diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/ansible_tower/tasks/main.yaml | 6 | ||||
-rw-r--r-- | roles/yum_repo/README.md | 34 | ||||
-rw-r--r-- | roles/yum_repo/defaults/main.yml | 5 | ||||
-rw-r--r-- | roles/yum_repo/handlers/main.yml | 2 | ||||
-rw-r--r-- | roles/yum_repo/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/yum_repo/templates/yumrepo.j2 | 5 | ||||
-rw-r--r-- | roles/yum_repo/vars/main.yml | 2 | ||||
-rw-r--r-- | roles/yum_repos/README.md | 113 | ||||
-rw-r--r-- | roles/yum_repos/defaults/main.yml | 3 | ||||
-rw-r--r-- | roles/yum_repos/meta/main.yml (renamed from roles/yum_repo/meta/main.yml) | 4 | ||||
-rw-r--r-- | roles/yum_repos/tasks/main.yml | 47 | ||||
-rw-r--r-- | roles/yum_repos/templates/yumrepo.j2 | 18 |
12 files changed, 189 insertions, 58 deletions
diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index f58a5b1c2..e9bde9478 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -25,3 +25,9 @@ - name: Open firewalld port for https firewalld: port=8080/tcp permanent=true state=enabled +- name: Set (httpd_can_network_connect) flag on and keep it persistent across reboots + seboolean: name=httpd_can_network_connect state=yes persistent=yes + +- name: Set (httpd_can_network_connect_db) flag on and keep it persistent across reboots + seboolean: name=httpd_can_network_connect_db state=yes persistent=yes + diff --git a/roles/yum_repo/README.md b/roles/yum_repo/README.md deleted file mode 100644 index 7f6a615cb..000000000 --- a/roles/yum_repo/README.md +++ /dev/null @@ -1,34 +0,0 @@ -Role Name -========= - -This role allows easy deployment of yum repository config files. - -Requirements ------------- - -Yum - -Role Variables --------------- - -Dependencies ------------- - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -ASL 2.0 - -Author Information ------------------- - -openshift online operations diff --git a/roles/yum_repo/defaults/main.yml b/roles/yum_repo/defaults/main.yml deleted file mode 100644 index 95e78af69..000000000 --- a/roles/yum_repo/defaults/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# defaults file for yum-repo -repo_enabled: "1" -repo_gpg_check: "1" - diff --git a/roles/yum_repo/handlers/main.yml b/roles/yum_repo/handlers/main.yml deleted file mode 100644 index a48c89ac2..000000000 --- a/roles/yum_repo/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for yum-repo diff --git a/roles/yum_repo/tasks/main.yml b/roles/yum_repo/tasks/main.yml deleted file mode 100644 index a56d1f133..000000000 --- a/roles/yum_repo/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# tasks file for yum-repo - -- name: Installing yum-repo template - template: - src: yumrepo.j2 - dest: /etc/yum.repos.d/{{ repo_tag }}.repo - diff --git a/roles/yum_repo/templates/yumrepo.j2 b/roles/yum_repo/templates/yumrepo.j2 deleted file mode 100644 index b06a6f41a..000000000 --- a/roles/yum_repo/templates/yumrepo.j2 +++ /dev/null @@ -1,5 +0,0 @@ -[{{ repo_tag }}] -name={{ repo_name }} -baseurl={{ repo_baseurl }} -enabled={{ repo_enabled }} -gpg_check={{ repo_gpg_check }} diff --git a/roles/yum_repo/vars/main.yml b/roles/yum_repo/vars/main.yml deleted file mode 100644 index 48182ac8e..000000000 --- a/roles/yum_repo/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for yum-repo diff --git a/roles/yum_repos/README.md b/roles/yum_repos/README.md new file mode 100644 index 000000000..51ecd5d34 --- /dev/null +++ b/roles/yum_repos/README.md @@ -0,0 +1,113 @@ +Yum Repos +========= + +This role allows easy deployment of yum repository config files. + +Requirements +------------ + +Yum + +Role Variables +-------------- + +| Name | Default value | | +|-------------------|---------------|--------------------------------------------| +| repo_files | None | | +| repo_enabled | 1 | Should repos be enabled by default | +| repo_gpgcheck | 1 | Should repo gpgcheck be enabled by default | + +Dependencies +------------ + +Example Playbook +---------------- + +A single repo file containing a single repo: + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_repo + repos: + - id: my_repo + name: My Awesome Repo + baseurl: https://my.awesome.repo/is/available/here + skip_if_unavailable: yes + gpgkey: https://my.awesome.repo/pubkey.gpg + +A single repo file containing a single repo, disabling gpgcheck + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_other_repo + repos: + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + gpgcheck: no + +A single repo file