2015-11-28 14:25:29 +00:00
|
|
|
# First install ssh-key at remote computer
|
|
|
|
# In case of python error start:
|
|
|
|
# ansible troisdorf4 -u root -m raw -a "apt-get update && apt-get install python -y"
|
|
|
|
|
|
|
|
- name: Install Freifunk Troisdorf super node
|
2016-05-28 13:47:29 +00:00
|
|
|
# hosts: FreifunkSupernodesL2TP
|
2015-11-28 14:25:29 +00:00
|
|
|
hosts: '{{ target }}'
|
|
|
|
sudo: False
|
|
|
|
user: root
|
|
|
|
gather_facts: False
|
|
|
|
vars:
|
2019-01-20 11:12:29 +00:00
|
|
|
snversion: master_v3.1.1
|
2018-07-03 21:10:50 +00:00
|
|
|
batmanversion: v2017.4
|
2015-11-28 14:25:29 +00:00
|
|
|
common_required_packages:
|
|
|
|
- git
|
|
|
|
- make
|
|
|
|
- gcc
|
|
|
|
- build-essential
|
|
|
|
- pkg-config
|
|
|
|
- libgps-dev
|
|
|
|
- libnl-3-dev
|
|
|
|
- libjansson-dev
|
|
|
|
- isc-dhcp-server
|
|
|
|
- libcap-dev
|
|
|
|
- iproute
|
|
|
|
- libnetfilter-conntrack3
|
|
|
|
- python-dev
|
|
|
|
- libevent-dev
|
|
|
|
- ebtables
|
|
|
|
- python-virtualenv
|
|
|
|
- iptables-persistent
|
|
|
|
- iftop
|
|
|
|
- screen
|
|
|
|
- bridge-utils
|
|
|
|
- tcpdump
|
2015-11-29 21:34:32 +00:00
|
|
|
- bind9
|
2015-12-13 12:33:33 +00:00
|
|
|
- radvd
|
|
|
|
- curl
|
|
|
|
- htop
|
2015-12-20 23:20:51 +00:00
|
|
|
- psmisc
|
|
|
|
- dnsutils
|
2015-12-26 19:25:44 +00:00
|
|
|
- ntp
|
2018-07-03 21:10:50 +00:00
|
|
|
- libnl-genl-3-dev
|
|
|
|
- virtualenv
|
2019-01-20 19:48:00 +00:00
|
|
|
- batman-adv
|
|
|
|
- batctl
|
2015-11-28 14:25:29 +00:00
|
|
|
modules_required:
|
|
|
|
- batman-adv
|
|
|
|
- nf_conntrack_netlink
|
|
|
|
- nf_conntrack
|
|
|
|
- nfnetlink
|
|
|
|
- l2tp_netlink
|
|
|
|
- l2tp_core
|
|
|
|
- l2tp_eth
|
|
|
|
tunneldigger_scripts:
|
|
|
|
- start-broker.sh
|
2016-05-18 18:27:11 +00:00
|
|
|
- start-broker-backup.sh
|
2015-11-28 14:25:29 +00:00
|
|
|
- batdelif.sh
|
|
|
|
tunneldigger_service:
|
|
|
|
- tunneldigger.service
|
2016-05-18 18:27:11 +00:00
|
|
|
- tunneldigger-backup.service
|
2016-05-20 19:58:25 +00:00
|
|
|
broker_cfg:
|
2016-05-28 13:47:29 +00:00
|
|
|
- l2tp_broker-backup.cfg
|
|
|
|
- l2tp_broker.cfg
|
|
|
|
# bind_zone_fftdf:
|
|
|
|
# - named.conf.fftdf
|
2019-01-20 19:48:00 +00:00
|
|
|
# check_gw_script:
|
|
|
|
# - keepalive.sh
|
2015-11-28 14:25:29 +00:00
|
|
|
authorized_keys:
|
|
|
|
- authorized_keys
|
2015-12-06 20:41:30 +00:00
|
|
|
logrotate_config:
|
|
|
|
- logrotate.conf
|
2019-01-20 19:48:00 +00:00
|
|
|
# supernode_config:
|
|
|
|
# - supernode.mode
|
|
|
|
# - loadbalancing.mode
|
2015-11-28 14:25:29 +00:00
|
|
|
|
|
|
|
tasks:
|
|
|
|
- name: Remove cdrom in sources.list
|
|
|
|
raw: "sed -i '/deb cdrom/c\\#' /etc/apt/sources.list"
|
|
|
|
- name: Make this server ansible compatible
|
2019-01-20 19:48:00 +00:00
|
|
|
raw: "apt-get update && apt-get install python apt-transport-https dirmngr -y"
|
|
|
|
- name: Adding Freifuck GPG Key
|
|
|
|
raw: "apt-key adv --keyserver keyserver.ubuntu.com --recv-keys B2522557E6AB9BF5"
|
|
|
|
# apt_key:
|
|
|
|
# id: B2522557E6AB9BF5
|
|
|
|
# url: https://keyserver.ubuntu.com
|
|
|
|
# url: https://pool.sks-keyservers.net
|
|
|
|
# url: https://sks.pod01.fleetstreetops.com
|
|
|
|
# state: present
|
|
|
|
|
|
|
|
