Updates to many roles, including main user role to allow setting an alternate home directory

2022-08-25 00:23:56 -06:00
parent 03ee154857
commit 6b36273324
36 changed files with 2619 additions and 9 deletions
--- a/virt/opennebula-6.2-kvm-node/files/ssh.config
+++ b/virt/opennebula-6.2-kvm-node/files/ssh.config
@@ -0,0 +1,3 @@
+# So ansible does not have to add each hypervisor node to known_hosts
+StrictHostKeyChecking=no
+UserKnownHostsFile=/dev/null
--- a/virt/opennebula-6.2-kvm-node/handlers/main.yml
+++ b/virt/opennebula-6.2-kvm-node/handlers/main.yml
@@ -0,0 +1,3 @@
+---
+- name: restart libvirtd
+  service: name=libvirtd state=restarted
--- a/virt/opennebula-6.2-kvm-node/tasks/main.yml
+++ b/virt/opennebula-6.2-kvm-node/tasks/main.yml
@@ -0,0 +1,79 @@
+---
+- name: Adding Debian OpenNebula GPG key
+  apt_key: url='https://downloads.opennebula.io/repo/repo.key' state=present
+  when: ansible_os_family == "Debian"
+
+# Note, using http instead of https so apt-cacher-ng may cache the repo
+- name: Adding Debian 10 OpenNebula repository
+  apt_repository: repo='deb http://downloads.opennebula.io/repo/6.2/Debian/10 stable opennebula' state=present
+  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "10"
+
+- name: Adding Debian 11 OpenNebula repository
+  apt_repository: repo='deb http://downloads.opennebula.io/repo/6.2/Debian/11 stable opennebula' state=present
+  when: ansible_os_family == "Debian" and ansible_distribution_major_version == "11"
+
+# Install OpenNebula Node
+- name: Installing OpenNebula controller applications
+  apt:
+    update_cache: yes
+    state: present
+    name: opennebula-node-kvm
+  notify: restart libvirtd
+
+# Copy /etc/libvirt/libvirt.conf to bypass polkit socket permissions
+# - name: Copying libvirtd.conf
+#   copy:
+#     src: 'libvirtd-debian10.conf'
+#     dest: '/etc/libvirt/libvirtd.conf'
+#     owner: 'root'
+#     group: 'root'
+#     mode: '0644'
+#   notify: restart libvirtd
+#   when: ansible_os_family == "Debian" and ansible_distribution_major_version == "10"
+
+# # Copy /etc/libvirt/libvirt.conf to bypass polkit socker permissions
+# - name: Copying libvirtd.conf
+#   copy:
+#     src: 'libvirtd-debian9.conf'
+#     dest: '/etc/libvirt/libvirtd.conf'
+#     owner: 'root'
+#     group: 'root'
+#     mode: '0644'
+#   notify: restart libvirtd
+#   when: ansible_os_family == "Debian" and ansible_distribution_major_version == "9"
+
+# Set permissions on /var/lib/one folder
+- name: Ensuring permissions on /var/lib/one directory
+  file:
+    path: /var/lib/one
+    state: directory
+    owner: oneadmin
+    group: oneadmin
+    mode: '0755'
+
+# Create /var/lib/one/.ssh folder
+- name: Creating /var/lib/one/.ssh directory
+  file:
+    path: /var/lib/one/.ssh
+    state: directory
+    owner: oneadmin
+    group: oneadmin
+    mode: '0755'
+
+# Create /var/log/one folder or the daemon will not start
+- name: Creating /var/log/one directory
+  file:
+    path: /var/log/one
+    state: directory
+    owner: oneadmin
+    group: oneadmin
+    mode: '0755'
+
+# Copy ssh client config for oneadmin user
+- name: Copying oneadmin SSH client config
+  copy:
+    src: 'files/ssh.config'
+    dest: '/var/lib/one/.ssh/config'
+    owner: 'oneadmin'
+    group: 'oneadmin'
+    mode: '0644'