Update to 2022-08-08 16:00

roles/common/tasks/guest_AlmaLinux.yml

@@ -0,0 +1,5 @@
+---
+
+- name: Install qemu guest agent
+  yum: name=qemu-guest-agent state=present
+

roles/common/tasks/hardware_AlmaLinux.yml

@@ -0,0 +1,24 @@
+---
+
+- set_fact:
+    megacli: MegaCli-{{ megacli_version }}.noarch.rpm
+
+- name: Check if MegaCLi is installed
+  shell: rpm -q --qf "%{VERSION}-%{RELEASE}" MegaCli 2>/dev/null
+  register: megacli_installed_version
+  changed_when: False
+  failed_when: False
+  when: lsi_controllers | length > 0
+
+- name: Copy MegaCli package
+  copy: src={{ megacli }} dest=/tmp
+  when:
+    - lsi_controllers | length > 0
+    - megacli_installed_version.stdout != megacli_version
+
+- name: Install MegaCli
+  yum: name=/tmp/{{ megacli }} state=present
+  when:
+    - lsi_controllers | length > 0
+    - megacli_installed_version.stdout != megacli_version
+

roles/common/vars/AlmaLinux-8.yml

@@ -0,0 +1,13 @@
+---
+
+system_distro_utils:
+  - openssh-clients
+  - nc
+  - xz
+  - lz4
+  - yum-utils
+  - fuse-sshfs
+  - policycoreutils-python-utils
+  - python3-mysql
+  - python3-psycopg2
+  - zstd

roles/docker/tasks/install_AlmaLinux.yml

@@ -0,0 +1,19 @@
+---
+
+- name: Install packages
+  yum:
+    name:
+      - docker-ce
+      - docker-ce-cli
+      - device-mapper-persistent-data
+      - lvm2
+    state: present
+  tags: docker
+
+- name: Remove packaged docker-compose
+  yum:
+    name:
+      -  docker-compose
+    state: absent
+  tags: docker
+

roles/docker_wordpress/templates/docker-compose.yml.j2

@@ -2,17 +2,17 @@ version: '3.1'
 
 services:
   wordpress-fpm:
-    image: {{ item.wp_docker_image }}
-    restart: {{ item.wp_docker_restart }}
-    container_name: {{ item.wp_docker_name }}
-    ports: {{ item.wp_docker_port}}
+    image: "{{ item.wp_docker_image }}"
+    restart: "{{ item.wp_docker_restart }}"
+    container_name: "{{ item.wp_docker_name }}"
+    ports: "{{ item.wp_docker_port}}"
     environment:
-      WORDPRESS_DB_HOST: {{ item.wp_docker_db_host }}
-      WORDPRESS_DB_USER: {{ item.wp_docker_db_user }}
-      WORDPRESS_DB_PASSWORD: {{ item.wp_docker_db_psw }}
-      WORDPRESS_DB_NAME: {{ item.wp_docker_db_name }}
+      WORDPRESS_DB_HOST: "{{ item.wp_docker_db_host }}"
+      WORDPRESS_DB_USER: "{{ item.wp_docker_db_user }}"
+      WORDPRESS_DB_PASSWORD: "{{ item.wp_docker_db_psw }}"
+      WORDPRESS_DB_NAME: "{{ item.wp_docker_db_name }}"
     volumes:
-      - /opt/wp/{{ item.wp_docker_name }}/html:/var/www/html
+      - /opt/wp/"{{ item.wp_docker_name }}"/html:/var/www/html
 #      conf PHP
 #      Backups
 #      cron

roles/fusioninventory_agent/tasks/install_AlmaLinux.yml

@@ -0,0 +1,5 @@
+---
+
+- name: Install FusionInventory Agent
+  yum: name=fusioninventory-agent
+  tags: inventory

roles/iptables/tasks/install_AlmaLinux.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Remove firewalld
+  yum: name=firewalld state=absent
+  tags: firewall
+
+- name: Install packages
+  yum: name=iptables-services
+  tags: firewall
+

roles/ntp_client/vars/AlmaLinux-8.yml

@@ -0,0 +1,6 @@
+---
+
+ntp_ntpd_service: ntpd
+ntp_chrony_service: chronyd
+ntp_chrony_conf: /etc/chrony.conf
+ntp_chrony_keyfile: /etc/chrony.keys

roles/patrix/tasks/install_AlmaLinux.yml

@@ -0,0 +1,5 @@
+---
+
+- name: Install patrix
+  yum: name=patrix
+  tags: patrix

