mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
2-common/tasks/main.yml made far more readable
This commit is contained in:
A Holt
GitHub
parent
d305e13852
commit
5aa1a21c07
1 changed files with 11 additions and 26 deletions
|
|
@ -1,11 +1,18 @@
|
|||
# Common OS-Level Additions & Mods (that only need to be performed once)
|
||||
|
||||
- name: ...IS BEGINNING ==========================================
|
||||
command: echo
|
||||
meta: noop
|
||||
|
||||
- name: Create IIAB directory structure ("file layout")
|
||||
include_tasks: fl.yml
|
||||
|
||||
- include_tasks: packages.yml
|
||||
|
||||
- name: 'Network prep, including partial setup of iptables (firewall). SEE ALSO: 1-prep/tasks/raspberry_pi.yml'
|
||||
include_tasks: network.yml
|
||||
|
||||
- include_tasks: iiab-startup.yml
|
||||
|
||||
# UNMAINTAINED
|
||||
#- include_tasks: centos.yml
|
||||
# when: ansible_distribution == "CentOS"
|
||||
|
|
@ -22,25 +29,9 @@
|
|||
#- include_tasks: xo.yml
|
||||
# when: xo_model != "none" or osbuilder is defined
|
||||
|
||||
- include_tasks: packages.yml
|
||||
- include_tasks: network.yml
|
||||
|
||||
# Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes:
|
||||
- name: Use 'sysctl' to set 5 network/kernel settings, turning off IPv6 if possible
|
||||
sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot
|
||||
name: "{{ item.name }}"
|
||||
value: "{{ item.value }}"
|
||||
with_items:
|
||||
- { name: 'net.ipv4.ip_forward', value: '1' } # Masquerading LAN->Internet
|
||||
- { name: 'net.ipv4.conf.default.rp_filter', value: '1' }
|
||||
- { name: 'net.ipv4.conf.default.accept_source_route', value: '0' }
|
||||
#- { name: 'kernel.sysrq', value: '1' } # OS values differ, Ok?
|
||||
- { name: 'kernel.core_uses_pid', value: '1' }
|
||||
#- { name: 'net.ipv4.tcp_syncookies', value: '1' } # Very standard in 2020
|
||||
#- { name: 'kernel.shmmax', value: '268435456' } # OS values differ, Ok?
|
||||
- { name: 'net.ipv6.conf.all.disable_ipv6', value: '1' } # IPv6 disabled
|
||||
#- { name: 'net.ipv6.conf.default.disable_ipv6', value: '1' } # AUTO-SET
|
||||
#- { name: 'net.ipv6.conf.lo.disable_ipv6', value: '1' } # BY ABOVE
|
||||
# UNMAINTAINED
|
||||
#- include_tasks: net_mods.yml
|
||||
# when: not is_debuntu and not is_F18
|
||||
|
||||
# UNMAINTAINED
|
||||
#- name: Install /etc/profile.d/zzz_iiab.sh from template, to add sbin dirs to unprivileged users' $PATH
|
||||
|
|
@ -48,12 +39,6 @@
|
|||
# dest: /etc/profile.d/zzz_iiab.sh
|
||||
# src: zzz_iiab.sh
|
||||
|
||||
# UNMAINTAINED
|
||||
#- include_tasks: net_mods.yml
|
||||
# when: not is_debuntu and not is_F18
|
||||
|
||||
- include_tasks: iiab-startup.yml
|
||||
|
||||
- name: Recording STAGE 2 HAS COMPLETED ==========================
|
||||
lineinfile:
|
||||
path: "{{ iiab_env_file }}"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue