37 lines
676 B
YAML
37 lines
676 B
YAML
- name: Install ua-tools
|
|
become: true
|
|
package:
|
|
name: ubuntu-advantage-tools
|
|
state: present
|
|
|
|
- name: Enable fips and fips-updates
|
|
become: true
|
|
shell: |
|
|
set -o pipefail
|
|
yes | ua enable fips
|
|
echo
|
|
args:
|
|
executable: '/bin/bash'
|
|
|
|
- name: Verify fips is enabled
|
|
become: true
|
|
command: ua status
|
|
|
|
- name: Reboot server for FIPS mode
|
|
become: true
|
|
reboot:
|
|
reboot_timeout: 1800
|
|
|
|
- name: Run post-boot tasks
|
|
include_role:
|
|
name: post-reboot-tasks
|
|
|
|
- name: Ensure FIPS mode is enabled
|
|
become: true
|
|
command: cat /proc/sys/crypto/fips_enabled
|
|
register: _result
|
|
|
|
- name: Assert FIPS is enabled
|
|
assert:
|
|
that: _result.stdout == "1"
|