Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- - hosts: localhost
- vars:
- package:
- - 'wireshark'
- - 'ncurses-libs.i686'
- - 'lksctp-tools'
- tasks:
- - name: Create file /etc/sysconfig/modules/sctp.modules
- copy:
- content: "#!/bin/sh\n
- /sbin/modprobe sctp\n"
- dest: /etc/sysconfig/modules/sctp.modules
- force: yes
- mode: '+x'
- - name: Create file javasctp.te
- copy:
- content: "module javasctp 1.0;\n\n
- require\n
- { type unconfined_java_t; type unlabeled_t; class rawip_socket getattr; class rawip_socket read; class rawip_socket write; class rawip_socket getopt; class rawip_socket setopt; }\n
- \n
- #============= unconfined_java_t ==============\n
- allow unconfined_java_t unlabeled_t:rawip_socket getattr;\n
- allow unconfined_java_t unlabeled_t:rawip_socket read;\n
- allow unconfined_java_t unlabeled_t:rawip_socket write;\n
- allow unconfined_java_t unlabeled_t:rawip_socket getopt;\n
- allow unconfined_java_t unlabeled_t:rawip_socket setopt;"
- dest: /javasctp.te
- force: yes
- - name: Checkmodule
- command: "{{ item }}"
- with_items:
- - "checkmodule -M -m -o javasctp.mod javasctp.te"
- - "semodule_package -o javasctp.pp -m javasctp.mod"
- #- "semodule -i javasctp.pp"
- - name: ADD TMA proxy to /etc/yum.conf
- copy:
- content: "[main]\n
- cachedir=/var/cache/yum/$basearch/$releasever\n
- keepcache=0\n
- debuglevel=2\n
- logfile=/var/log/yum.log\n
- exactarch=1\n
- obsoletes=1\n
- gpgcheck=1\n
- plugins=1\n
- installonly_limit=3\n
- # This is the default, if you make this bigger yum won't see if the metadata\n
- # is newer on the remote and so you'll \"gain\" the bandwidth of not having to\n
- # download the new metadata and \"pay\" for it by yum not having correct\n
- # information.\n
- # It is esp. important, to have correct metadata, for distributions like\n
- # Fedora which don't keep old packages around. If you don't like this checking\n
- # interupting your command line usage, it's much better to have something\n
- # manually check the metadata once an hour (yum-updatesd will do this).\n
- # metadata_expire=90m\n
- # PUT YOUR REPOS HERE OR IN separate files named file.repo\n
- # in /etc/yum.repos.d\n
- proxy=http://proxy.int.telering.at:8080"
- dest: /etc/yum.conf
- force: yes
- - name: Delete whitespaces from yum.conf at the beginning of every line
- replace:
- path: /etc/yum.conf
- regexp: '^ '
- replace: ''
- - name: install packages if not exist
- yum:
- name: "{{ item }}"
- state: latest
- with_items: "{{ package }}"
- - name: List users
- command: "awk -F: '{ print $1}' /etc/passwd"
- register: users
- - name: Create user rhino if doesnt exist
- command: "useradd -r -d /opt/opencloud rhino"
- when: "'rhino' in users"
- - name: Check dir /etc/rhsm
- file:
- path: /etc/rhsm
- state: directory
- - name: Check file /etc/rhsm/rhsm.conf
- file:
- path: /etc/rhsm/rhsm.conf
- state: touch
- - name: File content
- command: cat /etc/rhsm/rhsm.conf
- register: fileContent
- - name: Add proxy hostname and proxy port to /etc/rhsm/rhsm.conf
- blockinfile:
- path: /etc/rhsm/rhsm.conf
- block: |
- # an http proxy server to use
- proxy_hostname = proxy.int.telering.at
- # port for http proxy server
- proxy_port = 8080
- when: "'proxy_port = 8080' not in fileContent"
- - name: Add configuration to /etc/security/limits.d/90-rhino.conf
- copy:
- content: "rhino hard nofile 16384\n
- rhino soft nofile 16384\n
- rhino hard nproc 4096\n
- rhino soft nproc 4096"
- dest: /etc/security/limits.d/90-rhino.conf
- force: yes
- - name: Delete whitespaces from /etc/security/limits.d/90-rhino.conf
- replace:
- path: /etc/security/limits.d/90-rhino.conf
- regexp: '^ '
- replace: ''
- - name: Check dir /etc/snmp
- file:
- path: /etc/snmp
- state: directory
- - name: Add configuration to /etc/snmp/snmpd.conf
- copy:
- content: "dlmod cmaX /usr/lib64/libcmaX64.so\n
- rwcommunity public 127.0.0.1\n
- rocommunity public 127.0.0.1\n
- trapcommunity public\n
- trapsink 10.248.155.161 public\n
- syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)\n\n
- syslocation Unknown (edit /etc/snmp/snmpd.conf)\n
- com2sec notConfigUser default public\n
- com2sec notConfigUser 10.244.19.0/28 public\n
- group notConfigGroup v1 notConfigUser\n
- group notConfigGroup v2c notConfigUser\n
- agentSecName notConfigUser\n
- rouser notConfigUser\n
- view systemview included .1.3.6.1\n
- access notConfigGroup \"\" any noauth exact systemview none none\n
- exec MEM_GARB_COLL /home/dcswitchuser/nagiosscripts/jstat.bash 9\n
- exec MEM_HEAP_PERCENTAGE /home/dcswitchuser/nagiosscripts/jstat.bash 4\n
- exec THREADS_ALL /home/dcswitchuser/nagiosscripts/status.bash Threads\n
- exec OPEN_FILES /home/dcswitchuser/nagiosscripts/lsof.bash\n
- exec OPEN_FILE_DESCRIPTORS /home/dcswitchuser/nagiosscripts/fd.bash\n
- exec MEM_VIRT_ALLOCATED /home/dcswitchuser/nagiosscripts/status.bash VmSize\n
- exec MEM_VIRT_USED /home/dcswitchuser/nagiosscripts/status.bash VmRSS\n
- includeAllDisks 10%\n
- monitor -r 60 -o dskPath -o dskErrorMsg \"dskTable\" dskErrorFlag != 0"
- dest: /etc/snmp/snmpd.conf
- force: yes
- - name: Delete whitespaces from /etc/snmp/snmpd.conf
- replace:
- path: /etc/snmp/snmpd.conf
- regexp: '^ '
- replace: ''
- - name: Chkconfig --add snmpd
- command: chkconfig --add snmpd
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement