- monitoring-scripts
- nagios
-# configure nagios (Except CentOS 9 Stream)
+# configure nagios (Except Rocky)
- import_tasks: nagios.yml
+ when: ansible_distribution != "Rocky"
tags:
- nagios
- nagios
# configure selinux for nagios
+# We don't use nagios anymore and none of the nrpe packages are available anyway so skip it on Rocky
- import_tasks: nrpe-selinux.yml
- when: ansible_os_family == "RedHat" and
- (selinux_status is defined and selinux_status.stdout != "Disabled")
+ when:
+ - ansible_os_family == "RedHat"
+ - ansible_distribution != "Rocky"
+ - (selinux_status is defined and selinux_status.stdout != "Disabled")
tags:
- nagios
# create and manage epel.repo
- import_tasks: epel.yml
- when: ansible_distribution == "CentOS" or ansible_distribution == 'RedHat'
+ when: ansible_distribution in ["CentOS", "RedHat", "Rocky"]
tags:
- epel
- repos
import_tasks: setup-centos.yml
when: ansible_distribution == "CentOS"
+- name: configure rocky specific things
+ import_tasks: setup-rocky.yml
+ when: ansible_distribution == "Rocky"
+
- name: configure red hat specific things
import_tasks: setup-redhat.yml
when: ansible_distribution == 'RedHat'
--- /dev/null
+---
+- import_tasks: imitate_ubuntu.yml
--- /dev/null
+# {{ ansible_managed }}
+# $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $
+
+# This is the sshd server system-wide configuration file. See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/usr/bin
+
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+
+SyslogFacility AUTHPRIV
+
+AuthorizedKeysFile .ssh/authorized_keys
+
+PasswordAuthentication yes
+
+ChallengeResponseAuthentication no
+
+# GSSAPI options
+GSSAPIAuthentication yes
+GSSAPICleanupCredentials yes
+
+UsePAM yes
+
+X11Forwarding yes
+UsePrivilegeSeparation sandbox # Default for new installations.
+
+# Accept locale-related environment variables
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
+AcceptEnv XMODIFIERS
+
+# override default of no subsystems
+Subsystem sftp /usr/libexec/openssh/sftp-server
+
+MaxSessions 1000
--- /dev/null
+---
+# vars specific to any rocky 10.x version
+
+common_yum_repos:
+ lab-extras:
+ name: "lab-extras"
+ baseurl: "http://{{ mirror_host }}/lab-extras/10/"
+ enabled: 1
+ gpgcheck: 0
+
+# When mirrors become available, these will be filenames in roles/testnodes/templates/mirrorlists/10/
+yum_mirrorlists: []
+
+packages_to_upgrade:
+ - libgcrypt # explicitly tied to qemu build
+
+packages:
+ - libgcrypt
+ - sysstat
+ - libedit
+ - boost-thread
+ - xfsprogs
+ - parted
+ - fuse-libs
+ - openssl
+ - libuuid
+ - podman
+ - attr
+ - lsof
+ - gettext
+ - bc
+ - xfsdump
+ - blktrace
+ - usbredir
+ - valgrind
+ - nfs-utils
+ - ncurses-devel
+ - gcc
+ - git
+ - qemu-img
+ - qemu-kvm-core
+ - qemu-kvm-block-rbd
+ - libacl-devel
+ - autoconf
+ - gdb
+ - podman-docker
+ - lvm2
+ - python3-setuptools
+
+epel_packages:
+ - dbench
+ - gdisk
+
+nfs_service: nfs-server
+
+ntp_service_name: chronyd
+
+xfs_opts: "-m crc=1,finobt=0"
projects / ceph-cm-ansible.git / commitdiff