Tasks
main.yml
Synopsis: Main task.
Import tasks if enabled.
1---
2# tasks for freebsd_postinstall
3
4- name: Import debug.yml
5 ansible.builtin.import_tasks: debug.yml
6 when: fp_debug|bool
7 tags: fp_debug
8
9- name: Import sanity.yml
10 ansible.builtin.import_tasks: sanity.yml
11 when: fp_sanity|bool
12 tags: always
13
14- name: Import cloud-providers.yml
15 ansible.builtin.import_tasks: cloud-providers.yml
16 tags: fp_cloud_proividers
17
18- name: Import loader.yml
19 ansible.builtin.import_tasks: loader.yml
20 when: fp_loader|bool
21 tags: fp_loader
22
23- name: Import sysctl.yml
24 ansible.builtin.import_tasks: sysctl.yml
25 when: fp_sysctl|bool
26 tags: fp_sysctl
27
28- name: Import tmpmfs.yml
29 ansible.builtin.import_tasks: tmpmfs.yml
30 when: fp_tmpmfs|bool
31 tags: fp_tmpmfs
32
33- name: Import devfs.yml
34 ansible.builtin.import_tasks: devfs.yml
35 when: fp_devfs|bool
36 tags: fp_devfs
37
38- name: Import dhclient.yml
39 ansible.builtin.import_tasks: dhclient.yml
40 when: fp_dhclient|bool
41 tags: fp_dhclient
42
43- name: Import make.yml
44 ansible.builtin.import_tasks: make.yml
45 when: fp_make|bool
46 tags: fp_make
47
48- name: Import swap.yml
49 ansible.builtin.import_tasks: swap.yml
50 when: fp_swap|bool
51 tags: fp_swap
52
53- name: Import flush_handlers
54 ansible.builtin.meta: flush_handlers
55
56- name: Import fstab.yml
57 ansible.builtin.import_tasks: fstab.yml
58 when: fp_fstab|bool
59 tags: fp_fstab
60
61- name: Import mount-iso.yml
62 ansible.builtin.import_tasks: mount-iso.yml
63 when: fp_mount_iso|bool
64 tags: fp_mount_iso
65
66- name: Import mount-img.yml
67 ansible.builtin.import_tasks: mount-img.yml
68 when: fp_mount_img|bool
69 tags: fp_mount_img
70
71- name: Import packages.yml
72 ansible.builtin.import_tasks: packages.yml
73 when: fp_install|bool
74 tags: fp_packages
75
76- name: Import copy.yml
77 ansible.builtin.import_tasks: copy.yml
78 when: fp_copy|bool
79 tags: fp_copy
80
81- name: Import libmap.yml
82 ansible.builtin.import_tasks: libmap.yml
83 when: fp_libmap|bool
84 tags: fp_libmap
85
86- name: Import groups.yml
87 ansible.builtin.import_tasks: groups.yml
88 when: fp_groups|bool
89 tags: fp_groups
90
91- name: Import users.yml
92 ansible.builtin.import_tasks: users.yml
93 when: fp_users|bool
94 tags: fp_users
95
96- name: Import passwords.yml
97 ansible.builtin.import_tasks: passwords.yml
98 when: fp_passwords|bool
99 tags: fp_passwords
100
101- name: Import groupwrappers.yml
102 ansible.builtin.import_tasks: groupwrappers.yml
103 when: fp_groupwrappers|bool
104 tags: fp_groupwrappers
105
106- name: Import hostname.yml
107 ansible.builtin.import_tasks: hostname.yml
108 when: fp_hostname|bool
109 tags: fp_hostname
110
111- name: Import hosts.yml
112 ansible.builtin.import_tasks: hosts.yml
113 when: fp_hosts|bool
114 tags: fp_hosts
115
116- name: Import ssh.yml
117 ansible.builtin.import_tasks: ssh.yml
118 when: fp_ssh|bool
119 tags: fp_ssh
120
121- name: Import sshd.yml
122 ansible.builtin.import_tasks: sshd.yml
123 when: fp_sshd|bool
124 tags: fp_sshd
125
126- name: Import authorized-key.yml
127 ansible.builtin.import_tasks: authorized-key.yml
128 when: fp_authorized_key|bool
129 tags: fp_authorized_key
130
131- name: Import timezone.yml
132 ansible.builtin.import_tasks: timezone.yml
133 when: fp_timezone|bool
134 tags: fp_timezone
135
136- name: Import ntp.yml
137 ansible.builtin.import_tasks: ntp.yml
138 when: fp_ntp|bool
139 tags: fp_ntp
140
141- name: Import ntpdate.yml
142 ansible.builtin.import_tasks: ntpdate.yml
143 when: fp_ntpdate|bool
144 tags: fp_ntpdate
145
146- name: Import nfs.yml
147 ansible.builtin.import_tasks: nfs.yml
148 when: fp_nfs|bool
149 tags: fp_nfs
150
151- name: Import nfsd.yml
152 ansible.builtin.import_tasks: nfsd.yml
153 when: fp_nfsd|bool
154 tags: fp_nfsd
155
156- name: Import smartd.yml
157 ansible.builtin.import_tasks: smartd.yml
158 when: fp_smartd|bool
159 tags: fp_smartd
160
161- name: Import apcupsd.yml
162 ansible.builtin.import_tasks: apcupsd.yml
163 when: fp_apcupsd|bool
164 tags: fp_apcupsd
165
166- name: Import hostapd.yml
167 ansible.builtin.import_tasks: hostapd.yml
168 when: fp_hostapd|bool
169 tags: fp_hostapd
170
171- name: Import procmail.yml
172 ansible.builtin.import_tasks: procmail.yml
173 when: fp_procmail|bool
174 tags: fp_procmail
175
176- name: Import motd.yml
177 ansible.builtin.import_tasks: motd.yml
178 when: fp_motd|bool
179 tags: fp_motd
180
181- name: Import gitserver.yml
182 ansible.builtin.import_tasks: gitserver.yml
183 when: fp_gitserver|bool
184 tags: fp_gitserver
185
186- name: Import sudoers.yml
187 ansible.builtin.import_tasks: sudoers.yml
188 when: fp_sudoers|bool
189 tags: fp_sudoers
190
191- name: Import cron.yml
192 ansible.builtin.import_tasks: cron.yml
193 when: fp_cron|bool
194 tags: fp_cron
195
196- name: Import resolvconf.yml
197 ansible.builtin.import_tasks: resolvconf.yml
198 when: fp_resolvconf|bool
199 tags: fp_resolvconf
200
201- name: Import aliases.yml
202 ansible.builtin.import_tasks: aliases.yml
203 when: fp_aliases|bool
204 tags: fp_aliases
205
206- name: Import periodic.yml
207 ansible.builtin.import_tasks: periodic.yml
208 when: fp_periodic|bool
209 tags: fp_periodic
210
211- name: Import wpasupplicant.yml
212 ansible.builtin.import_tasks: wpasupplicant.yml
213 when: fp_wpasupplicant|bool
214 tags: fp_wpasupplicant
215
216- name: Import linux.yml
217 ansible.builtin.import_tasks: linux.yml
218 when: fp_linux|bool
219 tags: fp_linux
220
221- name: Import login.yml
222 ansible.builtin.import_tasks: login.yml
223 when: fp_login|bool
224 tags: fp_login
225
226- name: Import snmpd.yml
227 ansible.builtin.import_tasks: snmpd.yml
228 when: fp_snmpd|bool
229 tags: fp_snmpd
230
231- name: Import qemu.yml
232 ansible.builtin.import_tasks: qemu.yml
233 when: fp_qemu|bool
234 tags: fp_qemu
235
236# EOF
237...
aliases.yml
Synopsis: Configure aliases.
Description of the task.
1---
2
3- name: "aliases: Configure {{ fp_aliases_conf_file }}"
4 ansible.builtin.lineinfile:
5 dest: "{{ fp_aliases_conf_file }}"
6 regexp: '^\s*{{ item.alias }}:(.*)$'
7 line: '{{ item.alias }}: {{ item.user }}'
8 backup: "{{ fp_backup }}"
9 loop: "{{ fp_aliases_conf }}"
10 notify: newaliases
11
12# EOF
13...
apcupsd.yml
Synopsis: Configure apcupsd.
Description of the task.
1---
2
3- name: "apcupsd: Enable and start apcupsd"
4 ansible.builtin.lineinfile:
5 dest: /etc/rc.conf
6 regexp: '^\s*apcupsd_enable\s*=(.*)$'
7 line: 'apcupsd_enable="YES"'
8 backup: "{{ fp_backup }}"
9 when: fp_apcupsd_enabled|bool
10 notify: enable and start apcupsd
11 tags: fp_apcupsd_rcconf
12
13- name: "apcupsd: Disable and stop apcupsd"
14 ansible.builtin.lineinfile:
15 dest: /etc/rc.conf
16 regexp: '^\s*apcupsd_enable\s*=(.*)$'
17 line: 'apcupsd_enable="NO"'
18 backup: "{{ fp_backup }}"
19 when: not fp_apcupsd_enabled|bool
20 notify: disable and stop apcupsd
21 tags: fp_apcupsd_rcconf
22
23- name: "apcupsd: Create directory {{ fp_apcupsd_conf_dir }}"
24 ansible.builtin.file:
25 state: directory
26 path: "{{ fp_apcupsd_conf_dir }}"
27 mode: "{{ fp_apcupsd_conf_dir_mode }}"
28 tags: fp_apcupsd_conf
29
30- name: "apcupsd: Configure apcupsd.conf"
31 ansible.builtin.template:
32 src: apcupsd.conf.j2
33 dest: "{{ fp_apcupsd_conf_file }}"
34 owner: "{{ fp_apcupsd_conf_owner }}"
35 group: "{{ fp_apcupsd_conf_group }}"
36 mode: "{{ fp_apcupsd_conf_mode }}"
37 backup: "{{ fp_backup }}"
38 notify: restart apcupsd
39 tags: fp_apcupsd_conf
40
41# EOF
42...
cloud-providers.yml
Synopsis: Configure cloud-providers.
Description of the task.
1---
2
3- name: Import cloud-providers/digitalocean.yml
4 import_tasks: cloud-providers/digitalocean.yml
5 when: digitalocean|bool
6 tags: fp_do
7
8# EOF
9...
copy.yml
Synopsis: Configure copy.
Description of the task.
1---
2
3- name: "copy: Debug (fp_copy_debug={{ fp_copy_debug }})"
4 vars:
5 msg: |-
6 fp_unarch_default: {{ fp_unarch_default }}
7 fp_unarch_optional: {{ fp_unarch_optional }}
8 fp_synchronize_default:
9 {{ fp_synchronize_default|to_nice_yaml|indent(2) }}
10 fp_synchronize_optional:
11 {{ fp_synchronize_optional|to_nice_yaml|indent(2) }}
12 fp_copy_dir: {{ fp_copy_dir }}
13 fp_copy_dir_default: {{ fp_copy_dir_default }}
14 fp_copy_arch_defaul: {{ fp_copy_arch_default }}
15 fp_copy_dir_optional: {{ fp_copy_dir_optional }}
16 fp_copy_arch_optional: {{ fp_copy_arch_optional }}
17 fp_unarchive_keep_newer: {{ fp_unarchive_keep_newer }}
18 fp_synchronize_delete: {{ fp_synchronize_delete }}
19 fp_synchronize_archive: {{ fp_synchronize_archive }}
20 fp_synchronize_checksum: {{ fp_synchronize_checksum }}
21 fp_synchronize_compress: {{ fp_synchronize_compress }}
22 fp_synchronize_copy_links: {{ fp_synchronize_copy_links }}
23 fp_synchronize_dirs: {{ fp_synchronize_dirs }}
24 fp_synchronize_existing_only: {{ fp_synchronize_existing_only }}
25 fp_synchronize_group: {{ fp_synchronize_group }}
26 fp_synchronize_mode: {{ fp_synchronize_mode }}
27 fp_synchronize_owner: {{ fp_synchronize_owner }}
28 fp_synchronize_perms: {{ fp_synchronize_perms }}
29 fp_synchronize_times: {{ fp_synchronize_times }}
30 fp_synchronize_verify_host: {{ fp_synchronize_verify_host }}
31 ansible.builtin.debug:
32 msg: "{{ '{}'.format(msg) }}"
33 when: fp_copy_debug|bool
34 tags: fp_copy_debug
35
36# Sync default
37- name: "copy: Synchronize default files {{ fp_copy_dir }}/{{ fp_copy_dir_default }}"
38 ansible.builtin.import_tasks: copy/sync-default.yml
39 when: fp_synchronize_default|length > 0
40 tags: fp_copy_sync_default
41
42# Sync optional
43- name: "copy: Synchronize optional files {{ fp_copy_dir }}/{{ fp_copy_dir_optional }}"
44 ansible.builtin.import_tasks: copy/sync-optional.yml
45 when: fp_synchronize_optional|length > 0
46 tags: fp_copy_sync_optional
47
48# Unarch default
49- name: "copy: Extract default files {{ fp_copy_dir }}/{{ fp_copy_arch_defaul }}"
50 ansible.builtin.import_tasks: copy/unarch-default.yml
51 when: fp_unarch_default|bool
52 tags: fp_copy_unarch_default
53
54# Unarch optional
55- name: "copy: Extract optional files {{ fp_copy_dir }}/{{ fp_copy_arch_optional }}"
56 ansible.builtin.import_tasks: copy/unarch-optional.yml
57 when: fp_unarch_optional|bool
58 tags: fp_copy_unarch_optional
59
60# EOF
61...
cron.yml
Synopsis: Configure cron.
Description of the task.
1---
2
3- name: "cron: Debug (fp_cron_debug={{ fp_cron_debug }})"
4 vars:
5 msg: |-
6 fp_cron_dir: {{ fp_cron_dir }}
7 fp_cron_var:
8 {{ fp_cron_var|to_yaml|indent(2) }}
9 fp_cron_tab:
10 {{ fp_cron_tab|to_nice_yaml|indent(2) }}
11 fp_cron_file_system: {{ fp_cron_file_system }}
12 fp_cron_var_system:
13 {{ fp_cron_var_system|to_yaml|indent(2) }}
14 fp_cron_tab_system:
15 {{ fp_cron_tab_system|to_nice_yaml|indent(2) }}
16 ansible.builtin.debug:
17 msg: "{{ '{}'.format(msg) }}"
18 when: fp_cron_debug|bool
19 tags: fp_cron_debug
20
21# Note on "cron – Manage cron.d and crontab entries"
22# https://docs.ansible.com/ansible/latest/modules/cron_module.html
23# Quoting from Synopsis: "When crontab jobs are managed: the module
24# includes one line with the description of the crontab entry
25# "#Ansible: <name>" corresponding to the “name” passed to the module,
26# which is used by future ansible/module calls to find/check the
27# state. The “name” parameter should be unique, and changing the
28# “name” value will result in a new cron task being created (or a
29# different one being removed).