- name: Add backport repo to source list
|
|
|
|
apt_repository: repo='deb https://freifuck.de/debian stretch main' state=present
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Update apt cache
|
|
|
|
apt: update_cache=yes
|
|
|
|
- name: Gathering facts
|
|
|
|
setup:
|
|
|
|
- name: Set IPv4 in hostfile
|
|
|
|
lineinfile: dest=/etc/hosts regexp='^{{ ansible_default_ipv4.address }}' line='{{ ansible_default_ipv4.address }} {{ sn_hostname }}.{{ sn_fqdn }} {{ sn_hostname }}' owner=root group=root mode=0644 state=present
|
|
|
|
- name: Set IPv6 in hostfile
|
|
|
|
lineinfile: dest=/etc/hosts regexp='^{{ ansible_default_ipv6.address }}' line='{{ ansible_default_ipv6.address }} {{ sn_hostname }}.{{ sn_fqdn }} {{ sn_hostname }}' owner=root group=root mode=0644 state=present
|
|
|
|
when: ansible_default_ipv6.address is defined
|
|
|
|
- name: set hostname
|
|
|
|
hostname: name='{{ sn_hostname }}'
|
2015-12-03 21:01:23 +00:00
|
|
|
register: sethostname
|
2015-11-29 21:34:32 +00:00
|
|
|
- name: disable multi CPU Kernel (SMP)
|
|
|
|
lineinfile: dest=/etc/default/grub regexp='^GRUB_CMDLINE_LINUX_DEFAULT=' line='GRUB_CMDLINE_LINUX_DEFAULT="quiet maxcpus=0 nosmp"' state=present
|
|
|
|
register: grubnosmp
|
|
|
|
- name: Update grub
|
|
|
|
shell: update-grub2
|
|
|
|
when: grubnosmp.changed
|
2015-12-13 13:03:42 +00:00
|
|
|
- name: Reboot the server
|
2019-01-20 19:48:00 +00:00
|
|
|
shell: sleep 2 && shutdown -r now "Ansible updates triggered, no SMP"
|
2015-12-13 13:03:42 +00:00
|
|
|
async: 1
|
|
|
|
poll: 0
|
|
|
|
ignore_errors: true
|
|
|
|
when: sethostname.changed
|
2016-01-09 18:50:44 +00:00
|
|
|
- name: waiting for server to come back (1st)
|
2015-11-28 14:25:29 +00:00
|
|
|
local_action:
|
|
|
|
wait_for
|
|
|
|
host={{ inventory_hostname }}
|
|
|
|
port=22
|
2016-01-09 18:50:44 +00:00
|
|
|
delay=20
|
2015-11-28 14:25:29 +00:00
|
|
|
timeout=300
|
|
|
|
when: hosts.changed
|
2015-12-03 21:01:23 +00:00
|
|
|
when: sethostname.changed
|
2019-01-20 19:48:00 +00:00
|
|
|
# - apt: update_cache=yes
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Install common required packages
|
2019-01-20 19:48:00 +00:00
|
|
|
apt:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: present
|
|
|
|
update_cache: yes
|
|
|
|
with_items: "{{ common_required_packages }}"
|
2015-12-13 12:33:33 +00:00
|
|
|
register: aptupdates
|
2015-12-26 19:25:44 +00:00
|
|
|
- name: Set clock
|
2015-12-26 22:14:54 +00:00
|
|
|
shell: /etc/init.d/ntp stop && /usr/sbin/ntpd -q -g && /etc/init.d/ntp start
|
2018-07-03 21:10:50 +00:00
|
|
|
# - name: Add modules
|
|
|
|
# lineinfile: dest=/etc/modules line={{ item }}
|
|
|
|
# with_items: modules_required
|
|
|
|
# register: modules_req
|
|
|
|
# - name: Load modules
|
|
|
|
# modprobe: name={{ item }}
|
|
|
|
# with_items: modules_required
|
|
|
|
# when: modules_req.changed
|
2019-01-20 19:48:00 +00:00
|
|
|
# - name: Install Linux headers
|
|
|
|
# shell: >
|
|
|
|
# apt-get install linux-headers-$(uname -r) -y
|
|
|
|
# when: aptupdates.changed
|
|
|
|
# - name: Get batman-adv
|
|
|
|
# git: repo=https://git.open-mesh.org/batman-adv.git
|
|
|
|
# dest=/tmp/batman-adv
|
|
|
|
# when: aptupdates.changed
|
|
|
|
# register: getbatman
|
