---
|
- name: Step 003 - Create env key
|
hosts: localhost
|
connection: local
|
gather_facts: false
|
become: false
|
tags:
|
- step003
|
- generate_env_keys
|
tasks:
|
- name: Generate SSH keys
|
shell: ssh-keygen -b 2048 -t rsa -f "{{output_dir}}/{{env_authorized_key}}" -q -N ""
|
args:
|
creates: "{{output_dir}}/{{env_authorized_key}}"
|
when: set_env_authorized_key | bool
|
|
- name: fix permission
|
file:
|
path: "{{output_dir}}/{{env_authorized_key}}"
|
mode: 0400
|
when: set_env_authorized_key | bool
|
|
- name: Generate SSH pub key
|
shell: ssh-keygen -y -f "{{output_dir}}//{{env_authorized_key}}" > "{{output_dir}}/{{env_authorized_key}}.pub"
|
args:
|
creates: "{{output_dir}}/{{env_authorized_key}}.pub"
|
when: set_env_authorized_key | bool
|
|
# Cloudformation template or equivalent should tag all hosts with Project:{{ env_type }}-{{ guid }}
|
- name: Configure all hosts with Repositories, Common Files and Set environment key
|
hosts:
|
- all:!windows
|
become: true
|
gather_facts: false
|
tags:
|
- step004
|
- common_tasks
|
roles:
|
- { role: "set-repositories", when: 'repo_method is defined' }
|
- { role: "common", when: 'install_common | bool' }
|
- { role: "set_env_authorized_key", when: 'set_env_authorized_key | bool' }
|
|
- name: Configuring Bastion Hosts
|
hosts: bastions
|
become: true
|
tags:
|
- step004
|
- bastion_tasks
|
roles:
|
- { role: "bastion-lite", when: 'install_bastion | bool' }
|
- { role: "bastion-student-user", when: 'install_student_user | bool' }
|
- { role: "bastion-opentlc-ipa", when: 'install_ipa_client | bool' }
|
|
- name: Configuring Ruby on Bastion Hosts
|
hosts: bastions
|
become: true
|
gather_facts: False
|
tasks:
|
- when: (install_ruby | bool) or (install_3scale | bool)
|
include_role:
|
name: ruby
|
vars:
|
rvm1_rubies: ['ruby-2.6.3']
|
rvm1_install_flags: '--auto-dotfiles' # Remove --user-install from defaults
|
rvm1_install_path: /usr/local/rvm # Set to system location
|
rvm1_user: root # Need root account to access system location
|
tags:
|
- step004
|
- ruby_tasks
|
|
- name: Configuring 3scale toolbox
|
hosts: bastions
|
become: true
|
tags:
|
- step004
|
- 3scale_toolbox_tasks
|
roles:
|
- { role: "bastion-3scale", when: 'install_3scale | bool' }
|
|
- name: PreSoftware flight-check
|
hosts: localhost
|
connection: local
|
gather_facts: false
|
become: false
|
tags:
|
- flight_check
|
tasks:
|
- debug:
|
msg: "Pre-Software checks completed successfully"
|