59 lines
1.5 KiB
YAML
59 lines
1.5 KiB
YAML
---
|
|
- name: update all
|
|
command: yum -y update creates=/etc/sysconfig/global-update-applied
|
|
register: updated
|
|
tags:
|
|
- packages
|
|
|
|
- name: ntp pkgs
|
|
action: yum state=present pkg={{ item }}
|
|
with_items:
|
|
- ntpdate
|
|
- ntp
|
|
- libsemanage-python
|
|
- libselinux-python
|
|
tags:
|
|
- packages
|
|
|
|
- name: write out global-update-applied file if we updated
|
|
copy: content="updated" dest=/etc/sysconfig/global-update-applied
|
|
when: updated is defined
|
|
tags:
|
|
- packages
|
|
|
|
- name: put step-tickers in place
|
|
action: copy src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers
|
|
|
|
- name: enable the service
|
|
action: service name=ntpd state=running enabled=true
|
|
|
|
#- name: edit hostname to be instance name - prefix hostbase var if it exists
|
|
# action: shell hostname {{ hostbase }}`curl -s http://169.254.169.254/latest/meta-data/instance-id`
|
|
# tags:
|
|
# - config
|
|
|
|
- name: add ansible root key
|
|
action: authorized_key user=root key="{{ item }}"
|
|
with_file:
|
|
- /srv/web/infra/ansible/roles/base/files/ansible-pub-key
|
|
tags:
|
|
- config
|
|
|
|
- name: add root keys for sysadmin-main and other allowed users
|
|
authorized_key: user=root key="{{ item }}"
|
|
with_lines:
|
|
- /srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{ root_auth_users }}
|
|
tags:
|
|
- config
|
|
ignore_errors: true
|
|
|
|
- name: enable ssh_sysadm_login sebool
|
|
action: seboolean name=ssh_sysadm_login state=yes persistent=yes
|
|
|
|
# note - kinda should be a handler - but handlers need args
|
|
- name: restorecon
|
|
action: command restorecon -R /root/.ssh
|
|
tags:
|
|
- config
|
|
|