Restructure repository, removing old stuff
This commit is contained in:
14
roles/packages/defaults/main.yml
Normal file
14
roles/packages/defaults/main.yml
Normal file
@@ -0,0 +1,14 @@
|
||||
---
|
||||
# Role parameter documentation
|
||||
#
|
||||
# omni_pkg_repos - whether to install/enable additional repositories
|
||||
# omni_pkg_bindings - whether to install required ansible bindings to the system python
|
||||
# omni_pkg_update - whether to perform a package update
|
||||
# onni_pkg_clean - whether to force clean the package manager cache
|
||||
# omni_pkg_exclude - packages to exclude from an update; has no effect if
|
||||
# ``omni_pkg_update`` is false
|
||||
omni_pkg_repos: true
|
||||
omni_pkg_bindings: true
|
||||
omni_pkg_update: false
|
||||
omni_pkg_clean: false
|
||||
omni_pkg_exclude: ["kernel*"]
|
||||
30
roles/packages/tasks/bindings.yml
Normal file
30
roles/packages/tasks/bindings.yml
Normal file
@@ -0,0 +1,30 @@
|
||||
---
|
||||
- name: Install CentOS 8 python bindings
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
|
||||
become: true
|
||||
dnf:
|
||||
state: latest
|
||||
name:
|
||||
- python3-libselinux
|
||||
- python3-policycoreutils
|
||||
- python3-firewall
|
||||
|
||||
- name: Install CentOS 7 python bindings
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
|
||||
become: true
|
||||
yum:
|
||||
state: latest
|
||||
name:
|
||||
- libselinux-python
|
||||
- policycoreutils-python
|
||||
- python-firewall
|
||||
|
||||
- name: Install Fedora python bindings
|
||||
when: ansible_distribution == "Fedora"
|
||||
become: true
|
||||
dnf:
|
||||
state: latest
|
||||
name:
|
||||
- libselinux-python
|
||||
- policycoreutils-python
|
||||
- python3-firewall
|
||||
@@ -11,6 +11,9 @@
|
||||
#
|
||||
# NOTE: These tasks only need to be run on Cent8
|
||||
#
|
||||
# NOTE: We assume- since this file literally has 'centos' in the name- that the
|
||||
# ansible_distribution check has already been done at import time
|
||||
#
|
||||
|
||||
- name: Determine dracut version
|
||||
shell:
|
||||
|
||||
@@ -1,26 +0,0 @@
|
||||
---
|
||||
# NOTE: We assume- since this file literally has 'centos' in the name- that the
|
||||
# ansible_distribution check has already been done at import time
|
||||
|
||||
- name: Enable Extra Packages for Enterprise Linux on CentOS 8
|
||||
become: true
|
||||
when: ansible_distribution_major_version == "8"
|
||||
dnf:
|
||||
state: latest
|
||||
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
|
||||
|
||||
- name: Enable the power tools repository on CentOS 8
|
||||
become: true
|
||||
when: ansible_distribution_major_version == "8"
|
||||
lineinfile:
|
||||
path: /etc/yum.repos.d/CentOS-PowerTools.repo
|
||||
regexp: "enabled=(0|1)"
|
||||
line: "enabled=1"
|
||||
|
||||
|
||||
- name: Enable Extra Packages for Enterprise Linux on CentOS 7
|
||||
become: true
|
||||
when: ansible_distribution_major_version == "7"
|
||||
dnf:
|
||||
state: latest
|
||||
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmz
|
||||
@@ -1,23 +1,41 @@
|
||||
---
|
||||
- import_tasks: centos-repos.yml
|
||||
when: ansible_distribution == "CentOS"
|
||||
- import_tasks: bindings.yml
|
||||
when: omni_pkg_bindings == true
|
||||
|
||||
- import_tasks: repos.yml
|
||||
when: omni_pkg_repos == true
|
||||
|
||||
- import_tasks: clean.yml
|
||||
when: clean | default(false) == true
|
||||
when: omni_pkg_clean == true
|
||||
|
||||
- import_tasks: update.yml
|
||||
when: update | default(false) == true
|
||||
when: omni_pkg_update == true
|
||||
|
||||
- name: Install packages on Fedora
|
||||
become: true
|
||||
when: ansible_distribution == "Fedora"
|
||||
dnf:
|
||||
state: latest
|
||||
name: "{{ packages_global + packages_fedora }}"
|
||||
name: "{{ omni_packages_global + omni_packages_fedora }}"
|
||||
|
||||
- name: Install packages on CentOS
|
||||
# NOTE: This is currently horrifically broken. See the ongoing drama around
|
||||
# systemd-networkd on cent8. Basically triggering an update- or an install- will give
|
||||
# a conflict error due to the spicy-jankaroni-with-extra-cheese edition of
|
||||
# systemd-networkd I'm running. We can exclude "systemd*", but we need to install
|
||||
# systemd-devel so then we get a package not found error. Its a truly stupid problem
|
||||
# that will hopefully all go away when this bug gets fixed and systemd-networkd becomes
|
||||
# available in EPEL:
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1789146
|
||||
- name: Install packages on CentOS 8
|
||||
become: true
|
||||
when: ansible_distribution == "CentOS"
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
|
||||
dnf:
|
||||
state: latest
|
||||
name: "{{ packages_global + packages_centos }}"
