refs #8025 Merge roles

ansible.cfg

@@ -1,7 +1,7 @@
 [defaults]
 roles_path = ./roles
 inventory = ./hosts
-gathering = explicit
+gathering = smart
 interpreter_python = auto_silent
 remote_user = root
 host_key_checking = False

collections/README.md

@@ -1,31 +1,32 @@
 # Collections
 
-The porpouse of collections is get more modules and plugins to use in ansible.
+The purpose of collections is get more modules and plugins to use in ansible.
 
 Collections are supported by Ansible community.
 
 # Install collections
 
-In AWX-operator container , execute:
+In *awx-operator* container, execute:
 ```
 ansible-galaxy collection install -r requirements.yml
 ```
 
 Where `requirements.yml` we need to specify the list of collections that we want to install:
-
 ```
 collections:
 - name: community.general
-
 ```
 
-# Collection index:
-[Index-Ansible-collections](https://docs.ansible.com/ansible/latest/collections/index.html)
+# Collection index
+
+* https://docs.ansible.com/ansible/latest/collections/index.html
 
 # List collections
-[Listing-collections](https://docs.ansible.com/ansible/latest/collections_guide/collections_listing.html)
 
 To list installed collections, run `ansible-galaxy collection list` (inside awx operator container)
- 
-# Install multiple collections with a requirements file
-[Install-multiple](https://docs.ansible.com/ansible/devel/collections_guide/collections_installing.html#install-multiple-collections-with-a-requirements-file)
+
+* https://docs.ansible.com/ansible/latest/collections_guide/collections_listing.html
+
+# Install multiple collections
+
+* https://docs.ansible.com/ansible/devel/collections_guide/collections_installing.html#install-multiple-collections-with-a-requirements-file

collections/requirements.yml

@@ -1,4 +1,3 @@
----
 collections:
 - name: community.general
   version: '>=9.0.0'

group_vars/all.yaml

@@ -1,3 +1,4 @@
+awx_pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDjeIZVyppFK/dqOUa1PxgSeRVWk7MFmANYvSs+VHHnD4/BE//K8AxlxnyLl4e6jAcBFoIu1JLxbRKdOhx+Zgkq5OmEzp/XKzfEvnEU5CP+W2+5MwfkUQ3TetJsOoHiP/qYWPqqqfDFqNM1xs9am5Frv9BVu5pFiSO9oS14xVAlUOwnONQnRtAbuBOmMldpzxmuFY+Rs3G2MmokcOYrs5Z3TdCOG9bDGg8erzWklLW+aRYdXqMEZpwIZPcOFy6JXEyZ/9IpCLBN58IMr0RypFbgWb2Vo05iTI5j99Pzn//FgAhe6BXRyHSGOJ29hmKugt9sIY1N/H6aYqtTVR5EEIngY1XHtFywU1+qtYHMs8PB9Hl87zUkla0+S5Zn8q92y7DQFsOZ9ND6syEzWhiCP1ic3Wo76TVbuNoTW/XvgZnemx1epuOqDj9S7iGTSHMvvSop8z5hU2EQiVkgRPl4cM2fi0vF513ivq5IbCgg2VfXUOLM5E5y0TI7lzBriTtCuIk= awx@awx.verdnatura.es
 resolv:
   domain: verdnatura.es
   search: verdnatura.es

playbooks/debian-base.yaml

@@ -1,20 +0,0 @@
-- hosts: all
-  tasks:
-  - name: Set locales
-    import_role:
-      name: config-locales
-  - name: Set timezone
-    import_role:
-      name: config-tzdata
-  - name: Install and configure fail2ban service
-    import_role:
-      name: config-fail2ban
-    tags: config-fail2ban_config
-  - name: Install guest side
-    import_role:
-      name: config-server-type
-    tags: config-server-type_config
-  - name: Install and configure ntp
-    import_role:
-      name: config-ntp
-    tags: config-ntp_config

playbooks/debian-ct.yaml

@@ -1,27 +0,0 @@
-- hosts: all
-
-    - name: Config relayhost smtp
-      import_role:
-        name: config-relayhost-smtp
-      when: relay_host_enabled is defined and relay_host_enabled
-      tags: config-relayhost-smtp_config
-    - name: Config centralized auth
-      import_role:
-        name: config-centralized-auth
-      when: centralized_auth_enabled is defined and centralized_auth_enabled
-      tags: config-centralized-auth_config
-    - name: Set locales
-      import_role:
-        name: config-locales
-      when: locales_enabled is defined and locales_enabled
-      tags: config-locales_config
-    - name: Set timezone
-      import_role:
-        name: config-tzdata
-      when: tzdata_enabled is defined and tzdata_enabled
-      tags: config-tzdata_config
-    - name: Install and configure fail2ban service
-      import_role:
-        name: config-fail2ban
-      when: fail2ban_enabled is defined and fail2ban_enabled
-      tags: config-fail2ban_config