roles/repo_zabbix/tasks/AlmaLinux.yml

@@ -0,0 +1,63 @@
+---
+
+- name: Install GPG Key for Zabbix repo
+  copy:
+    content: |
+      -----BEGIN PGP PUBLIC KEY BLOCK-----
+      Version: GnuPG v1.4.10 (GNU/Linux)
+      
+      mQENBFeIdv0BCADAzkjO9jHoDRfpJt8XgfsBS8FpANfHF2L29ntRwd8ocDwxXSbt
+      BuGIkUSkOPUTx6i/e9hd8vYh4mcX3yYpiW8Sui4aXbJu9uuSdU5KvPOaTsFeit9j
+      BDK4b0baFYBDpcBBrgQuyviMAVAczu5qlwolA/Vu6DWqah1X9p+4EFa1QitxkhYs
+      3br2ZGy7FZA3f2sZaVhHAPAOBSuQ1W6tiUfTIj/Oc7N+FBjmh3VNfIvMBa0E3rA2
+      JlObxUEywsgGo7FPWnwjZyv883slHp/I3H4Or9VBouTWA2yICeROmMwjr4mOZtJT
+      z9e4v/a2cG/mJXgxCe+FjBvTvrgOVHAXaNwLABEBAAG0IFphYmJpeCBMTEMgPHBh
+      Y2thZ2VyQHphYmJpeC5jb20+iQE4BBMBAgAiBQJXiHb9AhsDBgsJCAcDAgYVCAIJ
+      CgsEFgIDAQIeAQIXgAAKCRAIKrVroU/lkbO8B/4/MhxoUN2RPmH7BzFGIntKEWAw
+      bRkDzyQOk9TjXVegfsBnzmDSdowh7gyteVauvr62jiVtowlE/95vbXqbBCISLqKG
+      i9Wmbrj7lUXBd2sP7eApFzMUhb3G3GuV5pCnRBIzerDfhXiLE9EWRN89JYDxwCLY
+      ctQHieZtdmlnPyCbFF6wcXTHUEHBPqdTa6hvUqQL2lHLFoduqQz4Q47Cz7tZxnbr
+      akAewEToPcjMoteCSfXwF/BRxSUDlN7tKFfBpYQawS8ZtN09ImHOO6CZ/pA0qQim
+      iNiRUfA25onIDWLLY/NMWg+gK94NVVZ7KmFG3upDB5/uefK6Xwu2PsgiXSQguQEN
+      BFeIdv0BCACZgfqgz5YoX+ujVlw1gX1J+ygf10QsUM9GglLEuDiSS/Aa3C2UbgEa
+      +N7JuvzZigGFCvxtAzaerMMDzbliTqtMGJOTjWEVGxWQ3LiY6+NWgmV46AdXik7s
+      UXM155f1vhOzYp6EZj/xtGvyUzTLUkAlnZNrhEUbUmOhDLassVi32hIyMR5W7w6I
+      Ii0zIM1mSuLR0H6oDEpR3GzuGVHGj4/sLeAg7iY5MziGwySBQk0Dg0xH5YqHb+uK
+      zCTH/ILu3srPJq+237Px/PctAZCEA96ogc/DNF2XjdUpMSaEybR0LuHHstAqkrq8
+      AyRtDJNYE+09jDFdUIukhErLuo1YPWqFABEBAAGJAR8EGAECAAkFAleIdv0CGwwA
+      CgkQCCq1a6FP5ZH8+wf/erZneDXqM6xYT8qncFpc1GtOCeODNb19Ii22lDEXd9qN
+      UlAz2SB6zC5oywlnR0o1cglcrW96MD/uuCL/+tTczeB2C455ofs2mhpK7nKiA4FM
+      +JZZ6XSBnq7sfsYD6knbvS//SXQV/qYb4bKMvwYnyMz63escgQhOsTT20ptc/w7f
+      C+YPBR/rHImKspyIwxyqU8EXylFW8f3Ugi2+Fna3CAPR9yQIAChkCjUawUa2VFmm
+      5KP8DHg6oWM5mdqcpvU5DMqpi8SA26DEFvULs8bR+kgDd5AU3I4+ei71GslOdfk4
+      s1soKT4X2UK+dCCXui+/5ZJHakC67t5OgbMas3Hz4Q==
+      =5TOS
+      -----END PGP PUBLIC KEY BLOCK-----
+    dest: /etc/pki/rpm-gpg/RPM-GPG-KEY-zabbix
+  tags: repo
+
+- name: Configure Zabbix repo
+  yum_repository:
+    name: zabbix
+    description: Zabbix Repository
+    baseurl: http://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/rhel/$releasever/$basearch/
+    gpgcheck: True
+    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-zabbix
+    priority: 50
+    includepkgs:
+      - zabbix*
+  tags: repo
+
+- name: Configure Zabbix frontend repo
+  yum_repository:
+    name: zabbix-frontend
+    description: Zabbix web frontend repository
+    file: zabbix
+    baseurl: http://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/rhel/$releasever/$basearch/frontend
+    gpgcheck: True
+    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-zabbix
+    priority: 50
+    includepkgs:
+      - zabbix*
+    state: "{{ (zabbix_major_version is version('5.0', '>=') and ansible_distribution_major_version is version('8', '<')) | ternary('present', 'absent') }}"
+  tags: repo

