updated the repo to be in sync with the automation on the cord uber repo
Change-Id: Id8619f662719d73a2ca80cf0cca7f1665fbd267a
diff --git a/ansible/roles/common/defaults/main.yml b/ansible/roles/common/defaults/main.yml
index 4ccfffb..7eaf4c7 100644
--- a/ansible/roles/common/defaults/main.yml
+++ b/ansible/roles/common/defaults/main.yml
@@ -1,8 +1,13 @@
hosts: [
- { host_ip: "10.100.198.200", host_name: "corddev"},
+ { host_ip: "10.100.198.200", host_name: "maasdev"},
{ host_ip: "10.100.198.201", host_name: "prod"},
]
+use_latest_for:
+ - debian-keyring
+ - debian-archive-keyring
+ - rng-tools
+
obsolete_services:
- puppet
- chef-client
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/main.yml
index 13d39fe..0ad01a7 100644
--- a/ansible/roles/common/tasks/main.yml
+++ b/ansible/roles/common/tasks/main.yml
@@ -1,21 +1,3 @@
-- name: Ensure SSH Directory
- file:
- path: /home/{{ ansible_user }}/.ssh
- state: directory
- owner: "{{ ansible_user }}"
- group: "{{ ansible_user }}"
- mode: 0700
- tags: [common]
-
-- name: Ignore Known Hosts for SSH
- copy:
- src: files/ssh-config
- dest: /home/{{ ansible_user }}/.ssh/config
- owner: "{{ ansible_user }}"
- group: "{{ ansible_user }}"
- mode: 0600
- tags: [common]
-
- name: JQ is present
apt:
name: jq
@@ -30,6 +12,12 @@
with_items: hosts
tags: [common]
+- name: Latest apt packages
+ apt:
+ name: "{{ item }}"
+ with_items: use_latest_for
+ tags: [common]
+
- name: Services are not running
service:
name: "{{ item }}"
@@ -37,3 +25,28 @@
ignore_errors: yes
with_items: obsolete_services
tags: [common]
+
+- name: Ensure SSH Directory
+ file:
+ path: /home/{{ ansible_user }}/.ssh
+ state: directory
+ owner: "{{ ansible_user }}"
+ group: "{{ ansible_user }}"
+ mode: 0700
+ tags: [common]
+
+- name: Ensure known_hosts file is absent
+ file:
+ path: /home/vagrant/.ssh/known_hosts
+ state: absent
+ tags: [common]
+
+- name: Ignore Known Hosts for SSH
+ copy:
+ src: files/ssh-config
+ dest: /home/{{ ansible_user }}/.ssh/config
+ owner: "{{ ansible_user }}"
+ group: "{{ ansible_user }}"
+ mode: 0600
+ tags: [common]
+
diff --git a/ansible/roles/docker/templates/docker.cfg b/ansible/roles/docker/templates/docker.cfg
index ac03f17..7dfff7b 100644
--- a/ansible/roles/docker/templates/docker.cfg
+++ b/ansible/roles/docker/templates/docker.cfg
@@ -1 +1,3 @@
-DOCKER_OPTS="$DOCKER_OPTS --insecure-registry 10.100.198.200:5000 -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --registry-mirror=http://10.100.198.200:5001"
\ No newline at end of file
+DOCKER_OPTS="$DOCKER_OPTS --insecure-registry 10.100.198.200:5000 -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --registry-mirror=http://10.100.198.200:5001"
+DOCKER_OPTS="$DOCKER_OPTS --insecure-registry 10.100.198.201:5000"
+
diff --git a/ansible/roles/fakeswitch/files/persist b/ansible/roles/fakeswitch/files/persist
new file mode 100755
index 0000000..d032e90
--- /dev/null
+++ b/ansible/roles/fakeswitch/files/persist
@@ -0,0 +1,3 @@
+#!/bin/bash
+echo "persist"
+exit 0
diff --git a/ansible/roles/fakeswitch/files/savepersist b/ansible/roles/fakeswitch/files/savepersist
new file mode 100755
index 0000000..50d503b
--- /dev/null
+++ b/ansible/roles/fakeswitch/files/savepersist
@@ -0,0 +1,3 @@
+#!/bin/bash
+echo "savepersist"
+exit 0
diff --git a/ansible/roles/fakeswitch/tasks/main.yml b/ansible/roles/fakeswitch/tasks/main.yml
new file mode 100644
index 0000000..39879e9
--- /dev/null
+++ b/ansible/roles/fakeswitch/tasks/main.yml
@@ -0,0 +1,43 @@
+- name: Ensure Root User
+ become: yes
+ user:
+ name: root
+ password: '$6$o5YKQzd9CIadXU$KPaV6CcDd1XPr4cO.dRnWnMnrZl9mBEM84Pfhp9b1v6fLWHdoQ1gPJ4qa0lGvxpukcWtWtwiZezi3JWisMd4D.'
+
+- name: Ensure Directories
+ become: yes
+ file:
+ path: "{{ item }}"
+ owner: root
+ group: root
+ mode: 0755
+ state: directory
+ with_items:
+ - /mnt/flash2
+ - /etc/accton
+
+- name: Ensure Commands
+ become: yes
+ template:
+ src: files/{{ item }}
+ dest: /usr/bin/{{ item }}
+ owner: root
+ group: root
+ mode: 0755
+ with_items:
+ - persist
+ - savepersist
+
+- name: Ensure Root SSH
+ become: yes
+ lineinfile:
+ dest: "/etc/ssh/sshd_config"
+ regexp: "^PermitRootLogin"
+ line: "PermitRootLogin yes"
+
+- name: Ensure SSH Config
+ become: yes
+ service:
+ name: ssh
+ state: restarted
+ #failed_when: false