ansible/sprachenatelier
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Splitt 'nis.yaml' into 'nis-install-client.yml' and 'nis-install-server.yml'. Some more changes..

Browse Source
This commit is contained in:
Christoph
2019-11-28 11:10:13 +01:00
parent b0d212deec
commit 9b3973d39f
11 changed files with 576 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
roles/common/tasks/main.yml
View File

@@ -11,10 +11,19 @@
# tags supported inside nfs.yml:
#
# nis-install
- import_tasks: nis.yml
# nis-install-server
- import_tasks: nis-install-server.yml
when: "groups['nis_server']|string is search(inventory_hostname)"
tags:
- nis
- nis-install
# tags supported inside nfs.yml:
#
# nis-install-client
- import_tasks: nis-install-client.yml
when: "groups['nis_client']|string is search(inventory_hostname)"
tags:
- nis-install
# tags supported inside nis_samba_user.yml:
#

4
roles/common/tasks/nfs.yml
View File

@@ -24,6 +24,8 @@
mode: '0755'
state: directory
with_items: "{{ nfs_exports }}"
loop_control:
label: '{{ item.path }}'
when:
- "groups['nfs_server']|string is search(inventory_hostname)"
tags:
@@ -66,6 +68,8 @@
passno: "{{ item.passno | default(omit) }}"
state: mounted
loop: "{{ nfs_exports }}"
loop_control:
label: '{{ item.src }}'
when:
- "groups['nfs_client']|string is search(inventory_hostname)"
tags:

303
roles/common/tasks/nis-install-client.yml Normal file
View File

@@ -0,0 +1,303 @@
---
# ---
# Install nis
# ---
- name: (nis-install-client.yml) Set (nis) default domain (/etc/defaultdomain)
template:
dest: /etc/defaultdomain
src: etc/defaultdomain.j2
owner: root
group: root
mode: 0644
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Create preconfigured /etc/yp.conf on nis clients
template:
dest: /etc/yp.conf
src: etc/yp.conf.j2
owner: root
group: root
mode: 0644
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Install nis common packages
package:
name: "{{ item }}"
state: present
with_items: "{{ nis_common_packages }}"
tags:
- nis-install
- nis-install-client
# ---
# /etc/default/nis
# ---
- name: (nis-install-client.yml) Check if file '/etc/default/nis.ORIG' exists
stat:
path: /etc/default/nis.ORIG
register: default_nis_exists
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Backup existing file /etc/default/nis
command: cp -a /etc/default/nis /etc/default/nis.ORIG
when:
- default_nis_exists.stat.exists == False
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Adjust file /etc/default/nis - set 'NISSERVER' (client)
replace:
path: /etc/default/nis
regexp: '^NISSERVER=.*'
replace: 'NISSERVER=false'
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Adjust file /etc/default/nis - set 'NISCLIENT' (client)
replace:
path: /etc/default/nis
regexp: '^NISCLIENT=.*'
replace: 'NISCLIENT=true'
tags:
- nis-install
- nis-install-client
# ---
# /etc/{passwd,group,shadow}
# ---
- name: (nis-install-client.yml) Add '+::::::' to file /etc/passwd
lineinfile:
path: /etc/passwd
line: '+::::::'
insertafter: EOF
state: present
owner: root
group: root
mode: '0644'
when: "ansible_distribution_major_version|int < 18"
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Add '+:::' to file /etc/group
lineinfile:
path: /etc/group
line: '+:::'
insertafter: EOF
state: present
owner: root
group: root
mode: '0644'
when: "ansible_distribution_major_version|int < 18"
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Add '+::::::::' to file /etc/shadow
lineinfile:
path: /etc/shadow
line: '+::::::::'
insertafter: EOF
state: present
owner: root
group: shadow
mode: '0640'
when: "ansible_distribution_major_version|int < 18"
tags:
- nis-install
- nis-install-client
# ---
# /etc/hosts
# ---
- name: (nis-install-client.yml) Check if file '/etc/hosts.ORIG' exists
stat:
path: /etc/hosts.ORIG
register: etc_hosts_orig_exists
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Backup existing file /etc/hosts
command: cp -a /etc/hosts /etc/hosts.ORIG
when:
- etc_hosts_orig_exists.stat.exists == False
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Add nis-server to file /etc/hosts
lineinfile:
path: /etc/hosts
line: '{{ nis_server_address }} {{ nis_server_name }} {{ nis_server_name.split(".")[1] }}'
insertafter: EOF
state: present
owner: root
group: root
mode: '0644'
tags:
- nis-install
- nis-install-client
# ---
# /etc/nsswitch.conf
# ---
- name: (nis.yml) Check if file '/etc/nsswitch.conf.ORIG' exists
stat:
path: /etc/nsswitch.conf.ORIG
register: nsswitch_conf_orig_exists
tags:
- nis-install
- nis-install-client
- name: (nis.yml) Backup existing file /etc/nsswitch.conf
command: cp -a /etc/nsswitch.conf /etc/nsswitch.conf.ORIG
when:
- nsswitch_conf_orig_exists.stat.exists == False
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Adjust file /etc/nsswitch.conf (set hosts)
replace:
path: /etc/nsswitch.conf
regexp: '(hosts:\s+files)\s+([^nis].*)'
replace: '\1 nis \2'
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Adjust file /etc/nsswitch.conf (set passwd/group/shadow)
replace:
path: /etc/nsswitch.conf
regexp: '^({{ item }}:\s+.*)'
replace: '\1 nis'
with_items:
- passwd
- group
- shadow
tags:
- nis-install
- nis-install-client
# ---
# /etc/systemd/system/systemd-logind.service.d/nis_allow_network.conf
# ---
# - !! Using NIS client in Ubuntu 18.04 crashes both Gnome and Unity !!
# - ===================================================================
#
# - Unter NIS in Ubuntu 18.04 stütrzt Gnome und Unity ab
# -
# - Abhilfe schafft:
# -
#
# - Create a new directory in /etc/systemd/system/ named exactly after the
# - service you want to extend including a '.d', here this would be:
# - systemd-logind.service.d
# -
# - mkdir /etc/systemd/system/systemd-logind.service.d
#
# - Create a new file choose_an_appropriate_name.conf (e.g. nis_allow_network.conf)
# - inside the newly created directory with the following content, which specifies
# - the IP or IP range you want to be allowed:
# -
# - cat <<EOF > /etc/systemd/system/systemd-logind.service.d/nis_allow_network.conf
# - [Service]
# - IPAddressAllow=192.168.0.0/16
# - EOF
# -
# - systemctl daemon-reload
# - systemctl restart systemd-logind.service
- name: (nis-install-client.yml) Ensure directory /etc/systemd/system/systemd-logind.service.d exists
file:
path: /etc/systemd/system/systemd-logind.service.d
owner: root
group: root
mode: '0755'
state: directory
when: "ansible_distribution_major_version|int >= 18"
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Ensure file /files/etc/systemd/system/systemd-logind.service.d/nis_allow_network.conf exists
copy:
src: "{{ role_path + '/files/etc/systemd/system/systemd-logind.service.d/nis_allow_network.conf' }}"
dest: /etc/systemd/system/systemd-logind.service.d/nis_allow_network.conf
owner: root
group: root
mode: '0755'
when: "ansible_distribution_major_version|int >= 18"
notify:
- Restart systemd-logind.service
tags:
- nis-install
- nis-install-client
# - Seit Ubuntu 16.04 startet nis vor dem portmapper (rpcbind). Das Starten
# - schlägt deshalb fehl und nis steht nicht zur Verfügung.
# -
# - Abhilfe:
# -
# - Run "systemctl edit rpcbind.socket" and add the following:
# -
# - [Unit]
# - DefaultDependencies=no
# - Wants=rpcbind.target
# - Before=rpcbind.target
# -
# - You can see your changes:
# - cat /etc/systemd/system/rpcbind.socket.d/override.conf
- name: (nis-install-client.yml) Ensure directory /etc/systemd/system/rpcbind.socket.d exists
file:
path: /etc/systemd/system/rpcbind.socket.d
owner: root
group: root
mode: '0755'
state: directory
when: "ansible_distribution_major_version|int >= 16"
tags:
- nis-install
- nis-install-client
- name: (nis-install-client.yml) Ensure file /files/etc/systemd/system/rpcbind.socket.d/override.conf exists
copy:
src: "{{ role_path + '/files/etc/systemd/system/rpcbind.socket.d/override.conf' }}"
dest: /etc/systemd/system/rpcbind.socket.d/override.conf
owner: root
group: root
mode: '0755'
when: "ansible_distribution_major_version|int >= 16"
notify:
- Restart rpcbind
tags:
- nis-install
- nis-install-client
# TODO:
# /etc/systemd/system/systemd-logind.service.d/nis_allow_network.conf
# /etc/systemd/system/rpcbind.socket.d/override.conf

