commit 76f7cbe85a14698a3212f041f69789b4b9138cfa
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Wed Jul 31 10:54:58 2019 +0200
Update tasks files for base
roles/base/meta/main.yml | 3 ++-
roles/base/tasks/main.yml | 16 ++++++++--------
roles/base/tasks/watchdog.yml | 4 ++--
3 files changed, 12 insertions(+), 11 deletions(-)
---
diff --git a/roles/base/meta/main.yml b/roles/base/meta/main.yml
index afa39de..8fc4b3b 100644
--- a/roles/base/meta/main.yml
+++ b/roles/base/meta/main.yml
@@ -1,4 +1,5 @@
---
dependencies:
- - { role: ntp }
+ - { role: basessh }
+ - { role: chrony }
- { role: dnf-automatic }
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index 043e79a..c6d39d2 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -11,11 +11,11 @@
- policycoreutils-python
tags:
- selinux
- when: ansible_distribution_major_version|int != 8
+ when: ansible_distribution_major_version|int < 8
- name: ensure packages required for semanage are installed (dnf)
- dnf: name=['policycoreutils-python-utils'] state=present
- when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not
defined
+ package: name=policycoreutils-python-utils state=present
+ when: ansible_distribution_major_version|int > 27 and ansible_cmdline.ostree is not
defined
tags:
- selinux
@@ -189,7 +189,7 @@
- iptables/iptables.{{ host_group }}
- iptables/iptables.{{ env }}
- iptables/iptables
- when: baseiptables
+ when: baseiptables|bool
notify:
- restart iptables
- reload libvirtd
@@ -205,7 +205,7 @@
- iptables
- service
- base
- when: baseiptables
+ when: baseiptables|bool
- name: ip6tables
template: src={{ item }} dest=/etc/sysconfig/ip6tables mode=0600 backup=yes
@@ -215,7 +215,7 @@
- iptables/ip6tables.{{ host_group }}
- iptables/ip6tables.{{ env }}
- iptables/ip6tables
- when: baseiptables
+ when: baseiptables|bool
notify:
- restart ip6tables
- reload libvirtd
@@ -230,7 +230,7 @@
- ip6tables
- service
- base
- when: baseiptables
+ when: baseiptables|bool
- name: enable journald persistence
file: path=/var/log/journal state=directory
@@ -291,7 +291,7 @@
- name: log everything to log01 except on mirrorlist, do not log local4 there.
copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644
- when: not
inventory_hostname.startswith(('mirrorlist','copr','jenkins'))
+ when: not inventory_hostname.startswith(('mirrorlist','copr'))
tags:
- rsyslogd
- config
diff --git a/roles/base/tasks/watchdog.yml b/roles/base/tasks/watchdog.yml
index 06a8969..a610d2f 100644
--- a/roles/base/tasks/watchdog.yml
+++ b/roles/base/tasks/watchdog.yml
@@ -1,6 +1,6 @@
- name: See if theres a watchdog device
stat: path=/dev/watchdog
- when: ansible_virtualization_role == 'guest'
+ when: ansible_virtualization_role is defined and ansible_virtualization_role ==
'guest'
check_mode: no
failed_when: no
register: watchdog_dev
@@ -33,4 +33,4 @@
- service
- watchdog
- base
- when: watchdog_dev is defined and ansible_virtualization_role == 'guest' and
watchdog_dev.stat.exists
+ when: watchdog_dev is defined and ansible_virtualization_role is defined and
ansible_virtualization_role == 'guest' and watchdog_dev.stat.exists
Show replies by thread