diff --git a/Makefile b/Makefile index b22893d..f47d852 100644 --- a/Makefile +++ b/Makefile @@ -1,136 +1,139 @@ # vim: set noexpandtab: ANSIBLE = ansible-playbook SKIP_TAGS = --skip-tags "init,common" PROD_BOOK = books/main_prod.yml PROD_HOST = -i hosts-prod PROD_VARS = ../vars/main.yml TEST_BOOK = books/main_test.yml TEST_HOST = -i hosts-test TEST_VARS = ../vars/test.yml # Everything list: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --list-hosts test-list: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --list-hosts create: $(ANSIBLE) books/openstack_prod.yml test-create: $(ANSIBLE) books/openstack_test.yml init: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) test-init: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) all: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) $(SKIP_TAGS) test-all: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) $(SKIP_TAGS) restart: $(ANSIBLE) books/restart.yml reboot: $(ANSIBLE) books/reboot.yml stop: $(ANSIBLE) books/stop.yml version: $(ANSIBLE) --extra-vars="var=$(PROD_VARS)" books/versions.yml test-version: $(ANSIBLE) --extra-vars="var=$(TEST_VARS)" books/versions.yml # Specific app: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-app $(SKIP_TAGS) test-app: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags conf-app $(SKIP_TAGS) fs: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-fs $(SKIP_TAGS) test-fs: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags conf-fs $(SKIP_TAGS) phd: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-phd $(SKIP_TAGS) test-phd: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags conf-phd $(SKIP_TAGS) lbs: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-lbs $(SKIP_TAGS) test-lbs: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags conf-lbs $(SKIP_TAGS) monit: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-monit $(SKIP_TAGS) test-monit: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags conf-monit $(SKIP_TAGS) backup: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-backup $(SKIP_TAGS) dbs: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-dbs $(SKIP_TAGS) test-dbs: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags conf-dbs $(SKIP_TAGS) ci: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags jenkins $(SKIP_TAGS) test-ci: $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags jenkins $(SKIP_TAGS) ci-slave: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-ci-slave $(SKIP_TAGS) shib: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags conf-shib $(SKIP_TAGS) gluster: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags gluster $(SKIP_TAGS) common: $(ANSIBLE) $(PROD_BOOK) $(PROD_HOST) --tags common --skip-tags init +test-common: + $(ANSIBLE) $(TEST_BOOK) $(TEST_HOST) --tags common --skip-tags init + # Utils unit-test: arc lint --everything $(ANSIBLE) --syntax-check $(TEST_HOST) $(TEST_BOOK) update-phab: $(ANSIBLE) $(PROD_HOST) books/update_prod.yml test-update-phab: $(ANSIBLE) $(TEST_HOST) books/update_test.yml security: $(ANSIBLE) $(PROD_HOST) books/security-update.yml test-security: $(ANSIBLE) $(TEST_HOST) books/security-update.yml arbitrator: $(ANSIBLE) books/arbitrator.yml clean: $(ANSIBLE) books/cleanup.yml diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index b0afdd0..e74cefe 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,94 +1,101 @@ --- ## Proxy for TEST - name: HTTP Proxy lineinfile: dest: /etc/rc.local line: "{{ item }}" with_items: - "export http_proxy={{ http_proxy }}" - "export https_proxy={{ http_proxy }}" - "export rsync_proxy={{ http_proxy }}" - "export ftp_proxy={{ http_proxy }}" when: env == "test" and http_proxy is defined ## Root and centos passwords - user: name=root password="{{ user_pwd_root }}" - user: name=centos password="{{ user_pwd_centos }}" ## Selinux - name: Disable SELinux selinux: policy=targeted state=disabled - name: Permanently disable SELinux copy: src=selinux-config dest=/etc/selinux/config # EPEL - name: Install EPEL repo. yum: name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm" state: present - name: Import EPEL GPG key. rpm_key: key: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7" state: present # Basic packages - yum: name="{{ item }}" state=present update_cache=yes with_items: - htop - git - screen - vim - ntp - yum-cron - iftop - tcpdump - iperf - iotop - name: SSH Keys authorized_key: user=root key="{{ item }}" with_items: "{{ ssh_keys }}" - name: SSH Keys authorized_key: user=centos key="{{ item }}" with_items: "{{ ssh_keys }}" +- name: Enable NTP + service: + name: ntpd + enabled: true + state: started + + # Hosts - name: Hosts file template: src: hosts dest: /etc/hosts - name: Hosts file for lbs lineinfile: dest: /etc/hosts line: "{{ internal_ip }} c4science-jump00" - name: Hosts file for 10.0.0.217 lineinfile: dest: /etc/hosts line: "10.0.0.217 c4science-monit-cluster" # Scripts - name: Create scripts directory file: state="directory" path="/root/scripts" - name: Process memory copy: src=ps_mem.py dest=/root/scripts/ps_mem.py mode=0750 - name: Process swap copy: src=swap.sh dest=/root/scripts/swap.sh mode=0750 # Security - name: Security updates via yum-cron copy: src=yum-cron.conf dest=/etc/yum/yum-cron.conf # Monit - include: monit.yml