215
roles/common/tasks/nis-install-server.yml Normal file
View File

@@ -0,0 +1,215 @@
---
# ---
# Install nis
# ---
- name: (nis-install-server.yml) Set (nis) default domain (/etc/defaultdomain)
template:
dest: /etc/defaultdomain
src: etc/defaultdomain.j2
owner: root
group: root
mode: 0644
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Install nis common packages
package:
name: "{{ item }}"
state: present
with_items: "{{ nis_common_packages }}"
register: nis_installed
tags:
- nis-install
- nis-install-server
# ---
# /etc/default/nis
# ---
- name: (nis-install-server.yml) Check if file '/etc/default/nis.ORIG' exists
stat:
path: /etc/default/nis.ORIG
register: default_nis_exists
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Backup existing file /etc/default/nis
command: cp -a /etc/default/nis /etc/default/nis.ORIG
when:
- default_nis_exists.stat.exists == False
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Adjust file /etc/default/nis - set 'NISSERVER' (server)
replace:
path: /etc/default/nis
regexp: '^NISSERVER=.*'
replace: 'NISSERVER=master'
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Adjust file /etc/default/nis - set 'NISCLIENT' (server)
replace:
path: /etc/default/nis
regexp: '^NISCLIENT=.*'
replace: 'NISCLIENT=false'
tags:
- nis-install
- nis-install-server
# ---
# /etc/ypserv.securenets
# ---
- name: (nis-install-server.yml) Check if file '/etc/ypserv.securenets.ORIG' exists
stat:
path: /etc/ypserv.securenets.ORIG
register: ypserv_securenets_orig_exists
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Backup existing file /etc/ypserv.securenets
command: cp -a /etc/ypserv.securenets /etc/ypserv.securenets.ORIG
when:
- ypserv_securenets_orig_exists.stat.exists == False
tags:
- nis-install
- nis-install-server
- name: (nis-install-client.yml) Comment line like '0.0.0.0 ..' to file /etc/ypserv.securenets
replace:
path: /etc/ypserv.securenets
regexp: '^(0.0.0.0\s+.*)'
replace: '#\1'
tags:
- nis-install
- nis-install-client
- name: (nis-install-server.yml) Add '255.255.0.0 192.168.0.0' to file /etc/ypserv.securenets
lineinfile:
path: /etc/ypserv.securenets
line: '255.255.0.0 192.168.0.0'
insertafter: EOF
state: present
owner: root
group: root
mode: '0644'
tags:
- nis-install
- nis-install-client
- name: (nis-install-server.yml) Add '255.0.0.0 10.0.0.0' to file /etc/ypserv.securenets
lineinfile:
path: /etc/ypserv.securenets
line: '255.0.0.0 10.0.0.0'
insertafter: EOF
state: present
owner: root
group: root
mode: '0644'
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Trigger '/usr/lib/yp/ypinit -m'
shell: printf '\n' | /usr/lib/yp/ypinit -m
when: nis_installed.changed
tags:
- nis-install
- nis-install-server
# ---
# Base directory containing users' home directory
# ---
- name: (nis-install-server.yml) Ensure directoriy 'nis_base_home' (usually /data/home) exists
file:
path: '{{ nis_base_home}}'
owner: root
group: root
mode: '0755'
state: directory
when:
- "groups['nfs_server']|string is search(inventory_hostname)"
tags:
- nis-install
- nis-install-server
# ---
# /etc/adduser.conf
# ---
- name: (nis-install-server.yml) Check if file '/etc/adduser.conf.ORIG exists'
stat:
path: /etc/adduser.conf.ORIG
register: adduser_conf_exists
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Backup existing file /etc/adduser.conf
command: cp -a /etc/adduser.conf /etc/adduser.conf.ORIG
when:
- adduser_conf_exists.stat.exists == False
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Adjust file '/etc/adduser.conf' - set 'DHOME'
replace:
path: /etc/adduser.conf
regexp: '^#?DHOME=.*'
replace: 'DHOME={{ nis_base_home }}'
tags:
- nis-install
- nis-install-server
# ---
# /var/yp/Makefile
# ---
- name: (nis-install-server.yml) Check if file '/var/yp/Makefile.ORIG exists'
stat:
path: /var/yp/Makefile.ORIG
register: adduser_conf_exists
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Backup existing file /var/yp/Makefile
command: cp -a /var/yp/Makefile /var/yp/Makefile.ORIG
when:
- adduser_conf_exists.stat.exists == False
tags:
- nis-install
- nis-install-server
- name: (nis-install-server.yml) Adjust file '/var/yp/Makefile'
replace:
path: /var/yp/Makefile
regexp: '^#?{{ item }}=.*'
replace: '{{ item }}=true'
with_items:
- MERGE_PASSWD
- MERGE_GROUP
notify:
- Renew nis databases
tags:
- nis-install
- nis-install-server
# TODO:
# /var/yp/Makefile

