/
yum_systems.yml
107 lines (92 loc) · 2.39 KB
/
yum_systems.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
---
# Tasks common to all systems that use the yum
# package manager
- name: Create remote.conf
template:
src: remote.conf
dest: /etc/security/limits.d/remote.conf
group: root
owner: root
mode: 0644
when:
- not containerized_node
- name: Set mode on /etc/fuse.conf
file:
path: /etc/fuse.conf
mode: 0644
state: touch
changed_when: false
- name: Ensure the group kvm exists.
group:
name: kvm
state: present
- name: Add the teuthology user to groups kvm,disk
user:
name: "{{ teuthology_user }}"
groups: kvm,disk
append: yes
- name: Configure /etc/sudoers.
template:
src: sudoers
dest: /etc/sudoers
owner: root
group: root
mode: 0440
validate: visudo -cf %s
tags:
- sudoers
- name: Configure /etc/security/limits.conf
template:
src: limits.conf
dest: /etc/security/limits.conf
group: root
owner: root
mode: 0644
# http://tracker.ceph.com/issues/15272
# We don't know why it's happening, but something is corrupting the
# rpmdb. Let's try just rebuilding it every time.
- name: Rebuild rpmdb
command:
rpm --rebuilddb
# https://bugzilla.redhat.com/show_bug.cgi?id=1680124
when:
not containerized_node
- name: Check /etc/os-release to see if this is CentOS Stream
shell: "grep 'CentOS Stream' /etc/os-release || true"
register: stream_in_osrelease
tags:
- repos
# Setting this var will add "-stream" to the mirrorlist/baseurl URLs in .repo files
- set_fact:
dash_stream: "-stream"
is_stream: true
when: (ansible_lsb.description is defined and "Stream" in ansible_lsb.description) or
stream_in_osrelease.stdout is search("CentOS Stream")
tags:
- repos
- name: Setup local repo files.
import_tasks: yum/repos.yml
tags:
- repos
# skip_packaging=true set in group_vars for OVH testnodes. We still want these
# tasks to run on CentOS though so we set it back to false here.
- set_fact:
skip_packaging: false
when: ansible_distribution != "RedHat"
tags:
- packages
- name: Perform package related tasks.
import_tasks: yum/packages.yml
when: skip_packaging|default(false)|bool != true
tags:
- packages
- name: Disable firewall
import_tasks: yum/firewall.yml
- name: Enable SELinux
selinux: state=permissive policy=targeted
tags:
- selinux
- name: Configure ABRT
import_tasks: yum/abrt.yml
when: configure_abrt|bool
tags: abrt