system-config/playbooks/roles/openafs-server-config/tasks/main.yaml

78 lines
2.0 KiB
YAML

- name: Install pre-reqs
package:
name: '{{ item }}'
state: present
loop:
- apt-transport-https
- software-properties-common
- name: Ensure server directory
file:
state: directory
path: /etc/openafs/server
owner: root
group: root
mode: 0755
- name: Copy configuration files
copy:
src: '{{ item }}'
dest: '/etc/openafs/server'
owner: root
group: root
mode: 0644
loop:
- CellServDB
- ThisCell
- name: Install rxkad.keytab
shell: 'echo "{{ openafs_server_rxkad_keytab }}" | base64 -d > /etc/openafs/server/rxkad.keytab'
args:
creates: '/etc/openafs/server/rxkad.keytab'
no_log: True
- name: Ensure permissions rxkad.keytab
file:
path: '/etc/openafs/server/rxkad.keytab'
owner: root
group: root
mode: '0400'
# This is generated by aconvert from rxkad.keytab; or if we ever need
# to regenerate everything see asetkey(8) man page, which creates this
# from a keytab. It's used by openafs 1.8 instead of keytabs to
# reduce kerberos library dependencies or some such.
- name: Install KeyfileExt
shell: 'echo "{{ openafs_server_keyfileext }}" | base64 -d > /etc/openafs/server/KeyFileExt'
args:
creates: '/etc/openafs/server/KeyFileExt'
no_log: True
- name: Ensure permissions on KeyFileExt
file:
path: '/etc/openafs/server/KeyFileExt'
owner: root
group: root
mode: '0400'
- name: Install openstackci openafs PPA
apt_repository:
repo: 'ppa:openstack-ci-core/openafs'
- name: Install kernel headers dependency
package:
name:
- linux-headers-{{ ansible_kernel }}
state: present
become: yes
# NOTE(ianw) : Need to do this first and separately so that the
# modules are ready for the openafs server/client package to start.
# Avoid recommends because that drags in the client, which can't start
# without the modules which are building in this step (we do it next)
- name: Install openafs kernel modules
apt:
name: openafs-modules-dkms
state: latest
install_recommends: no