Skip to content

Commit

Permalink
lint olam become true
Browse files Browse the repository at this point in the history
  • Loading branch information
@bgraef
bgraef committed Nov 8, 2024
1 parent 9186f3a commit 4d4a0f0
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 21 deletions.
3 changes: 2 additions & 1 deletion olam/create_instance.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -263,6 +263,7 @@

- name: Configure new instances
hosts: all
become: true
gather_facts: false
vars_files:
- default_vars.yml
Expand Down Expand Up @@ -310,7 +311,7 @@
when: passwordless_ssh

- name: Install Oracle Linux Automation Manager
ansible.builtin.include_tasks: deploy-olam-tasks.yaml
ansible.builtin.include_tasks: deploy-olam-tasks.yml
vars:
control_node_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
when: inventory_hostname == 'olam-node'
Expand Down
36 changes: 20 additions & 16 deletions olam/deploy-olam-tasks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
stream=13
profiles=
state=enabled
when:
when:
- ansible_distribution_major_version | int >= 8

- name: Install the database
Expand All @@ -60,7 +60,7 @@
owner: "postgres"
group: "postgres"
state: directory
mode: 0700
mode: "0700"

# Handle the ol-automation-manager-DB-init.sh script

Expand All @@ -72,25 +72,27 @@
- name: initialize postgresql database
ansible.builtin.command: "postgresql-setup --initdb"
when: not pgdata_dir_version.stat.exists
become: true
become_user: postgres

- name: Change database password storage encryption
ansible.builtin.replace:
path: /var/lib/pgsql/data/postgresql.conf
regexp: '^#password_encryption.*'
replace: 'password_encryption = scram-sha-256'

- name: Enable and start postgresql.service
ansible.builtin.systemd:
name: postgresql
state: started
enabled: yes
enabled: true

- name: Create awx postgresql user
community.postgresql.postgresql_user:
name: awx
password: password
role_attr_flags: NOSUPERUSER
become: true
become_user: postgres

- name: Create awx postgresql db
Expand Down Expand Up @@ -128,15 +130,15 @@
section: ol8_automation1
option: enabled
value: "0"
mode: 0644
mode: "0644"

- name: Enable Oracle Linux Automation Manager 2.0 repository
ansible.builtin.ini_file:
path: "/etc/yum.repos.d/oraclelinux-automation-manager-ol8.repo"
section: ol8_automation2
option: enabled
value: "1"
mode: 0644
mode: "0644"

- name: Install Oracle Linux Automation Manager
ansible.builtin.dnf:
Expand All @@ -155,7 +157,7 @@
path: /etc/redis.conf
regexp: '^unixsocketperm '
insertafter: '^unixsocket '
line: unixsocketperm 775
line: unixsocketperm 775

- name: Configure CLUSTER_HOST_ID setting
ansible.builtin.copy:
Expand Down Expand Up @@ -188,6 +190,7 @@
- name: Provision olam ansible container environment
containers.podman.podman_image:
name: container-registry.oracle.com/oracle_linux_automation_manager/olam-ee
become: true
become_user: awx

- name: Check if awx provisioned
Expand All @@ -206,6 +209,7 @@
touch /var/lib/awx/.awx-provisioned
args:
executable: /bin/bash
become: true
become_user: awx
register: awx_migrate
when: not awx_provision.stat.exists
Expand All @@ -218,8 +222,9 @@
'Password:': admin
'Password \(again\):': admin
register: awx_password
become: true
become_user: awx
ignore_errors: yes
ignore_errors: true
changed_when: awx_password.stdout is not search('is already taken')

- name: Print the AWX admin password
Expand Down Expand Up @@ -250,23 +255,23 @@
dest: /etc/nginx/nginx.conf
owner: root
group: root
mode: 0644
mode: "0644"

- name: Remove default configuration in receptor
ansible.builtin.template:
src: ../templates/receptor.conf.j2
dest: /etc/receptor/receptor.conf
owner: root
group: root
mode: '0644'
mode: "0644"

- name: Set firewall service rules
ansible.posix.firewalld:
zone: public
service: "{{ item }}"
permanent: yes
permanent: true
state: enabled
immediate: yes
immediate: true
loop:
- http
- https
Expand All @@ -275,17 +280,17 @@
ansible.posix.firewalld:
zone: public
port: "{{ item }}"
permanent: yes
permanent: true
state: enabled
immediate: yes
immediate: true
loop:
- 27199/tcp

- name: Enable and start ol-automation service
ansible.builtin.systemd:
name: "{{ item }}"
state: started
enabled: yes
enabled: true
with_items:
- ol-automation-manager

Expand All @@ -297,4 +302,3 @@
- name: Enable lingering is needed
ansible.builtin.command: "loginctl enable-linger awx"
when: not user_lingering.stat.exists

10 changes: 6 additions & 4 deletions olam/olam_passwordless_setup.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,9 @@
key: "{{ lookup('file', 'buffer/{{ item }}-id_rsa.pub') }}"
loop: "{{ groups['control'] | flatten(levels=1) }}"
become: true
when:
- inventory_hostname in groups['remote']
- "'remote' in groups"
when:
- "'remote' in groups"
- inventory_hostname in groups['remote']

- name: Print hostvars for groups
ansible.builtin.debug:
Expand All @@ -51,4 +51,6 @@
become_user: "{{ username }}"
register: result
changed_when: result.rc == 0
when: inventory_hostname in groups['control']
when:
- "'remote' in groups"
- inventory_hostname in groups['control']

0 comments on commit 4d4a0f0

Please sign in to comment.