--- - block: - name: Gather package facts ansible.builtin.package_facts: manager: auto - name: Check if atomic ansible.builtin.stat: path: /run/ostree-booted register: ostree - name: Check for cloud.cfg ansible.builtin.stat: path: /etc/cloud/cloud.cfg register: cloudcfg - name: Set fact (atomic state) ansible.builtin.set_fact: is_atomic: "{{ ostree.stat.exists }}" - name: Set fact (cloud.cfg state) ansible.builtin.set_fact: is_cloudy: "{{ cloudcfg.stat.exists }}" - name: Include dnf tasks include_tasks: dnf.yml when: (ansible_distribution in ["Fedora"] and not is_atomic) or (ansible_distribution in ["RedHat", "Red Hat Enterprise Linux", "CentOS"] and ansible_distribution_major_version is version('8', '>=')) - name: Remove unwanted packages become: true ansible.builtin.package: name: "{{ item }}" state: absent when: "(item in ansible_facts.packages)" with_items: "{{ UNWANTED_PKGS }}" # see roles/bootstrap/defaults/main.yml - name: Install prereqs become: true ansible.builtin.package: name: "{{ DEFAULT_PKGS | difference(ansible_facts.packages) }}" state: installed when: (ansible_distribution in ["CentOS", "Red Hat Enterprise Linux", "RedHat", "Fedora"] and not is_atomic) - name: Disable fastestmirror (fedora - non-atomic) become: true ansible.builtin.lineinfile: path: /etc/dnf/dnf.conf regexp: "^fastestmirror=" line: "fastestmirror=False" when: ansible_distribution in ["Fedora"] and not is_atomic - name: Remove update_etc_hosts from cloud.cfg become: true ansible.builtin.lineinfile: line: ' - update_etc_hosts' path: /etc/cloud/cloud.cfg state: absent when: is_cloudy|bool - name: Add all hosts to /etc/hosts become: true ansible.builtin.lineinfile: path: /etc/hosts state: present line: "{{ hostvars[item].ip | default('127.0.0.1') }} {{ hostvars[item].ansible_hostname }}" regexp: "^{{ hostvars[item].ip | default('127.0.0.1') }}.*{{ hostvars[item].ansible_hostname }}$" with_items: "{{ groups.all }}" - name: Set hostname to match inventory ansible.builtin.hostname: name: "{{ inventory_hostname }}" register: hostname_change - name: Remove requiretty become: true ansible.builtin.lineinfile: regexp: '^\w+\s+requiretty' path: /etc/sudoers state: absent - name: Import EPEL GPG key become: true ansible.builtin.rpm_key: state: present key: https://getfedora.org/static/fedora.gpg when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not is_atomic - name: Install EPEL (dist pkg) become: true ansible.builtin.package: name: epel-release state: present when: ansible_distribution in ['CentOS'] and not is_atomic - name: Install EPEL (upstream pkg) become: true ansible.builtin.package: name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm" state: present when: ansible_distribution in ['Red Hat Enterprise Linux', 'RedHat'] and not is_atomic - name: Disable NetworkManager phoning home on Fedora become: true ansible.builtin.file: path: /etc/NetworkManager/conf.d/20-connectivity-fedora.conf access_time: preserve # make this properly idempotent, register no change when file exists modification_time: preserve # ^ state: touch mode: '0644' when: (ansible_distribution in ['Fedora'] and not is_atomic) and ('NetworkManager' in ansible_facts.packages) - name: Ensure systemd-oomd service and socket are disabled and stopped become: true ansible.builtin.systemd: name: "{{ item }}" state: stopped enabled: false with_items: - systemd-oomd.service - systemd-oomd.socket when: (ansible_distribution in ['Fedora'] and not is_atomic) - name: Ensure systemd-oomd service and socket are masked become: true ansible.builtin.systemd: name: "{{ item }}" masked: true with_items: - systemd-oomd.service - systemd-oomd.socket when: (ansible_distribution in ['Fedora'] and not is_atomic) - name: Ensure systemd-oomd-defaults package is removed become: true ansible.builtin.package: name: systemd-oomd-defaults state: absent tags: - bootstrap