zu viele Aenderungen auf einmal
This commit is contained in:
Marcus Gillitzer
107
roles/ams_sso/tasks/main.yml
Normal file
107
roles/ams_sso/tasks/main.yml
Normal file
@ -0,0 +1,107 @@
|
||||
---
|
||||
##prüfen ob die erforderliche Software installiert ist
|
||||
- name: ensure software krb5-workstation and krb5-libs are installed
|
||||
yum:
|
||||
name: "{{ packages }}"
|
||||
vars:
|
||||
packages:
|
||||
- krb5-workstation
|
||||
- krb5-libs
|
||||
##muss noch geklärt werden ob erforderlich
|
||||
##BitBW hat zudem Änderungen an dem File vorgenommen
|
||||
##daher u.U. BitBW noch informieren
|
||||
- name: Copy file sshd_config with owner and permissions
|
||||
become_user: root
|
||||
become: yes
|
||||
copy:
|
||||
src: ./files/sshd_config
|
||||
dest: /etc/ssh/sshd_config
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
- name: Template file ssh_config with owner and permissions
|
||||
template:
|
||||
src: ./templates/ssh_config.j2
|
||||
dest: /etc/ssh/ssh_config
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
##hier muss noch eine Lösung gefunden werden für die zwei Prod-Server mit jeweils eigenen Dateien
|
||||
##denkbar: host_vars und dort Variable auf den Quellpfad oder den Dateinamen
|
||||
##noch nicht umgesetzt, da sich die Namen und Ordner noch ändern können
|
||||
##M. Gillitzer 20200401
|
||||
- name: synchronize File remote from /sw/AMS/WEB/SSO_Komponenten/Keytabs_AMSE/krb5.keytab to /etc
|
||||
become_user: root
|
||||
become: yes
|
||||
synchronize:
|
||||
src: /sw/AMS/WEB/SSO_Komponenten/Keytabs_AMSE/krb5.keytab
|
||||
dest: /etc/krb5.keytab
|
||||
delegate_to: "{{ ansible_facts['default_ipv4']['address'] }}"
|
||||
- name: Template file krb5.conf with owner and permissions
|
||||
become_user: root
|
||||
become: yes
|
||||
template:
|
||||
src: ./templates/krb5.conf.j2
|
||||
dest: /etc/krb5.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
- name: Template file rsWebserviceAppserver.xml.j2 with owner and permissions
|
||||
template:
|
||||
src: ./templates/rsWebserviceAppserver.xml.j2
|
||||
dest: /opt/rola/ams/linux/Appserver/config/rsWebserviceAppserver.xml
|
||||
owner: jetty
|
||||
group: dba
|
||||
mode: '0644'
|
||||
- name: Template file rsWebserviceAppserverAdmin.xml.j2 with owner and permissions
|
||||
template:
|
||||
src: ./templates/rsWebserviceAppserverAdmin.xml.j2
|
||||
dest: /opt/rola/ams/linux/Appserveradmin/config/rsWebserviceAppserver.xml
|
||||
owner: jetty
|
||||
group: dba
|
||||
mode: '0644'
|
||||
- name: Kdestroy zum löschen der alten Verbindung
|
||||
command: /usr/bin/kdestroy
|
||||
become: yes
|
||||
become_user: root
|
||||
- name: Kinit zum erstellen der erstmaligen Verbindung
|
||||
command: /usr/bin/kinit -k HOST/{{ ansible_fqdn }}@{{ sso_domain_upper }}
|
||||
become: yes
|
||||
become_user: root
|
||||
- name: commit changes to git
|
||||
shell: |
|
||||
git add .
|
||||
git -c user.name='Ansible Playbook' -c user.email='ansible@playbook' commit -m "ams_sso"
|
||||
exit 0
|
||||
args:
|
||||
chdir: "/opt/rola"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user