140 lines
3.2 KiB
YAML
140 lines
3.2 KiB
YAML
---
|
|
##
|
|
- name: debug
|
|
debug:
|
|
var: ansible_facts
|
|
|
|
- name: debug
|
|
debug:
|
|
var: ansible_fqdn
|
|
##prüfen ob die erforderliche Software installiert ist
|
|
- name: ensure software krb5-workstation and krb5-libs are installed
|
|
become_user: root
|
|
become: yes
|
|
yum:
|
|
name:
|
|
- krb5-workstation
|
|
- krb5-libs
|
|
state: present
|
|
disable_gpg_check: yes
|
|
|
|
|
|
##muss noch geklärt werden ob erforderlich
|
|
##BitBW hat zudem Änderungen an dem File vorgenommen
|
|
##daher u.U. BitBW noch informieren
|
|
- name: Copy file sshd_config with owner and permissions
|
|
become_user: root
|
|
become: yes
|
|
copy:
|
|
src: ./files/sshd_config
|
|
dest: /etc/ssh/sshd_config
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
- name: Template file ssh_config with owner and permissions
|
|
become_user: root
|
|
become: yes
|
|
template:
|
|
src: ./templates/ssh_config.j2
|
|
dest: /etc/ssh/ssh_config
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
- name: copy File remote from ./files/{{ ansible_hostname }}_krb5.keytab to /etc
|
|
become_user: root
|
|
become: yes
|
|
copy:
|
|
src: ./files/{{ ansible_hostname }}_krb5.keytab
|
|
dest: /etc/krb5.keytab
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
|
|
- name: copy File krb5.conf_devel /etc
|
|
become_user: root
|
|
become: yes
|
|
copy:
|
|
src: krb5.conf_devel
|
|
dest: /etc/krb5.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
when: ansible_fqdn == 'epolsa5069bit03.tpolizei-bw.de' or ansible_fqdn == 'epolsa5073bit03.tpolizei-bw.de'
|
|
|
|
|
|
- name: copy File krb5.conf_prod /etc
|
|
become_user: root
|
|
become: yes
|
|
copy:
|
|
src: krb5.conf_prod
|
|
dest: /etc/krb5.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
when: ansible_fqdn == 'polsa5079bit03.polizei-bw.net' or ansible_fqdn == 'polsa5079stu02.polizei-bw.net' or ansible_fqdn == 'polsa5069stu02.spolizei-bw.edu'
|
|
|
|
|
|
|
|
|
|
#- name: Template file rsWebserviceAppserver.xml.j2 with owner and permissions
|
|
#template:
|
|
#src: ./templates/rsWebserviceAppserver.xml.j2
|
|
#dest: /opt/rola/ams/linux/Appserver/config/rsWebserviceAppserver.xml
|
|
#owner: jetty
|
|
#group: dba
|
|
#mode: '0644'
|
|
#- name: Template file rsWebserviceAppserverAdmin.xml.j2 with owner and permissions
|
|
#template:
|
|
#src: ./templates/rsWebserviceAppserverAdmin.xml.j2
|
|
#dest: /opt/rola/ams/linux/Appserveradmin/config/rsWebserviceAppserver.xml
|
|
#owner: jetty
|
|
#group: dba
|
|
#mode: '0644'
|
|
- name: Kdestroy zum löschen der alten Verbindung
|
|
command: /usr/bin/kdestroy
|
|
become: yes
|
|
become_user: root
|
|
- name: Kinit zum erstellen der erstmaligen Verbindung
|
|
become: yes
|
|
become_user: root
|
|
command: /usr/bin/kinit -k HOST/{{ ansible_fqdn }}@{{ sso_domain_upper }}
|
|
|
|
- name: commit changes to git
|
|
shell: |
|
|
git add .
|
|
git -c user.name='Ansible Playbook' -c user.email='ansible@playbook' commit -m "ams_sso"
|
|
exit 0
|
|
args:
|
|
chdir: "/opt/rola"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|