2016-05-28 13:47:29 +00:00
|
|
|
# - name: Get batman-adv no rebrotcast patch
|
|
|
|
# get_url: url=http://map.freifunk-moehne.de/stuff/1001-batman-adv-introduce-no_rebroadcast-option.patch dest=/tmp/batman-adv/1001-batman-adv-introduce-no_rebroadcast-option.patch
|
|
|
|
# when: getbatman.changed
|
2019-01-20 19:48:00 +00:00
|
|
|
# - name: Install batman-adv
|
|
|
|
# shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && make && make install
|
2016-05-28 13:47:29 +00:00
|
|
|
# shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && git apply 1001-batman-adv-introduce-no_rebroadcast-option.patch && make && make install
|
2019-01-20 19:48:00 +00:00
|
|
|
# when: getbatman.changed
|
|
|
|
# - name: Get batctl
|
|
|
|
# git: repo=http://git.open-mesh.org/batctl.git
|
|
|
|
# dest=/tmp/batctl
|
|
|
|
# when: aptupdates.changed
|
|
|
|
# register: getbatctl
|
|
|
|
# - name: Install batctl
|
|
|
|
# shell: cd /tmp/batctl && git checkout {{ batmanversion }} && make && make install
|
|
|
|
# when: getbatctl.changed
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Get Tunneldigger
|
2019-01-20 19:48:00 +00:00
|
|
|
git: repo=https://github.com/Freifunk-Troisdorf/tunneldigger.git dest=/srv/tunneldigger
|
|
|
|
# git: repo=https://github.com/wlanslovenija/tunneldigger.git dest=/srv/tunneldigger version=v0.3.0
|
|
|
|
# git: repo=https://github.com/ffrl/tunneldigger.git dest=/srv/tunneldigger
|
|
|
|
# version: release-0.22
|
2015-11-28 14:25:29 +00:00
|
|
|
register: tunneldigger
|
2015-12-13 12:33:33 +00:00
|
|
|
when: aptupdates.changed
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Configure tunneldigger
|
|
|
|
command: "{{item}}"
|
|
|
|
with_items:
|
2019-01-20 19:48:00 +00:00
|
|
|
# - virtualenv /srv/tunneldigger/ -p python2.7
|
|
|
|
- virtualenv /srv/tunneldigger/
|
2015-11-28 14:25:29 +00:00
|
|
|
when: tunneldigger.changed
|
|
|
|
- name: Tunneldigger requirements
|
|
|
|
pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/
|
|
|
|
when: tunneldigger.changed
|
|
|
|
- name: Copy l2tp broker config template
|
2016-05-28 13:47:29 +00:00
|
|
|
template: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0444
|
2019-01-20 19:48:00 +00:00
|
|
|
with_items: "{{ broker_cfg }}"
|
2015-11-28 14:25:29 +00:00
|
|
|
when: tunneldigger.changed
|
|
|
|
- name: Copy tunneldigger script template
|
|
|
|
template: src=./files/bataddif.sh.j2 dest=/srv/tunneldigger/bataddif.sh owner=root group=root mode=0500
|
|
|
|
when: tunneldigger.changed
|
|
|
|
- name: Copy tunneldigger scripts
|
|
|
|
copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500
|
2019-01-20 19:48:00 +00:00
|
|
|
with_items: "{{ tunneldigger_scripts }}"
|
2015-11-28 14:25:29 +00:00
|
|
|
when: tunneldigger.changed
|
2016-05-28 13:47:29 +00:00
|
|
|
- name: Copy tunneldigger service template
|
|
|
|
copy: src=./files/{{ item }} dest=/etc/systemd/system owner=root group=root mode=0444
|
2019-01-20 19:48:00 +00:00
|
|
|
with_items: "{{ tunneldigger_service }}"
|
2015-11-28 14:25:29 +00:00
|
|
|
when: tunneldigger.changed
|
2018-07-03 21:10:50 +00:00
|
|
|
##########
|
|
|
|
- name: Add modules
|
|
|
|
lineinfile: dest=/etc/modules line={{ item }}
|
2019-01-20 19:48:00 +00:00
|
|
|
