From 14852ce15a03440876a9c87c7662443363cfdeab Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Fri, 22 May 2020 16:45:58 +0200 Subject: [PATCH] Fixes #19323. Manage global proxy settings, aggregate some basic tasks in a single role. --- README.md | 23 +----------- defaults/main.yml | 31 +++++++++++++++- meta/main.yml | 63 +++++++------------------------- tasks/hostname.yml | 17 +++++++++ tasks/http_client_proxy.yml | 14 +++++++ tasks/locale.yml | 28 ++++++++++++++ tasks/main.yml | 5 ++- tasks/timezone.yml | 21 +++++++++++ templates/10-caching-proxy.sh.j2 | 7 ++++ 9 files changed, 137 insertions(+), 72 deletions(-) create mode 100644 tasks/hostname.yml create mode 100644 tasks/http_client_proxy.yml create mode 100644 tasks/locale.yml create mode 100644 tasks/timezone.yml create mode 100644 templates/10-caching-proxy.sh.j2 diff --git a/README.md b/README.md index 3637db8..52d000c 100644 --- a/README.md +++ b/README.md @@ -1,31 +1,12 @@ Role Name ========= -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. +This role runs a set of tasks that perform some basic systems configurations Role Variables -------------- -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } +timezone: 'Europe/Rome' License ------- diff --git a/defaults/main.yml b/defaults/main.yml index 95d3c70..2634f95 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,2 +1,31 @@ --- -# defaults file for ansible-role-template \ No newline at end of file +# timezone +timezone: 'Europe/Rome' +default_locale: "en_US.UTF-8" +locales_list: + - { name: '{{ deb_default_locale }}' } + - { name: 'en_US' } + - { name: 'it_IT.UTF-8' } + - { name: 'it_IT' } + +enable_env_proxy: False +env_proxy_http_host: 'localhost' +env_proxy_http_port: '3128' +env_proxy_http_protocol: 'http' +env_proxy_https_protocol: '{{ env_proxy_http_protocol }}' +env_proxy_http_url: '{{ env_proxy_http_protocol }}://{{ env_proxy_http_host }}:{{ env_proxy_http_port }}' +env_proxy_https_url: '{{ env_proxy_http_url }}' +env_proxy_protocols: + - 'http_proxy' + - 'https_proxy' + - 'ftp_proxy' + - 'HTTP_PROXY' + - 'HTTPS_PROXY' + - 'FTP_PROXY' +env_proxy_use_authentication: False +env_proxy_username: '' +env_proxy_password: '' +no_proxy_targets: + - '::1' + - '127.0.0.1' + - 'localhost' diff --git a/meta/main.yml b/meta/main.yml index 1126a5e..bca318a 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,61 +1,26 @@ galaxy_info: - author: your name - description: your description + author: Andrea Dell'Amico + description: Systems Architect company: ISTI-CNR - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value issue_tracker_url: https://redmine-s2i2s.isti.cnr.it/projects/provisioning - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: EUPL-1.2 + license: EUPL 1.2+ min_ansible_version: 2.8 - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. # To view available platforms and versions (or releases), visit: # https://galaxy.ansible.com/api/v1/platforms/ # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. + platforms: + - name: Ubuntu + versions: + - bionic + - name: EL + versions: + - 7 + - 8 + galaxy_tags: + - os-setup + diff --git a/tasks/hostname.yml b/tasks/hostname.yml new file mode 100644 index 0000000..1444646 --- /dev/null +++ b/tasks/hostname.yml @@ -0,0 +1,17 @@ +--- +- name: Set the hostname when different from the inventory one. + hostname: name={{ hostname }} + when: hostname is defined + tags: [ 'systemsetup', 'hostname' ] + +- name: Set the hostname as defined in the inventory + hostname: name={{ inventory_hostname }} + when: hostname is not defined + tags: [ 'systemsetup', 'hostname' ] + +- name: Add the hostname to /etc/hosts + shell: grep -v {{ ansible_default_ipv4.address }} /etc/hosts > /etc/hosts.tmp ; echo "{{ ansible_default_ipv4.address }} {{ hostname }} {{ ansible_hostname }}" >> /etc/hosts.tmp ; /bin/mv /etc/hosts.tmp /etc/hosts + when: + - hostname is defined + - ansible_virtualization_type == 'xen' + tags: [ 'systemsetup', 'hostname' ] diff --git a/tasks/http_client_proxy.yml b/tasks/http_client_proxy.yml new file mode 100644 index 0000000..e5996f6 --- /dev/null +++ b/tasks/http_client_proxy.yml @@ -0,0 +1,14 @@ +--- +- name: Proxy in the global shell environment + block: + - name: Install the proxy environment file + template: src=10-caching-proxy.sh.j2 dest=/etc/profile.d/10-caching-proxy.sh owner=root group=root mode=0444 + when: + - proxy_env is defined + - enable_env_proxy | bool + + - name: Remove the proxy environment file if not required + template: src=10-caching-proxy.sh.j2 dest=/etc/profile.d/10-caching-proxy.sh owner=root group=root mode=0444 + when: not enable_env_proxy | bool + + tags: [ 'systemsetup', 'proxyenv' ] diff --git a/tasks/locale.yml b/tasks/locale.yml new file mode 100644 index 0000000..dccb806 --- /dev/null +++ b/tasks/locale.yml @@ -0,0 +1,28 @@ +--- +- name: Generate locales and set the default locale on Debian and Ubuntu distributions + block: + - name: Add/remove a list of locales + locale_gen: name={{ item.name }} state={{ item.state | default('present') }} + with_items: '{{ deb_locales_list }}' + + when: ansible_distribution_file_variety == "Debian" + tags: [ 'systemsetup', 'locale' ] + +- block: + - name: Set the default locale on Trusty + shell: update-locale LANG={{ deb_default_locale }} + + when: ansible_distribution_release == "trusty" + tags: [ 'systemsetup', 'locale' ] + +- name: Set the locale on distributions that run systemd + block: + - name: Check if localectl exists + stat: path=/usr/bin/localectl + register: localectl_executable + + - name: Set the default locale + command: localectl set-locale {{ default_locale }} + when: localectl_executable.stat.exists | bool + + tags: [ 'systemsetup', 'locale' ] diff --git a/tasks/main.yml b/tasks/main.yml index 53c6cae..4448ed2 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,2 +1,5 @@ --- -# tasks file for ansible-role-template \ No newline at end of file +- import_tasks: hostname.yml +- import_tasks: locale.yml +- import_tasks: timezone.yml +- import_tasks: http_client_proxy.yml diff --git a/tasks/timezone.yml b/tasks/timezone.yml new file mode 100644 index 0000000..8b05dec --- /dev/null +++ b/tasks/timezone.yml @@ -0,0 +1,21 @@ +--- +- name: Manage the timezone in Ubuntu Trusty and older + block: + - name: Write the timezone file + template: src=etc-timezone.j2 dest=/etc/timezone owner=root group=root mode=0644 + register: set_timezone + + - name: Reconfigure the system tzdata + command: dpkg-reconfigure --frontend noninteractive tzdata + when: set_timezone is changed + + when: ansible_distribution_release == "trusty" + tags: [ 'systemsetup', 'timezone' ] + +- name: Manage the timezone in Ubuntu Bionic or CentOS + block: + - name: Set the timezone + command: timedatectl set-timezone {{ timezone }} + + when: ansible_facts['distribution_version'] is version_compare('16.04', '>=') or ansible_distribution_file_variety == "RedHat" + tags: [ 'systemsetup', 'timezone' ] diff --git a/templates/10-caching-proxy.sh.j2 b/templates/10-caching-proxy.sh.j2 new file mode 100644 index 0000000..c1eab35 --- /dev/null +++ b/templates/10-caching-proxy.sh.j2 @@ -0,0 +1,7 @@ +{% if env_proxy_use_authentication %} +{% for proto in env_proxy_protocols %} +export {{ proto }}="{{ proxy_env.http_proxy }}" +{% endfor %} +{% endif %} +export no_proxy="{% for target in no_proxy_targets %}{{ target }}{% if not loop.last %},{% endfor %}" +export NO_PROXY="{% for target in no_proxy_targets %}{{ target }}{% if not loop.last %},{% endfor %}"