nicolas
/
red-hat-kiosk
mirror of https://github.com/nmasse-itix/red-hat-kiosk.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
111 Commits
4 Branches
0 Tags
195 KiB
 
 
 
 
 
Tree: 1a93cfe6db
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1a93cfe6db'
${ noResults }
red-hat-kiosk/ansible/prerequisites.yaml

148 lines
3.8 KiB
Raw Blame History

- name: Install prerequisites
hosts: all
become: true
tasks:
- community.general.rhsm_repository:
name:
- rhocp-4.14-for-rhel-9-{{ ansible_facts['userspace_architecture'] }}-rpms
- fast-datapath-for-rhel-9-{{ ansible_facts['userspace_architecture'] }}-rpms
state: enabled
- name: Install EPEL release package
become: true
ansible.builtin.dnf:
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
state: present
disable_gpg_check: true
- name: Install packages
ansible.builtin.dnf:
name:
- python3-toml
- createrepo
- git
- rpm-build
- rpmdevtools
- rpmrebuild
- mkpasswd
- podman
- buildah
- nginx
- lorax
- pykickstart
- osbuild-composer
- composer-cli
- cockpit-composer
- git
- firewalld
state: installed
- name: Start services
ansible.builtin.systemd:
name: "{{ item }}"
enabled: yes
state: started
loop:
- osbuild-composer.socket
- firewalld.service
- cockpit.socket
- nginx.service
- name: Adding ansible_user to the weldr group
ansible.builtin.user:
name: '{{ ansible_user | default(ansible_env.SUDO_USER) }}'
groups: weldr
append: yes
- name: Allow HTTP and HTTPS
ansible.posix.firewalld:
service: '{{ item }}'
permanent: true
immediate: true
state: enabled
loop:
- http
- https
- name: Ensure the ostree directory exists
become: true
ansible.builtin.file:
path: "{{ www_location }}"
state: directory
mode: '0755'
serole: object_r
setype: httpd_sys_content_t
seuser: system_u
- name: Configure nginx
lineinfile:
path: /etc/nginx/nginx.conf
line: "root {{ www_location }};"
regexp: "^\\s*root\\s+.*;"
- name: Restart nginx
ansible.builtin.systemd:
name: nginx.service
state: restarted
- name: Ensure the repository directory exists
become: true
ansible.builtin.file:
path: "{{ repo_location }}"
state: directory
mode: '0755'
- name: Update the repository with createrepo
become: true
ansible.builtin.command:
cmd: "createrepo {{ repo_location }}"
- name: Add custom repository
ansible.builtin.yum_repository:
name: custom
file: custom
description: Custom RPMS
baseurl: file://{{ repo_location }}
enabled: true
gpgcheck: false
- name: Add sources
infra.osbuild.repository: '{{ item }}'
loop:
- repo_name: custom packages for RHEL
type: yum-baseurl
base_url: file://{{ repo_location }}
check_gpg: false
check_ssl: false
rhsm: false
state: present
- repo_name: Red Hat OpenShift Container Platform 4.14 for RHEL 9
type: yum-baseurl
base_url: https://cdn.redhat.com/content/dist/layered/rhel9/{{ ansible_facts['userspace_architecture'] }}/rhocp/4.14/os
check_gpg: true
check_ssl: true
rhsm: true
state: present
- repo_name: Fast Datapath for RHEL 9
type: yum-baseurl
base_url: https://cdn.redhat.com/content/dist/layered/rhel9/{{ ansible_facts['userspace_architecture'] }}/fast-datapath/os
check_gpg: true
check_ssl: true
rhsm: true
state: present
- repo_name: Extra Packages for Enterprise Linux
type: yum-baseurl
base_url: http://mirror.in2p3.fr/pub/epel/9/Everything/{{ ansible_facts['userspace_architecture'] }}/
check_gpg: false
check_ssl: false
rhsm: false
state: present
loop_control:
label: '{{ item.repo_name }}'
- name: Install packages on the ansible controller
dnf:
name:
- python3-toml
state: installed
delegate_to: localhost