- hosts: localhost vars: package: - 'wireshark' - 'ncurse

1. - hosts: localhost
2. vars:
3. package:
4. - 'wireshark'
5. - 'ncurses-libs.i686'
6. - 'lksctp-tools'
7. tasks:
8. - name: Create file /etc/sysconfig/modules/sctp.modules
9. copy:
10. content: "#!/bin/sh\n
11. /sbin/modprobe sctp\n"
12. dest: /etc/sysconfig/modules/sctp.modules
13. force: yes
14. mode: '+x'
15.  
16. - name: Create file javasctp.te
17. copy:
18. content: "module javasctp 1.0;\n\n
19.  
20. require\n
21. { type unconfined_java_t; type unlabeled_t; class rawip_socket getattr; class rawip_socket read; class rawip_socket write; class rawip_socket getopt; class rawip_socket setopt; }\n
22. \n
23. #============= unconfined_java_t ==============\n
24. allow unconfined_java_t unlabeled_t:rawip_socket getattr;\n
25. allow unconfined_java_t unlabeled_t:rawip_socket read;\n
26. allow unconfined_java_t unlabeled_t:rawip_socket write;\n
27. allow unconfined_java_t unlabeled_t:rawip_socket getopt;\n
28. allow unconfined_java_t unlabeled_t:rawip_socket setopt;"
29. dest: /javasctp.te
30. force: yes
31.  
32. - name: Checkmodule
33. command: "{{ item }}"
34. with_items:
35. - "checkmodule -M -m -o javasctp.mod javasctp.te"
36. - "semodule_package -o javasctp.pp -m javasctp.mod"
37. #- "semodule -i javasctp.pp"
38. - name: ADD TMA proxy to /etc/yum.conf
39. copy:
40. content: "[main]\n
41. cachedir=/var/cache/yum/$basearch/$releasever\n
42. keepcache=0\n
43. debuglevel=2\n
44. logfile=/var/log/yum.log\n
45. exactarch=1\n
46. obsoletes=1\n
47. gpgcheck=1\n
48. plugins=1\n
49. installonly_limit=3\n
50. # This is the default, if you make this bigger yum won't see if the metadata\n
51. # is newer on the remote and so you'll \"gain\" the bandwidth of not having to\n
52. # download the new metadata and \"pay\" for it by yum not having correct\n
53. # information.\n
54. # It is esp. important, to have correct metadata, for distributions like\n
55. # Fedora which don't keep old packages around. If you don't like this checking\n
56. # interupting your command line usage, it's much better to have something\n
57. # manually check the metadata once an hour (yum-updatesd will do this).\n
58. # metadata_expire=90m\n
59. # PUT YOUR REPOS HERE OR IN separate files named file.repo\n
60. # in /etc/yum.repos.d\n
61. proxy=http://proxy.int.telering.at:8080"
62. dest: /etc/yum.conf
63. force: yes
64.  
65. - name: Delete whitespaces from yum.conf at the beginning of every line
66. replace:
67. path: /etc/yum.conf
68. regexp: '^ '
69. replace: ''
70.  
71. - name: install packages if not exist
72. yum:
73. name: "{{ item }}"
74. state: latest
75. with_items: "{{ package }}"
76.  
77. - name: List users
78. command: "awk -F: '{ print $1}' /etc/passwd"
79. register: users
80. - name: Create user rhino if doesnt exist
81. command: "useradd -r -d /opt/opencloud rhino"
82. when: "'rhino' in users"
83.  
84. - name: Check dir /etc/rhsm
85. file:
86. path: /etc/rhsm
87. state: directory
88.  
89. - name: Check file /etc/rhsm/rhsm.conf
90. file:
91. path: /etc/rhsm/rhsm.conf
92. state: touch
93.  
94. - name: File content
95. command: cat /etc/rhsm/rhsm.conf
96. register: fileContent
97.  
98. - name: Add proxy hostname and proxy port to /etc/rhsm/rhsm.conf
99. blockinfile:
100. path: /etc/rhsm/rhsm.conf
101. block: |
102. # an http proxy server to use
103. proxy_hostname = proxy.int.telering.at
104. # port for http proxy server
105. proxy_port = 8080
106. when: "'proxy_port = 8080' not in fileContent"
107.  
108. - name: Add configuration to /etc/security/limits.d/90-rhino.conf
109. copy:
110. content: "rhino hard nofile 16384\n
111. rhino soft nofile 16384\n
112. rhino hard nproc 4096\n
113. rhino soft nproc 4096"
114. dest: /etc/security/limits.d/90-rhino.conf
115. force: yes
116.  
117. - name: Delete whitespaces from /etc/security/limits.d/90-rhino.conf
118. replace:
119. path: /etc/security/limits.d/90-rhino.conf
120. regexp: '^ '
121. replace: ''
122.  
123. - name: Check dir /etc/snmp
124. file:
125. path: /etc/snmp
126. state: directory
127.  
128. - name: Add configuration to /etc/snmp/snmpd.conf
129. copy:
130. content: "dlmod cmaX /usr/lib64/libcmaX64.so\n
131. rwcommunity public 127.0.0.1\n
132. rocommunity public 127.0.0.1\n
133. trapcommunity public\n
134. trapsink 10.248.155.161 public\n
135. syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)\n\n
136. syslocation Unknown (edit /etc/snmp/snmpd.conf)\n
137. com2sec notConfigUser default public\n
138. com2sec notConfigUser 10.244.19.0/28 public\n
139. group notConfigGroup v1 notConfigUser\n
140. group notConfigGroup v2c notConfigUser\n
141. agentSecName notConfigUser\n
142. rouser notConfigUser\n
143. view systemview included .1.3.6.1\n
144. access notConfigGroup \"\" any noauth exact systemview none none\n
145. exec MEM_GARB_COLL /home/dcswitchuser/nagiosscripts/jstat.bash 9\n
146. exec MEM_HEAP_PERCENTAGE /home/dcswitchuser/nagiosscripts/jstat.bash 4\n
147. exec THREADS_ALL /home/dcswitchuser/nagiosscripts/status.bash Threads\n
148. exec OPEN_FILES /home/dcswitchuser/nagiosscripts/lsof.bash\n
149. exec OPEN_FILE_DESCRIPTORS /home/dcswitchuser/nagiosscripts/fd.bash\n
150. exec MEM_VIRT_ALLOCATED /home/dcswitchuser/nagiosscripts/status.bash VmSize\n
151. exec MEM_VIRT_USED /home/dcswitchuser/nagiosscripts/status.bash VmRSS\n
152. includeAllDisks 10%\n
153. monitor -r 60 -o dskPath -o dskErrorMsg \"dskTable\" dskErrorFlag != 0"
154. dest: /etc/snmp/snmpd.conf
155. force: yes
156.  
157. - name: Delete whitespaces from /etc/snmp/snmpd.conf
158. replace:
159. path: /etc/snmp/snmpd.conf
160. regexp: '^ '
161. replace: ''
162.  
163. - name: Chkconfig --add snmpd
164. command: chkconfig --add snmpd