
- name: "install extra packages {{ centos7_extra_packages | default ([]) }} if defined"
yum:
name: "{{ centos7_extra_packages }}"
- name: "install extra packages {{ el8_extra_packages | default ([]) }} if defined"
dnf:
name: "{{ el8_extra_packages }}"
become: true
when: "centos7_extra_packages is defined"
when: "el8_extra_packages is defined"
- name: "Install NFS mount utility"
yum:
dnf:
name: "nfs-utils"
state: "present"
become: true
......
- name: "Installing lvm2"
yum:
dnf:
name: "lvm2"
state: "present"
......
el8_user: "rocky"
powertools_path: "/etc/yum.repos.d/Rocky-PowerTools.repo"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment