2020-12-13 18:41:26 +00:00
|
|
|
---
|
|
|
|
- name: Reset grub link if we are EFI
|
|
|
|
set_fact:
|
|
|
|
grub_config_path_link: "{{ grub_config_path_efi }}"
|
|
|
|
when:
|
|
|
|
- efi_installed.stat.isdir is defined
|
|
|
|
- efi_installed.stat.isdir
|
|
|
|
- grub_config_path_efi is defined
|
|
|
|
tags:
|
|
|
|
- efi
|
|
|
|
|
|
|
|
- name: Create grub.d directory
|
|
|
|
file:
|
|
|
|
name: /etc/default/grub.d
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: '0755'
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
tags:
|
|
|
|
- grub
|
|
|
|
- kernel
|
|
|
|
- harden
|
|
|
|
|
|
|
|
- name: Append /etc/default/grub file
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/default/grub
|
|
|
|
line: for x in $(ls /etc/default/grub.d) ; do source /etc/default/grub.d/$x ; done
|
|
|
|
state: present
|
|
|
|
tags:
|
|
|
|
- grub
|
|
|
|
- kernel
|
|
|
|
- harden
|
|
|
|
|
|
|
|
- name: Command line defaults
|
|
|
|
copy:
|
|
|
|
dest: "/etc/default/grub.d/99-rocky.cfg"
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: '0644'
|
|
|
|
content: 'GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT {{ grub_boot_options }}"'
|
|
|
|
tags:
|
|
|
|
- grub
|
|
|
|
- kernel
|
|
|
|
- harden
|
|
|
|
|
|
|
|
- name: Rebuild grub
|
2020-12-13 18:46:38 +00:00
|
|
|
command: "/usr/sbin/grub2-mkconfig -o {{ grub_config_path_link }}"
|
2020-12-14 03:06:42 +00:00
|
|
|
register: grub_command_result
|
|
|
|
changed_when: "grub_command_result.rc == 0"
|
2020-12-13 18:41:26 +00:00
|
|
|
tags:
|
|
|
|
- grub
|
|
|
|
- kernel
|
|
|
|
- harden
|