Browse Source

Add haveged role to bootstrap

It is helpful to install haveged so we don't run out of entropy.

Change-Id: I6c89b9d618a53f822ae8a9edb0528ac710f19da7
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
changes/64/649764/1
Paul Belanger 3 years ago
parent
commit
54bec263a0
  1. 26
      playbooks/bootstrap/roles/haveged/defaults/main.yaml
  2. 19
      playbooks/bootstrap/roles/haveged/tasks/install.yaml
  3. 18
      playbooks/bootstrap/roles/haveged/tasks/main.yaml
  4. 33
      playbooks/bootstrap/roles/haveged/tasks/service.yaml
  5. 4
      playbooks/bootstrap/site.yaml

26
playbooks/bootstrap/roles/haveged/defaults/main.yaml

@ -0,0 +1,26 @@
# Copyright 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# tasks/main.yaml
haveged_task_manager:
- install
- service
haveged_package_name: haveged
haveged_service_haveged_daemon_reload: true
haveged_service_haveged_enabled: true
haveged_service_haveged_manage: true
haveged_service_haveged_name: haveged
haveged_service_haveged_state: started

19
playbooks/bootstrap/roles/haveged/tasks/install.yaml

@ -0,0 +1,19 @@
# Copyright 2010 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: Install haveged from package
become: true
package:
name: "{{ haveged_package_name }}"
state: present

18
playbooks/bootstrap/roles/haveged/tasks/main.yaml

@ -0,0 +1,18 @@
# Copyright 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- include: "{{ haveged_task }}.yaml"
with_items: "{{ haveged_task_manager }}"
loop_control:
loop_var: haveged_task

33
playbooks/bootstrap/roles/haveged/tasks/service.yaml

@ -0,0 +1,33 @@
# Copyright 2015 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: Enable haveged service
become: true
systemd:
daemon_reload: "{{ haveged_service_haveged_daemon_reload }}"
enabled: "{{ haveged_service_haveged_enabled }}"
name: "{{ haveged_service_haveged_name }}"
register: haveged_service_haveged
when: haveged_service_haveged_manage
- name: Set haveged service state
become: true
systemd:
daemon_reload: "{{ haveged_service_haveged_daemon_reload }}"
name: "{{ haveged_service_haveged_name }}"
state: "{{ haveged_service_haveged_state }}"
register: haveged_service_haveged_state_info
when:
- haveged_service_haveged_manage
- haveged_service_haveged_state in ['reloaded', 'restarted', 'started', 'stopped']

4
playbooks/bootstrap/site.yaml

@ -36,6 +36,10 @@
include_role:
name: swap
- name: Setup haveged role
include_role:
name: haveged
- name: Setup postfix role
include_role:
name: postfix

Loading…
Cancel
Save