mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-04-28 12:32:50 +08:00
5deea2c323
We do need it. Just due to compose issue we need to manually install it for now.
This reverts commit 87cf148af4.
98 lines
2.5 KiB
YAML
98 lines
2.5 KiB
YAML
---
|
|
#
|
|
# This task sets up fasClient on a machine.
|
|
# It installs the fas-clients package, then the /etc/fas.conf and finally a cron job update.
|
|
#
|
|
|
|
#
|
|
# fas-clients is in the infrastructure repo.
|
|
# nss_db is needed to store user/group info.
|
|
#
|
|
- name: install package needed for fas-client (yum)
|
|
package: state=present name={{ item }}
|
|
with_items:
|
|
- fas-clients
|
|
- cronie
|
|
tags:
|
|
- packages
|
|
- fas_client
|
|
when: ansible_cmdline.ostree is not defined
|
|
|
|
- name: install nss_db on rhel or fedora 25 or greater hosts only
|
|
package: state=present name=nss_db
|
|
when: ansible_distribution_major_version|int == 6 or ansible_distribution_major_version|int > 24
|
|
tags:
|
|
- packages
|
|
- fas_client
|
|
|
|
#
|
|
# setup /etc/nsswitch.conf to use nssdb
|
|
#
|
|
- name: setup /etc/nsswitch.conf for client use
|
|
copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=0644
|
|
tags:
|
|
- config
|
|
- fas_client
|
|
|
|
#
|
|
# fasClients needs a valid /etc/fas.conf.
|
|
# There's vars used in this template:
|
|
#
|
|
# fas_client_groups = "sysadmin-main"
|
|
# fas_client_restricted_app = ""
|
|
# fas_client_admin_app = ""
|
|
# fas_client_ssh_groups = ""
|
|
#
|
|
# if desired, set them on a per host/group basis.
|
|
#
|
|
# Currently the default template is used, but could be modified on a host basis.
|
|
#
|
|
- name: setup /etc/fas.conf for client use
|
|
template: src={{ item }} dest=/etc/fas.conf owner=root mode=0600
|
|
with_first_found:
|
|
- ../templates/{{ inventory_hostname }}.fas.conf.j2
|
|
- ../templates/{{ ansible_hostname }}.fas.conf.j2
|
|
- ../templates/{{ ansible_hostname }}.fas.conf.j2
|
|
- ../templates/fas.conf.j2
|
|
tags:
|
|
- config
|
|
- fas_client
|
|
notify:
|
|
- run fasclient
|
|
|
|
#
|
|
# setup /etc/cron.d/ file to run sync every 10min
|
|
# TODO: use cron module when it's fixed
|
|
#
|
|
#- name: fas_client cron job
|
|
# cron: name="fas client" user=root cron_file=fas-client minute="*/10" job="/usr/bin/fasClient -i"
|
|
# tags:
|
|
# - config
|
|
|
|
- name: fas_client cron job
|
|
copy: src=fas-client.cron dest=/etc/cron.d/fas-client owner=root mode=0644
|
|
tags:
|
|
- config
|
|
- fas_client
|
|
|
|
- name: fas_client_aliases cron job
|
|
copy: src=fas-client-aliases.cron dest=/etc/cron.d/fas-client-aliases owner=root mode=0644
|
|
tags:
|
|
- config
|
|
- fas_client
|
|
when: fas_aliases is defined
|
|
|
|
- name: fas_client_aliases template
|
|
copy: src=aliases.template dest=/etc/aliases.template owner=root mode=0644
|
|
tags:
|
|
- config
|
|
- fas_client
|
|
when: fas_aliases is defined
|
|
|
|
- name: run fas_client only if we just installed
|
|
command: fasClient -if creates=/var/db/shadow.db
|
|
tags:
|
|
- config
|
|
- fas_client
|
|
when: not inventory_hostname.startswith('fas')
|