adjust more netbox, vars for mantis

2024-03-31 23:44:11 -07:00 · 2024-03-31 23:44:11 -07:00 · 50b2258e9b
commit 50b2258e9b
parent 24eb76dfc1
6 changed files with 89 additions and 30 deletions
--- a/role-rocky-netbox.yml
+++ b/role-rocky-netbox.yml
@ -27,10 +27,21 @@
        success_msg: "We are able to run on this node"
        fail_msg: "/etc/no-ansible exists - skipping run on this node"

-  #tasks:
-    #- include_tasks: tasks/efs_mount.yml
-    #  loop: "{{ mounts }}"
-    #  tags: ["mounts"]
+    - name: Verify applicable vars are set
+      ansible.builtin.assert:
+        that:
+          - netbox_server_name
+          - netbox_db_host
+          - netbox_db_user
+          - netbox_db_password
+          - netbox_secret_key
+        success_msg: "Required vars set"
+        fail_msg: "We are missing required vars. Please ensure you have them set."
+
+  # tasks:
+  #   - include_tasks: tasks/efs_mount.yml
+  #     loop: "{{ mounts }}"
+  #     tags: ["mounts"]

  roles:
    - role: rockylinux.ipagetcert
--- a/tasks/mantis/mantis.yml
+++ b/tasks/mantis/mantis.yml
@ -5,10 +5,7 @@
    name: "{{ item }}"
    persistent: true
    state: true
-  with_items:
-    - httpd_can_network_connect_db
-    - httpd_can_network_connect
-    - httpd_can_sendmail
+  with_items: "{{ mantis_selinux_booleans }}"

 - name: Install necessary packages
  ansible.builtin.dnf:
--- a/tasks/netbox/install.yml
+++ b/tasks/netbox/install.yml
@ -1,7 +1,17 @@
 ---
- name: Download netbox
-  ansible.builtin.get_url:
-    url: "https://github.com/netbox-community/netbox/archive/refs/tags/v{{ netbox_version }}.tar.gz"
-    dest: "/tmp/netbox-{{ netbox_version }}"
-    checksum: "{{ netbox_checksum }}"
+- name: Make symlink to latest version
+  ansible.builtin.file:
+    src: "/opt/netbox-{{ netbox_version }}"
+    dest: "/opt/netbox"
+    owner: netbox
+    group: netbox
+    state: link
+
+- name: Deploy templated configuration
+  ansible.builtin.template:
+    src: "opt/netbox/netbox/netbox/configuration.py.j2"
+    dest: "/opt/netbox/netbox/netbox/configuration.py"
+    mode: '0644'
+    owner: netbox
+    group: netbox
 ...
--- a/tasks/netbox/presetup.yml
+++ b/tasks/netbox/presetup.yml
@ -1,23 +1,8 @@
 ---
- name: Install git and nginx
+- name: Install required software to build python libs and run netbox
  become: true
  ansible.builtin.package:
-    name:
-      - git
-      - nginx
-    state: present
-
- name: Install required software to build python libs
-  become: true
-  ansible.builtin.package:
-    name:
-      - gcc
-      - libxml2-devel
-      - libxslt-devel
-      - libffi-devel
-      - libpq-devel
-      - openssl-devel
-      - redhat-rpm-config
+    name: "{{ netbox_pkg }}"
    state: present

 - name: Setup initial netbox user
@ -26,4 +11,42 @@
    name: netbox
    comment: "NetBox"
    system: true
+    uid: "2001"
+
+- name: Configuring SELinux booleans
+  ansible.posix.seboolean:
+    name: "{{ item }}"
+    persistent: true
+    state: true
+  with_items: "{{ netbox_selinux_booleans }}"
+
+- name: Setup firewalld services
+  ansible.posix.firewalld:
+    service: "{{ item }}"
+    permanent: true
+    state: enabled
+  loop:
+    - http
+    - https
+
+- name: Setup firewalld port because of netbox's weird setup
+  ansible.posix.firewalld:
+    port: "8000/tcp"
+    permanent: true
+    state: enabled
+
+- name: Download netbox
+  ansible.builtin.get_url:
+    url: "https://github.com/netbox-community/netbox/archive/refs/tags/v{{ netbox_version }}.tar.gz"
+    dest: "/tmp/netbox-{{ netbox_version }}.tar.gz"
+    checksum: "{{ netbox_checksum }}"
+
+- name: Unpack netbox
+  ansible.builtin.unarchive:
+    src: "/tmp/netbox-{{ netbox_version }}.tar.gz"
+    dest: "/opt"
+    owner: netbox
+    group: netbox
+    mode: '0644'
+    remote_src: true
 ...
--- a/vars/mantis.yml
+++ b/vars/mantis.yml
@ -13,6 +13,10 @@ mantis_pkg:
  - openldap
  - php-json
  - php-soap
+mantis_selinux_booleans:
+  - httpd_can_network_connect_db
+  - httpd_can_network_connect
+  - httpd_can_sendmail
 mantis_db_host: db.rockylinux.org
 mantis_db_name: mantisdb
 mantis_db_user: mantis
--- a/vars/netbox.yml
+++ b/vars/netbox.yml
@ -1,6 +1,20 @@
 ---
 netbox_version: "3.7.4"
 netbox_checksum: "f0c2026b81ab9785f3530eb3c59a922517630976c2af1f95eea02f8bfb9613fd"
+netbox_pkg:
+  - git
+  - libxml2-devel
+  - libxslt-devel
+  - libffi-devel
+  - libpq-devel
+  - nginx
+  - openssl-devel
+  - redhat-rpm-config
+  - redis
+netbox_selinux_booleans:
+  - httpd_can_network_connect_db
+  - httpd_can_network_connect
+  - httpd_can_sendmail
 netbox_server_name: "netbox.rockylinux.org"
 netbox_admin_name: "Infrastructure Team"
 netbox_admin_content: "infrastructure@rockylinux.org"