playbooks/debian-infra.yaml

@@ -1,23 +0,0 @@
-- hosts: all
-  tasks:
-    - name: Configure debian os
-      import_role:
-        name: config-base-debian-os
-    - name: Set locales
-      import_role:
-        name: config-locales
-    - name: Set timezone
-      import_role:
-        name: config-tzdata
-    - name: Add-repos-vn
-      import_role:
-        name: config-repo-vn
-    - name: Install and configure fail2ban service
-      import_role:
-        name: config-fail2ban
-    - name: Install and configure nagios nrpe service
-      import_role:
-        name: config-nagios-nrpe
-    - name: Install and configure ntp
-      import_role:
-        name: config-ntp

playbooks/debian-vm.yaml

@@ -1,57 +0,0 @@
-- hosts: all
-  tasks:
-  - name: Install packages
-    import_role:
-      name: config-install-packages
-    when: packages_enabled is defined and packages_enabled
-    tags: config-install-packages_config
-  - name: Config relayhost smtp
-    import_role:
-      name: config-relayhost-smtp
-    when: relay_host_enabled is defined and relay_host_enabled
-    tags: config-relayhost-smtp_config
-  - name: Config centralized auth
-    import_role:
-      name: config-centralized-auth
-    when: centralized_auth_enabled is defined and centralized_auth_enabled
-    tags: config-centralized-auth_config
-  - name: configure secure grub
-    import_role:
-      name: config-secure-grub
-    when: secure_grub_enabled is defined and secure_grub_enabled
-    tags: config-secure-grub_config
-  - name: Install and configure hot plug
-    import_role:
-      name: config-hot-plug
-    when: hot_plug_enabled is defined and hot_plug_enabled
-    tags: config-hot-plug_config
-  - name: Set locales
-    import_role:
-      name: config-locales
-    when: locales_enabled is defined and locales_enabled
-    tags: config-locales_config
-  - name: Set timezone
-    import_role:
-      name: config-tzdata
-    when: tzdata_enabled is defined and tzdata_enabled
-    tags: config-tzdata_config
-  - name: Install and configure fail2ban service
-    import_role:
-      name: config-fail2ban
-    when: fail2ban_enabled is defined and fail2ban_enabled
-    tags: config-fail2ban_config
-  - name: Install guest side
-    import_role:
-      name: config-server-type
-    when: server_type_enabled is defined and server_type_enabled
-    tags: config-server-type_config
-  - name: Install and configure ntp
-    import_role:
-      name: config-ntp
-    when: ntp_enabled is defined and ntp_enabled
-    tags: config-ntp_config
-  - name: Install and configure AUTOFS HOMES
-    import_role:
-      name: config-autofs-homes
-    when: autofs_homes_enabled is defined and autofs_homes_enabled
-    tags: config-autofs-homes_config

playbooks/debian.yaml

@@ -1,5 +1,14 @@
 - hosts: all
   tasks:
-    - name: Configure base system
-      import_role:
-        name: linux-base
+  - name: Configure AWX user
+    import_role:
+      name: awx
+  - name: Configure base system
+    import_role:
+      name: linux-base
+  - name: Configure guest
+    import_role:
+      name: linux-guest
+  - name: Configure virtual machine
+    import_role:
+      name: linux-qemu

playbooks/print-facts.yaml

@@ -0,0 +1,11 @@
+# https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_vars_facts.html
+
+- hosts: all
+  gather_facts: yes
+  tasks:
+  - name: Print all available facts
+    ansible.builtin.debug:
+      var: ansible_facts
+  - name: Print variable value
+    debug:
+      msg: "Variable: {{ ansible_virtualization_type }}"

roles/awx/vars/main.yaml

@@ -1 +0,0 @@
-awx_pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDjeIZVyppFK/dqOUa1PxgSeRVWk7MFmANYvSs+VHHnD4/BE//K8AxlxnyLl4e6jAcBFoIu1JLxbRKdOhx+Zgkq5OmEzp/XKzfEvnEU5CP+W2+5MwfkUQ3TetJsOoHiP/qYWPqqqfDFqNM1xs9am5Frv9BVu5pFiSO9oS14xVAlUOwnONQnRtAbuBOmMldpzxmuFY+Rs3G2MmokcOYrs5Z3TdCOG9bDGg8erzWklLW+aRYdXqMEZpwIZPcOFy6JXEyZ/9IpCLBN58IMr0RypFbgWb2Vo05iTI5j99Pzn//FgAhe6BXRyHSGOJ29hmKugt9sIY1N/H6aYqtTVR5EEIngY1XHtFywU1+qtYHMs8PB9Hl87zUkla0+S5Zn8q92y7DQFsOZ9ND6syEzWhiCP1ic3Wo76TVbuNoTW/XvgZnemx1epuOqDj9S7iGTSHMvvSop8z5hU2EQiVkgRPl4cM2fi0vF513ivq5IbCgg2VfXUOLM5E5y0TI7lzBriTtCuIk= awx@awx.verdnatura.es

