jlay/deploy-base
1
1
Fork 0
Code Issues Pull requests Activity

bootstrap: fix hosts, add dnf tasks, -nmcli phoning home

Browse source
This commit is contained in:
Josh Lay 2021-04-05 00:18:41 -05:00
parent 4709837027
commit c9bfb20e2a
2 changed files with 61 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
roles/bootstrap/tasks/dnf.yml Normal file
View file

@ -0,0 +1,27 @@
---
- name: raise max_parallel_downloads to 20
lineinfile:
path: /etc/dnf/dnf.conf
regexp: "^max_parallel_downloads.="
line: "max_parallel_downloads=20"
- name: install dnf-automatic
package:
name: dnf-automatic
state: present
- name: configure dnf-automatic
lineinfile:
path: /etc/dnf/automatic.conf
state: present
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: '^upgrade_type.=', line: 'upgrade_type = security' }
- { regexp: '^emit_via.=', line: 'emit_via = stdio' }
- name: enable dnf-automatic timer
systemd:
name: dnf-automatic.timer
state: started
enabled: yes

49
roles/bootstrap/tasks/main.yml
View file

@ -23,6 +23,10 @@
set_fact:
is_cloudy: "{{ cloudcfg.stat.exists }}"
- name: include dnf tasks
include_tasks: dnf.yml
when: (ansible_distribution in ["Fedora"] and not is_atomic) or (ansible_distribution in ["RedHat", "Red Hat Enterprise Linux", "CentOS"] and ansible_distribution_major_version is version('8', '>='))
- name: install prereqs
package:
name: "{{ DEFAULT_PKGS | difference(ansible_facts.packages) }}"
@ -36,13 +40,6 @@
line: "fastestmirror=False"
when: ansible_distribution in ["Fedora"] and not is_atomic
- name: dnf - set max_parallel_downloads to 20 (fedora - non-atomic)
lineinfile:
path: /etc/dnf/dnf.conf
regexp: "^max_parallel_downloads="
line: "max_parallel_downloads=20"
when: ansible_distribution in ["Fedora"] and not is_atomic
- name: remove update_etc_hosts from cloud.cfg
lineinfile:
line: ' - update_etc_hosts'
@ -50,12 +47,12 @@
state: absent
when: is_cloudy|bool
- name: add hosts to /etc/hosts
- name: add all hosts to /etc/hosts
lineinfile:
path: /etc/hosts
state: present
line: "{{ hostvars[item].ip }} {{ hostvars[item].ansible_hostname }}"
regexp: "^{{ hostvars[item].ip }} "
line: "{{ hostvars[item].ip | default('127.0.0.1') }} {{ hostvars[item].ansible_hostname }}"
regexp: "^{{ hostvars[item].ip | default('127.0.0.1') }}.*{{ hostvars[item].ansible_hostname }}$"
with_items: "{{ groups.all }}"
- name: set hostname to match inventory
@ -69,17 +66,39 @@
path: /etc/sudoers
state: absent
- name: install epel
- name: import epel GPG key
rpm_key:
state: present
key: https://getfedora.org/static/fedora.gpg
when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not is_atomic
- name: install epel (dist pkg)
package:
name: epel-release
state: latest
when: ansible_distribution in ["CentOS", "Red Hat Enterprise Linux"] and not is_atomic
when: ansible_distribution in ['CentOS'] and not is_atomic
- name: remove earlyoom
- name: install epel (upstream pkg)
package:
name: earlyoom
name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ansible_distribution_major_version}}.noarch.rpm"
state: present
when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not is_atomic
- name: remove unwanted packages
package:
name: "{{ item }}"
state: absent
when: ('earlyoom' in ansible_facts.packages)
when: "(item in ansible_facts.packages)"
with_items: "{{ UNWANTED_PKGS }}" # see roles/bootstrap/defaults/main.yml
- name: disable NetworkManager phoning home on Fedora
file:
path: /etc/NetworkManager/conf.d/20-connectivity-fedora.conf
access_time: preserve # make this properly idempotent, register no change when file exists
modification_time: preserve # ^
state: touch
mode: 0644
when: (ansible_distribution in ['Fedora'] and not is_atomic) and ('NetworkManager' in ansible_facts.packages)
tags:
- bootstrap