30
31# If "# <name>" entry is present change it to "#Ansible: <name>" to
32# avoid double-entries
33
34- name: "cron: Rename present crontab entries"
35 ansible.builtin.include_tasks:
36 file: fn/cron-rename-entry.yml
37 loop: "{{ fp_cron_tab }}"
38 tags: fp_cron_rename_entries
39
40- name: "cron: Rename present crontab entries system"
41 ansible.builtin.replace:
42 path: "{{ fp_cron_file_system }}"
43 regexp: '^\s*#\s*{{ item.name }}$'
44 replace: "#Ansible: {{ item.name }}"
45 backup: "{{ fp_backup }}"
46 loop: "{{ fp_cron_tab }}"
47 loop_control:
48 label: "{{ item.name }}"
49 tags: fp_cron_rename_entries_system
50
51- name: "cron: Configure cron variables"
52 community.general.cronvar:
53 name: "{{ item.name }}"
54 value: "{{ item.value }}"
55 user: "{{ item.user }}"
56 loop: "{{ fp_cron_var }}"
57 tags: fp_cron_var
58
59- name: "cron: Configure crontab entries"
60 ansible.builtin.cron:
61 state: "{{ item.state }}"
62 user: "{{ item.user }}"
63 name: "{{ item.name }}"
64 minute: "{{ item.minute }}"
65 hour: "{{ item.hour }}"
66 day: "{{ item.day }}"
67 month: "{{ item.month }}"
68 weekday: "{{ item.weekday }}"
69 job: "{{ item.command }}"
70 loop: "{{ fp_cron_tab }}"
71 loop_control:
72 label: "{{ item.name }}"
73 tags: fp_cron_tab
74
75- name: "cron: Configure cron variables system"
76 community.general.cronvar:
77 cron_file: "{{ fp_cron_file_system }}"
78 name: "{{ item.name }}"
79 value: "{{ item.value }}"
80 loop: "{{ fp_cron_var_system }}"
81 tags: fp_cron_var_system
82
83- name: "cron: Configure crontab entries system"
84 ansible.builtin.cron:
85 cron_file: "{{ fp_cron_file_system }}"
86 state: "{{ item.state }}"
87 user: "{{ item.user }}"
88 name: "{{ item.name }}"
89 minute: "{{ item.minute }}"
90 hour: "{{ item.hour }}"
91 day: "{{ item.day }}"
92 month: "{{ item.month }}"
93 weekday: "{{ item.weekday }}"
94 job: "{{ item.command }}"
95 loop: "{{ fp_cron_tab_system }}"
96 loop_control:
97 label: "{{ item.name }}"
98 tags: fp_cron_tab_system
99
100# TODO:
101# /etc/cron.d
102# /usr/local/etc/cron.d
103
104# EOF
105...
debug.yml
Synopsis: Configure debug.
Description of the task.
1---
2
3- name: "FreeBSD postinstall Debug"
4 vars:
5 _fp_qemu_install_varnames: "{{ query('varnames', '^fp_qemu_(.*)install$') }}"
6 _fp_qemu_install_values: "{{ _fp_qemu_install_varnames|map('extract', vars)|list }}"
7 _fp_qemu_install_dict: "{{ dict(_fp_qemu_install_varnames|zip(_fp_qemu_install_values)) }}"
8 msg: |-
9 ansible_architecture: {{ ansible_architecture }}
10 ansible_os_family: {{ ansible_os_family }}
11 ansible_distribution: {{ ansible_distribution }}
12 ansible_distribution_major_version: {{ ansible_distribution_major_version }}
13 ansible_distribution_version: {{ ansible_distribution_version }}
14 ansible_distribution_release: {{ ansible_distribution_release }}
15
16 rc_conf_hostname: {{ rc_conf_hostname }}
17 fp_domain: {{ fp_domain }}
18 aws: {{ aws }}
19 digitalocean: {{ digitalocean }}
20 gcp: {{ gcp }}
21
22 freebsd_install_method: {{ freebsd_install_method }}
23 freebsd_use_packages: {{ freebsd_use_packages|default('UNDEFINED') }}
24 freebsd_install_retries: {{ freebsd_install_retries }}
25 freebsd_install_delay: {{ freebsd_install_delay }}
26
27 fp_install: {{ fp_install }}
28 fp_backup: {{ fp_backup }}
29 fp_sanity: {{ fp_sanity }} fp_sanity_tags_fatal: {{ fp_sanity_tags_fatal }}
30
31 fp_aliases: {{ fp_aliases }}
32 fp_apcupsd: {{ fp_apcupsd }} fp_apcupsd_install: {{ fp_apcupsd_install }} fp_apcupsd_enabled: {{ fp_apcupsd_enabled }}
33 fp_authorized_key: {{ fp_authorized_key }}
34 fp_copy: {{ fp_copy }} fp_unarch_default: {{ fp_unarch_default }} fp_unarch_optional: {{ fp_unarch_optional }}
35 fp_cron: {{ fp_cron }}
36 fp_devfs: {{ fp_devfs }} fp_devfs_enabled: {{ fp_devfs_enabled }}
37 fp_fstab: {{ fp_fstab }}
38 fp_gitserver: {{ fp_gitserver }} fp_gitserver_install: {{ fp_gitserver_install }}
39 fp_groups: {{ fp_groups }}
40 fp_groupwrappers_install: {{ fp_groupwrappers_install }}
41 fp_hostapd: {{ fp_hostapd }} fp_hostapd_install: {{ fp_hostapd_install }} fp_hostapd_enabled: {{ fp_hostapd_enabled }}
42 fp_hostname: {{ fp_hostname }}
43 fp_linux: {{ fp_linux }} fp_linux_install: {{ fp_linux_install }} fp_linux_enable: {{ fp_linux_enable }}
44 fp_loader: {{ fp_loader }} fp_loader_warning: {{ fp_loader_warning }}
45 fp_login: {{ fp_login }} fp_login_conf_global: {{ fp_login_conf_global }}
46 fp_make: {{ fp_make }}
47 fp_motd: {{ fp_motd }}
48 fp_mount_img: {{ fp_mount_img }}
49 fp_mount_iso: {{ fp_mount_iso }}
50 fp_nfs: {{ fp_nfs }} fp_nfs_enable: {{ fp_nfs_enable }}
51 fp_nfsd: {{ fp_nfsd }} fp_nfsd_enable: {{ fp_nfsd_enable }}
52 fp_ntp: {{ fp_ntp }} fp_ntp_enable: {{ fp_ntp_enable }}
53 fp_ntpdate: {{ fp_ntpdate }}
54 fp_passwords: {{ fp_passwords }}
55 fp_periodic: {{ fp_periodic }}
56 fp_procmail: {{ fp_procmail }} fp_procmail_install: {{ fp_procmail_install }}
57 fp_qemu: {{ fp_qemu }} fp_qemu_enabled: {{ fp_qemu_enabled }}{% for k,v in _fp_qemu_install_dict.items() %} {{ k }}: {{ v }}{% endfor %}
58
59 fp_resolvconf: {{ fp_resolvconf }}
60 fp_smartd: {{ fp_smartd }} fp_smartd_install: {{ fp_smartd_install }} fp_smartd_enabled: {{ fp_smartd_enabled }}
61 fp_snmpd: {{ fp_snmpd }} fp_snmpd_install: {{ fp_snmpd_install }} fp_snmpd_enabled: {{ fp_snmpd_enabled }}
62 fp_ssh: {{ fp_ssh }}
63 fp_sshd: {{ fp_sshd }} fp_sshd_enable: {{ fp_sshd_enable }}
64 fp_sudoers: {{ fp_sudoers }}
65 fp_swap: {{ fp_swap }} fp_swap_enable: {{ fp_swap_enable }}
66 fp_sysctl: {{ fp_sysctl }}
67 fp_timezone: {{ fp_timezone }}
68 fp_tmpmfs: {{ fp_tmpmfs }}
69 fp_users: {{ fp_users }}
70 fp_wpasuppliant: {{ fp_wpasupplicant }} fp_wpasuppliant_install: {{ fp_wpasupplicant_install }}
71
72 fp_mountd_enable: {{ fp_mountd_enable }}
73 fp_rpcbind_enable: {{ fp_rpcbind_enable }}
74 fp_rpc_lockd_enable: {{ fp_rpc_lockd_enable }}
75 fp_rpc_statd_enable: {{ fp_rpc_statd_enable }}
76 ansible.builtin.debug:
77 msg: "{{ '{}'.format(msg) }}"
78
79# EOF
80...
devfs.yml
Synopsis: Configure devfs.
Description of the task.
