77 lines
1.8 KiB
YAML
77 lines
1.8 KiB
YAML
---
|
|
- name: Ensure required ansible version
|
|
assert:
|
|
that: ansible_version.major == 2 and ansible_version.minor >= 1
|
|
run_once: true
|
|
|
|
- name: "Wait for all hosts"
|
|
local_action: wait_for host={{ ansible_host | default(access_ip | default(ip)) }} port=22 state=started timeout=30
|
|
become: false
|
|
|
|
# bug from bugs.debian.org/843783
|
|
- name: "Install latest pyopenssl as workaround"
|
|
raw: pip install -U pyopenssl netaddr
|
|
|
|
- name: Gather facts
|
|
setup:
|
|
|
|
- name: Gather local SSH pubkeys
|
|
local_action: shell ssh-add -L
|
|
become: false
|
|
register: ssh_pubkeys
|
|
changed_when: false
|
|
failed_when: false
|
|
|
|
- name: Add SSH pubkey to authorized_keys
|
|
authorized_key:
|
|
user: "{{ ansible_ssh_user }}"
|
|
key: "{{ item }}"
|
|
state: present
|
|
with_items: "{{ ssh_pubkeys.stdout_lines }}"
|
|
when: ssh_pubkeys.rc == 0
|
|
|
|
- include: process_certificates.yml
|
|
when: trust_self_signed_certs|bool
|
|
|
|
- name: Set correct /etc/hosts entry
|
|
register: updated_etc_hosts
|
|
lineinfile:
|
|
dest: /etc/hosts
|
|
regexp: "^(127.0.1.1|{{ ip }})\t.*"
|
|
line: "{{ ip }} {{ inventory_hostname }}"
|
|
insertafter: "^127.0.0.1 localhost"
|
|
state: present
|
|
|
|
- name: Set atop interval
|
|
copy:
|
|
dest: /etc/default/atop
|
|
content: "INTERVAL={{ atop_interval }}"
|
|
mode: 0755
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Ensure required packages are installed
|
|
apt:
|
|
name: "{{ item }}"
|
|
state: latest
|
|
when: ansible_os_family == "Debian"
|
|
with_items:
|
|
- atop
|
|
- dnsutils
|
|
- ntp
|
|
- netcat
|
|
- dbus
|
|
|
|
- name: Set hostname
|
|
hostname:
|
|
name: "{{ inventory_hostname }}"
|
|
|
|
# FIXME(mattymo): Opts are set too late (https://github.com/kubespray/kargo/issues/487)
|
|
- name: Set Docker options early
|
|
template:
|
|
src: docker.j2
|
|
dest: /etc/default/docker
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|