Merge branch 'main' into 8343-New-machine-id

playbooks/debian.yml

@@ -15,4 +15,4 @@
   - name: Configure virtual machine
     import_role:
       name: debian-qemu
-    when: ansible_virtualization_type == 'kvm'
+    when: ansible_virtualization_role == 'guest' and ansible_virtualization_type == 'kvm'

roles/debian-base/tasks/main.yml

@@ -32,5 +32,3 @@
   tags: bacula
 - import_tasks: vn-repo.yml
   tags: vn-repo
-- import_tasks: grub_startup.yml
-  tags: grub_startup

roles/debian-base/tasks/relayhost.yml

@@ -1,8 +1,12 @@
-- name: Install exim packages
+- name: Getting service facts to check for postfix
+  service_facts:
+- when: "'postfix.service' not in ansible_facts.services"
+  block:
+  - name: Install exim packages
     apt:
       name: exim4
       state: present
-- name: Prepare exim configuration
+  - name: Prepare exim configuration
     blockinfile:
       path: /etc/exim4/update-exim4.conf.conf
       marker_begin: '--- BEGIN VN ---'
@@ -20,9 +24,9 @@
       mode: u=rw,g=r,o=r
     notify: update exim configuration
     register: exim_config
-- name: Force execution of handlers immediately
+  - name: Force execution of handlers immediately
     meta: flush_handlers
-- name: Sending mail to verify relay host configuration works
+  - name: Sending mail to verify relay host configuration works
     shell: >
       sleep 2; echo "If you see this message, relayhost on {{ ansible_fqdn }} has been configured correctly." \
         | mailx -s "Relayhost test for {{ ansible_fqdn }}" "{{ sysadmin_mail }}"

roles/debian-base/tasks/root.yml

@@ -26,7 +26,7 @@
             lookup(passbolt, inventory_hostname_short,
               username='root',
               password=root_password,
-              uri='ssh://'+hostname_fqdn
+              uri='ssh://'+hostname_fqdn+'/'
             )
           }}
       environment:

roles/debian-base/tasks/timesync.yml

@@ -1,11 +1,15 @@
-- name: Ensure directory for timesyncd custom configuration exists
+- name: Getting service facts to check for timesyncd
+  service_facts:
+- when: "'systemd-timesyncd.service' in ansible_facts.services"
+  block:
+  - name: Ensure directory for timesyncd custom configuration exists
     file:
       path: /etc/systemd/timesyncd.conf.d/
       state: directory
       owner: root
       group: root
       mode: u=rwx,g=rx,o=rx
-- name: Configure NTP settings in /etc/systemd/timesyncd.conf.d/vn-ntp.conf
+  - name: Configure timesyncd service
     copy:
       dest: /etc/systemd/timesyncd.conf.d/vn-ntp.conf
       content: |
@@ -16,7 +20,8 @@
       group: root
       mode: u=rw,g=r,o=r
     notify: restart systemd-timesyncd
-- name: Ensure systemd-timesyncd service is enabled and started
+  - name: Ensure timesyncd service is enabled and started
+    when: "ansible_facts.services['systemd-timesyncd.service'].status == 'enabled'"
     service:
       name: systemd-timesyncd
       enabled: yes

roles/debian-host/tasks/apparmor.yml

@@ -1,12 +1,16 @@
-- name: Stop AppArmor
+- name: Getting service facts to check for apparmor
+  service_facts:
+- when: "'apparmor.service' in ansible_facts.services"
+  block:
+  - name: Stop AppArmor
     systemd:
       name: apparmor
       state: stopped
-- name: Disable AppArmor service
+  - name: Disable AppArmor service
     systemd:
       name: apparmor
       enabled: no
-- name: Mask AppArmor service
+  - name: Mask AppArmor service
     systemd:
       name: apparmor
       masked: yes

roles/debian-qemu/handlers/main.yml

@@ -1,7 +1,3 @@
-- name: restart-nslcd
-  service:
-    name: nslcd
-    state: restarted
 - name: restart-autofs
   service:
     name: autofs

roles/debian-qemu/tasks/autofs.yml

@@ -11,7 +11,6 @@
   lineinfile:
     path: /etc/nsswitch.conf
     line: "automount:      files"
-  notify: restart-nslcd
 - name: Add file homes.autofs configured to autofs
   template:
     src: homes.autofs

roles/debian-qemu/tasks/main.yml

@@ -6,3 +6,5 @@
   tags: autofs
 - import_tasks: blacklist.yml
   tags: blacklist
+- import_tasks: grub_startup.yml
+  tags: grub_startup