*表記のため「}}」は「} }」としてます。

- hosts:  g01.sybyl.local
  # samba-ad domainの参加パスワード
  vars_prompt:
  - name: samba_pass
    prompt: "samba administrator's password"
    private: yes
 
  # 実行するtaksを明記
  tasks:
 
  # yum 関連
  - name: yum参照先を追記
    lineinfile: dest=/etc/yum/pluginconf.d/fastestmirror.conf line="prefer=ftp.riken.jp"
  - name: yum clean
    shell: yum clean plugins
  - name: yum update
    yum: name=*  state=latest
  - name: install common packages
    yum: name={{ item } } state=latest
    with_items:
     - epel-release
     - nfs-utils
     - gdisk
     - tcsh
     - rsh-server
     - openmpi
     - libpng12
     - compat-libtiff3
     - evince
     - texlive-latex
     - ghostscript
     - texlive-latex-bin-bin
     - samba-common-tools
     - sssd
     - krb5-workstation
     - xorg-x11-xauth
     - lm_sensors
     - nvme-cli
     - net-snmp
     - sysstat
     - ImageMagick
     - emacs
     - gnuplot
  - name: install epel packages
    yum: name={{ item } } state=latest
    with_items:
     - iftop
     - hddtemp
     - xpdf
  - name: install 'Development tools'
    yum: name="@Development tools" state=present
 
  # filesystem
  - name: fstab修正
    blockinfile:
      dest: /etc/fstab
      content: |
         nfs:/home /home nfs rw,hard,intr 0 0
         nfs:/Appl /Appl nfs ro,hard,intr 0 0
         nfs:/data /data nfs rw,hard,intr 0 0
  - name: make nfs mount point 
    file: path=/{{ item } } state=directory owner=root group=root mode=0755
    with_items:
       - Appl
       - data
    follow: yes
 
  # セキュリティー関係
  - name: firewalldを停止
    systemd: name=firewalld enabled=no state=stopped
  - name: selinuxを無効化
    replace: dest=/etc/selinux/config regexp='SELINUX=enforcing' replace='SELINUX=disabled'
 
  # cuda関連
  - name: cudaインストールファイルの転送
    copy: 
      src=cuda-repo-rhel7-8-0-local-8.0.44-1.x86_64.rpm
      dest=/root/cuda-repo-rhel7-8-0-local-8.0.44-1.x86_64.rpm
      owner=root
      group=root
      mode=0755
  - name: cudaインストール
    yum: name=/root/cuda-repo-rhel7-8-0-local-8.0.44-1.x86_64.rpm state=present
  - name: install cuda
    yum: name=cuda state=latest
 
 
  - name: stat hosts
    stat: path=/etc/hosts
    register: hosts_stat
 
  - name: stat smb
    stat: path=/etc/samba/smb.conf
    register: smb_stat
 
  - name: hostsファイルバックアップ
    command: mv -f /etc/hosts /etc/hosts.old
    when: hosts_stat.stat.exists
 
  - name: smbファイルバックアップ
    command: mv -f /etc/samba/smb.conf /etc/samba/smb.conf.old
    when: smb_stat.stat.exists
 
  - name: hosts作成
    copy:
      dest: /etc/hosts
      content: |
         127.0.0.1     localhost.localdomain localhost
         192.168.0.100 c100.sybyl.local c100
 
  - name: hosts.equiv作成
    copy:
      dest: /etc/hosts.equiv
      content: |
         + +
 
  - name: smb.conf作成
    copy:
      dest: /etc/samba/smb.conf
      content: |
        [global]
        workgroup = SYBYL
        security = ADS
        realm = SYBYL.LOCAL
        log file = /var/log/samba/%m.log
        kerberos method = secrets and keytab
        client signing = yes
        client use spnego = yes
  - name: stat keytab
    stat: path=/etc/krb5.keytab
    register: keytab_stat
  - name: samba ad参加
    command: net ads join osName=CentOS -Uadministrator%{{samba_pass} }
    when: not keytab_stat.stat.exists
  - name: sssd.conf作成
    copy:
      dest: /etc/sssd/sssd.conf
      content: |
        [sssd]
        services = nss, pam
        config_file_version = 2
        domains = sybyl.local
        [domain/sybyl.local]
        id_provider = ad
        access_provider = ad
        enumerate = True
        krb5_keytab = /etc/krb5.keytab
        ldap_id_mapping = False
        ldap_sasl_authid = {{ ansible_hostname } }$@SYBYL.LOCAL
      mode: 0600
  - name: 認証設定
    command: authconfig --enablesssd --enablesssdauth --update
  - name: 認証設定
    systemd:
      name: sssd
      enabled: yes
 
  - name: sshd末尾に追加
    lineinfile: >-
       dest=/etc/ssh/sshd_config
       state=present
       backrefs=yes
       regexp='{{ item.regexp } }'
       line='{{ item.line } }'
    with_items:
    - regexp: '^#HostbasedAuthentication no'
      line: 'HostbasedAuthentication yes'
    - regexp: '^GSSAPICleanupCredentials no'
      line: 'GSSAPICleanupCredentials yes'
 
  - name: rshとrexecを有効に
    command: systemctl enable rsh.socket rexec.socket
 
 
  - name: pbspro
    copy: 
      src=~/rpmbuild/RPMS/x86_64/pbspro-execution-14.1.2-0.x86_64.rpm
      dest=/root/pbspro-execution-14.1.2-0.x86_64.rpm
      owner=root
      group=root
      mode=0755
  - name: pbsproインストール
    yum:
      name: /root/pbspro-execution-14.1.2-0.x86_64.rpm
      state: present
  - name: pbspro設定(pbs.conf)
    replace: dest=/etc/pbs.conf regexp='CHANGE_THIS_TO_PBS_PRO_SERVER_HOSTNAME' replace='pbspro.sybyl.local'
  - name: pbspro設定(pbs_environment)
    lineinfile: dest=/var/lib/pbs/pbs_environment   line="TZ=Asia/Tokyo"
  - name: pbspro設定 client
    replace: dest=/var/lib/pbs/mom_priv/config regexp='CHANGE_THIS_TO_PBS_PRO_SERVER_HOSTNAME' replace='pbspro.sybyl.local'
 
 
  - name: history設定
    lineinfile:
      dest=/etc/profile
      line={{ item } }
    with_items:
      - 'HISTSIZE=1000'
      - 'HISTTIMEFORMAT=%Y/%m/%d %H:%M:%S'
      - 'HISTIGNORE="history:pwd:which:ls"'
      - 'if [ "\$HISTCONTROL" = "ignorespace" ] ; then'
      - 'export HISTCONTROL=ignoreboth'
      - 'else'
      - 'export HISTCONTROL=ignoredups'
      - 'fi'
      - 'export HISTSIZE HISTCONTROL HISTTIMEFORMAT HISTIGNORE'
 
  - name: root bashrc
    lineinfile: dest=/root/.bashrc line="alias less='less -X'"
 
  - name: root env
    lineinfile: dest=/root/.vimrc  line="set t_ti= t_te="

トップ   編集 添付 複製 名前変更     ヘルプ   最終更新のRSS
Last-modified: 2018-03-22 (木) 11:59:51 (89d)