roles/linux-autofs/tasks/main.yaml

@@ -1,6 +1,3 @@
-- name: Checking if configuration is needed
-  meta: end_host
-  when: autofs_homes_enabled is not defined or not autofs_homes_enabled
 - name: Install packages for autofs
   apt:
     name: "{{ item }}"

roles/linux-base/tasks/main.yaml

@@ -1,10 +1,22 @@
+- name: Install base packages
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - htop
+    - psmisc
+    - bash-completion
+    - screen
+    - aptitude
+- include_role:
+    name: linux-sudoers
 - include_role:
     name: linux-motd
 - include_role:
     name: linux-profile
-- include_role:
-    name: linux-sudoers
 - include_role:
     name: linux-vim
 - include_role:
-    name: linux-locale
+    name: linux-locale
+- include_role:
+    name: linux-nrpe

roles/linux-guest/tasks/main.yaml

@@ -0,0 +1,5 @@
+- name: Skip if not a guest
+  meta: end_host
+  when: ansible_virtualization_role != 'guest'
+- include_role:
+    name: linux-auth

roles/linux-install-packages/tasks/main.yaml

@@ -1,10 +0,0 @@
-- name: Install base packages
-  apt:
-    name: "{{ item }}"
-    state: present
-  with_items:
-    - htop
-    - psmisc
-    - bash-completion
-    - screen
-    - aptitude

roles/linux-ntp/handlers/main.yaml

@@ -1,4 +1,4 @@
 - name: restart systemd-timesyncd
   service:
-    name: "{{ timesyncd_daemon }}"
+    name: systemd-timesyncd
     state: restarted

roles/linux-ntp/tasks/main.yaml

@@ -1,6 +1,3 @@
-- name: Checking if configuration is needed
-  meta: end_host
-  when: ntp_enabled is not defined or not ntp_enabled
 - name: Configure /etc/systemd/timesyncd.conf
   lineinfile:
     path: /etc/systemd/timesyncd.conf
@@ -20,5 +17,5 @@
   notify: restart systemd-timesyncd  
 - name: Service should start on boot
   service:
-    name: "{{ timesyncd_daemon }}"
+    name: systemd-timesyncd
     enabled: yes

roles/linux-ntp/vars/main.yaml

@@ -1 +0,0 @@
-timesyncd_daemon: systemd-timesyncd

roles/linux-qemu/tasks/main.yaml

@@ -1,3 +1,6 @@
+- name: Skip if not a QEMU guest
+  meta: end_host
+  when: not (ansible_virtualization_type == 'kvm' and ansible_virtualization_role == 'guest')
 - name: Install QEMU guest agent
   apt:
     name: qemu-guest-agent
@@ -18,3 +21,5 @@
     group: root
 - name: Generate GRUB configuration
   command: update-grub
+- include_role:
+    name: linux-autofs

roles/linux-relayhost/tasks/main.yaml

@@ -4,7 +4,7 @@
     state: present
 - name: Reconfigure relayhost
   lineinfile:
-    dest: "{{ exim_configuration_file }}"
+    dest: /etc/exim4/update-exim4.conf.conf
     regexp: "{{ item.regexp }}"
     line: "{{ item.line }}"
     state: present

roles/linux-relayhost/vars/main.yaml

@@ -1,2 +0,0 @@
-exim_configuration_file: /etc/exim4/update-exim4.conf.conf
-exim_daemon: exim4

roles/linux-sudoers/tasks/main.yaml

@@ -1,3 +1,7 @@
+- name: Install sudo package
+  apt:
+    name: sudo
+    state: present
 - name: Copy sudoers configuration file
   copy:
     src: vn

roles/linux-vm/tasks/main.yaml

@@ -1,10 +0,0 @@
-- include_role:
-    name: linux-motd
-- include_role:
-    name: linux-profile
-- include_role:
-    name: linux-sudoers
-- include_role:
-    name: linux-vim
-- include_role:
-    name: linux-locale