ansible-cockpit/tasks/main.yml

68 lines
1.5 KiB
YAML
Raw Normal View History

2016-04-26 21:12:24 +02:00
---
# tasks file for bvansomeren.cockpit
- name: ensure cockpit is installed
2019-02-01 15:14:16 +01:00
package:
name: "{{ item }}"
2018-08-22 21:40:45 +02:00
state: present
loop: "{{ cockpit_packages }}"
2016-04-26 21:12:24 +02:00
- name: disable cockpit internal TLS
2019-02-01 15:14:16 +01:00
ini_file:
dest: "/usr/lib/systemd/system/cockpit.service"
section: "Service"
option: "ExecStart"
value: "/usr/libexec/cockpit-ws --no-tls"
2016-04-26 21:12:24 +02:00
register: systemd
when: cockpit_disable_tls
2019-02-01 15:14:16 +01:00
- name: change default listen port
2019-02-01 17:11:57 +01:00
blockinfile:
dest: "/etc/systemd/system/cockpit.socket.d/listen.conf"
create: true
backup: true
owner: root
group: root
mode: 0755
state: present
block: |
[Socket]
ListenStream=
ListenStream={{ cockpit_listen_port }}
when: cockpit_listen_port != "9090"
2019-02-01 15:14:16 +01:00
- name: do selinux change if required
block:
2019-02-01 17:11:57 +01:00
- name: install package
package:
2019-02-01 15:14:16 +01:00
name: policycoreutils-python
state: present
2019-02-01 17:11:57 +01:00
- name: enable seport
seport:
2019-02-01 15:14:16 +01:00
ports: "{{ cockpit_listen_port }}"
proto: tcp
setype: websm_port_t
state: present
2019-02-01 17:11:57 +01:00
when: cockpit_listen_port != "9090" and cockpit_use_selinux
2019-02-01 15:14:16 +01:00
2018-11-22 19:05:37 +01:00
- name: enable firewall
2019-02-01 17:11:57 +01:00
block:
- name: install firewalld bindings
package:
name: python-firewall
2019-02-06 13:34:04 +01:00
state: present
2019-02-01 17:11:57 +01:00
- name: enable firewalld
firewalld:
port: "{{ cockpit_listen_port }}/tcp"
permanent: true
immediate: true
state: enabled
when: cockpit_use_firewalld
2018-11-22 19:05:37 +01:00
2016-04-26 21:12:24 +02:00
- name: ensure Cockpit is started
2019-02-01 15:14:16 +01:00
systemd:
name: "cockpit.socket"
state: "started"
enabled: true
daemon_reload: true