libvirt_cloud/ansible_local.yml

266 lines
8.9 KiB
YAML

# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8 -*-
---
- hosts: "{{ BOX_HOST }}" # |default('localhost')
#?? become: "{{ 'false' if ansible_connection|default('') == 'chroot' else 'true'}}"
# become_method: "'' if ansible_connection|default('') == 'chroot' else 'sudo'"
gather_facts: true
vars:
PLAY_CHROOT_CONNECTIONS: ['chroot', 'lxc', 'lxd', 'local'] #?
PLAY_NOSERVICE_CONNECTIONS: ['chroot', 'lxc', 'lxd', 'local'] #?
PLAY_NORSYNC_CONNECTIONS: ['chroot', 'lxc', 'lxd', 'local', 'libvirt_qemu']
PLAY_CA_CERT: "/usr/local/etc/ssl/cacert-curl.haxx.se.pem" # proxy?
# These now come from the inventory except for connection = local,chroot in base_proxy.yml
proxy_env:
# hostvars[inventory_hostname]['http_proxy']
http_proxy: "{{ http_proxy }}"
https_proxy: "{{ https_proxy }}"
socks_proxy: '{{ socks_proxy }}'
ftp_proxy: '{{ ftp_proxy }}'
no_proxy: '{{ no_proxy }}'
SSL_CERT_FILE: "{{ SSL_CERT_FILE }}"
RSYNC_PROXY: "{{ RSYNC_PROXY }}"
# pass this in the -e extravars to the playbook command line - but you need the user and password too...
CORP_NTLM_PROXY: ""
# ...so put CORP_NTLM_PROXY with the username and password in the QeRcUser file
# of the person running this playbook - not on the box - we use the RUN_ prefix.
# If you dont want this, pass in RUN_QERC_USERFILE="" in the -e extra_vars on the command line
# This is intened for credentials and could be vaulted - as opposed to runtime variables
# stored in ~/.config/testforge/facts.d/testforge.yml
RUN_QERC_USERFILE: "{{ lookup('env', 'HOME') }}/QeRcUser.yaml"
# this should be set on the command line
ROLES: []
# pip uses /usr/local
USR_LOCAL: "/usr/local"
# we are installing into the prefix /var/local to not interfere with
# other things that use /usr/local, including some things from other OSes.
VAR_LOCAL: "/var/local"
VAR_LOG: "{{VAR_LOCAL}}/var/log/testforge"
PIP_CACHE: "/root/.cache/pip"
# lynx uses SSL_CERT_DIR/SSL_CERT_FILE
PIP_CA_CERT: "{{USR_LOCAL}}/etc/ssl/cacert-testserver.pem"
PIP_INSTALL_ARGS: "--disable-pip-version-check --user --no-deps "
# for localhost host operations with hostvms - eg hosts.yml
PLAY_ANSIBLE_SRC: "{{ lookup('env', 'PWD')|default('') }}"
PLAY_GI_DATA : /a/tmp/GentooImgr
# lynis objects to . on the PATH and I cant find whos adding it
# FixMe: does this change the PATH?
environment:
# NOT lookup('env', 'PATH')
PATH: "{{ ansible_env.PATH +':' +VAR_LOCAL +'/bin'|replace('.:', '')}}"
pre_tasks:
- block:
- name: "Suspicious location (.) in PATH discovered"
shell: |
echo $PATH | grep '\.:' && echo "WARN: dot is on the PATH" && exit 1
exit 0
register: dot_on_path_fact
# warning not an error - I cant see who is putting it on the PATH - a tailing :
ignore_errors: true
- name: lookup env PATH
debug: msg="{{ ansible_env.PATH }}"
when:
- dot_on_path_fact is defined
- dot_on_path_fact is failed
- name: "set dates"
set_fact:
DOW: 0 # Day of week - unused
DOM: "{{ ansible_date_time.day|int }}" # Day of month
DATE: "{{ansible_date_time.day}}" # +%Y-%m-%d
date_slash: "{{ ansible_date_time.date|replace('-','/') }}" # +%Y/%m/%d
date_dash: "{{ ansible_date_time.date }}" # +%Y-%m-%d
date_week_slash: "{{ ansible_date_time.year }}/{{ ansible_date_time.weeknumber }}"
date_week_dash: "{{ ansible_date_time.year }}-{{ ansible_date_time.weeknumber }}"
- debug:
msg: "{{date_slash}} ansible_connection={{ansible_connection|default('') }} ROLES={{ROLES}}"
- name: "hostvars[inventory_hostname]"
debug:
# |to_yaml
msg: "hostvars[inventory_hostname] {{hostvars[inventory_hostname]}}"
when: false
- name: "ansible_lsb.id BOX_OS_FAMILY"
assert:
that:
- "'{{ansible_lsb.id}}' == '{{BOX_OS_NAME}}'"
success_msg: "BOX_OS_FAMILY={{BOX_OS_FAMILY}}"
