openstack/openstack-ansible
Code Issues Proposed changes
0de309e7a3
openstack-ansible/tests/bootstrap-aio.yml
Jonathan Rosser 8e28b8e85e Install python3 instead of python2 during host bootstrapping. 
Also use ansible interpreter discovery rather than hardcoding the
path to the python executable which may vary depending on distro.

Change-Id: Id6d1ec65106b5b8eabb152b0238a6f9c0a2d97da
2020-04-26 22:58:55 +01:00

88 lines
2.6 KiB
YAML
Raw Blame History

---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Bootstrap the All-In-One (AIO)
hosts: localhost
gather_facts: True
user: root
roles:
- role: "sshd"
- role: "bootstrap-host"
vars_files:
- "{{ playbook_dir }}/../playbooks/defaults/repo_packages/openstack_services.yml"
environment: "{{ deployment_environment_variables | default({}) }}"
vars:
sftp_subsystem:
'apt': 'sftp /usr/lib/openssh/sftp-server'
'yum': 'sftp /usr/libexec/openssh/sftp-server'
'zypper': 'sftp /usr/lib/ssh/sftp-server'
sshd:
ListenAddress:
- 0.0.0.0
- '::'
Port: 22
Protocol: 2
HostKey:
- "/etc/ssh/ssh_host_rsa_key"
- "/etc/ssh/ssh_host_ecdsa_key"
- "/etc/ssh/ssh_host_ed25519_key"
UsePrivilegeSeparation: yes
KeyRegenerationInterval: 3600
ServerKeyBits: 1024
SyslogFacility: "AUTH"
LogLevel: "INFO"
LoginGraceTime: 120
StrictModes: yes
RSAAuthentication: yes
PubkeyAuthentication: yes
IgnoreRhosts: yes
RhostsRSAAuthentication: no
HostbasedAuthentication: no
PermitEmptyPasswords: no
PermitRootLogin: yes
ChallengeResponseAuthentication: no
PasswordAuthentication: no
X11DisplayOffset: 10
PrintMotd: no
PrintLastLog: no
TCPKeepAlive: yes
AcceptEnv: "LANG LC_*"
Subsystem: "{{ sftp_subsystem[ansible_pkg_mgr] }}"
UsePAM: yes
UseDNS: no
X11Forwarding: no
Compression: yes
CompressionLevel: 6
MaxSessions: 100
MaxStartups: "100:100:100"
GSSAPIAuthentication: no
GSSAPICleanupCredentials: no
pre_tasks:
- name: Run setup module
setup:
gather_subset:
- network
- hardware
- virtual
post_tasks:
- name: Check that new network interfaces are up
assert:
that:
- ansible_eth12['active'] == true
- ansible_eth13['active'] == true
- ansible_eth14['active'] == true
when:
- (bootstrap_host_container_tech | default('unknown')) != 'nspawn'
View Git Blame Copy Permalink