maj tags
This commit is contained in:
Yacine31
@@ -4,11 +4,11 @@
|
||||
# ---------------------------------------------------
|
||||
- name: Désactivation de Transparent Hugepages 1/2 (dans grub.conf)
|
||||
shell: grubby --grub2 --remove-args=transparent_hugepage --update-kernel=ALL
|
||||
tags: tphp
|
||||
tags: transparent_huge_page
|
||||
|
||||
- name: Désactivation de Transparent Hugepages 2/2 (dans grub.conf)
|
||||
shell: grubby --grub2 --args=transparent_hugepage=never --update-kernel=ALL
|
||||
tags: tphp
|
||||
tags: transparent_huge_page
|
||||
|
||||
- name: Désactivation de Numa 1/2 (dans grub.conf)
|
||||
shell: grubby --grub2 --remove-args=numa --update-kernel=ALL
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
- { name: net.core.rmem_max, value: 4194304 }
|
||||
- { name: net.core.wmem_default, value: 262144 }
|
||||
- { name: net.core.wmem_max, value: 1048576 }
|
||||
tags: sysconfig
|
||||
tags: sysctl.conf
|
||||
|
||||
- name: Configuration PAM
|
||||
lineinfile: dest=/etc/pam.d/login state=present line="session required pam_limits.so"
|
||||
|
||||
@@ -21,6 +21,7 @@
|
||||
with_items:
|
||||
- { line: "options attempts:2" }
|
||||
- { line: "options timeout:1" }
|
||||
tags: resolv_conf
|
||||
|
||||
- name: Desactivation de IP v6 et ZeroConf (Doc ID 1161144.1)
|
||||
lineinfile: dest=/etc/sysconfig/network line="{{ item.line }}"
|
||||
@@ -28,6 +29,8 @@
|
||||
- { line: "NETWORKING_IPV6=no" }
|
||||
- { line: "IPV6INIT=no" }
|
||||
- { line: "NOZEROCONF=yes" }
|
||||
tags: ipv6
|
||||
|
||||
- name: desactivation permanente de ipv6
|
||||
copy: src=desactivation_ipv6.conf dest=/etc/modprobe.d/desactivation_ipv6.conf
|
||||
tags: ipv6
|
||||
|
||||
@@ -28,28 +28,31 @@
|
||||
- xauth
|
||||
- xdpyinfo
|
||||
- xfsprogs
|
||||
tags: rpm_packages
|
||||
|
||||
# ---------------------------------------------------
|
||||
# configuration Linux : Mode panic
|
||||
# ---------------------------------------------------
|
||||
- name: Configuratio du mode panic sur perte du /
|
||||
shell: free_form="tune2fs -e panic `df -P / |tail -1 | awk '{print $1}'`"
|
||||
tags: mode_panic
|
||||
|
||||
- name: Configuratio du mode panic sur bug du kernel
|
||||
sysctl: name=kernel.panic_on_oops value=1 state=present reload=yes ignoreerrors=yes
|
||||
tags: mode_panic
|
||||
|
||||
# ---------------------------------------------------
|
||||
# configuration Linux : Selinux
|
||||
# ---------------------------------------------------
|
||||
- name: Disactiver Selinux (de façon permanente)
|
||||
selinux: state=disabled
|
||||
tags: selinux
|
||||
register: selinux
|
||||
tags: selinux
|
||||
|
||||
- name: Disactiver Selinux (runtime)
|
||||
shell: setenforce 0
|
||||
tags: selinux
|
||||
ignore_errors: true
|
||||
tags: selinux
|
||||
|
||||
# ---------------------------------------------------
|
||||
# configuration Linux : les services
|
||||
@@ -79,4 +82,5 @@
|
||||
# ---------------------------------------------------
|
||||
- name: configuration du démarrage en mode 3 par défaut
|
||||
command: systemctl set-default multi-user.target
|
||||
tags: init3
|
||||
|
||||
|
||||
@@ -4,15 +4,19 @@
|
||||
- name: Copy du rpm rlwrap OL8 vers le serveur
|
||||
copy: src=rlwrap-0.44-1.el8.x86_64.rpm dest=/tmp/rlwrap.x86_64.rpm owner=root mode=644
|
||||
when: ansible_distribution_major_version == '8'
|
||||
tags: rlwrap
|
||||
|
||||
- name: Copy du rpm rlwrap OL7 vers le serveur
|
||||
copy: src=rlwrap-0.42-1.el7.x86_64.rpm dest=/tmp/rlwrap.x86_64.rpm owner=root mode=644
|
||||
when: ansible_distribution_major_version == '7'
|
||||
tags: rlwrap
|
||||
|
||||
- name: Install rlwrap rpm from a local file
|
||||
yum:
|
||||
name: /tmp/rlwrap.x86_64.rpm
|
||||
state: present
|
||||
tags: rlwrap
|
||||
|
||||
- name: suppression du rpm rlwrap du serveur
|
||||
file: path=/tmp/rlwrap.x86_64.rpm state=absent
|
||||
file: path=/tmp/rlwrap.x86_64.rpm state=absent
|
||||
tags: rlwrap
|
||||
@@ -8,6 +8,7 @@
|
||||
|
||||
- name: Sécurisation du vidage mémoire
|
||||
copy: src="00-vidage.conf" dest="/etc/security/limits.d/00-vidage.conf"
|
||||
tags: secu_vidage
|
||||
|
||||
- name: Application des paramètres de configuration sécurisée
|
||||
sysctl: name="{{ item.name }}"
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
- { group: oper, gid: 1002 }
|
||||
- { group: dgdba, gid: 1007 }
|
||||
- { group: kmdba, gid: 1008 }
|
||||
tags: group
|
||||
tags: create_group
|
||||
|
||||
- name: Creation du compte Oracle
|
||||
user: name={{ item.username }} group={{ item.primgroup }} groups={{ item.othergroups }} uid={{ item.uid }} generate_ssh_key=yes append=yes state=present password={{ item.passwd }}
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
ansible sur le poste à configurer
|
||||
|
||||
===
|
||||
yum install -y wget bzip2 unzip git
|
||||
|
||||
$ pwd = /root
|
||||
|
||||
$ yum install -y wget bzip2 unzip git
|
||||
# git clone https://github.com/Yacine31/configure_oracle
|
||||
$ tar xfj configure_oracle/portable-ansible-v0.4.2-py2.tar.bz2
|
||||
# ln -s ansible ansible-playbook
|
||||
|
||||
Reference in New Issue
Block a user