1---
2
3- name: "devfs: Debug (fp_devfs_debug={{ fp_devfs_debug }})"
4 vars:
5 msg: |-
6 fp_devfs_enabled: {{ fp_devfs_enabled }}
7 fp_devfs_load_rulesets: {{ fp_devfs_load_rulesets }}
8 fp_devfs_system_ruleset: {{ fp_devfs_system_ruleset }}
9 fp_devfs_rulesets: {{ fp_devfs_rulesets }}
10 fp_devfs_set_rulesets: {{ fp_devfs_set_rulesets }}
11 fp_devfs_rcconf:
12 {{ fp_devfs_rcconf|to_yaml|indent(2) }}
13 fp_devfs_conf_path: {{ fp_devfs_conf_path }}
14 fp_devfs_conf:
15 {{ fp_devfs_conf|to_yaml|indent(2) }}
16 fp_devfs_rules_path: {{ fp_devfs_rules_path }}
17 fp_devfs_rules_mode: {{ fp_devfs_rules_mode }}
18 fp_devfs_rules:
19 {{ fp_devfs_rules|to_yaml|indent(2) }}
20 ansible.builtin.debug:
21 msg: "{{ '{}'.format(msg) }}"
22 when: fp_devfs_debug|bool
23 tags: fp_devfs_debug
24
25- name: "devfs: Shell: /etc/rc.d/devfs rcvar | grep ^devfs*"
26 ansible.builtin.shell:
27 cmd: >
28 /etc/rc.d/devfs rcvar | grep ^devfs*
29 register: result
30 changed_when: false
31 ignore_errors: true
32 tags: fp_devfs_rcvar
33
34- name: "devfs: Test rcvar for system module"
35 block:
36 - name: "devfs: ERROR no rcvar"
37 ansible.builtin.debug:
38 msg: |
39 [ERROR] unable to determine rcvar. End of play.
40 Variable rcvar is missing in the file /etc/rc.d/devfs
41 Put the following line into the file /etc/rc.d/devfs
42 rcvar="devfs_load_rulesets"
43 - name: "devfs: Block: End of play."
44 ansible.builtin.meta: end_play
45 when:
46 - not ansible_check_mode
47 - result|default({}) is failed
48 tags: fp_devfs_rcvar
49
50- name: "devfs: Debug print rcvar"
51 ansible.builtin.debug:
52 var: result.stdout_lines|default('not defined')
53 when: fp_devfs_debug|bool
54 tags: fp_devfs_rcvar
55
56- name: "devfs: Enable and start devfs"
57 ansible.builtin.lineinfile:
58 dest: /etc/rc.conf
59 regexp: '^\s*devfs_load_rulesets\s*=(.*)$'
60 line: 'devfs_load_rulesets="YES"'
61 backup: "{{ fp_backup }}"
62 notify: enable and start devfs
63 when: fp_devfs_enabled|bool
64 tags: fp_devfs_rcconf
65
66- name: "devfs: Disable and stop devfs"
67 ansible.builtin.lineinfile:
68 dest: /etc/rc.conf
69 regexp: '^\s*devfs_load_rulesets\s*=(.*)$'
70 line: 'devfs_load_rulesets="NO"'
71 backup: "{{ fp_backup }}"
72 notify: disable and stop devfs
73 when: not fp_devfs_enabled|bool
74 tags: fp_devfs_rcconf
75
76- name: "devfs: Configure devfs in /etc/rc.conf"
77 ansible.builtin.lineinfile:
78 dest: /etc/rc.conf
79 regexp: '^\s*{{ item.key }}\s*=(.*)$'
80 line: '{{ item.key }}="{{ item.value }}"'
81 backup: "{{ fp_backup }}"
82 loop: "{{ fp_devfs_rcconf }}"
83 notify: restart devfs
84 tags: fp_devfs_rcconf
85
86- name: "devfs: Configure {{ fp_devfs_conf_path }}"
87 ansible.builtin.lineinfile:
88 dest: "{{ fp_devfs_conf_path }}"
89 regexp: '^\s*{{ item.action }}\s+{{ item.devname }}\s+{{ item.arg }}'
90 line: "{{ item.action }} {{ item.devname }} {{ item.arg }}"
91 backup: "{{ fp_backup }}"
92 loop: "{{ fp_devfs_conf }}"
93 notify: restart devfs
94 tags: fp_devfs_conf
95
96- name: "devfs: Configure {{ fp_devfs_rules_path }}"
97 community.general.ini_file:
98 path: "{{ fp_devfs_rules_path }}"
99 create: true
100 mode: "{{ fp_devfs_rules_mode }}"
101 allow_no_value: true
102 owner: "{{ fp_devfs_owner }}"
103 group: "{{ fp_devfs_group }}"
104 section: "{{ item.section }}"
105 option: "{{ item.option }}"
106 value: "{{ item.value|default(omit) }}"
107 state: "{{ item.state|(default('present') }}"
108 backup: "{{ fp_backup }}"
109 loop: "{{ fp_devfs_rules }}"
110 notify: restart devfs
111 tags: fp_devfs_rules
112
113# EOF
114...
dhclient.yml
Synopsis: Configure dhclient.
Description of the task.
1---
2
3- name: "dhclient: Debug (fp_dhclient_debug={{ fp_dhclient_debug }})"
4 vars:
5 msg: |-
6 fp_dhclient_ifn: {{ fp_dhclient_ifn }}
7 fp_dhclient_ifn_rcconf: {{ fp_dhclient_ifn_rcconf }}
8 fp_dhclient_ifn_leases: {{ fp_dhclient_ifn_leases }}
9 fp_dhclient_sanity: {{ fp_dhclient_sanity }}
10 fp_dhclient_conf_path: {{ fp_dhclient_conf_path }}
11
12 fp_dhclient_conf_defaults:
13 {{ fp_dhclient_conf_defaults|to_yaml|indent(2) }}
14 fp_dhclient_conf_blocks:
15 {{ fp_dhclient_conf_blocks|to_nice_yaml|indent(2) }}
16 ansible.builtin.debug:
17 msg: "{{ '{}'.format(msg) }}"
18 when: fp_dhclient_debug|bool
19 tags: fp_dhclient_debug
20
21- name: "dhclient: Sanity"
22 block:
23 - name: "dhclient: Sanity: List fp_dhclient_ifn empty"
24 ansible.builtin.assert:
25 that: (fp_dhclient_ifn|length == 0)|
26 ternary(fp_dhclient_ifn_rcconf != fp_dhclient_ifn_leases, true)
27 fail_msg: |-
28 The list of interfaces fp_dhclient_ifn is empty. Either
29 fp_dhclient_ifn_rcconf or fp_dhclient_ifn_leases must be True,
30 but not both.
31 - name: "dhclient: Sanity: List fp_dhclient_ifn not empty"
32 ansible.builtin.assert:
33 that: (fp_dhclient_ifn|length > 0)|
34 ternary(not(fp_dhclient_ifn_rcconf or fp_dhclient_ifn_leases), true)
