gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
c021d36f8aebd434dd9dfc0e6b5d2665ee4e0e36
tsg-tsg-os-buildimage/ansible/roles/system-init/tasks/main.yml
songyanchao f46c61fca3 🐞 fix: Fix issue where 'sudo su' command loses 'MLX5_GLUE_PATH' environment variable. 
Fix issue where 'sudo su' command loses 'MLX5_GLUE_PATH' environment variable.
2024-02-04 05:25:55 -05:00

110 lines
2.6 KiB
YAML
Raw Blame History

---
- name: "enable sshd"
systemd:
name: sshd
enabled: yes
- name: "enable chronyd"
systemd:
name: chronyd
enabled: yes
- name: "set chrony.conf"
template:
src: "{{ role_path }}/templates/chrony.conf.j2"
dest: /usr/lib/tmpfiles.d/chrony.conf
tags: template
- name: "disable ntpd"
systemd:
name: ntpd
enabled: no
#Service Optimization
- name: "enable snmpd"
systemd:
name: snmpd
enabled: yes
- name: "enable snmptrapd"
systemd:
name: snmptrapd
enabled: yes
- name: "disenable abrt-ccpp"
systemd:
name: abrt-ccpp
enabled: no
- name: "disenable abrt-oops"
systemd:
name: abrt-oops
enabled: no
- name: "disenable abrtd"
systemd:
name: abrtd
enabled: no
- name: "disenable dmraid-activation"
systemd:
name: dmraid-activation
enabled: no
- name: "disenable postfix"
systemd:
name: postfix
enabled: no
- name: "set sshd UseDns no"
shell: sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
- name: "update initramfs"
shell: dracut --force -v /boot/initramfs-5.4.159-1.el7.elrepo.x86_64.img 5.4.159-1.el7.elrepo.x86_64
when: runtime_env != 'TSG-X-P0906'
- name: "Export MLX5_GLUE_PATH"
lineinfile:
dest: /etc/profile
line: 'export MLX5_GLUE_PATH=/opt/tsg/mrzcpd/lib'
- name: "Add 'MLX5_GLUE_PATH' to the list of environment variables preserved in sudoers"
shell: echo "Defaults env_keep += \"MLX5_GLUE_PATH\"" > /etc/sudoers.d/01-mrzcpd
- name: "Generate ansiblg.cfg after ansible upgrade in rockylinux8"
shell: ansible-config init --disabled > /etc/ansible/ansible.cfg
when: runtime_env == 'TSG-X-P0906'
- name: 'change ansible hash_behaviour value replace to merge'
lineinfile:
path: /etc/ansible/ansible.cfg
backrefs: yes
regexp: "^(.*hash_behaviour.*=.*replace.*)$"
line: '\1\nhash_behaviour = merge'
- name: 'install psutil'
shell: pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple psutil
when: runtime_env == 'TSG-X-P0906'
- name: "add sudo secure_path"
lineinfile:
path: /etc/sudoers
backrefs: yes
regexp: "^(.*Defaults secure_path =.*)$"
line: '\1:/opt/tsg/tsg-os-provision'
- name: "Comment /run/nologin create on system booting up"
replace:
path: /usr/lib/tmpfiles.d/systemd-nologin.conf
regexp: '^(F! /run/nologin 0644*)'
replace: '#\1'
- name: "Install python module"
shell: pip2 install -i https://pypi.tuna.tsinghua.edu.cn/simple PrettyTable==0.7.2
when: runtime_env == 'TSG-X-P0906'
- name: "copy tsg-dign to dest"
copy:
src: "{{ role_path }}/files/99-tsg-dign.rules"
dest: /usr/lib/udev/rules.d/99-tsg-dign.rules
mode: 0644
Reference in New Issue View Git Blame Copy Permalink