Updates to segregate configs by device class

Split cloud VMs out from local VMs in 'cloud' group Generalize networkd install/config Generalize sshd config Create general update playbook Add host vm-host-nextcloud
2018-12-30 22:54:33 -05:00
parent 9a35e992d0
commit c27460c47e
13 changed files with 175 additions and 45 deletions
--- a/playbooks/dependencies.yml
+++ b/playbooks/dependencies.yml
@@ -1,6 +1,7 @@
 ---
 - hosts: all
  name: Ansible python bindings
+  tags: always
  tasks:
    - import_tasks: tasks/centos/bindings.yml
      when: ansible_distribution == "CentOS"
--- a/playbooks/provision-virtual-machine.yml
+++ b/playbooks/provision-virtual-machine.yml
@@ -0,0 +1,26 @@
+---
+- hosts: vms
+  name: Replace NetworkManager with systemd-networkd
+  tasks:
+    - name: Install systemd-networkd
+      when: enable_networkd == true
+      block:
+        - import_tasks: tasks/centos/networkd.yml
+          when: ansible_distribution == "CentOS"
+        - import_tasks: tasks/fedora/networkd.yml
+          when: ansible_distribution == "Fedora"
+        # - import_tasks: common/debian/networkd.yml
+        #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
+
+    - import_tasks: tasks/networkd/config.yml
+    - import_tasks: tasks/networkd/services.yml
+
+
+- hosts: vms
+  name: Install ovirt agent
+  tasks:
+    - name: Install ovirt-agent
+      become: true
+      yum:
+        name: ovirt-guest-agent
+        state: latest
--- a/playbooks/provision.yml
+++ b/playbooks/provision.yml
@@ -4,6 +4,7 @@

 - hosts: all
  name: Init
+  tags: initialize
  tasks:
    - name: Set hostname
      become: true
@@ -14,26 +15,15 @@
      become: true
      copy:
        src: bashrc.sh
-        dest: /etc/profile.d/30-omni-bashrc.sh
+        dest: /etc/profile.d/global-bashrc.sh
        mode: 0644

-    - name: Install SSH Banner
-      become: true
-      template:
-        src: motd.j2
-        dest: /etc/issue.net
-        mode: 0644
-
-    - name: Configure SSH banner
-      become: true
-      lineinfile:
-        path: /etc/ssh/sshd_config
-        regexp: '#Banner none'
-        line: 'Banner /etc/issue.net'
+    - import_tasks: tasks/sshd/banner.yml


 - hosts: all
  name: System packages
+  tags: initialize
  tasks:
    - name: Load package variables
      include_vars:
@@ -48,33 +38,10 @@
    #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"


- import_playbook: update-system.yml
+#- import_playbook: provision-workstation.yml
+#- import_playbook: provision-server.yml
+#- import_playbook: provision-hypervisor.yml
+- import_playbook: provision-virtual-machine.yml


- hosts: all
-  name: Replace NetworkManager with systemd-networkd
-  tasks:
-    - name: Install systemd-networkd
-      when: enable_networkd == true
-      block:
-        - import_tasks: tasks/centos/networkd.yml
-          when: ansible_distribution == "CentOS"
-        - import_tasks: tasks/fedora/networkd.yml
-          when: ansible_distribution == "Fedora"
-        # - import_tasks: common/debian/networkd.yml
-        #   when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
-
-        - import_tasks: tasks/networkd.yml
-
-
- import_playbook: update-users-local.yml
-
-
- hosts: vms
-  name: Install ovirt agent
-  tasks:
-    - name: Install ovirt-agent
-      become: true
-      yum:
-        name: ovirt-guest-agent
-        state: latest
+- import_playbook: update.yml
--- a/playbooks/update-users-local.yml
+++ b/playbooks/update-users-local.yml
@@ -159,3 +159,9 @@
        state: directory
      with_items:
        - "{{ local_users | difference([None]) }}"
+
+- hosts: all
+  name: Disable SSH password authentication
+  tasks:
+    - import_tasks: tasks/sshd/disable-password-auth.yml
+      when: enable_ssh_password_auth|bool == false
--- a/playbooks/update.yml
+++ b/playbooks/update.yml
@@ -0,0 +1,5 @@
+---
+- import_playbook: dependencies.yml
+
+- import_playbook: update-system.yml
+- import_playbook: update-users-local.yml