35 fail_msg: |-
36 The list of interfaces fp_dhclient_ifn is not empty. Both
37 fp_dhclient_ifn_rcconf and fp_dhclient_ifn_leases must be
38 False.
39 when: fp_dhclient_sanity|bool
40 tags: fp_dhclient_sanity
41
42- name: Get interfaces from /var/db/dhclient.leases.*
43 block:
44 - name: "dhclient: Get interfaces /var/db/dhclient.leases.*"
45 ansible.builtin.shell:
46 cmd: ls -1 /var/db/dhclient* | rev | cut -d . -f 1 | rev
47 register: result
48 changed_when: false
49 - name: "dhclient: Debug interfaces /var/db/dhclient.leases.*"
50 ansible.builtin.debug:
51 var: result.stdout_lines
52 when: fp_dhclient_debug|bool
53 - name: "dhclient: Get status of dhclients"
54 ansible.builtin.command:
55 cmd: "/etc/rc.d/dhclient status {{ item }}"
56 register: result
57 failed_when: false
58 changed_when: false
59 loop: "{{ result.stdout_lines }}"
60 - name: "dhclient: Set fp_dhclient_ifn"
61 ansible.builtin.set_fact:
62 fp_dhclient_ifn: "{{ result.results|
63 rejectattr('rc', 'gt', 0)|
64 map(attribute='item')|list }}"
65 - name: "dhclient: Debug fp_dhclient_ifn"
66 ansible.builtin.debug:
67 var: fp_dhclient_ifn
68 when: fp_dhclient_debug|bool
69 when: fp_dhclient_ifn_leases|bool
70 tags: fp_dhclient_ifn_leases
71
72- name: Get interfaces from /etc/rc.conf
73 block:
74 - name: "dhclient: Get interfaces from /etc/rc.conf"
75 ansible.builtin.command:
76 cmd: grep '^ifconfig_.*$' /etc/rc.conf
77 register: result
78 changed_when: false
79 - name: "dhclient: Debug interfaces from /etc/rc.conf"
80 ansible.builtin.debug:
81 var: result.stdout_lines
82 when: fp_dhclient_debug|bool
83 - name: "dhclient: Set fp_dhclient_ifn"
84 ansible.builtin.set_fact:
85 fp_dhclient_ifn: "{{ _keys }}"
86 vars:
87 _regex: '^ifconfig_.*\s*=.*DHCP.*$'
88 _arr: "{{ result.stdout_lines|
89 select('match', _regex)|
90 map('split', '=')|list }}"
91 _keys: "{{ _arr|
92 map(attribute=0)|
93 map('split', '_')|
94 map(attribute=1)|list }}"
95 - name: "dhclient: Debug fp_dhclient_ifn"
96 ansible.builtin.debug:
97 var: fp_dhclient_ifn
98 when: fp_dhclient_debug|bool
99 when: fp_dhclient_ifn_rcconf|bool
100 tags: fp_dhclient_ifn_rcconf
101
102- name: "dhclient: Create {{ fp_dhclient_conf_path }}"
103 ansible.builtin.file:
104 path: "{{ fp_dhclient_conf_path }}"
105 owner: root
106 group: wheel
107 mode: '0644'
108 tags: fp_dhclient_conf_create
109
110- name: "dhclient: Configure defaults in {{ fp_dhclient_conf_path }}"
111 ansible.builtin.lineinfile:
112 dest: "{{ fp_dhclient_conf_path }}"
113 insertbefore: BOF
114 regexp: '{{ item.key }}\s+(.*)$'
115 line: '{{ item.key }} {{ item.value }};'
116 backup: "{{ fp_backup }}"
117 loop: "{{ fp_dhclient_conf_defaults }}"
118 notify: restart dhclient all
119 tags: fp_dhclient_conf_defaults
120
121- name: "dhclient: Configure blocks in {{ fp_dhclient_conf_path }}"
122 ansible.builtin.blockinfile:
123 dest: "{{ fp_dhclient_conf_path }}"
124 insertafter: EOF
125 marker: "# {mark} {{ item.type }} {{ item.ifn }}"
126 block: "{{ item.block }}"
127 backup: "{{ fp_backup }}"
128 register: fp_dhclient_conf_changes
129 loop: "{{ fp_dhclient_conf_blocks }}"
130 loop_control:
131 label: "{{ item.type }} {{ item.ifn }}"
132 notify: restart dhclient blocks
133 tags: fp_dhclient_conf_blocks
134
135- name: "dhclient: Debug changed interfaces to be restarted"
136 ansible.builtin.debug:
137 msg: "{{ fp_dhclient_conf_changes.results|
138 selectattr('changed')|
139 map(attribute='item.ifn')|
140 unique }}"
141 when: fp_dhclient_debug|bool
142 tags: fp_dhclient_conf_blocks
143
144# EOF
145...
fstab.yml
Synopsis: Configure fstab.
Description of the task.
1---
2
3- name: "fstab: Configure fstab entries"
4 ansible.posix.mount:
5 name: "{{ item.name }}"
6 src: "{{ item.src }}"
7 fstype: "{{ item.fstype }}"
8 opts: "{{ item.opts }}"
9 dump: "{{ item.dump|default('0') }}"
10 passno: "{{ item.passno|default('0') }}"
11 state: "{{ item.state|default('mounted') }}"
12 backup: "{{ fp_backup }}"
13 loop: "{{ fp_fstab_entries }}"
14
15# EOF
16...
gitserver.yml
Synopsis: Configure gitserver.
Description of the task.
1---
2
3- name: "gitserver: Add {{ fp_gitserver_group }} group"
4 ansible.builtin.group:
5 name: "{{ fp_gitserver_group }}"
6 gid: "{{ fp_gitserver_group_gid|default(omit) }}"
7 tags: fp_gitserver_group
8
9- name: "gitserver: Add {{ fp_gitserver_owner }} user"
10 ansible.builtin.user:
11 name: "{{ fp_gitserver_owner }}"
12 uid: "{{ fp_gitserver_owner_uid|default(omit) }}"
13 shell: "{{ fp_gitserver_owner_shell|default(omit) }}"
14 home: "{{ fp_gitserver_owner_home|default(omit) }}"
15 tags: fp_gitserver_owner
16
17- name: "gitserver: Add user {{ fp_gitserver_owner }} to {{ fp_gitserver_group }} group"
18 ansible.builtin.user:
19 name: "{{ fp_gitserver_owner }}"
20 groups: "{{ fp_gitserver_group }}"
21 tags: fp_gitserver_owner
22
23- name: "gitserver: Set ownership and permissions of {{ fp_gitserver_dir }}"
24 ansible.builtin.file:
25 state: directory
26 path: "{{ fp_gitserver_dir }}"
27 owner: "{{ fp_gitserver_owner }}"
28 group: "{{ fp_gitserver_group }}"
29 mode: "{{ fp_gitserver_dir_mode }}"
30 tags: fp_gitserver_dir
31
32# TODO: How do I Setup up a Multi-User Git Server
33# https://forums.freebsd.org/threads/how-do-i-setup-up-a-multi-user-git-server.50969/
34
35# EOF
36...
groups.yml
Synopsis: Configure groups.
Description of the task.
1---
2
3- name: "groups: Debug (fp_groups_debug={{ fp_groups_debug }})"
4 vars:
5 msg: |-
6 fp_groups_conf:
7 {{ fp_groups_conf|to_nice_yaml|indent(2) }}
8 ansible.builtin.debug:
9 msg: "{{ '{}'.format(msg) }}"
10 when: fp_groups_debug|bool
11 tags: fp_groups_debug
12
13- name: "groups: Manage groups"
14 ansible.builtin.group:
15 name: "{{ item.name }}"
16 gid: "{{ item.gid|default(omit) }}"
17 local: "{{ item.local|default(omit) }}"
18 state: "{{ item.state|default(omit) }}"
19 system: "{{ item.system|default(omit) }}"
20 loop: "{{ fp_groups_conf }}"
21 tags: fp_groups_conf
22
23# EOF
24...
groupwrappers.yml
Synopsis: Configure groupwrappers.
Description of the task.
1---
2
3# Ansible module users needs utilities groupadd, groupdel, groupmod. There are
4# no such utililities in BSD. Let us create them.
5
6- name: "groupwrappers: Create directory for wrappers {{ fp_groupwrappers_dir }}"
7 ansible.builtin.file:
8 state: directory
9 path: "{{ fp_groupwrappers_dir }}"
10 mode: "{{ fp_groupwrappers_dir_mode }}"
11 owner: "{{ fp_groupwrappers_owner }}"
12 group: "{{ fp_groupwrappers_group }}"
13 tags: fp_groupwrappers_dir
14
15- name: "groupwrappers: Create groupadd wrapper in {{ fp_groupwrappers_dir }}"
16 ansible.builtin.template:
17 src: "groupadd.j2"
18 dest: "{{ fp_groupwrappers_dir }}/groupadd"
19 owner: "{{ fp_groupwrappers_owner }}"
20 group: "{{ fp_groupwrappers_group }}"
21 mode: "{{ fp_groupwrappers_mode }}"
22 backup: "{{ fp_backup }}"
23 tags: fp_groupwrappers_groupadd
24
25- name: "groupwrappers: Create groupdel wrapper in {{ fp_groupwrappers_dir }}"
26 ansible.builtin.template:
27 src: "groupdel.j2"
28 dest: "{{ fp_groupwrappers_dir }}/groupdel"
29 owner: "{{ fp_groupwrappers_owner }}"
30 group: "{{ fp_groupwrappers_group }}"
31 mode: "{{ fp_groupwrappers_mode }}"
32 backup: "{{ fp_backup }}"
33 tags: fp_groupwrappers_groupdel
34
35- name: "groupwrappers: Create groupmod wrapper in {{ fp_groupwrappers_dir }}"
36 ansible.builtin.template:
37 src: "groupmod.j2"
38 dest: "{{ fp_groupwrappers_dir }}/groupmod"
39 owner: "{{ fp_groupwrappers_owner }}"
40 group: "{{ fp_groupwrappers_group }}"
41 mode: "{{ fp_groupwrappers_mode }}"
42 backup: "{{ fp_backup }}"
43 tags: fp_groupwrappers_groupmod
44
45# EOF
46...
hostapd.yml
Synopsis: Configure hostapd.