|
||||
name: "{{ omni_packages_global + omni_packages_centos_8 }}"
|
||||
|
||||
- name: Install packages on CentOS 7
|
||||
become: true
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
|
||||
yum:
|
||||
state: latest
|
||||
name: "{{ omni_packages_global + omni_packages_centos_7 }}"
|
||||
|
||||
22
roles/packages/tasks/repos.yml
Normal file
22
roles/packages/tasks/repos.yml
Normal file
@@ -0,0 +1,22 @@
|
||||
---
|
||||
- name: Install repositories on CentOS 8
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
|
||||
become: true
|
||||
block:
|
||||
- name: Enable Extra Packages for Enterprise Linux on CentOS 8
|
||||
dnf:
|
||||
state: latest
|
||||
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
|
||||
|
||||
- name: Enable the power tools repository on CentOS 8
|
||||
lineinfile:
|
||||
path: /etc/yum.repos.d/CentOS-PowerTools.repo
|
||||
regexp: "enabled=(0|1)"
|
||||
line: "enabled=1"
|
||||
|
||||
- name: Enable Extra Packages for Enterprise Linux on CentOS 7
|
||||
become: true
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
|
||||
dnf:
|
||||
state: latest
|
||||
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmz
|
||||
@@ -2,13 +2,20 @@
|
||||
- import_tasks: centos-8-dracut.yml
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
|
||||
|
||||
# Gotta hate this, but I have to hardcode the systemd exclusion on cent8
|
||||
# Because I'm using "janky-systemd-networkd-2-the-jankening" (see the networkd role)
|
||||
# there are a pile of conflicts when you run "dnf update" with it installed. I found
|
||||
# two options that work: 1) uninstall systemd-networkd, update, then reinstall it;
|
||||
# 2) hardcode the exclusion here. Whenever I thought too hard about the potential
|
||||
# consequences of instituting uninstalling-my-network-init-system-as-a-service I
|
||||
# started to get a migaine, so I went with option two.
|
||||
- name: Upgrade Fedora and CentOS 8 packages
|
||||
when: (ansible_distribution == "CentOS" and ansible_distribution_major_version == "8") or ansible_distribution == "Fedora"
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
|
||||
become: true
|
||||
dnf:
|
||||
state: latest
|
||||
name: "*"
|
||||
exclude: "{{ ','.join(exclude | default(['kernel*'])) }}"
|
||||
exclude: "{{ ','.join(omni_pkg_exclude + ['systemd*']) }}"
|
||||
|
||||
- name: Upgrade CentOS 7 packages
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
|
||||
@@ -16,7 +23,15 @@
|
||||
yum:
|
||||
state: latest
|
||||
name: "*"
|
||||
exclude: "{{ ','.join(exclude | default(['kernel*'])) }}"
|
||||
exclude: "{{ ','.join(omni_pkg_exclude) }}"
|
||||
|
||||
- name: Upgrade Fedora packages
|
||||
when: ansible_distribution == "Fedora"
|
||||
become: true
|
||||
dnf:
|
||||
state: latest
|
||||
name: "*"
|
||||
exclude: "{{ ','.join(omni_pkg_exclude) }}"
|
||||
|
||||
# Yeah I'll get here eventually
|
||||
# - name: Upgrade APT packages
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
---
|
||||
packages_global:
|
||||
omni_packages_global:
|
||||
- automake
|
||||
- cmake
|
||||
- curl
|
||||
@@ -14,7 +14,7 @@ packages_global:
|
||||
- vim
|
||||
- vim-minimal
|
||||
|
||||
packages_fedora:
|
||||
omni_packages_fedora:
|
||||
- libselinux-python
|
||||
- git-lfs
|
||||
- readline-devel
|
||||
@@ -23,7 +23,18 @@ packages_fedora:
|
||||
- python-virtualenv
|
||||
- python3-devel
|
||||
|
||||
packages_centos:
|
||||
omni_packages_centos_8:
|
||||
- bind-utils
|
||||
- bash-completion
|
||||
- nc
|
||||
- nfs-utils
|
||||
- python3
|
||||
- python3-pip
|
||||
- python3-setuptools
|
||||
- python3-virtualenv
|
||||
- wget
|
||||
|
||||
omni_packages_centos_7:
|
||||
- bind-utils
|
||||
- bash-completion
|
||||
- nc
|
||||
|
||||
2
roles/sshd/defaults/main.yml
Normal file
2
roles/sshd/defaults/main.yml
Normal file
@@ -0,0 +1,2 @@
|
||||
---
|
||||
omni_restart_services: false
|
||||
@@ -26,7 +26,7 @@
|
||||
set: "ChallengeResponseAuthentication no"
|
||||
|
||||
- name: Restart sshd service
|
||||
when: restart_services | default(false) == true
|
||||
when: omni_restart_services == true
|
||||
become: true
|
||||
systemd:
|
||||
name: sshd
|
||||
|
||||
@@ -3,5 +3,5 @@
|
||||
//// ////// //// //// ////
|
||||
//////// //// /// //// ///////////
|
||||
//// //// ////// ////
|
||||
//////////// //// //// {{ description | default('Omni Network System') }}
|
||||
_______________________________{{ description | default('Omni Network System') | length * '\\' }}\
|
||||
//////////// //// //// {{ omni_description | default('Omni Network System') }}
|
||||
_______________________________{{ omni_description | default('Omni Network System') | length * '\\' }}\
|
||||
|
||||
Reference in New Issue
Block a user