Skip to content

Commit

Permalink
Extend system_settings role
Browse files Browse the repository at this point in the history 
- Proxy
- DNS
- IP

Signed-off-by: Ondra Machacek <omachace@redhat.com>
  • Loading branch information
@machacekondra
machacekondra committed Mar 12, 2024
1 parent 3d35896 commit b7d384f
Show file tree
Hide file tree
Showing 7 changed files with 136 additions and 33 deletions.
11 changes: 10 additions & 1 deletion roles/system_settings/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ N/A
- **system_settings_validate_certs**
- Allows connection when SSL certificates are not valid. Set to false when certificates are not trusted.

### Security
### System settings
- **system_settings_ntp_servers**:
- List of NTP servers. This method updates old NTP servers from configuration and sets the input NTP servers in the configuration. If NTP based time synchronization is used internally, the NTP daemon will be restarted to reload given NTP configuration. In case NTP based time synchronization is not used, this method only replaces servers in the NTP configuration.

Expand All @@ -36,6 +36,15 @@ N/A
- **system_settings_resize_storage**:
- Resize all partitions to 100 percent of disk size. Default is `false`.

- **system_settings_dns_mode**:
- Set the DNS mode - either static or DHCP.

- **system_settings_dns_servers**:
- List of DNS servers to add/set.

- **system_settings_dns_state**:
- If `set` the appliance DNS servers will be set to `system_settings_dns_servers`. If `add` value of `system_settings_dns_servers` will be added to appliance DNS servers.

## Dependencies

- NA
Expand Down
2 changes: 2 additions & 0 deletions roles/system_settings/defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
system_settings_resize_storage: false
system_settings_dns_mode_append: false
system_settings_proxy: []
8 changes: 8 additions & 0 deletions roles/system_settings/handlers/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
- name: Restart ntpd
vmware.vmware_rest.appliance_services:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
service: ntpd
state: restart
55 changes: 55 additions & 0 deletions roles/system_settings/tasks/dns.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
- name: Append the DNS servers
vmware.vmware_rest.appliance_networking_dns_servers:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
mode: "{{ system_settings_dns_mode | d(omit) }}"
server: "{{ item }}"
state: "add"
loop: "{{ system_settings_dns_servers }}"
when: "system_settings_dns_mode is defined or system_settings_dns_servers is defined or system_settings_dns_state is defined"

- name: Set the DNS servers
vmware.vmware_rest.appliance_networking_dns_servers:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
mode: "{{ system_settings_dns_mode | d(omit) }}"
servers: "{{ system_settings_dns_servers }}"
state: "set"
when:
"(system_settings_dns_mode is defined or system_settings_dns_servers is defined or system_settings_dns_state is defined)
and not system_settings_dns_mode_append"

- name: Append the DNS domains
vmware.vmware_rest.appliance_networking_dns_domains:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
domain: "{{ item }}"
state: "add"
loop: "{{ system_settings_dns_domains }}"
when: "system_settings_dns_domains is defined and system_settings_dns_mode_append"

- name: Set the DNS domains
vmware.vmware_rest.appliance_networking_dns_domains:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
domains: "{{ system_settings_dns_domains }}"
state: "set"
when: "system_settings_dns_domains is defined and not system_settings_dns_mode_append"

- name: Set the DNS hostname
vmware.vmware_rest.appliance_networking_dns_hostname:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
name: "{{ system_settings_dns_hostname | d(omit) }}"
state: "{{ system_settings_dns_mode | d(omit) }}"
when: "system_settings_dns_hostname is defined or system_settings_dns_state is defined"
38 changes: 6 additions & 32 deletions roles/system_settings/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,37 +1,11 @@
- name: Set NTP servers
when: system_settings_ntp_servers is defined
block:
- name: Test NTP servers
vmware.vmware_rest.appliance_ntp:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
state: test
servers: "{{ system_settings_ntp_servers }}"
register: __ntp_state
- name: Configure ntpd
ansible.builtin.include_tasks: ntpd.yml

- name: Print the state of NTP servers
ansible.builtin.debug:
msg: "Warning: server {{ item.server }} status: {{ item.message }}"
loop: "{{ __ntp_state.value }}"
when: item.status == 'SERVER_UNREACHABLE'
- name: Configure DNS
ansible.builtin.include_tasks: dns.yml

- name: Set NTP servers
vmware.vmware_rest.appliance_ntp:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
servers: "{{ system_settings_ntp_servers }}"

- name: Set the timesync mode
vmware.vmware_rest.appliance_timesync:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
mode: "NTP"
- name: Configure proxy
ansible.builtin.include_tasks: proxy.yml

- name: Set the timesync mode
vmware.vmware_rest.appliance_timesync:
Expand Down
36 changes: 36 additions & 0 deletions roles/system_settings/tasks/ntpd.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
- name: Set NTP servers
when: system_settings_ntp_servers is defined
block:
- name: Test NTP servers
vmware.vmware_rest.appliance_ntp:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
state: test
servers: "{{ system_settings_ntp_servers }}"
register: __ntp_state

- name: Print the state of NTP servers
ansible.builtin.debug:
msg: "Warning: server {{ item.server }} status: {{ item.message }}"
loop: "{{ __ntp_state.value }}"
when: item.status == 'SERVER_UNREACHABLE'

- name: Set NTP servers
vmware.vmware_rest.appliance_ntp:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
servers: "{{ system_settings_ntp_servers }}"
notify: Restart ntpd

- name: Set the timesync mode
vmware.vmware_rest.appliance_timesync:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
mode: "NTP"
notify: Restart ntpd
19 changes: 19 additions & 0 deletions roles/system_settings/tasks/proxy.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
- name: Set the noproxy hosts
vmware.vmware_rest.appliance_networking_noproxy:
vcenter_hostname: "{{ system_settings_hostname | d(omit) }}"
vcenter_password: "{{ system_settings_password | d(omit) }}"
vcenter_username: "{{ system_settings_username | d(omit) }}"
vcenter_validate_certs: "{{ system_settings_validate_certs | d(omit) }}"
servers: "{{ system_settings_noproxy }}"
when: "system_settings_noproxy is defined"
notify: Restart ntpd

- name: Configure the proxy configuration
vmware.vmware_rest.appliance_networking_proxy:
enabled: "{{ item.enabled | d(omit) }}"
server: "{{ item.server | d(omit) }}"
port: "{{ item.port | d(omit) }}"
protocol: "{{ item.protocol | d(omit) }}"
state: "{{ item.state | d(omit) }}"
loop: "{{ system_settings_proxy }}"
notify: Restart ntpd

0 comments on commit b7d384f

Please sign in to comment.