containing a single disabled repo + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_other_repo + repos: + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + enabled: no + +A single repo file containing multiple repos + - hosts: servers + roles: + - role: yum_repos + repo_files: + id: my_repos + repos: + - id: my_repo + name: My Awesome Repo + baseurl: https://my.awesome.repo/is/available/here + gpgkey: https://my.awesome.repo/pubkey.gpg + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + gpgkey: https://my.other.awesome.repo/pubkey.gpg + +Multiple repo files containing multiple repos + - hosts: servers + roles: + - role: yum_repos + repo_files: + - id: my_repos + repos: + - id: my_repo + name: My Awesome Repo + baseurl: https://my.awesome.repo/is/available/here + gpgkey: https://my.awesome.repo/pubkey.gpg + - id: my_other_repo + name: My Other Awesome Repo + baseurl: https://my.other.awesome.repo/is/available/here + gpgkey: https://my.other.awesome.repo/pubkey.gpg + - id: joes_repos + repos: + - id: joes_repo + name: Joe's Less Awesome Repo + baseurl: https://joes.repo/is/here + gpgkey: https://joes.repo/pubkey.gpg + - id: joes_otherrepo + name: Joe's Other Less Awesome Repo + baseurl: https://joes.repo/is/there + gpgkey: https://joes.repo/pubkey.gpg + +License +------- + +ASL 2.0 + +Author Information +------------------ + +openshift online operations diff --git a/roles/yum_repos/defaults/main.yml b/roles/yum_repos/defaults/main.yml new file mode 100644 index 000000000..515fb7a4a --- /dev/null +++ b/roles/yum_repos/defaults/main.yml @@ -0,0 +1,3 @@ +--- +repo_enabled: 1 +repo_gpgcheck: 1 diff --git a/roles/yum_repo/meta/main.yml b/roles/yum_repos/meta/main.yml index e0b53ce7f..6b8374da9 100644 --- a/roles/yum_repo/meta/main.yml +++ b/roles/yum_repos/meta/main.yml @@ -1,8 +1,8 @@ --- galaxy_info: author: openshift operations - description: - company: RedHat + description: + company: Red Hat, Inc. license: ASL 2.0 min_ansible_version: 1.2 dependencies: [] diff --git a/roles/yum_repos/tasks/main.yml b/roles/yum_repos/tasks/main.yml new file mode 100644 index 000000000..a9903c6c6 --- /dev/null +++ b/roles/yum_repos/tasks/main.yml @@ -0,0 +1,47 @@ +--- +# Convert old params to new params +- set_fact: + repo_files: + - id: "{{ repo_tag }}" + repos: + - id: "{{ repo_tag }}" + name: "{{ repo_name }}" + baseurl: "{{ repo_baseurl }}" + enabled: "{{ repo_enabled }}" + gpgcheck: "{{ repo_gpg_check | default(repo_gpgcheck) }}" + sslverify: "{{ repo_sslverify | default(None) }}" + sslclientcert: "{{ repo_sslclientcert | default(None) }}" + sslclientkey: "{{ repo_sslclientkey | default(None) }}" + gpgkey: "{{ repo_gpgkey | default(None) }}" + when: repo_files is not defined + +- name: Verify repo_files is a list + assert: + that: + - repo_files is iterable and repo_files is not string and repo_files is not mapping + +- name: Verify repo_files items have an id and a repos list + assert: + that: + - item is mapping + - "'id' in item" + - "'repos' in item" + - item.repos is iterable and item.repos is not string and item.repos is not mapping + with_items: repo_files + +- name: Verify that repo_files.repos have the required keys + assert: + that: + - item.1 is mapping + - "'id' in item.1" + - "'name' in item.1" + - "'baseurl' in item.1" + with_subelements: + - repo_files + - repos + +- name: Installing yum-repo template + template: + src: yumrepo.j2 + dest: /etc/yum.repos.d/{{ item.id }}.repo + with_items: repo_files diff --git a/roles/yum_repos/templates/yumrepo.j2 b/roles/yum_repos/templates/yumrepo.j2 new file mode 100644 index 000000000..0dfdbfe43 --- /dev/null +++ b/roles/yum_repos/templates/yumrepo.j2 @@ -0,0 +1,18 @@ +{% set repos = item.repos %} +{% for repo in repos %} +[{{ repo.id }}] +name={{ repo.name }} +baseurl={{ repo.baseurl }} +{% set repo_enabled_value = repo.enabled | default(repo_enabled) %} +{% set enable_repo = 1 if (repo_enabled_value | int(0) == 1 or repo_enabled_value | lower in ['true', 'yes']) else 0 %} +enabled={{ enable_repo }} +{% set repo_gpgcheck_value = repo.gpgcheck | default(repo_gpgcheck) %} +{% set enable_gpgcheck = 1 if (repo_gpgcheck_value | int(0) == 1 or repo_gpgcheck_value | lower in ['true', 'yes']) else 0 %} +gpgcheck={{ enable_gpgcheck }} +{% for key, value in repo.iteritems() %} +{% if key not in ['id', 'name', 'baseurl', 'enabled', 'gpgcheck'] and value is defined and value != '' %} +{{ key }}={{ value }} +{% endif %} +{% endfor %} + +{% endfor %} |