re-work + yamlint
This commit is contained in:
parent
ea81a45931
commit
22c48ea86b
|
@ -9,7 +9,7 @@ sudo: false
|
||||||
addons:
|
addons:
|
||||||
apt:
|
apt:
|
||||||
packages:
|
packages:
|
||||||
- python-pip
|
- python-pip
|
||||||
|
|
||||||
install:
|
install:
|
||||||
# Install ansible
|
# Install ansible
|
||||||
|
@ -26,4 +26,4 @@ script:
|
||||||
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
|
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
|
||||||
|
|
||||||
notifications:
|
notifications:
|
||||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
---
|
---
|
||||||
# defaults file for bvansomeren.cockpit
|
# defaults file for bvansomeren.cockpit
|
||||||
cockpit_disable_tls: no
|
cockpit_disable_tls: false
|
||||||
cockpit_packages:
|
cockpit_packages:
|
||||||
- cockpit
|
- cockpit
|
||||||
- cockpit-bridge
|
- cockpit-bridge
|
||||||
- cockpit-machines
|
- cockpit-machines
|
||||||
cockpit_use_firewalld: false
|
cockpit_use_firewalld: false
|
||||||
|
cockpit_use_selinux: false
|
||||||
cockpit_listen_port: 9090
|
cockpit_listen_port: 9090
|
||||||
|
|
161
meta/main.yml
161
meta/main.yml
|
@ -1,12 +1,13 @@
|
||||||
|
---
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
author: Barry van Someren
|
author: Barry van Someren
|
||||||
description:
|
description:
|
||||||
company: CoffeeSprout ICT Services
|
company: CoffeeSprout ICT Services
|
||||||
|
|
||||||
# If the issue tracker for your role is not on github, uncomment the
|
# If the issue tracker for your role is not on github, uncomment the
|
||||||
# next line and provide a value
|
# next line and provide a value
|
||||||
# issue_tracker_url: http://example.com/issue/tracker
|
# issue_tracker_url: http://example.com/issue/tracker
|
||||||
|
|
||||||
# Some suggested licenses:
|
# Some suggested licenses:
|
||||||
# - BSD (default)
|
# - BSD (default)
|
||||||
# - MIT
|
# - MIT
|
||||||
|
@ -15,7 +16,7 @@ galaxy_info:
|
||||||
# - Apache
|
# - Apache
|
||||||
# - CC-BY
|
# - CC-BY
|
||||||
license: BSD
|
license: BSD
|
||||||
|
|
||||||
min_ansible_version: 2.0
|
min_ansible_version: 2.0
|
||||||
|
|
||||||
# Optionally specify the branch Galaxy will use when accessing the GitHub
|
# Optionally specify the branch Galaxy will use when accessing the GitHub
|
||||||
|
@ -24,150 +25,28 @@ galaxy_info:
|
||||||
# this branch. If travis integration is cofigured, only notification for this
|
# this branch. If travis integration is cofigured, only notification for this
|
||||||
# branch will be accepted. Otherwise, in all cases, the repo's default branch
|
# branch will be accepted. Otherwise, in all cases, the repo's default branch
|
||||||
# (usually master) will be used.
|
# (usually master) will be used.
|
||||||
#github_branch:
|
# github_branch:
|
||||||
|
|
||||||
#
|
#
|
||||||
# Below are all platforms currently available. Just uncomment
|
# Below are all platforms currently available. Just uncomment
|
||||||
# the ones that apply to your role. If you don't see your
|
# the ones that apply to your role. If you don't see your
|
||||||
# platform on this list, let us know and we'll get it added!
|
# platform on this list, let us know and we'll get it added!
|
||||||
#
|
#
|
||||||
platforms:
|
platforms:
|
||||||
- name: EL
|
- name: EL
|
||||||
versions:
|
versions:
|
||||||
# - all
|
- 7
|
||||||
# - 5
|
|
||||||
# - 6
|
|
||||||
- 7
|
|
||||||
#- name: GenericUNIX
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: Solaris
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 10
|
|
||||||
# - 11.0
|
|
||||||
# - 11.1
|
|
||||||
# - 11.2
|
|
||||||
# - 11.3
|
|
||||||
#- name: Fedora
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 16
|
|
||||||
# - 17
|
|
||||||
# - 18
|
|
||||||
# - 19
|
|
||||||
# - 20
|
|
||||||
# - 21
|
|
||||||
# - 22
|
|
||||||
# - 23
|
|
||||||
#- name: opensuse
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 12.1
|
|
||||||
# - 12.2
|
|
||||||
# - 12.3
|
|
||||||
# - 13.1
|
|
||||||
# - 13.2
|
|
||||||
#- name: IOS
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: SmartOS
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: eos
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - Any
|
|
||||||
#- name: Windows
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 2012R2
|
|
||||||
#- name: Amazon
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 2013.03
|
|
||||||
# - 2013.09
|
|
||||||
#- name: GenericBSD
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: Junos
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: FreeBSD
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 10.0
|
|
||||||
# - 10.1
|
|
||||||
# - 10.2
|
|
||||||
# - 8.0
|
|
||||||
# - 8.1
|
|
||||||
# - 8.2
|
|
||||||
# - 8.3
|
|
||||||
# - 8.4
|
|
||||||
# - 9.0
|
|
||||||
# - 9.1
|
|
||||||
# - 9.1
|
|
||||||
# - 9.2
|
|
||||||
# - 9.3
|
|
||||||
#- name: Ubuntu
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - lucid
|
|
||||||
# - maverick
|
|
||||||
# - natty
|
|
||||||
# - oneiric
|
|
||||||
# - precise
|
|
||||||
# - quantal
|
|
||||||
# - raring
|
|
||||||
# - saucy
|
|
||||||
# - trusty
|
|
||||||
# - utopic
|
|
||||||
# - vivid
|
|
||||||
# - wily
|
|
||||||
# - xenial
|
|
||||||
#- name: SLES
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - 10SP3
|
|
||||||
# - 10SP4
|
|
||||||
# - 11
|
|
||||||
# - 11SP1
|
|
||||||
# - 11SP2
|
|
||||||
# - 11SP3
|
|
||||||
#- name: GenericLinux
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: NXOS
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - any
|
|
||||||
#- name: Debian
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
# - etch
|
|
||||||
# - jessie
|
|
||||||
# - lenny
|
|
||||||
# - sid
|
|
||||||
# - squeeze
|
|
||||||
# - stretch
|
|
||||||
# - wheezy
|
|
||||||
|
|
||||||
galaxy_tags: []
