gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
ea48bf28025550b2df3a749e155afc4f2ff2a608
tsg-tsg-os-buildimage/ansible/roles/system-init/tasks/main.yml

143 lines
3.6 KiB
YAML
Raw Blame History

---
- name: "enable sshd"
systemd:
name: sshd
enabled: yes
- name: "enable chronyd"
systemd:
name: chronyd
enabled: yes
- name: "set chrony.conf"
template:
src: "{{ role_path }}/templates/chrony.conf.j2"
dest: /usr/lib/tmpfiles.d/chrony.conf
tags: template
- name: "disable ntpd"
systemd:
name: ntpd
enabled: no
#Service Optimization
- name: "enable snmpd"
systemd:
name: snmpd
enabled: yes
- name: "enable snmptrapd"
systemd:
name: snmptrapd
enabled: yes
- name: "disenable abrt-ccpp"
systemd:
name: abrt-ccpp
enabled: no
- name: "disenable abrt-oops"
systemd:
name: abrt-oops
enabled: no
- name: "disenable abrtd"
systemd:
name: abrtd
enabled: no
- name: "disenable dmraid-activation"
systemd:
name: dmraid-activation
enabled: no
- name: "disenable postfix"
systemd:
name: postfix
enabled: no
- name: "set sshd UseDns no"
shell: sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
- name: "update initramfs"
shell: dracut --force -v /boot/initramfs-5.4.159-1.el7.elrepo.x86_64.img 5.4.159-1.el7.elrepo.x86_64
when: runtime_env != 'TSG-X-P0906'
- name: "Export MLX5_GLUE_PATH"
lineinfile:
dest: /etc/profile
line: 'export MLX5_GLUE_PATH=/opt/tsg/mrzcpd/lib'
- name: "Add 'MLX5_GLUE_PATH' to the list of environment variables preserved in sudoers"
shell: echo "Defaults env_keep += \"MLX5_GLUE_PATH\"" > /etc/sudoers.d/01-mrzcpd
- name: "Generate ansiblg.cfg after ansible upgrade in rockylinux8"
shell: ansible-config init --disabled > /etc/ansible/ansible.cfg
when: runtime_env == 'TSG-X-P0906'
- name: 'change ansible hash_behaviour value replace to merge'
lineinfile:
path: /etc/ansible/ansible.cfg
backrefs: yes
regexp: "^(.*hash_behaviour.*=.*replace.*)$"
line: '\1\nhash_behaviour = merge'
- name: 'install psutil'
shell: pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple psutil
when: runtime_env == 'TSG-X-P0906'
- name: "add sudo secure_path"
lineinfile:
path: /etc/sudoers
backrefs: yes
regexp: "^(.*Defaults secure_path =.*)$"
line: '\1:/opt/tsg/tsg-os-provision'
- name: "Comment /run/nologin create on system booting up"
replace:
path: /usr/lib/tmpfiles.d/systemd-nologin.conf
regexp: '^(F! /run/nologin 0644*)'
replace: '#\1'
- name: "Install python module"
shell: pip2 install -i https://pypi.tuna.tsinghua.edu.cn/simple PrettyTable==0.7.2
when: runtime_env == 'TSG-X-P0906'
- name: "copy tsg-dign to dest"
copy:
src: "{{ role_path }}/files/99-tsg-dign.rules"
dest: /usr/lib/udev/rules.d/99-tsg-dign.rules
mode: 0644
- name: "Create dracut/modules.d/99overlaymount directory if it does not exist"
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- /usr/lib/dracut/modules.d/99overlaymount
when: runtime_env == 'TSG-X-P0906'
- name: "copy dracut module-setup.sh to dest"
copy:
src: "{{ role_path }}/files/module-setup.sh"
dest: /usr/lib/dracut/modules.d/99overlaymount/module-setup.sh
mode: 0755
when: runtime_env == 'TSG-X-P0906'
- name: "copy overlaymount.sh to dest"
copy:
src: "{{ role_path }}/files/overlaymount.sh"
dest: /usr/lib/dracut/modules.d/99overlaymount/overlaymount.sh
mode: 0755
when: runtime_env == 'TSG-X-P0906'
- name: "add dracut module to initramfs"
shell: dracut --force -v /boot/initramfs-5.17.15-1.el8.x86_64.img 5.17.15-1.el8.x86_64
when: runtime_env == 'TSG-X-P0906'
- name: "install python3 toml"
shell: python3 -m pip install toml
- name: "install python3 sdnotify"
shell: python3 -m pip install sdnotify
Reference in New Issue View Git Blame Copy Permalink