fail_msg: "ON tHE WRONG BOX {{ansible_lsb.id}} "
when:
- ansible_connection != 'local'
- ansible_lsb.id|default('')" != ''
ignore_errors: true
- name: "check BOX_ANSIBLE_CONNECTIONS"
assert:
that:
- "{{ansible_connection in BOX_ANSIBLE_CONNECTIONS}}"
- name: "we will use sudo and make it a prerequisite"
shell: |
which sudo || exit 1
# "check ansible_python_interpreter"
"{{ansible_python_interpreter|default('python3')}}" --version
# required
tags: always
check_mode: false
- block:
- name: check nbd mounts
shell: |
cat /proc/partitions | grep nbd | head -1 | sed -e 's/.* //'
changed_when: false
register: nbd_out
ignore_errors: true
- name: nbd state
debug:
verbosity: 1
msg: 'var={{nbd_out}} BOX_NBD_DEV={{BOX_NBD_DEV}}'
ignore_errors: true
- name: nbd fact no
set_fact:
nbd_disk: ""
- name: nbd fact yes
set_fact:
nbd_dev: "{{nbd_out.stdout}}"
nbd_disk: "/dev/{{nbd_out.stdout}}"
when:
- nbd_out.rc|default(1) == 0
- nbd_out.stdout|default('') != ''
# required
tags: always
check_mode: false
when: ansible_connection == 'local' or ansible_connection == 'chroot'
- block:
- name: "spinup libvirt hosts"
shell: |
sudo virsh net-list | grep -q default || \
sudo virsh net-start default
sudo virsh list | grep -q "{{ inventory_hostname }}" || \
sudo virsh start "{{ inventory_hostname }}"
delegate_to: localhost
become: yes
- name: "spinup libvirt hosts"
# pip3.sh install ovirt-engine-sdk-python --break-system-packages
ovirt:
url: "qemu:///system"
instance_name: ubuntu18.04
instance_cpus: "1"
state: started
# instance_rootpw
user: "{{ BOX_USER_NAME }}" #
password: "{{ BOX_USER_NAME }}" # "{{ ansible_ssh_user }}
become: yes
# msg: ovirtsdk required for this module
ignore_errors: true
# required
tags: always
check_mode: false
when: ansible_connection == 'libvirt_qemu'
# # required?
# tags: always
# check_mode: false
# handlers:
roles:
# Always run the base prerequsite role.
- role: base
# When you use always: it breaks using daily/monthly/weekly tags - OK as base doesnt use them
tags: always
- role: proxy
# You should run the proxy role even if you are not behind a proxy.
tags: always
when:
- "'proxy' in ROLES"
- role: ansible-gentoo_install
when:
# BOX_OS_FAMILY == 'Gentoo' or BOX_GENTOO_FROM_MP != '' ?
- ( ansible_connection == 'local' and nbd_disk|default('') != '' ) or (ansible_connection == 'chroot' )
- role: toxcore
tags: always
when:
- "'toxcore' in ROLES"
post_tasks:
# queue up these at the end to leave a summary of what happened
- block:
- name: "ANSIBLE_RUN_LOG"
shell: |
ls -l "{{ ANSIBLE_RUN_LOG }}"
exit 0
register: grep_run_log
ignore_errors: true
- block:
- name: last summary of WARN or ERROR in the logfile
#debug: msg="{{ grep_run_log.stdout }}"
#when: "grep_run_log is defined and grep_run_log.stdout_lines|length > 0"
shell: |
ANSIBLE_RUN_LOG="{{ ANSIBLE_RUN_LOG }}"
[ -s "$ANSIBLE_RUN_LOG" ] || { echo "ERROR: empty $ANSIBLE_RUN_LOG" ; exit 2 ; }
echo DEBUG: Summary for ROLES $roles
echo DEBUG: WARN
grep -h -e '^[ msg:-]*[W]ARN:' -e '^[ ]*.WARNING.:' \
-e "^[' stderroumsg:-]*WARN:" $ANSIBLE_RUN_LOG
echo DEBUG: ERROR
grep -h -e '^[ msg:-]*[E]RROR:' -e 'Input/output error' \
-e 'No such file or directory' -e '^[ ]*.ImportError:' \
-e "^[' stderroumsg:-]*ERROR:" $ANSIBLE_RUN_LOG
echo DEBUG: FAILED
grep -h -e 'fatal: \|^failed: ' -B 1 $ANSIBLE_RUN_LOG
exit 0
when:
- grep_run_log is success
# required
tags: always
check_mode: false
when:
- ANSIBLE_RUN_LOG|default('') != ''
delegate_to: localhost
# required
tags: always
# Force a task to run in normal mode, even when the playbook is called with --check
check_mode: false
# if .yamlint exists in this directory is ansible silently reading it?
# if it's garbage does it kill ansible with a no-descripted
# ERROR! Syntax Error while loading YAML.