|
|
||||||
# List tags for your role here, one per line. A tag is
|
|
||||||
# a keyword that describes and categorizes the role.
|
|
||||||
# Users find roles by searching for tags. Be sure to
|
|
||||||
# remove the '[]' above if you add tags to this list.
|
|
||||||
#
|
|
||||||
# NOTE: A tag is limited to a single word comprised of
|
|
||||||
# alphanumeric characters. Maximum 20 tags per role.
|
|
||||||
|
|
||||||
dependencies: []
|
galaxy_tags: []
|
||||||
|
# List tags for your role here, one per line. A tag is
|
||||||
|
# a keyword that describes and categorizes the role.
|
||||||
|
# Users find roles by searching for tags. Be sure to
|
||||||
|
# remove the '[]' above if you add tags to this list.
|
||||||
|
#
|
||||||
|
# NOTE: A tag is limited to a single word comprised of
|
||||||
|
# alphanumeric characters. Maximum 20 tags per role.
|
||||||
|
|
||||||
|
dependencies: []
|
||||||
# List your role dependencies here, one per line.
|
# List your role dependencies here, one per line.
|
||||||
# Be sure to remove the '[]' above if you add dependencies
|
# Be sure to remove the '[]' above if you add dependencies
|
||||||
# to this list.
|
# to this list.
|
||||||
|
|
|
@ -2,16 +2,43 @@
|
||||||
# tasks file for bvansomeren.cockpit
|
# tasks file for bvansomeren.cockpit
|
||||||
|
|
||||||
- name: ensure cockpit is installed
|
- name: ensure cockpit is installed
|
||||||
package:
|
package:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
state: present
|
state: present
|
||||||
loop: "{{ cockpit_packages }}"
|
loop: "{{ cockpit_packages }}"
|
||||||
|
|
||||||
- name: disable cockpit internal TLS
|
- name: disable cockpit internal TLS
|
||||||
ini_file: dest=/usr/lib/systemd/system/cockpit.service section=Service option=ExecStart value="/usr/libexec/cockpit-ws --no-tls"
|
ini_file:
|
||||||
|
dest: "/usr/lib/systemd/system/cockpit.service"
|
||||||
|
section: "Service"
|
||||||
|
option: "ExecStart"
|
||||||
|
value: "/usr/libexec/cockpit-ws --no-tls"
|
||||||
register: systemd
|
register: systemd
|
||||||
when: cockpit_disable_tls
|
when: cockpit_disable_tls
|
||||||
|
|
||||||
|
- name: change default listen port
|
||||||
|
block:
|
||||||
|
- ini_file:
|
||||||
|
dest: "/etc/systemd/system/cockpit.socket.d/listen.conf"
|
||||||
|
create: true
|
||||||
|
section: "Socket"
|
||||||
|
value: |
|
||||||
|
ListenStream=
|
||||||
|
ListenStream={{ cockpit_listen_port }}
|
||||||
|
when: cockpit_listen_port is not "9090"
|
||||||
|
|
||||||
|
- name: do selinux change if required
|
||||||
|
block:
|
||||||
|
- package:
|
||||||
|
name: policycoreutils-python
|
||||||
|
state: present
|
||||||
|
- seport:
|
||||||
|
ports: "{{ cockpit_listen_port }}"
|
||||||
|
proto: tcp
|
||||||
|
setype: websm_port_t
|
||||||
|
state: present
|
||||||
|
when: cockpit_listen_port is not "9090" and cockpit_use_selinux
|
||||||
|
|
||||||
- name: enable firewall
|
- name: enable firewall
|
||||||
firewalld:
|
firewalld:
|
||||||
port: "{{ cockpit_listen_port }}/tcp"
|
port: "{{ cockpit_listen_port }}/tcp"
|
||||||
|
@ -20,9 +47,9 @@
|
||||||
state: enabled
|
state: enabled
|
||||||
when: cockpit_use_firewalld
|
when: cockpit_use_firewalld
|
||||||
|
|
||||||
- name: reload systemd if unit file changed
|
|
||||||
command: systemctl daemon-reload
|
|
||||||
when: systemd.changed
|
|
||||||
|
|
||||||
- name: ensure Cockpit is started
|
- name: ensure Cockpit is started
|
||||||
service: name=cockpit state=started enabled=yes
|
systemd:
|
||||||
|
name: "cockpit.socket"
|
||||||
|
state: "started"
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
|
Loading…
Reference in New Issue
Block a user