diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/ansible_tower/tasks/main.yaml | 6 | ||||
-rw-r--r-- | roles/openshift_ansible_inventory/README.md | 41 | ||||
-rw-r--r-- | roles/openshift_ansible_inventory/defaults/main.yml | 4 | ||||
-rw-r--r-- | roles/openshift_ansible_inventory/handlers/main.yml | 2 | ||||
-rw-r--r-- | roles/openshift_ansible_inventory/meta/main.yml | 8 | ||||
-rw-r--r-- | roles/openshift_ansible_inventory/tasks/main.yml | 11 | ||||
-rw-r--r-- | roles/openshift_ansible_inventory/templates/multi_ec2.yaml.j2 | 11 | ||||
-rw-r--r-- | roles/openshift_ansible_inventory/vars/main.yml | 2 | ||||
-rw-r--r-- | roles/yum_repos/README.md | 113 | ||||
-rw-r--r-- | roles/yum_repos/defaults/main.yml | 3 | ||||
-rw-r--r-- | roles/yum_repos/meta/main.yml | 8 | ||||
-rw-r--r-- | roles/yum_repos/tasks/main.yml | 47 | ||||
-rw-r--r-- | roles/yum_repos/templates/yumrepo.j2 | 18 |
13 files changed, 274 insertions, 0 deletions
diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index f58a5b1c2..e9bde9478 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -25,3 +25,9 @@ - name: Open firewalld port for https firewalld: port=8080/tcp permanent=true state=enabled +- name: Set (httpd_can_network_connect) flag on and keep it persistent across reboots + seboolean: name=httpd_can_network_connect state=yes persistent=yes + +- name: Set (httpd_can_network_connect_db) flag on and keep it persistent across reboots + seboolean: name=httpd_can_network_connect_db state=yes persistent=yes + diff --git a/roles/openshift_ansible_inventory/README.md b/roles/openshift_ansible_inventory/README.md new file mode 100644 index 000000000..69a07effd --- /dev/null +++ b/roles/openshift_ansible_inventory/README.md @@ -0,0 +1,41 @@ +Openshift Ansible Inventory +========= + +Install and configure openshift-ansible-inventory. + +Requirements +------------ + +None + +Role Variables +-------------- + +oo_inventory_group +oo_inventory_user +oo_inventory_accounts +oo_inventory_cache_max_age + +Dependencies +------------ + +None + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +ASL 2.0 + +Author Information +------------------ + +Openshift operations, Red Hat, Inc diff --git a/roles/openshift_ansible_inventory/defaults/main.yml b/roles/openshift_ansible_inventory/defaults/main.yml new file mode 100644 index 000000000..f53c00c80 --- /dev/null +++ b/roles/openshift_ansible_inventory/defaults/main.yml @@ -0,0 +1,4 @@ +--- +oo_inventory_group: root +oo_inventory_owner: root +oo_inventory_cache_max_age: 1800 diff --git a/roles/openshift_ansible_inventory/handlers/main.yml b/roles/openshift_ansible_inventory/handlers/main.yml new file mode 100644 index 000000000..e2db43477 --- /dev/null +++ b/roles/openshift_ansible_inventory/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for openshift_ansible_inventory diff --git a/roles/openshift_ansible_inventory/meta/main.yml b/roles/openshift_ansible_inventory/meta/main.yml new file mode 100644 index 000000000..ff3df0a7d --- /dev/null +++ b/roles/openshift_ansible_inventory/meta/main.yml @@ -0,0 +1,8 @@ +--- +galaxy_info: + author: Openshift + description: Install and configure openshift-ansible-inventory + company: Red Hat, Inc + license: ASL 2.0 + min_ansible_version: 1.2 +dependencies: [] diff --git a/roles/openshift_ansible_inventory/tasks/main.yml b/roles/openshift_ansible_inventory/tasks/main.yml new file mode 100644 index 000000000..3990d5750 --- /dev/null +++ b/roles/openshift_ansible_inventory/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- yum: + name: openshift-ansible-inventory + state: present + +- template: + src: multi_ec2.yaml.j2 + dest: /etc/ansible/multi_ec2.yaml + group: "{{ oo_inventory_group }}" + owner: "{{ oo_inventory_owner }}" + mode: "0640" diff --git a/roles/openshift_ansible_inventory/templates/multi_ec2.yaml.j2 b/roles/openshift_ansible_inventory/templates/multi_ec2.yaml.j2 new file mode 100644 index 000000000..23dfe73b8 --- /dev/null +++ b/roles/openshift_ansible_inventory/templates/multi_ec2.yaml.j2 @@ -0,0 +1,11 @@ +# multi ec2 inventory configs +cache_max_age: {{ oo_inventory_cache_max_age }} +accounts: +{% for account in oo_inventory_accounts %} + - name: {{ account.name }} + provider: {{ account.provider }} + env_vars: + AWS_ACCESS_KEY_ID: {{ account.env_vars.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: {{ account.env_vars.AWS_SECRET_ACCESS_KEY }} + +{% endfor %} diff --git a/roles/openshift_ansible_inventory/vars/main.yml b/roles/openshift_ansible_inventory/vars/main.yml new file mode 100644 index 000000000..25c049282 --- /dev/null +++ b/roles/openshift_ansible_inventory/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for openshift_ansible_inventory diff --git a/roles/yum_repos/README.md b/roles/yum_repos/README.md new file mode 100644 index 000000000..51ecd5d34 --- /dev/null +++ b/roles/yum_repos/README.md @@ -0,0 +1,113 @@ +Yum Repos +========= + +This role allows easy deployment of yum repository config files. + +Requirements +------------ + +Yum + +Role Variables +-------------- + +| Name | Default value | | +|-------------------|---------------|--------------------------------------------| +| repo_files | None | | +| repo_enabled | 1 | Should repos be enabled by default | +| repo_gpgcheck | 1 | Should repo gpgcheck be enabled by default | + +Dependencies +------------ + +Example Playbook +---------------- + +A single repo file containing a single repo: + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_repo + repos: + - id: my_repo + name: My Awesome Repo + baseurl: https://my.awesome.repo/is/available/here + skip_if_unavailable: yes + gpgkey: https://my.awesome.repo/pubkey.gpg + +A single repo file containing a single repo, disabling gpgcheck + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_other_repo + repos: + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + gpgcheck: no + +A single repo file containing a single disabled repo + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_other_repo + repos: + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + enabled: no + +A single repo file containing multiple repos + - hosts: servers + roles: + - role: yum_repos + repo_files: + id: my_repos + repos: + - id: my_repo + name: My Awesome Repo + baseurl: https://my.awesome.repo/is/available/here + gpgkey: https://my.awesome.repo/pubkey.gpg + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + gpgkey: https://my.other.awesome.repo/pubkey.gpg + +Multiple repo files containing multiple repos + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_repos + repos: + - id: my_repo + name: My Awesome Repo + baseurl: https://my.awesome.repo/is/available/here + gpgkey: https://my.awesome.repo/pubkey.gpg + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + gpgkey: https://my.other.awesome.repo/pubkey.gpg + - id: joes_repos + repos: + - id: joes_repo + name: Joe's Less Awesome Repo + baseurl: https://joes.repo/is/here + gpgkey: https://joes.repo/pubkey.gpg + - id: joes_otherrepo + name: Joe's Other Less Awesome Repo + baseurl: https://joes.repo/is/there + gpgkey: https://joes.repo/pubkey.gpg + +License +------- + +ASL 2.0 + +Author Information +------------------ + +openshift online operations diff --git a/roles/yum_repos/defaults/main.yml b/roles/yum_repos/defaults/main.yml new file mode 100644 index 000000000..515fb7a4a --- /dev/null +++ b/roles/yum_repos/defaults/main.yml @@ -0,0 +1,3 @@ +--- +repo_enabled: 1 +repo_gpgcheck: 1 diff --git a/roles/yum_repos/meta/main.yml b/roles/yum_repos/meta/main.yml new file mode 100644 index 000000000..6b8374da9 --- /dev/null +++ b/roles/yum_repos/meta/main.yml @@ -0,0 +1,8 @@ +--- +galaxy_info: + author: openshift operations + description: + company: Red Hat, Inc. + license: ASL 2.0 + min_ansible_version: 1.2 +dependencies: [] diff --git a/roles/yum_repos/tasks/main.yml b/roles/yum_repos/tasks/main.yml new file mode 100644 index 000000000..a9903c6c6 --- /dev/null +++ b/roles/yum_repos/tasks/main.yml @@ -0,0 +1,47 @@ +--- +# Convert old params to new params +- set_fact: + repo_files: + - id: "{{ repo_tag }}" + repos: + - id: "{{ repo_tag }}" + name: "{{ repo_name }}" + baseurl: "{{ repo_baseurl }}" + enabled: "{{ repo_enabled }}" + gpgcheck: "{{ repo_gpg_check | default(repo_gpgcheck) }}" + sslverify: "{{ repo_sslverify | default(None) }}" + sslclientcert: "{{ repo_sslclientcert | default(None) }}" + sslclientkey: "{{ repo_sslclientkey | default(None) }}" + gpgkey: "{{ repo_gpgkey | default(None) }}" + when: repo_files is not defined + +- name: Verify repo_files is a list + assert: + that: + - repo_files is iterable and repo_files is not string and repo_files is not mapping + +- name: Verify repo_files items have an id and a repos list + assert: + that: + - item is mapping + - "'id' in item" + - "'repos' in item" + - item.repos is iterable and item.repos is not string and item.repos is not mapping + with_items: repo_files + +- name: Verify that repo_files.repos have the required keys + assert: + that: + - item.1 is mapping + - "'id' in item.1" + - "'name' in item.1" + - "'baseurl' in item.1" + with_subelements: + - repo_files + - repos + +- name: Installing yum-repo template + template: + src: yumrepo.j2 + dest: /etc/yum.repos.d/{{ item.id }}.repo + with_items: repo_files diff --git a/roles/yum_repos/templates/yumrepo.j2 b/roles/yum_repos/templates/yumrepo.j2 new file mode 100644 index 000000000..0dfdbfe43 --- /dev/null +++ b/roles/yum_repos/templates/yumrepo.j2 @@ -0,0 +1,18 @@ +{% set repos = item.repos %} +{% for repo in repos %} +[{{ repo.id }}] +name={{ repo.name }} +baseurl={{ repo.baseurl }} +{% set repo_enabled_value = repo.enabled | default(repo_enabled) %} +{% set enable_repo = 1 if (repo_enabled_value | int(0) == 1 or repo_enabled_value | lower in ['true', 'yes']) else 0 %} +enabled={{ enable_repo }} +{% set repo_gpgcheck_value = repo.gpgcheck | default(repo_gpgcheck) %} +{% set enable_gpgcheck = 1 if (repo_gpgcheck_value | int(0) == 1 or repo_gpgcheck_value | lower in ['true', 'yes']) else 0 %} +gpgcheck={{ enable_gpgcheck }} +{% for key, value in repo.iteritems() %} +{% if key not in ['id', 'name', 'baseurl', 'enabled', 'gpgcheck'] and value is defined and value != '' %} +{{ key }}={{ value }} +{% endif %} +{% endfor %} + +{% endfor %} |