mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-12-22 19:08:30 +00:00
commit
66d0d80807
2
.github/workflows/yamllint.yml
vendored
2
.github/workflows/yamllint.yml
vendored
@ -1,6 +1,6 @@
|
|||||||
---
|
---
|
||||||
# https://github.com/ibiqlik/action-yamllint
|
# https://github.com/ibiqlik/action-yamllint
|
||||||
name: YAMLlint
|
name: YAML Lint
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
|
@ -31,6 +31,7 @@
|
|||||||
{{ ( force_purge | bool ) | ternary('--force','') }}
|
{{ ( force_purge | bool ) | ternary('--force','') }}
|
||||||
--role-file {{ installation_prefix }}roles/requirements.yml
|
--role-file {{ installation_prefix }}roles/requirements.yml
|
||||||
--roles-path {{ installation_prefix }}{{ roles_installation_dir }}
|
--roles-path {{ installation_prefix }}{{ roles_installation_dir }}
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- name: Install needed collections
|
- name: Install needed collections
|
||||||
command: >
|
command: >
|
||||||
@ -38,6 +39,7 @@
|
|||||||
{{ ( force_purge | bool ) | ternary('--force-with-deps','') }}
|
{{ ( force_purge | bool ) | ternary('--force-with-deps','') }}
|
||||||
-r {{ installation_prefix }}roles/requirements.yml
|
-r {{ installation_prefix }}roles/requirements.yml
|
||||||
-p {{ installation_prefix }}{{ collection_installation_dir }}
|
-p {{ installation_prefix }}{{ collection_installation_dir }}
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- name: cleanup old ssh known_hosts - remove
|
- name: cleanup old ssh known_hosts - remove
|
||||||
file:
|
file:
|
||||||
|
@ -5,10 +5,10 @@
|
|||||||
copy:
|
copy:
|
||||||
src: "etc/pam.d/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth-ac"
|
src: "etc/pam.d/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth-ac"
|
||||||
dest: "{{ item }}"
|
dest: "{{ item }}"
|
||||||
mode: "0644"
|
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
with_items:
|
mode: '0644'
|
||||||
|
loop:
|
||||||
- /etc/pam.d/system-auth-ac
|
- /etc/pam.d/system-auth-ac
|
||||||
- /etc/pam.d/password-auth-ac
|
- /etc/pam.d/password-auth-ac
|
||||||
when:
|
when:
|
||||||
@ -16,14 +16,11 @@
|
|||||||
- ansible_facts['distribution_major_version'] == '7'
|
- ansible_facts['distribution_major_version'] == '7'
|
||||||
|
|
||||||
- name: Enterprise Linux 8 PAM Configuration
|
- name: Enterprise Linux 8 PAM Configuration
|
||||||
when:
|
|
||||||
- ansible_facts['os_family'] == 'RedHat'
|
|
||||||
- ansible_facts['distribution_major_version'] == '8'
|
|
||||||
block:
|
block:
|
||||||
- name: Ensure Custom Profile is removed
|
- name: Ensure Custom Profile is removed
|
||||||
file:
|
file:
|
||||||
state: absent
|
|
||||||
path: /etc/authselect/custom/sssd-rocky
|
path: /etc/authselect/custom/sssd-rocky
|
||||||
|
state: absent
|
||||||
|
|
||||||
- name: Create custom authselect profile based on sssd
|
- name: Create custom authselect profile based on sssd
|
||||||
command: >
|
command: >
|
||||||
@ -34,15 +31,16 @@
|
|||||||
--symlink=postlogin
|
--symlink=postlogin
|
||||||
--symlink=smartcard-auth
|
--symlink=smartcard-auth
|
||||||
--symlink=fingerprint-auth
|
--symlink=fingerprint-auth
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- name: Override system-auth and password-auth
|
- name: Override system-auth and password-auth
|
||||||
copy:
|
copy:
|
||||||
src: "etc/authselect/custom/sssd-aoc/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth"
|
src: "etc/authselect/custom/sssd-aoc/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth"
|
||||||
dest: "{{ item }}"
|
dest: "{{ item }}"
|
||||||
mode: '0644'
|
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
with_items:
|
mode: '0644'
|
||||||
|
loop:
|
||||||
- /etc/authselect/custom/sssd-aoc/system-auth
|
- /etc/authselect/custom/sssd-aoc/system-auth
|
||||||
- /etc/authselect/custom/sssd-aoc/password-auth
|
- /etc/authselect/custom/sssd-aoc/password-auth
|
||||||
|
|
||||||
@ -54,12 +52,17 @@
|
|||||||
with-mkhomedir
|
with-mkhomedir
|
||||||
with-sudo
|
with-sudo
|
||||||
--force
|
--force
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- name: Apply new settings
|
- name: Apply new settings
|
||||||
command: /usr/bin/authselect apply-changes
|
command: /usr/bin/authselect apply-changes
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- name: Enable oddjobd
|
- name: Enable oddjobd
|
||||||
service:
|
service:
|
||||||
name: oddjobd
|
name: oddjobd
|
||||||
state: started
|
state: started
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
when:
|
||||||
|
- ansible_facts['os_family'] == 'RedHat'
|
||||||
|
- ansible_facts['distribution_major_version'] == '8'
|
||||||
|
Loading…
Reference in New Issue
Block a user