--- /dev/null
+---
+- name: Set up the host machine for autocluster
+ connection: local
+ hosts: localhost
+
+ tasks:
+ - name: install latest vagrant rpm
+ package:
+ name: https://releases.hashicorp.com/vagrant/2.2.3/vagrant_2.2.3_x86_64.rpm
+ state: present
+
+ - name: install vagrant plugins
+ command: vagrant plugin install {{item}}
+ with_items:
+ - vagrant-libvirt
+ - vagrant-proxyconf
+
+ - name: dependencies for virt_pool module
+ package:
+ name:
+ - libvirt-python
+ - python-lxml
+ state: present
+
+ - name: ensure autocluster storage pool exists
+ virt_pool:
+ name: autocluster
+ state: present
+ autostart: yes
+ xml: >
+ <pool type='dir'>
+ <name>autocluster</name>
+ <target>
+ <path>/virtual/autocluster</path>
+ </target>
+ </pool>
+
+ # It seems that you can't force the pool to be active above when creating it!
+ - name: ensure autocluster storage pool is active
+ virt_pool:
+ name: autocluster
+ state: active
+
+ - name: install NFS server
+ package:
+ name: nfs-utils
+ state: present
+
+ - name: enable/start NFS server
+ service:
+ name: "{{item}}"
+ enabled: yes
+ state: started
+ with_items:
+ - nfs
+ - nfslock
+
+ # This was tough to figure out...
+ - name: allow NFS through firewall
+ firewalld:
+ service: "{{item}}"
+ zone: public
+ state: enabled
+ permanent: yes
+ immediate: yes
+ with_items:
+ - mountd
+ - rpc-bind
+ - nfs3
+
+ # Need to add a restart or "exportfs -r"
+ - name: export /home via NFS
+ template:
+ # This can be parameterised later when there are host onfig variables
+ src: home_exports.j2
+ dest: /etc/exports.d/autocluster-home.exports
+
+ - name: ensure an NTP server is installed
+ package:
+ name: chrony
+ state: present
+
+ - name: allow NTP through firewall
+ firewalld:
+ service: ntp
+ zone: public
+ state: enabled
+ permanent: yes
+ immediate: yes
+
+ - name: enable/start NTP server
+ service:
+ name: chronyd
+ enabled: yes
+ state: started
+
+ - name: ensure an HTTP server is installed
+ package:
+ name: httpd
+ state: present
+
+ - name: enable/start HTTP server
+ service:
+ name: httpd
+ enabled: yes
+ state: started
+
+ - name: allow HTTP through firewall
+ firewalld:
+ service: http
+ zone: public
+ state: enabled
+ permanent: yes
+ immediate: yes
+
+ - name: ensure HTTP link for mediasets directory
+ file:
+ src: /home/mediasets
+ path: /var/www/html/mediasets
+ state: link
+ force: yes
+
+ - name: ensure semanage command is available
+ package:
+ name: policycoreutils-python
+ state: present
+
+ - name: selinux setup for /home/mediasets
+ command: "{{item}}"
+ with_items:
+ - chcon -R -t httpd_user_content_t /home/mediasets
+ - semanage boolean -m -1 httpd_unified
+ - semanage boolean -m -1 httpd_enable_homedirs
+
+ - name: install Python dependencies for Ansible Jinja templating
+ package:
+ name: python-netaddr
+ state: present
--- /dev/null
+---
+- name: Set up an autocluster SSH key for the current user
+ connection: local
+ hosts: localhost
+
+ tasks:
+ - name: create SSH autocluster ID
+ # Not the most modern but compatibile with old distros such as
+ # Centos 6
+ command: >
+ ssh-keygen -b 2028 -t rsa -N "" -C "autocluster"
+ -f "{{ ansible_env.HOME }}/.ssh/id_autocluster"
+ args:
+ creates: "{{ ansible_env.HOME }}/.ssh/id_autocluster"
+
+ - name: create SSH autocluster.d/ configuration directory
+ file:
+ path: "{{ ansible_env.HOME }}/.ssh/autocluster.d"
+ state: directory
+
+ - name: update SSH config to include config autocluster clusters
+ lineinfile:
+ path: "{{ ansible_env.HOME }}/.ssh/config"
+ regexp: "^Include autocluster\.d/\*\.config$"
+ line: "Include autocluster.d/*.config"