diff --git a/roles/common/tasks/guest_AlmaLinux.yml b/roles/common/tasks/guest_AlmaLinux.yml new file mode 100644 index 0000000..a279e07 --- /dev/null +++ b/roles/common/tasks/guest_AlmaLinux.yml @@ -0,0 +1,5 @@ +--- + +- name: Install qemu guest agent + yum: name=qemu-guest-agent state=present + diff --git a/roles/common/tasks/hardware_AlmaLinux.yml b/roles/common/tasks/hardware_AlmaLinux.yml new file mode 100644 index 0000000..350123c --- /dev/null +++ b/roles/common/tasks/hardware_AlmaLinux.yml @@ -0,0 +1,24 @@ +--- + +- set_fact: + megacli: MegaCli-{{ megacli_version }}.noarch.rpm + +- name: Check if MegaCLi is installed + shell: rpm -q --qf "%{VERSION}-%{RELEASE}" MegaCli 2>/dev/null + register: megacli_installed_version + changed_when: False + failed_when: False + when: lsi_controllers | length > 0 + +- name: Copy MegaCli package + copy: src={{ megacli }} dest=/tmp + when: + - lsi_controllers | length > 0 + - megacli_installed_version.stdout != megacli_version + +- name: Install MegaCli + yum: name=/tmp/{{ megacli }} state=present + when: + - lsi_controllers | length > 0 + - megacli_installed_version.stdout != megacli_version + diff --git a/roles/common/vars/AlmaLinux-8.yml b/roles/common/vars/AlmaLinux-8.yml new file mode 100644 index 0000000..b3bb35e --- /dev/null +++ b/roles/common/vars/AlmaLinux-8.yml @@ -0,0 +1,13 @@ +--- + +system_distro_utils: + - openssh-clients + - nc + - xz + - lz4 + - yum-utils + - fuse-sshfs + - policycoreutils-python-utils + - python3-mysql + - python3-psycopg2 + - zstd diff --git a/roles/docker/tasks/install_AlmaLinux.yml b/roles/docker/tasks/install_AlmaLinux.yml new file mode 100644 index 0000000..3adc559 --- /dev/null +++ b/roles/docker/tasks/install_AlmaLinux.yml @@ -0,0 +1,19 @@ +--- + +- name: Install packages + yum: + name: + - docker-ce + - docker-ce-cli + - device-mapper-persistent-data + - lvm2 + state: present + tags: docker + +- name: Remove packaged docker-compose + yum: + name: + - docker-compose + state: absent + tags: docker + diff --git a/roles/docker_wordpress/templates/docker-compose.yml.j2 b/roles/docker_wordpress/templates/docker-compose.yml.j2 index 705da20..ca249f2 100644 --- a/roles/docker_wordpress/templates/docker-compose.yml.j2 +++ b/roles/docker_wordpress/templates/docker-compose.yml.j2 @@ -2,17 +2,17 @@ version: '3.1' services: wordpress-fpm: - image: {{ item.wp_docker_image }} - restart: {{ item.wp_docker_restart }} - container_name: {{ item.wp_docker_name }} - ports: {{ item.wp_docker_port}} + image: "{{ item.wp_docker_image }}" + restart: "{{ item.wp_docker_restart }}" + container_name: "{{ item.wp_docker_name }}" + ports: "{{ item.wp_docker_port}}" environment: - WORDPRESS_DB_HOST: {{ item.wp_docker_db_host }} - WORDPRESS_DB_USER: {{ item.wp_docker_db_user }} - WORDPRESS_DB_PASSWORD: {{ item.wp_docker_db_psw }} - WORDPRESS_DB_NAME: {{ item.wp_docker_db_name }} + WORDPRESS_DB_HOST: "{{ item.wp_docker_db_host }}" + WORDPRESS_DB_USER: "{{ item.wp_docker_db_user }}" + WORDPRESS_DB_PASSWORD: "{{ item.wp_docker_db_psw }}" + WORDPRESS_DB_NAME: "{{ item.wp_docker_db_name }}" volumes: - - /opt/wp/{{ item.wp_docker_name }}/html:/var/www/html + - /opt/wp/"{{ item.wp_docker_name }}"/html:/var/www/html # conf PHP # Backups # cron diff --git a/roles/fusioninventory_agent/tasks/install_AlmaLinux.yml b/roles/fusioninventory_agent/tasks/install_AlmaLinux.yml new file mode 100644 index 0000000..b8adb1e --- /dev/null +++ b/roles/fusioninventory_agent/tasks/install_AlmaLinux.yml @@ -0,0 +1,5 @@ +--- + +- name: Install FusionInventory Agent + yum: name=fusioninventory-agent + tags: inventory diff --git a/roles/iptables/tasks/install_AlmaLinux.yml b/roles/iptables/tasks/install_AlmaLinux.yml new file mode 100644 index 0000000..4bc9e77 --- /dev/null +++ b/roles/iptables/tasks/install_AlmaLinux.yml @@ -0,0 +1,10 @@ +--- + +- name: Remove firewalld + yum: name=firewalld state=absent + tags: firewall + +- name: Install packages + yum: name=iptables-services + tags: firewall + diff --git a/roles/ntp_client/vars/AlmaLinux-8.yml b/roles/ntp_client/vars/AlmaLinux-8.yml new file mode 100644 index 0000000..cf8b402 --- /dev/null +++ b/roles/ntp_client/vars/AlmaLinux-8.yml @@ -0,0 +1,6 @@ +--- + +ntp_ntpd_service: ntpd +ntp_chrony_service: chronyd +ntp_chrony_conf: /etc/chrony.conf +ntp_chrony_keyfile: /etc/chrony.keys diff --git a/roles/patrix/tasks/install_AlmaLinux.yml b/roles/patrix/tasks/install_AlmaLinux.yml new file mode 100644 index 0000000..829066f --- /dev/null +++ b/roles/patrix/tasks/install_AlmaLinux.yml @@ -0,0 +1,5 @@ +--- + +- name: Install patrix + yum: name=patrix + tags: patrix diff --git a/roles/repo_zabbix/tasks/AlmaLinux.yml b/roles/repo_zabbix/tasks/AlmaLinux.yml new file mode 100644 index 0000000..9d5a369 --- /dev/null +++ b/roles/repo_zabbix/tasks/AlmaLinux.yml @@ -0,0 +1,63 @@ +--- + +- name: Install GPG Key for Zabbix repo + copy: + content: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: GnuPG v1.4.10 (GNU/Linux) + + mQENBFeIdv0BCADAzkjO9jHoDRfpJt8XgfsBS8FpANfHF2L29ntRwd8ocDwxXSbt + BuGIkUSkOPUTx6i/e9hd8vYh4mcX3yYpiW8Sui4aXbJu9uuSdU5KvPOaTsFeit9j + BDK4b0baFYBDpcBBrgQuyviMAVAczu5qlwolA/Vu6DWqah1X9p+4EFa1QitxkhYs + 3br2ZGy7FZA3f2sZaVhHAPAOBSuQ1W6tiUfTIj/Oc7N+FBjmh3VNfIvMBa0E3rA2 + JlObxUEywsgGo7FPWnwjZyv883slHp/I3H4Or9VBouTWA2yICeROmMwjr4mOZtJT + z9e4v/a2cG/mJXgxCe+FjBvTvrgOVHAXaNwLABEBAAG0IFphYmJpeCBMTEMgPHBh + Y2thZ2VyQHphYmJpeC5jb20+iQE4BBMBAgAiBQJXiHb9AhsDBgsJCAcDAgYVCAIJ + CgsEFgIDAQIeAQIXgAAKCRAIKrVroU/lkbO8B/4/MhxoUN2RPmH7BzFGIntKEWAw + bRkDzyQOk9TjXVegfsBnzmDSdowh7gyteVauvr62jiVtowlE/95vbXqbBCISLqKG + i9Wmbrj7lUXBd2sP7eApFzMUhb3G3GuV5pCnRBIzerDfhXiLE9EWRN89JYDxwCLY + ctQHieZtdmlnPyCbFF6wcXTHUEHBPqdTa6hvUqQL2lHLFoduqQz4Q47Cz7tZxnbr + akAewEToPcjMoteCSfXwF/BRxSUDlN7tKFfBpYQawS8ZtN09ImHOO6CZ/pA0qQim + iNiRUfA25onIDWLLY/NMWg+gK94NVVZ7KmFG3upDB5/uefK6Xwu2PsgiXSQguQEN + BFeIdv0BCACZgfqgz5YoX+ujVlw1gX1J+ygf10QsUM9GglLEuDiSS/Aa3C2UbgEa + +N7JuvzZigGFCvxtAzaerMMDzbliTqtMGJOTjWEVGxWQ3LiY6+NWgmV46AdXik7s + UXM155f1vhOzYp6EZj/xtGvyUzTLUkAlnZNrhEUbUmOhDLassVi32hIyMR5W7w6I + Ii0zIM1mSuLR0H6oDEpR3GzuGVHGj4/sLeAg7iY5MziGwySBQk0Dg0xH5YqHb+uK + zCTH/ILu3srPJq+237Px/PctAZCEA96ogc/DNF2XjdUpMSaEybR0LuHHstAqkrq8 + AyRtDJNYE+09jDFdUIukhErLuo1YPWqFABEBAAGJAR8EGAECAAkFAleIdv0CGwwA + CgkQCCq1a6FP5ZH8+wf/erZneDXqM6xYT8qncFpc1GtOCeODNb19Ii22lDEXd9qN + UlAz2SB6zC5oywlnR0o1cglcrW96MD/uuCL/+tTczeB2C455ofs2mhpK7nKiA4FM + +JZZ6XSBnq7sfsYD6knbvS//SXQV/qYb4bKMvwYnyMz63escgQhOsTT20ptc/w7f + C+YPBR/rHImKspyIwxyqU8EXylFW8f3Ugi2+Fna3CAPR9yQIAChkCjUawUa2VFmm + 5KP8DHg6oWM5mdqcpvU5DMqpi8SA26DEFvULs8bR+kgDd5AU3I4+ei71GslOdfk4 + s1soKT4X2UK+dCCXui+/5ZJHakC67t5OgbMas3Hz4Q== + =5TOS + -----END PGP PUBLIC KEY BLOCK----- + dest: /etc/pki/rpm-gpg/RPM-GPG-KEY-zabbix + tags: repo + +- name: Configure Zabbix repo + yum_repository: + name: zabbix + description: Zabbix Repository + baseurl: http://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/rhel/$releasever/$basearch/ + gpgcheck: True + gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-zabbix + priority: 50 + includepkgs: + - zabbix* + tags: repo + +- name: Configure Zabbix frontend repo + yum_repository: + name: zabbix-frontend + description: Zabbix web frontend repository + file: zabbix + baseurl: http://repo.zabbix.com/zabbix/{{ zabbix_major_version }}/rhel/$releasever/$basearch/frontend + gpgcheck: True + gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-zabbix + priority: 50 + includepkgs: + - zabbix* + state: "{{ (zabbix_major_version is version('5.0', '>=') and ansible_distribution_major_version is version('8', '<')) | ternary('present', 'absent') }}" + tags: repo diff --git a/roles/sssd_ad_auth/tasks/install_AlmaLinux.yml b/roles/sssd_ad_auth/tasks/install_AlmaLinux.yml new file mode 100644 index 0000000..3fc6e7f --- /dev/null +++ b/roles/sssd_ad_auth/tasks/install_AlmaLinux.yml @@ -0,0 +1,10 @@ +--- +- name: Install packages + yum: + name: + - sssd-ad + - adcli + - oddjob-mkhomedir + - krb5-workstation + - authconfig + tags: auth diff --git a/roles/sssd_ad_auth/tasks/pam_AlmaLinux.yml b/roles/sssd_ad_auth/tasks/pam_AlmaLinux.yml new file mode 100644 index 0000000..efce3fb --- /dev/null +++ b/roles/sssd_ad_auth/tasks/pam_AlmaLinux.yml @@ -0,0 +1,13 @@ +--- + +- name: Check if authconfig needs to update pam config + command: "grep -c -P '^auth\\s+sufficient\\s+pam_sss.so' /etc/pam.d/system-auth" + register: ad_authconfig_done + changed_when: False + failed_when: False + tags: auth + +- name: Configure the PAM stack + command: authconfig --enablesssd --enablesssdauth --enablemkhomedir --update + when: ad_authconfig_done.stdout | int < 1 + tags: auth diff --git a/roles/sssd_ldap_auth/tasks/install_AlmaLinux.yml b/roles/sssd_ldap_auth/tasks/install_AlmaLinux.yml new file mode 100644 index 0000000..882a7f9 --- /dev/null +++ b/roles/sssd_ldap_auth/tasks/install_AlmaLinux.yml @@ -0,0 +1,9 @@ +--- + +- name: Install sssd and the needed tools + yum: + name: + - sssd + - oddjob-mkhomedir + - authconfig + tags: auth diff --git a/roles/sssd_ldap_auth/tasks/pam_AlmaLinux.yml b/roles/sssd_ldap_auth/tasks/pam_AlmaLinux.yml new file mode 100644 index 0000000..4c1bd2e --- /dev/null +++ b/roles/sssd_ldap_auth/tasks/pam_AlmaLinux.yml @@ -0,0 +1,13 @@ +--- + +- name: Check if authconfig needs to update pam config + command: "grep -P '^auth\\s+sufficient\\s+pam_sss.so' /etc/pam.d/system-auth" + register: auth_sss_done + changed_when: False + failed_when: False + tags: auth + +- name: Configure authentication with authconfig + command: authconfig --enablemkhomedir --enablesssd --enablesssdauth --update + when: auth_sss_done.rc != 0 + tags: auth diff --git a/roles/zabbix_agent/tasks/install_AlmaLinux.yml b/roles/zabbix_agent/tasks/install_AlmaLinux.yml new file mode 100644 index 0000000..4657a11 --- /dev/null +++ b/roles/zabbix_agent/tasks/install_AlmaLinux.yml @@ -0,0 +1,8 @@ +--- + +- name: Install Zabbix Agent and additional scripts + yum: + name: "{{ zabbix_agent_packages }}" + state: "{{ zabbix_agent_update | ternary('latest','present') }}" + notify: restart zabbix-agent + tags: zabbix diff --git a/roles/zabbix_agent/tasks/sensors_AlmaLinux.yml b/roles/zabbix_agent/tasks/sensors_AlmaLinux.yml new file mode 100644 index 0000000..67d43b7 --- /dev/null +++ b/roles/zabbix_agent/tasks/sensors_AlmaLinux.yml @@ -0,0 +1,50 @@ +--- + +- name: Install hardware sensors support + yum: + name: + - smartmontools + - lm_sensors + when: ansible_virtualization_role != "guest" + tags: zabbix + +- name: Check if lm_sensors is configured + stat: path=/etc/sysconfig/lm_sensors + register: lm_sensors + when: ansible_virtualization_role != "guest" + tags: zabbix + +- name: Configure lm_sensors + shell: "/sbin/sensors-detect < /dev/null" + # Configure only if /etc/sysconfig/lm_sensors doesn't exists or has been customized + when: + - ansible_virtualization_role != "guest" + - not lm_sensors.stat.exists or lm_sensors.stat.checksum == "c27ae43795d152a7fc7503c7109288e3fdc2207c" + tags: zabbix + +- name: Check if there's an ipmi controler + stat: path=/dev/ipmi0 + register: zabbix_ipmi + tags: zabbix + +- name: Install ipmi support + yum: + name: + - OpenIPMI + - ipmitool + when: + - ansible_virtualization_role != "guest" + - zabbix_ipmi.stat.exists + tags: zabbix + +- name: Start and enable lm_sensors service + service: name=lm_sensors state=started enabled=yes + when: ansible_virtualization_role != "guest" + tags: zabbix + +- name: Start and enable ipmi service + service: name=ipmi state=started enabled=yes + when: + - ansible_virtualization_role != "guest" + - zabbix_ipmi.stat.exists + tags: zabbix diff --git a/roles/zabbix_agent/vars/AlmaLinux-8.yml b/roles/zabbix_agent/vars/AlmaLinux-8.yml new file mode 100644 index 0000000..71726b6 --- /dev/null +++ b/roles/zabbix_agent/vars/AlmaLinux-8.yml @@ -0,0 +1,8 @@ +--- + +zabbix_agent_packages: + - zabbix-agent + - zabbix-agent-addons + - policycoreutils-python-utils + - openssl +