with_items: "{{ modules_required }}"
|
2018-07-03 21:10:50 +00:00
|
|
|
register: modules_req
|
2019-01-20 19:48:00 +00:00
|
|
|
# - name: Load modules
|
|
|
|
# modprobe: name= "{{ item }}"
|
|
|
|
# with_items: "{{ modules_required }}"
|
|
|
|
# when: modules_req.changed
|
2018-07-03 21:10:50 +00:00
|
|
|
#########
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Tunneldigger reload
|
|
|
|
command: "{{item}}"
|
|
|
|
with_items:
|
|
|
|
- systemctl daemon-reload
|
|
|
|
- systemctl enable tunneldigger.service
|
2016-05-28 13:47:29 +00:00
|
|
|
- systemctl enable tunneldigger-backup.service
|
2015-11-28 14:25:29 +00:00
|
|
|
when: tunneldigger.changed
|
2015-12-06 20:41:30 +00:00
|
|
|
- name: Copy logrotate config
|
|
|
|
copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500
|
2019-01-20 19:48:00 +00:00
|
|
|
with_items: "{{logrotate_config}}"
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Create freifunk directory
|
|
|
|
file: path=/opt/freifunk state=directory mode=0755
|
2019-01-20 19:48:00 +00:00
|
|
|
# - name: Create keepalive directory
|
|
|
|
# file: path=/etc/supernode-status state=directory mode=0755
|
|
|
|
# - name: Create supernode config files
|
|
|
|
# file: path=/etc/supernode-status/{{ item }} state=touch owner=root group=root mode=0644
|
|
|
|
# with_items: supernode_config
|
|
|
|
# - name: Supernode set default mode
|
|
|
|
# lineinfile: dest=/etc/supernode-status/{{ item }} regexp=^0 line=0
|
|
|
|
# with_items: supernode_config
|
|
|
|
# - name: Check gateway / keepalive script supernode
|
|
|
|
# copy: src=./files/{{ item }} dest=/opt/freifunk owner=root group=root mode=0500
|
|
|
|
# with_items: check_gw_script
|
|
|
|
# register: check_gw
|
|
|
|
# when: sn_exit is undefined
|
|
|
|
# - name: Check gateway / keepalive script super- and exitnode
|
|
|
|
# template: src=./files/keepalive.exit.sh.j2 dest=/opt/freifunk/keepalive.sh owner=root group=root mode=0500
|
|
|
|
# register: check_gw
|
|
|
|
# when: sn_exit is defined
|
|
|
|
# - name: Add cron job with check gateway script
|
|
|
|
# cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root"
|
|
|
|
# when: check_gw.changed
|
|
|
|
# - name: Supernode Config script super- and exitnode
|
|
|
|
# copy: src=./files/supernode dest=/usr/bin/supernode owner=root group=root mode=0500
|
|
|
|
# when: sn_exit is defined
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Copy dhcpd template file
|
|
|
|
template: src=./files/dhcpd.conf.j2 dest=/etc/dhcp/dhcpd.conf owner=root group=root mode=0444
|
2015-12-22 19:30:16 +00:00
|
|
|
register: dhcpd
|
2015-12-26 19:25:44 +00:00
|
|
|
- name: Clone static DHCP config
|
|
|
|
git: repo=https://github.com/Freifunk-Troisdorf/static-dhcp
|
|
|
|
dest=/opt/freifunk/static-dhcp
|
|
|
|
when: dhcpd.changed
|
|
|
|
- name: Add cron static DHCP
|
|
|
|
cron: name=StaticDHCP minute="*" job="/opt/freifunk/static-dhcp/dhcp-update.sh"
|
|
|
|
when: dhcpd.changed
|
2015-12-22 19:30:16 +00:00
|
|
|
- name: Restart dhcpd
|
|
|
|
service: name=isc-dhcp-server state=restarted
|
|
|
|
when: dhcpd.changed
|
2015-12-22 20:42:07 +00:00
|
|
|
ignore_errors: yes
|
2015-12-03 21:01:23 +00:00
|
|
|
- name: Add cron backbone script
|
