--- # Copyright 2015, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Bootstrap the All-In-One (AIO) hosts: localhost gather_facts: True user: root roles: - role: "sshd" - role: "pip_install" - role: "bootstrap-host" openstack_confd_entries: "{{ confd_overrides[scenario] }}" scenario: "{{ lookup('env','SCENARIO') | default('aio', true) }}" confd_overrides: aio: - name: aodh.yml.aio - name: cinder.yml.aio - name: ceilometer.yml.aio - name: designate.yml.aio - name: glance.yml.aio - name: gnocchi.yml.aio - name: heat.yml.aio - name: horizon.yml.aio - name: keystone.yml.aio - name: neutron.yml.aio - name: nova.yml.aio - name: swift.yml.aio vars: sshd: ListenAddress: - 0.0.0.0 - '::' Port: 22 Protocol: 2 HostKey: - "/etc/ssh/ssh_host_rsa_key" - "/etc/ssh/ssh_host_ecdsa_key" - "/etc/ssh/ssh_host_ed25519_key" UsePrivilegeSeparation: yes KeyRegenerationInterval: 3600 ServerKeyBits: 1024 SyslogFacility: "AUTH" LogLevel: "INFO" LoginGraceTime: 120 StrictModes: yes RSAAuthentication: yes PubkeyAuthentication: yes IgnoreRhosts: yes RhostsRSAAuthentication: no HostbasedAuthentication: no PermitEmptyPasswords: no PermitRootLogin: yes ChallengeResponseAuthentication: no PasswordAuthentication: no X11DisplayOffset: 10 PrintMotd: no PrintLastLog: no TCPKeepAlive: yes AcceptEnv: "LANG LC_*" Subsystem: "sftp /usr/lib/openssh/sftp-server" UsePAM: yes UseDNS: no X11Forwarding: no Compression: yes CompressionLevel: 6 MaxSessions: 100 MaxStartups: "100:100:100"