re-work + yamlint
This commit is contained in:
parent
ea81a45931
commit
22c48ea86b
|
@ -1,9 +1,10 @@
|
||||||
---
|
---
|
||||||
# defaults file for bvansomeren.cockpit
|
# defaults file for bvansomeren.cockpit
|
||||||
cockpit_disable_tls: no
|
cockpit_disable_tls: false
|
||||||
cockpit_packages:
|
cockpit_packages:
|
||||||
- cockpit
|
- cockpit
|
||||||
- cockpit-bridge
|
- cockpit-bridge
|
||||||
- cockpit-machines
|
- cockpit-machines
|
||||||
cockpit_use_firewalld: false
|
cockpit_use_firewalld: false
|
||||||
|
cockpit_use_selinux: false
|
||||||
cockpit_listen_port: 9090
|
cockpit_listen_port: 9090
|
||||||
|
|
127
meta/main.yml
127
meta/main.yml
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
author: Barry van Someren
|
author: Barry van Someren
|
||||||
description:
|
description:
|
||||||
|
@ -24,7 +25,7 @@ galaxy_info:
|
||||||
# this branch. If travis integration is cofigured, only notification for this
|
# this branch. If travis integration is cofigured, only notification for this
|
||||||
# branch will be accepted. Otherwise, in all cases, the repo's default branch
|
# branch will be accepted. Otherwise, in all cases, the repo's default branch
|
||||||
# (usually master) will be used.
|
# (usually master) will be used.
|
||||||
#github_branch:
|
# github_branch:
|
||||||
|
|
||||||
#
|
#
|
||||||
# Below are all platforms currently available. Just uncomment
|
# Below are all platforms currently available. Just uncomment
|
||||||
|
@ -34,129 +35,7 @@ galaxy_info:
|
||||||
platforms:
|
platforms:
|
||||||
- name: EL
|
- name: EL
|
||||||
versions:
|
versions:
|
||||||
# - all
|
|
||||||
# - 5
|
|
||||||
# - 6
|
|
||||||
- 7
|
- 7
|
||||||
#- name: GenericUNIX
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: Solaris
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 10
|
|
||||||
# - 11.0
|
|
||||||
# - 11.1
|
|
||||||
# - 11.2
|
|
||||||
# - 11.3
|
|
||||||
#- name: Fedora
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 16
|
|
||||||
# - 17
|
|
||||||
# - 18
|
|
||||||
# - 19
|
|
||||||
# - 20
|
|
||||||
# - 21
|
|
||||||
# - 22
|
|
||||||
# - 23
|
|
||||||
#- name: opensuse
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 12.1
|
|
||||||
# - 12.2
|
|
||||||
# - 12.3
|
|
||||||
# - 13.1
|
|
||||||
# - 13.2
|
|
||||||
#- name: IOS
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: SmartOS
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: eos
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - Any
|
|
||||||
#- name: Windows
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 2012R2
|
|
||||||
#- name: Amazon
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 2013.03
|
|
||||||
# - 2013.09
|
|
||||||
#- name: GenericBSD
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: Junos
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: FreeBSD
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 10.0
|
|
||||||
# - 10.1
|
|
||||||
# - 10.2
|
|
||||||
# - 8.0
|
|
||||||
# - 8.1
|
|
||||||
# - 8.2
|
|
||||||
# - 8.3
|
|
||||||
# - 8.4
|
|
||||||
# - 9.0
|
|
||||||
# - 9.1
|
|
||||||
# - 9.1
|
|
||||||
# - 9.2
|
|
||||||
# - 9.3
|
|
||||||
#- name: Ubuntu
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - lucid
|
|
||||||
# - maverick
|
|
||||||
# - natty
|
|
||||||
# - oneiric
|
|
||||||
# - precise
|
|
||||||
# - quantal
|
|
||||||
# - raring
|
|
||||||
# - saucy
|
|
||||||
# - trusty
|
|
||||||
# - utopic
|
|
||||||
# - vivid
|
|
||||||
# - wily
|
|
||||||
# - xenial
|
|
||||||
#- name: SLES
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 10SP3
|
|
||||||
# - 10SP4
|
|
||||||
# - 11
|
|
||||||
# - 11SP1
|
|
||||||
# - 11SP2
|
|
||||||
# - 11SP3
|
|
||||||
#- name: GenericLinux
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: NXOS
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: Debian
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - etch
|
|
||||||
# - jessie
|
|
||||||
# - lenny
|
|
||||||
# - sid
|
|
||||||
# - squeeze
|
|
||||||
# - stretch
|
|
||||||
# - wheezy
|
|
||||||
|
|
||||||
galaxy_tags: []
|
galaxy_tags: []
|
||||||
# List tags for your role here, one per line. A tag is
|
# List tags for your role here, one per line. A tag is
|
||||||
|
@ -167,7 +46,7 @@ galaxy_info:
|
||||||
# NOTE: A tag is limited to a single word comprised of
|
# NOTE: A tag is limited to a single word comprised of
|
||||||
# alphanumeric characters. Maximum 20 tags per role.
|
# alphanumeric characters. Maximum 20 tags per role.
|
||||||
|
|
||||||
dependencies: []
|
dependencies: []
|
||||||
# List your role dependencies here, one per line.
|
# List your role dependencies here, one per line.
|
||||||
# Be sure to remove the '[]' above if you add dependencies
|
# Be sure to remove the '[]' above if you add dependencies
|
||||||
# to this list.
|
# to this list.
|
||||||
|
|
|
@ -8,10 +8,37 @@
|
||||||
loop: "{{ cockpit_packages }}"
|
loop: "{{ cockpit_packages }}"
|
||||||
|
|
||||||
- name: disable cockpit internal TLS
|
- name: disable cockpit internal TLS
|
||||||
ini_file: dest=/usr/lib/systemd/system/cockpit.service section=Service option=ExecStart value="/usr/libexec/cockpit-ws --no-tls"
|
ini_file:
|
||||||
|
dest: "/usr/lib/systemd/system/cockpit.service"
|
||||||
|
section: "Service"
|
||||||
|
option: "ExecStart"
|
||||||
|
value: "/usr/libexec/cockpit-ws --no-tls"
|
||||||
register: systemd
|
register: systemd
|
||||||
when: cockpit_disable_tls
|
when: cockpit_disable_tls
|
||||||
|
|
||||||
|
- name: change default listen port
|
||||||
|
block:
|
||||||
|
- ini_file:
|
||||||
|
dest: "/etc/systemd/system/cockpit.socket.d/listen.conf"
|
||||||
|
create: true
|
||||||
|
section: "Socket"
|
||||||
|
value: |
|
||||||
|
ListenStream=
|
||||||
|
ListenStream={{ cockpit_listen_port }}
|
||||||
|
when: cockpit_listen_port is not "9090"
|
||||||
|
|
||||||
|
- name: do selinux change if required
|
||||||
|
block:
|
||||||
|
- package:
|
||||||
|
name: policycoreutils-python
|
||||||
|
state: present
|
||||||
|
- seport:
|
||||||
|
ports: "{{ cockpit_listen_port }}"
|
||||||
|
proto: tcp
|
||||||
|
setype: websm_port_t
|
||||||
|
state: present
|
||||||
|
when: cockpit_listen_port is not "9090" and cockpit_use_selinux
|
||||||
|
|
||||||
- name: enable firewall
|
- name: enable firewall
|
||||||
firewalld:
|
firewalld:
|
||||||
port: "{{ cockpit_listen_port }}/tcp"
|
port: "{{ cockpit_listen_port }}/tcp"
|
||||||
|
@ -20,9 +47,9 @@
|
||||||
state: enabled
|
state: enabled
|
||||||
when: cockpit_use_firewalld
|
when: cockpit_use_firewalld
|
||||||
|
|
||||||
- name: reload systemd if unit file changed
|
|
||||||
command: systemctl daemon-reload
|
|
||||||
when: systemd.changed
|
|
||||||
|
|
||||||
- name: ensure Cockpit is started
|
- name: ensure Cockpit is started
|
||||||
service: name=cockpit state=started enabled=yes
|
systemd:
|
||||||
|
name: "cockpit.socket"
|
||||||
|
state: "started"
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
|
Loading…
Reference in New Issue
Block a user