2015-12-20 23:20:51 +00:00
|
|
|
cron: name=backbone special_time=reboot job="/opt/freifunk/l2tp_backbone.sh"
|
2015-12-03 21:01:23 +00:00
|
|
|
- name: Add cron startup script
|
|
|
|
cron: name=startup special_time=reboot job="/opt/freifunk/sn_startup.sh"
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Copy backbone script
|
2015-12-20 23:20:51 +00:00
|
|
|
template: src=./files/l2tp_backbone.sh.j2 dest=/opt/freifunk/l2tp_backbone.sh owner=root group=root mode=0544
|
2016-01-09 18:50:44 +00:00
|
|
|
when: sn_exit is undefined
|
|
|
|
- name: Copy backbone script
|
|
|
|
template: src=./files/l2tp_backbone.sh.exit.j2 dest=/opt/freifunk/l2tp_backbone.sh owner=root group=root mode=0544
|
|
|
|
when: sn_exit is defined
|
2019-01-20 19:48:00 +00:00
|
|
|
# - name: Collectd template file
|
|
|
|
# template: src=./files/collectd.conf.j2 dest=/etc/collectd/collectd.conf owner=root group=root mode=0444
|
|
|
|
# register: collectd
|
|
|
|
# - name: Restart collectd
|
|
|
|
# service: name=collectd state=restarted
|
|
|
|
# when: collectd.changed
|
2016-01-27 16:33:47 +00:00
|
|
|
- name: configure startup script supernode
|
2015-12-03 21:01:23 +00:00
|
|
|
template: src=./files/sn_startup.sh.j2 dest=/opt/freifunk/sn_startup.sh owner=root group=root mode=0500
|
2016-01-09 18:50:44 +00:00
|
|
|
when: sn_exit is undefined
|
2016-01-27 16:33:47 +00:00
|
|
|
- name: Exit node startup script super- and exitnode
|
|
|
|
template: src=./files/sn_startup.exit.sh.j2 dest=/opt/freifunk/sn_startup.sh owner=root group=root mode=0500
|
|
|
|
when: sn_exit is defined
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: SSH authorized_keys
|
|
|
|
copy: src=./files/{{ item }} dest=/root/.ssh owner=root group=root mode=0400
|
2019-01-20 19:48:00 +00:00
|
|
|
with_items: "{{ authorized_keys }}"
|
2015-11-29 21:34:32 +00:00
|
|
|
- name: Bind9, activate fftdf zone
|
2016-05-28 10:26:12 +00:00
|
|
|
lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/fftdf/fftdf.conf";' state=present
|
2015-11-29 21:34:32 +00:00
|
|
|
- name: Copy option template
|
|
|
|
template: src=./files/named.conf.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=644
|
2016-05-28 10:26:12 +00:00
|
|
|
- name: Create fftdf directory
|
|
|
|
file: path=/etc/bind/fftdf state=directory
|
|
|
|
- name: Copy FFTDF Zones
|
|
|
|
copy: src=./files/fftdf/{{ item }} dest=/etc/bind/fftdf/{{ item }} owner=root group=bind mode=644
|
|
|
|
with_items:
|
|
|
|
- fftdf.conf
|
2016-05-29 10:24:33 +00:00
|
|
|
- name: Copy fftdf Zone config template
|
|
|
|
template: src=./files/fftdf/db.fftdf.j2 dest=/etc/bind/fftdf/db.fftdf owner=radvd group=root mode=0444
|
2015-12-13 12:33:33 +00:00
|
|
|
- name: Copy radvd config template
|
|
|
|
template: src=./files/radvd.conf.j2 dest=/etc/radvd.conf owner=radvd group=root mode=0444
|
2016-01-09 18:50:44 +00:00
|
|
|
- name: Interface configuration with ffrl gre tunnel
|
|
|
|
copy: src=./files/interfaces-{{ sn_hostname }} dest=/etc/network/interfaces owner=root group=root mode=0544
|
|
|
|
when: sn_exit is defined
|
|
|
|
- apt: update_cache=yes
|
|
|
|
- name: Install bird
|
2019-01-20 19:48:00 +00:00
|
|
|
apt: state=present pkg=bird
|
2016-01-09 18:50:44 +00:00
|
|
|