Description of the task.
1---
2
3- name: "hostapd: Enable and start hostapd"
4 ansible.builtin.lineinfile:
5 dest: /etc/rc.conf
6 regexp: '^\s*hostapd_enable\s*=(.*)$'
7 line: 'hostapd_enable="YES"'
8 backup: "{{ fp_backup }}"
9 notify: enable and start hostapd
10 when: fp_hostapd_enabled|bool
11 tags: fp_hostapd_rcconf
12
13- name: "hostapd: Disable and stop hostapd"
14 ansible.builtin.lineinfile:
15 dest: /etc/rc.conf
16 regexp: '^\s*hostapd_enable\s*=(.*)$'
17 line: 'hostapd_enable="NO"'
18 backup: "{{ fp_backup }}"
19 notify: disable and stop hostapd
20 when: not fp_hostapd_enabled|bool
21 tags: fp_hostapd_rcconf
22
23- name: "hostapd: Configure interface for hostapd"
24 ansible.builtin.lineinfile:
25 dest: /etc/rc.conf
26 regexp: '^\s*{{ item.key }}\s*=(.*)$'
27 line: '{{ item.key }}="{{ item.value }}"'
28 backup: "{{ fp_backup }}"
29 loop: "{{ fp_hostapd_rcconf }}"
30 notify: restart hostapd
31 tags: fp_hostapd_rcconf
32
33- name: "hostapd: Configure {{ fp_hostapd_conf_file }}"
34 ansible.builtin.template:
35 src: "{{ fp_hostapd_conf_template }}"
36 dest: "{{ fp_hostapd_conf_file }}"
37 owner: "{{ fp_hostapd_conf_owner }}"
38 group: "{{ fp_hostapd_conf_group }}"
39 mode: "{{ fp_hostapd_conf_mode }}"
40 backup: "{{ fp_backup }}"
41 notify: restart hostapd
42 tags: fp_hostapd_conf
43
44# EOF
45...
hostname.yml
Synopsis: Configure hostname.
Description of the task.
1---
2
3- name: "hostname: Configure hostname in /etc/rc.conf"
4 ansible.builtin.lineinfile:
5 dest: /etc/rc.conf
6 regexp: '^\s*{{ item.key }}\s*=(.*)$'
7 line: '{{ item.key }}="{{ item.value }}"'
8 backup: "{{ fp_backup }}"
9 loop: "{{ fp_hostname_rcconf }}"
10 notify: set hostname
11
12# EOF
13...
hosts.yml
Synopsis: Configure hosts.
Description of the task.
1---
2
3- name: "hosts: Debug (fp_hosts_debug={{ fp_hosts_debug }})"
4 vars:
5 msg: |-
6 fp_hosts_sanity: {{ fp_hosts_sanity }}
7 fp_hosts_conf_file: {{ fp_hosts_conf_file }}
8 fp_hosts_conf_template: {{ fp_hosts_conf_template }}
9 fp_hosts_localhost_ipv4: {{ fp_hosts_localhost_ipv4 }}
10 fp_hosts_localhost_ipv6: {{ fp_hosts_localhost_ipv6 }}
11 fp_hosts_conf:
12 {{ fp_hosts_conf|to_yaml|indent(2) }}
13 ansible.builtin.debug:
14 msg: "{{ '{}'.format(msg) }}"
15 when: fp_hosts_debug|bool
16 tags: fp_hosts_debug
17
18- name: "Sanity"
19 block:
20 - name: "hosts: Sanity valid IP"
21 ansible.builtin.fail:
22 msg: "[ERROR] Invalid IP address"
23 when: (fp_hosts_conf|map(attribute='ip')|map('ipaddr')) is not all
24 - name: "hosts: Sanity unique FQDN"
25 ansible.builtin.fail:
26 msg: "[ERROR] FQDN not unique"
27 vars:
28 no_records: "{{ fp_hosts_conf|length }}"
29 no_hosts: "{{ fp_hosts_conf|map(attribute='fqdn')|list|unique|length }}"
30 when: no_records != no_hosts
31 when: fp_hosts_sanity|bool
32 tags: fp_hosts_sanity
33
34- name: "hosts: Configure hosts in {{ fp_hosts_conf_file }}"
35 ansible.builtin.template:
36 src: "{{ fp_hosts_conf_template }}"
37 dest: "{{ fp_hosts_conf_file }}"
38 owner: root
39 group: wheel
40 mode: "0644"
41 backup: "{{ fp_backup }}"
42 tags: fp_hosts_conf
43
44# EOF
45...
libmap.yml
Synopsis: Configure libmap.
Description of the task.
1---
2
3- name: "libmap: Configure {{ fp_libmap_conf_file }}"
4 ansible.builtin.lineinfile:
5 dest: "{{ fp_libmap_conf_file }}"
6 regexp: '^\s*{{ item.origin }}\s+(.*)$'
7 line: "{{ item.origin }} {{ item.target }}"
8 backup: "{{ fp_backup }}"
9 loop: "{{ fp_libmap_entries }}"
10
11# TODO: includedir /usr/local/etc/libmap.d
12
13# EOF
14...
linux.yml
Synopsis: Configure linux.
Description of the task.
1---
2
3- name: "linux: Debug (fp_linux_debug={{ fp_linux_debug }})"
4 vars:
5 msg: |-
6 fp_linux_install: {{ fp_linux_install }}
7 fp_linux_enable: {{ fp_linux_enable }}
8 fp_linux_fstab:
9 {{ fp_linux_fstab|to_yaml|indent(2) }}
10 fp_linux_lib_dir: {{ fp_linux_lib_dir }}
11 fp_linux_lib:
12 {{ fp_linux_lib|to_yaml|indent(2) }}
13 ansible.builtin.debug:
14 msg: "{{ '{}'.format(msg) }}"
15 when: fp_linux_debug|bool
16 tags: fp_linux_debug
17
18- name: "linux: Enable linux"
19 ansible.builtin.lineinfile:
20 dest: /etc/rc.conf
21 regexp: '^\s*linux_enable\s*=(.*)$'
22 line: 'linux_enable="YES"'
23 backup: "{{ fp_backup }}"
24 when: fp_linux_enable|bool
25 tags: fp_linux_rcconf
26
27- name: "linux: Disable linux"
28 ansible.builtin.lineinfile:
29 dest: /etc/rc.conf
30 regexp: '^\s*linux_enable\s*=(.*)$'
31 line: 'linux_enable="NO"'
32 backup: "{{ fp_backup }}"
33 when: not fp_linux_enable|bool
34 tags: fp_linux_rcconf
35
36- name: "linux: Configure fstab"
37 ansible.posix.mount:
38 name: "{{ item.name }}"
39 src: "{{ item.src }}"
40 fstype: "{{ item.fstype }}"
41 opts: "{{ item.opts }}"
42 state: mounted
43 loop: "{{ fp_linux_fstab }}"
44 tags: fp_linux_fstab
45
46- name: "linux: Create dirs for libraries"
47 ansible.builtin.file:
48 state: directory
49 path: "/compat/linux{{ item.src|dirname }}"
50 mode: "{{ item.dirmode|default('0755') }}"
51 loop: "{{ fp_linux_lib }}"
52 tags: fp_linux_lib_dir
53
54- name: "linux: Copy libraries from {{ fp_linux_lib_dir }} to /compat/linux"
55 ansible.builtin.copy:
56 src: "{{ fp_linux_lib_dir }}{{ item.src }}"
57 dest: "/compat/linux{{ item.src }}"
58 mode: preserve
59 loop: "{{ fp_linux_lib }}"
60 tags: fp_linux_lib_copy
61
62- name: "linux: Link libraries"
63 ansible.builtin.file:
64 state: link
65 src: "/compat/linux{{ item.src }}"
66 dest: "/compat/linux{{ item.link }}"
67 loop: "{{ fp_linux_lib }}"
68 tags: fp_linux_lib_link
69
70# EOF
71...
loader.yml
Synopsis: Configure loader.
