102 lines
3.3 KiB
YAML
102 lines
3.3 KiB
YAML
---
|
|
- name: Select primary Network Interface
|
|
when: hypervisor_type == "vmware"
|
|
ansible.builtin.set_fact:
|
|
environment_interface_name: >-
|
|
{{
|
|
(
|
|
(ansible_facts.interfaces | default(ansible_facts['ansible_interfaces'] | default([])))
|
|
| reject('equalto', 'lo')
|
|
| list
|
|
| first
|
|
)
|
|
| default('')
|
|
}}
|
|
|
|
- name: Bring up network interface
|
|
when:
|
|
- hypervisor_type == "vmware"
|
|
- environment_interface_name | default('') | length > 0
|
|
ansible.builtin.command: "ip link set {{ environment_interface_name }} up"
|
|
register: environment_link_result
|
|
changed_when: environment_link_result.rc == 0
|
|
|
|
- name: Set IP-Address
|
|
when:
|
|
- hypervisor_type == "vmware"
|
|
- system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
|
|
ansible.builtin.command: >-
|
|
ip addr replace {{ system_cfg.network.ip }}/{{ system_cfg.network.prefix }}
|
|
dev {{ environment_interface_name }}
|
|
register: environment_ip_result
|
|
changed_when: environment_ip_result.rc == 0
|
|
|
|
- name: Set Default Gateway
|
|
when:
|
|
- hypervisor_type == "vmware"
|
|
- system_cfg.network.gateway is defined and system_cfg.network.gateway | string | length > 0
|
|
- system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
|
|
ansible.builtin.command: "ip route replace default via {{ system_cfg.network.gateway }}"
|
|
register: environment_gateway_result
|
|
changed_when: environment_gateway_result.rc == 0
|
|
|
|
- name: Configure DNS resolvers
|
|
when:
|
|
- hypervisor_type == "vmware"
|
|
- system_cfg.network.dns.servers | default([]) | length > 0
|
|
ansible.builtin.copy:
|
|
dest: /etc/resolv.conf
|
|
content: |
|
|
{% for server in system_cfg.network.dns.servers %}
|
|
nameserver {{ server }}
|
|
{% endfor %}
|
|
{% if system_cfg.network.dns.search | default([]) | length > 0 %}
|
|
search {{ system_cfg.network.dns.search | join(' ') }}
|
|
{% endif %}
|
|
mode: "0644"
|
|
|
|
- name: Synchronize clock via NTP
|
|
ansible.builtin.command: timedatectl set-ntp true
|
|
register: environment_ntp_result
|
|
changed_when: environment_ntp_result.rc == 0
|
|
|
|
- name: Configure SSH for root login
|
|
when:
|
|
- hypervisor_type == "vmware"
|
|
- hypervisor_cfg.ssh | default(false) | bool
|
|
- system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
|
|
block:
|
|
- name: Allow login
|
|
ansible.builtin.replace:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: "{{ item.regexp }}"
|
|
replace: "{{ item.replace }}"
|
|
loop:
|
|
- regexp: "^#?PermitEmptyPasswords.*"
|
|
replace: "PermitEmptyPasswords yes"
|
|
- regexp: "^#?PermitRootLogin.*"
|
|
replace: "PermitRootLogin yes"
|
|
loop_control:
|
|
label: "{{ item.replace }}"
|
|
|
|
- name: Reload SSH service to apply changes
|
|
ansible.builtin.service:
|
|
name: sshd
|
|
state: reloaded
|
|
|
|
- name: Switch to SSH connection
|
|
ansible.builtin.set_fact:
|
|
ansible_connection: ssh
|
|
ansible_user: root
|
|
ansible_password: ""
|
|
ansible_host: "{{ system_cfg.network.ip }}"
|
|
ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
|
|
|
|
- name: Reset connection for SSH switchover
|
|
ansible.builtin.meta: reset_connection
|
|
|
|
- name: Verify SSH connectivity
|
|
ansible.builtin.wait_for_connection:
|
|
timeout: 30
|
|
delay: 2
|