Refactored to individual files by function

2016-11-17 13:41:44 +13:00
parent a1ac1de7e2
commit 2111038879
4 changed files with 142 additions and 149 deletions
--- a/tasks/networking.yml
+++ b/tasks/networking.yml
@@ -0,0 +1,72 @@
+---
+- name: Ensure DNS and SSH common config
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: "{{ item.mode }}"
+    backup: yes
+  with_items:
+    - { src: etc.sysconfig.network.j2,
+        dest: /etc/sysconfig/network,
+        mode: u+rw,a+r
+      }
+    - { src: etc.resolv.conf.j2,
+        dest: /etc/resolv.conf,
+        mode: u+rw,a+r
+      }
+    - { src: sshd_config.j2,
+        dest: /etc/ssh/sshd_config,
+        mode: u+rw,a+r
+      }
+  notify:
+    - Restart SSH
+  tags: dns
+
+- name: Ensure hosts file correct
+  lineinfile:
+    dest: /etc/hosts
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+    backrefs: yes
+    backup: yes
+  with_items:
+    - {regexp: "^127.0.0.1.+localdomain4$",
+         line: "127.0.0.1   localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^::1.+localdomain6$",
+         line: "::1         localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^{{ ansible_default_ipv4.address }}.*{{ ansible_default_ipv4.address.split('.')[-1] }}$",
+         line: "{{ ansible_default_ipv4.address }}  {{ inventory_hostname }}.{{ domain }} {{ inventory_hostname }}"
+      }
+    - {regexp: "^127.0.0.1.+{{ ansible_nodename.split('.')[0] }}$",
+       line: "127.0.0.1   localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^::1.+{{ ansible_nodename.split('.')[0] }}$",
+       line: "::1         localhost {{ inventory_hostname }}"
+      }
+    - {regexp: "^{{ ansible_default_ipv4.address }}.*{{ ansible_nodename.split('.')[0] }}$",
+       line: "{{ ansible_default_ipv4.address }}  {{ inventory_hostname }}.{{ domain }} {{ inventory_hostname }}"
+      }
+
+- name: Ensure NetworkManager does not fiddle DNS
+  ini_file:
+    dest: /etc/NetworkManager/NetworkManager.conf
+    section: "main"
+    option: "dns"
+    value: "none"
+    backup: yes
+  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == "7")
+  notify:
+    - restart NetworkManager
+
+- name: Ensure correct permissions (hosts/resolv.conf)
+  file:
+    path: "{{item}}"
+    state: touch
+    mode: u+rw,g+r,a+r
+  with_items:
+    - /etc/resolv.conf
+    - /etc/hosts
+  changed_when: false
+  tags: dns