Description of the task.
1---
2
3- name: "loader: Debug (fp_loader_debug={{ fp_loader_debug }})"
4 vars:
5 msg: |-
6 fp_loader_warning: {{ fp_loader_warning }}
7 fp_loader_conf_template_enable: {{ fp_loader_conf_template_enable }}
8 fp_loader_load_modules: {{ fp_loader_load_modules }}
9 fp_loader_conf_file: {{ fp_loader_conf_file }}
10 fp_loader_conf_template: {{ fp_loader_conf_template }}
11 fp_loader_conf:
12 {{ fp_loader_conf|to_yaml|indent(2) }}
13 fp_loader_conf_modules:
14 {{ fp_loader_conf_modules|to_yaml|indent(2) }}
15 fp_sysctl_conf:
16 {{ fp_sysctl_conf|to_yaml|indent(2) }}
17 ansible.builtin.debug:
18 msg: "{{ '{}'.format(msg) }}"
19 when: fp_loader_debug|bool
20 tags: fp_loader_debug
21
22- name: "loader: Register sysctl variables that are settable via loader"
23 ansible.builtin.command:
24 cmd: sysctl -aNT
25 register: tmp_loader_vars
26 changed_when: false
27
28- name: "loader: Create empty list fp_sysctl_loader_conf"
29 ansible.builtin.set_fact:
30 fp_sysctl_loader_conf: []
31
32- name: "loader: [WARNING] does not report changes in check mode because of empty tmp_loader_vars"
33 ansible.builtin.debug:
34 msg: "[WARNING] Next task does not report changes in check mode because of empty tmp_loader_vars"
35 when:
36 - ansible_check_mode|bool
37 - fp_loader_warning|bool
38 - fp_loader_debug|bool
39
40- name: "loader: Add items to fp_sysctl_loader_conf"
41 ansible.builtin.set_fact:
42 fp_sysctl_loader_conf: "{{ fp_sysctl_loader_conf + [item.name ~ '=' ~ item.value, ] }}"
43 loop: "{{ fp_sysctl_conf }}"
44 when:
45 - tmp_loader_vars.stdout_lines|default([])|length > 0
46 - item.name in tmp_loader_vars.stdout_lines
47
48- name: "loader: Debug fp_sysctl_loader_conf"
49 ansible.builtin.debug:
50 var: fp_sysctl_loader_conf|to_yaml
51 when: fp_loader_debug|bool
52
53- name: "loader: [WARNING] does not report changes in check mode because of empty fp_sysctl_loader_conf"
54 ansible.builtin.debug:
55 msg: "[WARNING] Next task does not report changes in check mode because of empty fp_sysctl_loader_conf"
56 when:
57 - ansible_check_mode|bool
58 - fp_loader_warning|bool
59 - fp_loader_debug|bool
60
61- name: "loader: Configure {{ fp_loader_conf_file }} from template {{ fp_loader_conf_template }}"
62 ansible.builtin.template:
63 src: "{{ fp_loader_conf_template }}"
64 dest: "{{ fp_loader_conf_file }}"
65 owner: root
66 group: wheel
67 mode: "0644"
68 backup: "{{ fp_backup }}"
69 when:
70 - not ansible_check_mode|bool
71 - fp_loader_conf_template_enable|bool
72 notify: loader message reboot
73
74- name: "loader: Load modules"
75 ansible.builtin.shell:
76 cmd: >
77 kldstat -q -n {{ item }} || kldload -n {{ item }}
78 loop: "{{ fp_loader_conf_modules }}"
79 changed_when: false
80 when: fp_loader_load_modules|bool
81
82# EOF
83...
login.yml
Synopsis: Configure login.
Description of the task.
1---
2
3- name: "login: Create {{ fp_login_conf_file }}"
4 ansible.builtin.template:
5 src: "{{ fp_login_conf_template }}"
6 dest: "{{ fp_login_conf_file }}"
7 owner: root
8 group: wheel
9 mode: "0644"
10 backup: "{{ fp_backup }}"
11 notify: rebuild login_conf
12 when: fp_login_conf_global|bool
13
14- name: "login: Create local .login_conf"
15 ansible.builtin.template:
16 src: "{{ fp_login_conf_template_local }}"
17 dest: "/home/{{ item.user }}/.login_conf"
18 owner: "{{ item.user }}"
19 group: "{{ item.group|default(item.user) }}"
20 mode: "0644"
21 backup: "{{ fp_backup }}"
22 loop: "{{ fp_login_conf_local }}"
23 loop_control:
24 label: "{{ item.user }}"
25
26# EOF
27...
make.yml
Synopsis: Configure make.
Description of the task.
1---
2
3- name: "make: Debug (fp_make_debug={{ fp_make_debug }})"
4 vars:
5 msg: |-
6 fp_make_conf_template: {{ fp_make_conf_template }}
7 fp_make_conf_file: {{ fp_make_conf_file }}
8 fp_make_conf_owner: {{ fp_make_conf_owner }}
9 fp_make_conf_group: {{ fp_make_conf_group }}
10 fp_make_conf_mode: {{ fp_make_conf_mode }}
11 fp_make_conf:
12 {{ fp_make_conf|to_nice_yaml|indent(2) }}
13 ansible.builtin.debug:
14 msg: "{{ '{}'.format(msg) }}"
15 when: fp_make_debug|bool
16 tags: fp_make_debug
17
18- name: "make: Configure {{ fp_make_conf_file }}"
19 ansible.builtin.template:
20 src: "{{ fp_make_conf_template }}"
21 dest: "{{ fp_make_conf_file }}"
22 owner: "{{ fp_make_conf_owner }}"
23 group: "{{ fp_make_conf_group }}"
24 mode: "{{ fp_make_conf_mode }}"
25 backup: "{{ fp_backup }}"
26 tags: fp_make_conf
27
28# EOF
29...
motd.yml
Synopsis: Configure motd.
Description of the task.
1---
2
3- name: "motd: Configure /etc/motd"
4 ansible.builtin.template:
5 src: "{{ fp_motd_conf_template }}"
6 dest: "{{ fp_motd_conf_file }}"
7 mode: "{{ fp_motd_conf_mode }}"
8 backup: "{{ fp_backup }}"
9 tags: fp_motd_create
10
11- name: "motd: Set update_motd YES"
12 ansible.builtin.lineinfile:
13 dest: /etc/rc.conf
14 regexp: '^\s*update_motd\s*=(.*)$'
15 line: 'update_motd="YES"'
16 backup: "{{ fp_backup }}"
17 when: fp_update_motd|bool
18 tags: fp_motd_rcconf
19
20- name: "motd: Set update_motd NO"
21 ansible.builtin.lineinfile:
22 dest: /etc/rc.conf
23 regexp: '^\s*update_motd\s*=(.*)$'
24 line: 'update_motd="NO"'
25 backup: "{{ fp_backup }}"
26 when: not fp_update_motd|bool
27 tags: fp_motd_rcconf
28
29# NOTES
30# By default system info is added to the top of /etc/motd on reboot.
31# Set fp_update_motd=False to disable this update.
32
33# EOF
34...
mount-img.yml
Synopsis: Configure mount-img.
Description of the task.
