7466aaec57
It looks like the `aio` scenario was renamed to `aio_lxc`, however there are still a few references to `aio`. This commit updates those references to `aio_lxc`. Change-Id: Ia080bc4f979cc9b29ea645725d25442edbb73668
78 lines
2.6 KiB
YAML
78 lines
2.6 KiB
YAML
---
|
|
# Copyright 2015, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Bootstrap the All-In-One (AIO)
|
|
hosts: localhost
|
|
gather_facts: True
|
|
user: root
|
|
roles:
|
|
- role: "sshd"
|
|
- role: "pip_install"
|
|
- role: "bootstrap-host"
|
|
vars:
|
|
ansible_python_interpreter: "/usr/bin/python"
|
|
bootstrap_host_scenario: "{{ lookup('env','SCENARIO') | default('aio_lxc', true) }}"
|
|
openstack_confd_entries: "{{ confd_overrides[bootstrap_host_scenario] }}"
|
|
pip_install_upper_constraints_proto: "{{ ansible_python_version | version_compare('2.7.9', '>=') | ternary('https','http') }}"
|
|
sftp_subsystem:
|
|
'apt': 'sftp /usr/lib/openssh/sftp-server'
|
|
'yum': 'sftp /usr/libexec/openssh/sftp-server'
|
|
'zypper': 'sftp /usr/lib/ssh/sftp-server'
|
|
sshd:
|
|
ListenAddress:
|
|
- 0.0.0.0
|
|
- '::'
|
|
Port: 22
|
|
Protocol: 2
|
|
HostKey:
|
|
- "/etc/ssh/ssh_host_rsa_key"
|
|
- "/etc/ssh/ssh_host_ecdsa_key"
|
|
- "/etc/ssh/ssh_host_ed25519_key"
|
|
UsePrivilegeSeparation: yes
|
|
KeyRegenerationInterval: 3600
|
|
ServerKeyBits: 1024
|
|
SyslogFacility: "AUTH"
|
|
LogLevel: "INFO"
|
|
LoginGraceTime: 120
|
|
StrictModes: yes
|
|
RSAAuthentication: yes
|
|
PubkeyAuthentication: yes
|
|
IgnoreRhosts: yes
|
|
RhostsRSAAuthentication: no
|
|
HostbasedAuthentication: no
|
|
PermitEmptyPasswords: no
|
|
PermitRootLogin: yes
|
|
ChallengeResponseAuthentication: no
|
|
PasswordAuthentication: no
|
|
X11DisplayOffset: 10
|
|
PrintMotd: no
|
|
PrintLastLog: no
|
|
TCPKeepAlive: yes
|
|
AcceptEnv: "LANG LC_*"
|
|
Subsystem: "{{ sftp_subsystem[ansible_pkg_mgr] }}"
|
|
UsePAM: yes
|
|
UseDNS: no
|
|
X11Forwarding: no
|
|
Compression: yes
|
|
CompressionLevel: 6
|
|
MaxSessions: 100
|
|
MaxStartups: "100:100:100"
|
|
GSSAPIAuthentication: no
|
|
GSSAPICleanupCredentials: no
|
|
vars_files:
|
|
- "{{ playbook_dir }}/../playbooks/defaults/repo_packages/openstack_services.yml"
|
|
- vars/bootstrap-aio-vars.yml
|
|
environment: "{{ deployment_environment_variables | default({}) }}"
|