100
roles/common/tasks/nis.yml
View File

@@ -1,100 +0,0 @@
---
- name: (nis.yml) Set (nis) default domain (/etc/defaultdomain)
template:
dest: /etc/defaultdomain
src: etc/defaultdomain.j2
owner: root
group: root
mode: 0644
tags:
nis-install
- name: (nis.yml) Create preconfigured /etc/yp.conf on nis clients
template:
dest: /etc/yp.conf
src: etc/yp.conf.j2
owner: root
group: root
mode: 0644
when: "groups['nis_client']|string is search(inventory_hostname)"
tags:
nis-install
- name: (nis.yml) Install nis common packages
package:
name: "{{ item }}"
state: present
with_items: "{{ nis_common_packages }}"
tags:
- nis-install
- name: (nis.yml) Add '+::::::' to file /etc/passwd
lineinfile:
path: /etc/passwd
line: '+::::::'
insertafter: EOF
state: present
owner: root
group: root
mode: '0644'
when: "groups['nis_client']|string is search(inventory_hostname)"
tags:
- nis-install
- name: (nis.yml) Add '+:::' to file /etc/group
lineinfile:
path: /etc/group
line: '+:::'
insertafter: EOF
state: present
owner: root
group: root
mode: '0644'
when: "groups['nis_client']|string is search(inventory_hostname)"
tags:
- nis-install
- name: (nis.yml) Add '+::::::::' to file /etc/shadow
lineinfile:
path: /etc/shadow
line: '+::::::::'
insertafter: EOF
state: present
owner: root
group: shadow
mode: '0640'
when: "groups['nis_client']|string is search(inventory_hostname)"
tags:
- nis-install
- name: (nis.yml) Check if file '/etc/nsswitch.conf.ORIG' exists
stat:
path: /etc/nsswitch.conf.ORIG
register: nsswitch_conf_orig_exists
when:
- "groups['nis_client']|string is search(inventory_hostname)"
tags:
- nis-install
- name: (nis.yml) Backup existing file /etc/nsswitch.conf
command: cp -a /etc/nsswitch.conf /etc/nsswitch.conf.ORIG
when:
- "groups['nis_client']|string is search(inventory_hostname)"
- nsswitch_conf_orig_exists.stat.exists == False
tags:
- nis-install
- name: (nis.yml) Adjust file /etc/nsswitch.conf
replace:
path: /etc/nsswitch.conf
regexp: '(hosts:\s+files)\s+([^nis].*)'
replace: '\1 nis \2'
when: "groups['nis_client']|string is search(inventory_hostname)"
tags:
- nis-install
# TODO:
# /etc/defaul/nis
# /etc/systemd/system/systemd-logind.service.d/nis_allow_network.conf
# /etc/systemd/system/rpcbind.socket.d/override.conf

1
roles/common/tasks/nis_samba_user.yml
View File

@@ -52,7 +52,6 @@
- nis-user
- system-user
# ---
# - default user/groups
# ---