Version initial du 2020/09/10

configure-host-oel6/tasks/os_configuration.yml

@@ -0,0 +1,120 @@
+---
+  # --------------------------------------------------- 
+  # configuration des packages necessaires pour Linux
+  # ---------------------------------------------------
+  - name: Installation du packet libselinux-python
+    yum: name="libselinux-python" state=installed
+
+  - name: Installation du RPM EPEL Repo
+    yum: name={{ epel_rpm }} state=installed
+    when: configure_epel_repo and internet_connection
+    tags: epelrepo
+
+  - name: Copie du fichier local EPEL Repo (pour remplacer https par http)
+    copy: src=epel.repo dest=/etc/yum.repos.d/epel.repo
+    tags: epelrepo
+
+  - name: Récupération du nouveau fichier repository pour OL6 (public-yum)
+    copy: src=public-yum-ol6.repo dest=/etc/yum.repos.d/public-yum-ol6.repo
+    tags: ol6repo
+
+  - name: Installation des packages communs pour Linux
+    yum: name={{ item }} state=installed
+    when: internet_connection
+    with_items: 
+      - bc
+      - bind-utils
+      - btrfs-progs
+      - cloog-ppl
+      - compat-libcap1
+      - ethtool
+      - expect
+      - git
+      - htop
+      - lvm2
+      - make
+      - module-init-tools
+      - mpfr
+      - multitail
+      - ncurses-devel
+      - ncurses-libs
+      - nfs-utils
+      - nscd
+      - nss-softokn-freebl
+      - ntp
+      - openssh-clients
+      - ppl
+      - procps
+      - readline
+      - rlwrap
+      - screen
+      - sysstat
+      - system-config-lvm
+      - tigervnc-server
+      - tree
+      - twm
+      - unzip
+      - wget
+      - vim
+      - xfsprogs
+    tags: commonpackages
+
+  - name: Configuratio du mode panic sur perte du /
+    shell: free_form="tune2fs -e panic `df -P / |tail -1 | awk '{print $1}'`"
+
+  - name: Configuratio du mode panic sur bug du kernel
+    sysctl: name=kernel.panic_on_oops value=1 state=present reload=yes ignoreerrors=yes
+
+  # --------------------------------------------------- 
+  # configuration du serveur NTPD
+  # ---------------------------------------------------
+  - name: Modification de la configuration NTP configuration (ajout du flag -x)
+    lineinfile: dest=/etc/sysconfig/ntpd
+              regexp='^OPTIONS='
+              line='OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid -g"'
+              state=present
+              create=yes
+
+  - name: restart ntpd
+    service: name=ntpd  state=started  enabled=yes
+ 
+  # --------------------------------------------------- 
+  # configuration Linux : Selinux
+  # ---------------------------------------------------
+  - name: Disactiver Selinux (de façon permanente)
+    selinux: state=disabled
+    when: disable_selinux
+    tags: selinux
+    register: selinux
+  
+  - name: Disactiver Selinux (runtime)
+    shell: setenforce 0
+    when: disable_selinux
+    tags: selinux
+    ignore_errors: true
+ 
+  # --------------------------------------------------- 
+  # configuration Linux : les services
+  # ---------------------------------------------------
+  - name: arrêter et désactiver les services inutils
+    with_items:
+      - bluetooth
+      - cups
+      - gpm
+      - hidd
+      - hplip
+      - isdn
+      - sendmail
+      - smartd
+      - avahi-daemon
+      - NetworkManager
+      - rhnsd
+      - firstboot
+      - chronyd
+      - ip6tables
+      - iptables
+      - firewalld
+    service: name={{ item }}  state=stopped  enabled=no
+    tags: linuxservices
+    ignore_errors: true
+