--- - set_fact: ansible_pkg_mgr=apt_rpm - set_fact: node="{{inventory_hostname_short}}" - set_fact: node="{{stack.nodes[inventory_hostname_short]}}" - name: wait nodes for connection wait_for_connection: delay: 3 timeout: 60 # Disable 'vagrant' user if exists. This operation is needed for boxes # designed to be used by Vagrant. We don't need 'vagrant' user because # there is a user named 'test' for our needs. - name: Disable vagrant user user: name: vagrant state: absent remove: yes - name: disable apt-cache in tmpfs block: - lineinfile: path: /etc/rc.d/rc.local regexp: '^/etc/rc\.d/scripts/apt-cache-on-tmp.*' state: absent backrefs: yes - file: path: /etc/apt/apt.conf.d/tmp.cache.conf state: absent - name: purge apt.sources shell: find /etc/apt/sources.list.d/ -name '*.list' -delete changed_when: false - name: set apt sources template: src: "apt.list.j2" dest: "/etc/apt/sources.list.d/{{item}}.list" with_items: "{{env.apt.sources}}" - name: update packages list shell: apt-get update - name: update apt and rpm shell: apt-get install -y apt rpm - name: dist-upgrade shell: apt-get -y dist-upgrade - name: include additional apt repos from tasks block: - name: include additional apt repos from tasks template: src: "apt.list.tasks.j2" dest: "/etc/apt/sources.list.d/tasks.list" - name: update with tasks repos shell: | apt-get update apt-get dist-upgrade -yq when: stack.apt_sources_from_tasks is defined and stack.apt_sources_from_tasks | length > 0 - name: allow apt downgrade packages template: src: "downgrade.j2" dest: "/etc/apt/preferences.d/downgrade" when: node.arch == 'e2k' - name: install common packages apt_rpm: pkg: ntpdate,curl state: installed update_cache: yes - name: install Alterator`s modules apt_rpm: pkg: alterator,alterator-net-eth # pkg: alterator,alterator-alternatives,alterator-audit,alterator-bind,alterator-datetime,alterator-dhcp,alterator-groups,alterator-mirror,alterator-mkimage,alterator-net-bond,alterator-net-bridge,alterator-net-domain,alterator-net-eth,alterator-net-functions,alterator-net-iptables,alterator-net-routing,alterator-net-vlan,alterator-packages,alterator-services,alterator-sshd,alterator-sysconfig,alterator-users,alterator-vsftpd,alterator-xinetd state: installed # FIX: don't know how to switch from dhcp to static via alterator # just remove this line from options file for now - name: remove options for eth0 lineinfile: dest: /etc/net/ifaces/eth0/options regexp: '^BOOTPROTO=dhcp.*' backrefs: yes state: absent - name: disable IPv6 sysctl: name={{ item }} value=1 state=present with_items: - net.ipv6.conf.all.disable_ipv6 - net.ipv6.conf.default.disable_ipv6 - net.ipv6.conf.lo.disable_ipv6 - name: blacklisting IPv6 module template: src: ipv6-disable.conf.j2 dest: /etc/modprobe.d/options-local.conf - name: configure NICs include_tasks: configure_nics.yml with_dict: "{{node.net}}" loop_control: loop_var: nic # when: node.net is defined - name: apply NICs config shell: | alterator-cmdline /net-eth action write commit "#t" service network restart changed_when: false async: 100 poll: 0 - name: update .tmp/ssh_config after NICs reconfiguration include_role: name="inventory" - name: wait for the host`s NIC to come back wait_for_connection: delay: 2 timeout: 300 - debug: msg="{{hostvars['localhost']['other_nics_to_vlan']}}" - name: enable vlans on other interfaces include_role: name: pve tasks_from: enable_vlans.yml when: hostvars['localhost']['other_nics_to_vlan'] - name: configure PBR include_tasks: configure_pbr.yml with_dict: "{{node.net}}" loop_control: loop_var: nic # TODO: need to make it idempotent! - name: set hostname shell: '[[ $(hostname) == "{{inventory_hostname_short}}.{{stack.domain}}" ]] || { alterator-cmdline -d /net-eth action write computer_name "{{inventory_hostname_short}}.{{stack.domain}}" commit "#t"; echo changed; }' register: result notify: restart network changed_when: '"changed" in result.stdout' - name: delete .bash_logout file: path: /root/.bash_logout state: absent - meta: flush_handlers - setup: - name: register users keys template: dest: /etc/openssh/authorized_keys/root src: authorized_keys owner: root group: root mode: 0644 - name: read public ssh host key slurp: src: /etc/openssh/ssh_host_ed25519_key.pub register: host_key - name: store public ssh host key in local file lineinfile: regexp: "^{{ inventory_hostname_short}} " line: "{{ inventory_hostname_short}},{{ inventory_hostname_short }}.{{ stack.domain | lower }} {{ host_key.content | b64decode | trim }}" path: ".tmp/{{ stack_name }}.known_hosts" create: yes delegate_to: localhost - name: mount nfs shares mount: src: "{{item.from}}" path: "{{item.to}}" fstype: "{{item.fstype}}" state: mounted with_items: "{{node.mounts}}" when: node.mounts is defined