when: sn_exit is defined
|
|
|
|
- name: Bird configuration
|
|
|
|
copy: src=./files/bird-{{ sn_hostname }}.conf dest=/etc/bird/bird.conf owner=bird group=bird mode=0444
|
|
|
|
when: sn_exit is defined
|
|
|
|
- name: Bird configuration
|
|
|
|
copy: src=./files/bird6-{{ sn_hostname }}.conf dest=/etc/bird/bird6.conf owner=bird group=bird mode=0444
|
|
|
|
when: sn_exit is defined
|
2019-01-20 19:48:00 +00:00
|
|
|
# - name: Get speedtest-cli
|
|
|
|
# get_url: url=https://raw.githubusercontent.com/MightySCollins/speedtest-cli/master/speedtest_cli.py dest=/usr/bin/speedtest-cli
|
|
|
|
# - name: Change rights speedtest-cli
|
|
|
|
# file: path=/usr/bin/speedtest-cli owner=root group=root mode=0755
|
2016-06-04 16:52:43 +00:00
|
|
|
- name: Copy Slacktee Config
|
|
|
|
template: src=./files/slacktee.conf.j2 dest=/etc/slacktee.conf owner=root group=root mode=0544
|
|
|
|
- name: Copy Slacktee
|
|
|
|
copy: src=./files/slacktee.sh dest=/usr/local/bin/slacktee.sh owner=root group=root mode=0744
|
2016-03-06 00:55:12 +00:00
|
|
|
- name: set netfilter rules
|
2019-01-20 19:48:00 +00:00
|
|
|
lineinfile:
|
|
|
|
dest: /etc/sysctl.conf
|
|
|
|
line: "{{ item }}"
|
2016-03-06 00:55:12 +00:00
|
|
|
with_items:
|
2016-03-06 11:52:37 +00:00
|
|
|
- net.ipv4.netfilter.ip_conntrack_generic_timeout = 240
|
|
|
|
- net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 54000
|
2016-04-21 19:58:38 +00:00
|
|
|
- net.netfilter.nf_conntrack_max = 65536
|
2016-03-06 11:52:37 +00:00
|
|
|
- name: check modprobe.conf
|
|
|
|
stat: path=/etc/modprobe.conf
|
|
|
|
register: modprobe1
|
|
|
|
- name: create /etc/modprobe.conf when not present
|
|
|
|
file: path=/etc/modprobe.conf state=touch owner=root group=root mode=0544
|
|
|
|
when: modprobe1.stat.exists == False
|
|
|
|
- name: check /etc/modprobe.conf
|
|
|
|
lineinfile: dest=/etc/modprobe.conf line="options ip_conntrack hashsize=65536"
|
2019-01-20 19:48:00 +00:00
|
|
|
- name: Change root password
|
|
|
|
user:
|
|
|
|
name: root
|
|
|
|
password: "{{ sn_rootpasswd }}"
|
|
|
|
- name: Logrotate rights
|
|
|
|
file: path=/etc/logrotate.conf mode=0644 owner=root group=root
|
|
|
|
- name: Wirte version information
|
|
|
|
shell: touch /etc/sn_version && echo {{ snversion }} > /etc/sn_version
|
2015-11-28 14:25:29 +00:00
|
|
|
- name: Reboot the server finally
|
|
|
|
shell: sleep 2 && shutdown -r now "Ansible updates triggered"
|
|
|
|
async: 1
|
|
|
|
poll: 0
|
|
|
|
ignore_errors: true
|
|
|
|
when: tunneldigger.changed
|
|
|
|
- name: waiting for server to come back
|
|
|
|
local_action:
|
|
|
|
wait_for
|
|
|
|
host={{ inventory_hostname }}
|
|
|
|
port=22
|
2016-01-09 18:50:44 +00:00
|
|
|
delay=20
|
2015-11-28 14:25:29 +00:00
|
|
|
timeout=300
|
|
|
|
when: tunneldigger.changed
|
2015-12-17 10:23:51 +00:00
|
|
|
- name: Send notification message via Slack
|
|
|
|
local_action:
|
|
|
|
module: slack
|
|
|
|
token: "{{ slack_token }}"
|
2015-12-20 23:20:51 +00:00
|
|
|
msg: "{{ inventory_hostname }} completed with {{ snversion }}"
|
2015-12-17 10:23:51 +00:00
|
|
|
channel: "#technik"
|
|
|
|
username: "Ansible on {{ inventory_hostname }}"
|
2016-05-29 10:24:33 +00:00
|
|
|
parse: 'none'
|
2019-01-20 19:48:00 +00:00
|
|
|
|