forked from redhat-cop/agnosticd
-
Notifications
You must be signed in to change notification settings - Fork 1
/
pre_software.yml
148 lines (135 loc) · 3.9 KB
/
pre_software.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
---
- name: Step 003 - Create env key
hosts: localhost
connection: local
gather_facts: false
become: false
tags:
- step003
- generate_env_keys
tasks:
- name: Generate SSH keys
shell: ssh-keygen -b 2048 -t rsa -f "{{output_dir}}/{{env_authorized_key}}" -q -N ""
args:
creates: "{{output_dir}}/{{env_authorized_key}}"
when: set_env_authorized_key | bool
- name: fix permission
file:
path: "{{output_dir}}/{{env_authorized_key}}"
mode: 0400
when: set_env_authorized_key | bool
- name: Generate SSH pub key
shell: ssh-keygen -y -f "{{output_dir}}/{{env_authorized_key}}" > "{{output_dir}}/{{env_authorized_key}}.pub"
args:
creates: "{{output_dir}}/{{env_authorized_key}}.pub"
when: set_env_authorized_key | bool
- name: Configure all hosts with Repositories, Common Files and Set environment key
hosts:
- all:!windows
become: true
gather_facts: False
tags:
- step003
- common_tasks
roles:
- { role: "set-repositories", when: 'repo_method is defined' }
- { role: "common", when: 'install_common | bool' }
- { role: "set_env_authorized_key", when: 'set_env_authorized_key | bool' }
tasks:
- name: Add GUID to /etc/skel/.bashrc
lineinfile:
path: "/etc/skel/.bashrc"
regexp: "^export GUID"
line: "export GUID={{ guid }}"
- name: Configuring Bastion Hosts
hosts: bastions
become: true
roles:
- { role: "bastion-lite", when: 'install_bastion | bool' }
- { role: "bastion-student-user", when: 'install_student_user | bool' }
tags:
- step003
- bastion_tasks
tasks:
- name: Copy SSH private key to student user .ssh directory
copy:
src: "/root/.ssh/{{env_authorized_key}}.pem"
dest: "/home/{{ student_name }}/.ssh/{{env_authorized_key}}.pem"
mode: 0600
owner: "{{ student_name }}"
remote_src: true
when:
- student_name is defined
- env_authorized_key is defined
- name: Copy SSH public key to student user .ssh directory
copy:
src: "/root/.ssh/{{env_authorized_key}}.pub"
dest: "/home/{{ student_name }}/.ssh/{{env_authorized_key}}.pub"
mode: 0600
owner: "{{ student_name }}"
remote_src: true
when:
- student_name is defined
- env_authorized_key is defined
- name: Copy SSH config to student user .ssh directory
copy:
src: "/root/.ssh/config"
dest: "/home/{{ student_name }}/.ssh/config"
mode: 0600
owner: "{{ student_name }}"
remote_src: true
when:
- student_name is defined
- env_authorized_key is defined
- name: Create a Python3 VirtualEnv for use in the k8s Ansible tasks
hosts: bastions
gather_facts: false
become: true
tasks:
- name: Setup pre-requisite python3 packages
package:
state: present
name:
- git
- python3-pip
- name: Setup pre-requisite pip3 packages
pip:
name:
- virtualenv
state: present
executable: /usr/bin/pip3
- name: Copy requirements.txt to target for k8s virtualenv
copy:
src: ./files/requirements_k8s.txt
dest: /tmp/requirements_k8s.txt
- name: "Create virtualenv k8s"
pip:
requirements: /tmp/requirements_k8s.txt
virtualenv: "/opt/virtualenvs/k8s"
virtualenv_site_packages: no
virtualenv_command: /usr/local/bin/virtualenv
- name: Ensure system Python3 has selinux library installed
pip:
state: present
executable: /usr/bin/pip3
name: selinux
version: 0.2.1
- name: Set up NFS Server on UtilityVM
hosts: utility
gather_facts: false
become: true
tasks:
- name: Set up NFS Server
when: nfs_install_server | d(False) | bool
include_role:
name: host-ocp4-nfs
- name: PreSoftware flight-check
hosts: localhost
connection: local
gather_facts: false
become: false
tags:
- flight_check
tasks:
- debug:
msg: "Pre-Software checks completed successfully"