davrot/neuro_ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Upload

Browse source
This commit is contained in:
David Rotermund 2024-04-20 02:23:17 +02:00
parent 3ebf9d1d81
commit 7940c31b95
6 changed files with 343 additions and 255 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
update_jobs/hourly_update.yaml
View file

@ -4,7 +4,6 @@
become: true become: true
tasks: tasks:
- name: block shutdown - name: block shutdown
blockinfile: blockinfile:
path: /etc/polkit-1/rules.d/55-inhibit-shutdown.rules path: /etc/polkit-1/rules.d/55-inhibit-shutdown.rules

32
install_desktop_packages.yaml → update_jobs/install_desktop_packages.yaml
View file

@ -4,12 +4,34 @@
become: true become: true
tasks: tasks:
- name: block shutdown
blockinfile:
path: /etc/polkit-1/rules.d/55-inhibit-shutdown.rules
state: present
create: true
owner: "root"
group: "root"
mode: "0666"
block: |
polkit.addRule(function(action, subject) {
if (action.id.indexOf("org.freedesktop.login1.power-off") == 0 ||
action.id.indexOf("org.freedesktop.login1.reboot") == 0) {
return polkit.Result.AUTH_ADMIN;
}
});
- name: Make sure systemd-oomd service unit is stopped
systemd_service:
state: stopped
name: systemd-oomd
- name: Install base system - name: Install base system
include_tasks: yaml_sub/install_base_system.yaml include_tasks: yaml_sub/install_base_system.yaml
- name: remove other files - name: remove other files
include_tasks: yaml_sub/myrepo_clean.yaml include_tasks: yaml_sub/myrepo_clean.yaml
- name: update file myrepo.repo - name: update file myrepo.repo
import_tasks: yaml_sub/myrepo_data.yaml import_tasks: yaml_sub/myrepo_data.yaml
- name: install movie tools - name: install movie tools
@ -41,3 +63,13 @@
- name: disable tracker - name: disable tracker
shell: 'for f in /etc/xdg/autostart/tracker*.desktop; do echo "Hidden=true" | tee -a "$f"; done' shell: 'for f in /etc/xdg/autostart/tracker*.desktop; do echo "Hidden=true" | tee -a "$f"; done'
- name: Make sure systemd-oomd service unit is started
systemd_service:
state: started
name: systemd-oomd
- name: stop shutdown embargo
ansible.builtin.file:
path: /etc/polkit-1/rules.d/55-inhibit-shutdown.rules
state: "absent"

56
update_jobs/update_to_version.yaml Normal file
View file

@ -0,0 +1,56 @@
---
- name: upgrade to next version
hosts: all
become: true
tasks:
- name: block shutdown
blockinfile:
path: /etc/polkit-1/rules.d/55-inhibit-shutdown.rules
state: present
create: true
owner: "root"
group: "root"
mode: "0666"
block: |
polkit.addRule(function(action, subject) {
if (action.id.indexOf("org.freedesktop.login1.power-off") == 0 ||
action.id.indexOf("org.freedesktop.login1.reboot") == 0) {
return polkit.Result.AUTH_ADMIN;
}
});
- name: Make sure systemd-oomd service unit is stopped
systemd_service:
state: stopped
name: systemd-oomd
- name: remove other files
include_tasks: ../yaml_sub/myrepo_clean.yaml
- name: update file myrepo.repo
import_tasks: ../yaml_sub/myrepo_data.yaml
- name: install system-upgrade
dnf:
name: "dnf-command(system-upgrade)"
state: present
update_cache: true
skip_broken: true
nobest: false
allowerasing: true
- name: upgrade version
shell: "dnf -y system-upgrade download --refresh --releasever={{version}} --allowerasing --best --skip-broken; dnf system-upgrade reboot"
- name: Make sure systemd-oomd service unit is started
systemd_service:
state: started
name: systemd-oomd
- name: stop shutdown embargo
ansible.builtin.file:
path: /etc/polkit-1/rules.d/55-inhibit-shutdown.rules
state: "absent"

1
update_jobs/yaml_sub Symbolic link
View file

@ -0,0 +1 @@
../yaml_sub

7
yaml_sub/install_base_system.yaml
View file

@ -134,7 +134,7 @@
- name: Set SELinux to disabled - name: Set SELinux to disabled
lineinfile: lineinfile:
path: /etc/selinux/config path: /etc/selinux/config
regexp: '^SELINUX=' regexp: "^SELINUX="
line: SELINUX=disabled line: SELINUX=disabled
create: true create: true
@ -144,11 +144,13 @@
state: present state: present
line: "TCPKeepAlive yes" line: "TCPKeepAlive yes"
create: true create: true
- name: Set SSHd Config (ClientAliveInterval) - name: Set SSHd Config (ClientAliveInterval)
lineinfile: lineinfile:
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config
state: present state: present
line: "ClientAliveInterval 30" line: "ClientAliveInterval 30"
- name: Set SSHd Config (ClientAliveCountMax) - name: Set SSHd Config (ClientAliveCountMax)
lineinfile: lineinfile:
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config
@ -178,7 +180,7 @@
lineinfile: lineinfile:
path: /etc/cups/client.conf path: /etc/cups/client.conf
state: present state: present
line: "ServerName 10.10.10.16" line: "ServerName 10.10.0.8"
create: true create: true
- name: ldap - name: ldap
@ -248,4 +250,3 @@
export PATH export PATH
shlib_path_name=/opt/sge/lib/lx-amd64/:$LD_LIBRARY_PATH shlib_path_name=/opt/sge/lib/lx-amd64/:$LD_LIBRARY_PATH
export shlib_path_name export shlib_path_name

13
yaml_sub/myrepo_data.yaml
View file

@ -50,11 +50,11 @@
enabled=1 enabled=1
gpgcheck=0 gpgcheck=0
[oneAPI] # [oneAPI]
name=oneAPI # name=oneAPI
baseurl=http://10.10.0.11/repos/Fedora/AllVersion/oneAPI # baseurl=http://10.10.0.11/repos/Fedora/AllVersion/oneAPI
enabled=1 # enabled=1
gpgcheck=0 # gpgcheck=0
[Opera] [Opera]
name=Opera name=Opera
@ -88,7 +88,7 @@
[SGE] [SGE]
name=SGE name=SGE
baseurl=http://10.10.0.11/repos/Fedora/32/sge/copr-be.cloud.fedoraproject.org/results/loveshack/SGE/fedora-32-x86_64 baseurl=http://10.10.0.11/repos/Fedora/37/sge/copr-be.cloud.fedoraproject.org/results/loveshack/SGE/fedora-37-x86_64
enabled=1 enabled=1
gpgcheck=0 gpgcheck=0
@ -115,4 +115,3 @@
baseurl=http://10.10.0.11/repos/Fedora/$releasever/docker baseurl=http://10.10.0.11/repos/Fedora/$releasever/docker
enabled=0 enabled=0
gpgcheck=0 gpgcheck=0