refactor(configuration): relocate login banner and fix blockinfile markers

2026-02-20 20:16:19 +01:00
parent cf68a93b45
commit fba2e5fc94
2 changed files with 18 additions and 26 deletions
--- a/roles/configuration/tasks/banner.yml
+++ b/roles/configuration/tasks/banner.yml
@@ -23,6 +23,22 @@
        - /mnt/etc/motd.d/insights-client
      failed_when: false

+- name: Create login banner
+  ansible.builtin.copy:
+    dest: "{{ item }}"
+    content: |
+      **************************************************************
+      * WARNING: Unauthorized access to this system is prohibited. *
+      * All activities are monitored and logged.                   *
+      * Disconnect immediately if you are not an authorized user.  *
+      **************************************************************
+    owner: root
+    group: root
+    mode: "0644"
+  loop:
+    - /mnt/etc/issue
+    - /mnt/etc/issue.net
+
 - name: Configure sudo banner
  when: system_cfg.features.banner.sudo | bool
  block:
--- a/roles/configuration/tasks/extras.yml
+++ b/roles/configuration/tasks/extras.yml
@@ -9,7 +9,7 @@
      set smartindent
      set mouse=a
    insertafter: EOF
-    marker: ""
+    marker: "# {mark} CUSTOM VIM CONFIG"
  failed_when: false

 - name: Add memory tuning parameters
@@ -22,7 +22,7 @@
      vm.dirty_background_ratio=1
      vm.dirty_ratio=10
      vm.page-cluster=10
-    marker: ""
+    marker: "# {mark} MEMORY TUNING"
    mode: "0644"

 - name: Create zram config
@@ -46,27 +46,3 @@
    dest: /mnt/etc/profile.d/custom.sh
    mode: "0644"

- name: Create login banner
-  ansible.builtin.copy:
-    dest: "{{ item }}"
-    content: |
-      **************************************************************
-      * WARNING: Unauthorized access to this system is prohibited. *
-      * All activities are monitored and logged.                   *
-      * Disconnect immediately if you are not an authorized user.  *
-      **************************************************************
-    owner: root
-    group: root
-    mode: "0644"
-  loop:
-    - /mnt/etc/issue
-    - /mnt/etc/issue.net
-
- name: Remove motd files
-  when: os == "rhel"
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: absent
-  loop:
-    - /mnt/etc/motd.d/cockpit
-    - /mnt/etc/motd.d/insights-client