--- # Copyright 2017, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in witing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Deploy PXE Host Setup hosts: pxe_hosts gather_facts: "{{ gather_facts | default(true) }}" pre_tasks: - name: Gather variables for each operating system include_vars: "{{ item }}" with_first_found: - "{{ playbook_dir }}/vars/{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml" - "{{ playbook_dir }}/vars/{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml" - "{{ playbook_dir }}/vars/{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml" - "{{ playbook_dir }}/vars/{{ ansible_distribution | lower }}.yml" - "{{ playbook_dir }}/vars/{{ ansible_os_family | lower }}.yml" tags: - always - name: Install host distro packages package: pkg: "{{ item }}" state: "latest" update_cache: yes cache_valid_time: 600 with_items: "{{ default_host_distro_packages }}" tasks: - name: Ensure root has a .ssh directory file: path: /root/.ssh state: directory owner: root group: root mode: 0700 - name: Create ssh key pair for root user: name: root generate_ssh_key: yes ssh_key_bits: 2048 ssh_key_file: /root/.ssh/id_rsa - name: Get root public key command: cat /root/.ssh/id_rsa.pub register: public_key_get changed_when: false - name: Set key facts set_fact: root_public_key: "{{ public_key_get.stdout }}" - name: Ensure root can ssh to localhost authorized_key: user: "root" key: "{{ root_public_key }}" - name: Add sysctl options sysctl: name: net.ipv4.ip_forward value: 1 sysctl_set: yes state: present reload: yes sysctl_file: /etc/sysctl.conf - name: Start netfilter persistent systemd: name: "{{ default_host_iptables_service }}" state: started enabled: yes - name: Install repo caching server packages package: name: "{{ item }}" state: "latest" with_items: "{{ default_pkg_cache_server_distro_packages }}" - name: Create cache directory file: path: "/var/www/pkg-cache" state: "directory" owner: "apt-cacher-ng" group: "www-data" mode: "02775" - name: Stat the cache path stat: path: /var/cache/apt-cacher-ng register: acs - name: Remove cacher directory if its a directory file: path: "/var/cache/apt-cacher-ng" state: "absent" when: - acs.stat.isdir is defined and acs.stat.isdir - name: Link cacher to the repo path file: src: "/var/www/pkg-cache" dest: "/var/cache/apt-cacher-ng" state: "link" - name: create yum merged mirror list shell: | curl https://www.centos.org/download/full-mirrorlist.csv | sed 's/^.*"http:/http:/' | sed 's/".*$//' | grep ^http >/etc/apt-cacher-ng/centos_mirrors echo "http://mirror.centos.org/centos/" >>/etc/apt-cacher-ng/centos_mirrors - name: Drop acng.conf template: src: "templates/pxe/acng.conf.j2" dest: "/etc/apt-cacher-ng/acng.conf" notify: - reload acng - name: Drop apt package manager proxy copy: content: 'Acquire::http { Proxy "{{ default_mirror_proxy }}"; };' dest: "/etc/apt/apt.conf.d/00apt-cacher-proxy" - name: Update apt when proxy is added apt: update_cache: yes environment: "{{ deployment_environment_variables | default({}) }}" handlers: - name: reload acng service: name: "apt-cacher-ng" state: restarted enabled: yes tags: - setup-host