roles/sssd_ad_auth/tasks/install_AlmaLinux.yml

@@ -0,0 +1,10 @@
+---
+- name: Install packages
+  yum:
+    name:
+      - sssd-ad
+      - adcli
+      - oddjob-mkhomedir
+      - krb5-workstation
+      - authconfig
+  tags: auth

roles/sssd_ad_auth/tasks/pam_AlmaLinux.yml

@@ -0,0 +1,13 @@
+---
+
+- name: Check if authconfig needs to update pam config
+  command: "grep -c -P '^auth\\s+sufficient\\s+pam_sss.so' /etc/pam.d/system-auth"
+  register: ad_authconfig_done
+  changed_when: False
+  failed_when: False
+  tags: auth
+
+- name: Configure the PAM stack
+  command: authconfig --enablesssd --enablesssdauth --enablemkhomedir --update
+  when: ad_authconfig_done.stdout | int < 1
+  tags: auth

roles/sssd_ldap_auth/tasks/install_AlmaLinux.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Install sssd and the needed tools
+  yum:
+    name:
+      - sssd
+      - oddjob-mkhomedir
+      - authconfig
+  tags: auth

roles/sssd_ldap_auth/tasks/pam_AlmaLinux.yml

@@ -0,0 +1,13 @@
+---
+
+- name: Check if authconfig needs to update pam config
+  command: "grep -P '^auth\\s+sufficient\\s+pam_sss.so' /etc/pam.d/system-auth"
+  register: auth_sss_done
+  changed_when: False
+  failed_when: False
+  tags: auth
+
+- name: Configure authentication with authconfig
+  command: authconfig --enablemkhomedir --enablesssd --enablesssdauth --update
+  when: auth_sss_done.rc != 0
+  tags: auth

roles/zabbix_agent/tasks/install_AlmaLinux.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Install Zabbix Agent and additional scripts
+  yum:
+    name: "{{ zabbix_agent_packages }}"
+    state: "{{ zabbix_agent_update | ternary('latest','present') }}"
+  notify: restart zabbix-agent
+  tags: zabbix

roles/zabbix_agent/tasks/sensors_AlmaLinux.yml

@@ -0,0 +1,50 @@
+---
+
+- name: Install hardware sensors support
+  yum:
+    name:
+      - smartmontools
+      - lm_sensors
+  when: ansible_virtualization_role != "guest"
+  tags: zabbix
+
+- name: Check if lm_sensors is configured
+  stat: path=/etc/sysconfig/lm_sensors
+  register: lm_sensors
+  when: ansible_virtualization_role != "guest"
+  tags: zabbix
+
+- name: Configure lm_sensors
+  shell: "/sbin/sensors-detect < /dev/null"
+  # Configure only if /etc/sysconfig/lm_sensors doesn't exists or has been customized
+  when:
+    - ansible_virtualization_role != "guest"
+    - not lm_sensors.stat.exists or lm_sensors.stat.checksum == "c27ae43795d152a7fc7503c7109288e3fdc2207c"
+  tags: zabbix
+
+- name: Check if there's an ipmi controler
+  stat: path=/dev/ipmi0
+  register: zabbix_ipmi
+  tags: zabbix
+
+- name: Install ipmi support
+  yum:
+    name:
+      - OpenIPMI
+      - ipmitool
+  when:
+    - ansible_virtualization_role != "guest"
+    - zabbix_ipmi.stat.exists
+  tags: zabbix
+
+- name: Start and enable lm_sensors service
+  service: name=lm_sensors state=started enabled=yes
+  when: ansible_virtualization_role != "guest"
+  tags: zabbix
+
+- name: Start and enable ipmi service
+  service: name=ipmi state=started enabled=yes
+  when:
+    - ansible_virtualization_role != "guest"
+    - zabbix_ipmi.stat.exists
+  tags: zabbix

roles/zabbix_agent/vars/AlmaLinux-8.yml

@@ -0,0 +1,8 @@
+---
+
+zabbix_agent_packages:
+  - zabbix-agent
+  - zabbix-agent-addons
+  - policycoreutils-python-utils
+  - openssl
+