1---
2
3- name: "mount-img: Debug (fp_mount_img_debug={{ fp_mount_img_debug }})"
4 vars:
5 msg: |-
6 fp_mount_img_points_create: {{ fp_mount_img_points_create }}
7 fp_mount_img_entries:
8 {{ fp_mount_img_entries|to_nice_yaml|indent(2) }}
9 ansible.builtin.debug:
10 msg: "{{ '{}'.format(msg) }}"
11 when: fp_mount_img_debug|bool
12 tags: fp_mount_img_debug
13
14- name: "mount-img: Set variables"
15 ansible.builtin.set_fact:
16 _fp_mount_task: img
17 _fp_mount_fstype_default: ufs
18 _fp_mount_points_create: "{{ fp_mount_img_points_create }}"
19 _fp_mount_entries: "{{ fp_mount_img_entries }}"
20 _fp_mount_debug: "{{ fp_mount_img_debug }}"
21
22- name: "mount-iso: Import mount-vnode.yml"
23 ansible.builtin.import_tasks: mount-vnode.yml
24
25# EOF
26...
mount-iso.yml
Synopsis: Configure mount-iso.
Description of the task.
1---
2
3- name: "mount-iso: Debug (fp_mount_iso_debug={{ fp_mount_iso_debug }})"
4 vars:
5 msg: |-
6 fp_mount_iso_points_create: {{ fp_mount_iso_points_create }}
7 fp_mount_iso_entries:
8 {{ fp_mount_iso_entries|to_nice_yaml|indent(2) }}
9 ansible.builtin.debug:
10 msg: "{{ '{}'.format(msg) }}"
11 when: fp_mount_iso_debug|bool
12 tags: fp_mount_iso_debug
13
14- name: "mount-iso: Set variables"
15 ansible.builtin.set_fact:
16 _fp_mount_task: iso
17 _fp_mount_fstype_default: cd9660
18 _fp_mount_points_create: "{{ fp_mount_iso_points_create }}"
19 _fp_mount_entries: "{{ fp_mount_iso_entries }}"
20 _fp_mount_debug: "{{ fp_mount_iso_debug }}"
21
22- name: "mount-iso: Import mount-vnode.yml"
23 ansible.builtin.import_tasks: mount-vnode.yml
24
25# EOF
26...
mount-vnode.yml
Synopsis: Configure mount-vnode.
Description of the task.
1---
2
3- name: "mount-{{ _fp_mount_task }}: Debug (fp_mount_vnode_debug={{ fp_mount_vnode_debug }})"
4 vars:
5 msg: |-
6 _fp_mount_task: {{ _fp_mount_task }}
7 _fp_mount_fstype_default: {{ _fp_mount_fstype_default }}
8 _fp_mount_points_create: {{ _fp_mount_points_create }}
9 _fp_mount_entries:
10 {{ _fp_mount_entries|to_nice_yaml|indent(2) }}
11 ansible.builtin.debug:
12 msg: "{{ '{}'.format(msg) }}"
13 when: fp_mount_vnode_debug|default(false)|bool
14
15# mounted - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
16- name: "mount-{{ _fp_mount_task }}: Create mount points"
17 ansible.builtin.file:
18 state: directory
19 path: "{{ item.mount }}"
20 mode: "{{ item.dirmode|default('0755') }}"
21 loop: "{{ fp_mount_entries }}"
22 when:
23 - _fp_mount_points_create|bool # Note 2.
24 - item.state|default("mounted") == "mounted"
25
26- name: "mount-{{ _fp_mount_task }}: Attach memory disks"
27 ansible.builtin.include_tasks:
28 file: fn/mdconfig-attach-disk.yml
29 loop: "{{ _fp_mount_entries }}"
30 when: item.state|default("mounted") == "mounted"
31
32- name: "mount-{{ _fp_mount_task }}: Debug attach memory disks"
33 ansible.builtin.debug:
34 var: al_mdconfig_devs
35 when: _fp_mount_debug|bool
36
37# TODO: Sanity al_mdconfig_devs[_vnode] is defined; not in check-mode
38
39- name: "mount-{{ _fp_mount_task }}: Mount"
40 ansible.posix.mount:
41 src: "/dev/md{{ al_mdconfig_devs[_vnode]['unit'] }}{{ item.partition|default('') }}"
42 path: "{{ item.mount }}" # Note 2.
43 fstype: "{{ item.fstype|default(_fp_mount_fstype_default) }}"
44 state: mounted
45 fstab: /tmp/tmp.fstab # Note 1.
46 loop: "{{ _fp_mount_entries }}"
47 register: result
48 when:
49 - al_mdconfig_devs[_vnode] is defined
50 - item.state|default("mounted") == "mounted"
51 vars:
52 _vnode: "{{ item[_fp_mount_task] }}"
53
54- name: "mount-{{ _fp_mount_task }}: Debug mount"
55 ansible.builtin.debug:
56 var: result
57 when: _fp_mount_debug|bool
58
59# unmounted - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
60- name: "mount-{{ _fp_mount_task }}: Unmount"
61 ansible.posix.mount:
62 path: "{{ item.mount }}" # Note 2.
63 state: unmounted
64 fstab: /tmp/tmp.fstab # Note 1.
65 loop: "{{ _fp_mount_entries }}"
66 register: result
67 when: item.state|default("mounted") == "unmounted"
68
69- name: "mount-{{ _fp_mount_task }}: Debug unmount"
70 ansible.builtin.debug:
71 var: result
72 when: _fp_mount_debug|bool
73
74- name: "mount-{{ _fp_mount_task }}: Detach memory disks"
75 ansible.builtin.include_tasks:
76 file: fn/mdconfig-detach-disk.yml
77 loop: "{{ _fp_mount_entries }}"
78 when: item.state|default("mounted") == "unmounted"
79
80- name: "mount-{{ _fp_mount_task }}: Debug detach memory disks"
81 ansible.builtin.debug:
82 var: al_mdconfig_devs
83 when: _fp_mount_debug|bool
84
85# NOTES
86# Note 1: It's not possible to mount a device without touching fstab. Temporary fstab is a
87# workaround.
88# https://github.com/ansible-collections/ansible.posix/issues/84#issuecomment-742420345
89# Note 2: Ansible module *mount* will create/remove non-existent mountpoint
90
91# TODO: Permanent mount entry in fstab
92# state: present, absent (See ansible.posix.mount parameter *state*)
93# See /etc/rc.d/mdconfig2
94# Ex: mdconfig_md0="-t vnode -f /usr/local/data/vdisks/devltd.net"
95# https://forums.freebsd.org/threads/mounting-vnode-backed-memory-disks-at-startup.21002/
96
97# EOF
98...
nfsd.yml
Synopsis: Configure NFS server.
To display variables (3) enable fp_nfsd_debug=true (51). Collect
status of the services (55) stored in the list
fp_nfsd_service_paths. The module service_facts doesn’t work
in FreeBSD. Instead, use the task al_bsd_service_facts (58) from
the library (57). This task doesn’t support the check mode. This
task will return the dictionary
al_ansible_facts_services. Display this dictionary (66). This
dictionary is used to select the handlers in the dictionary
fp_nfsd_handlers. Display the dictionary fp_nfsd_handlers
(72). The defaults are used in check mode because of empty
dictionary al_ansible_facts_services. Configure /etc/exports
(78) and notify handler reload mountd. Configure and enable
(86), or disable (115) services. If the configuration of a service
changes the service will be reloaded or restarted when already
running.
1---
2
3- name: "nfsd: Debug (fp_nfsd_debug={{ fp_nfsd_debug }})"
4 vars:
5 msg: |-
6 fp_nfsd_exports:
7 {{ fp_nfsd_exports|to_yaml|indent(2) }}
8 fp_nfsd_enable: {{ fp_nfsd_enable }}
9 fp_nfs_server_flags: {{ fp_nfs_server_flags }}
10 fp_nfs_server_managegids: {{ fp_nfs_server_managegids }}
11 fp_nfs_reserved_port_only: {{ fp_nfs_reserved_port_only }}
12 fp_nfs_bufpackets: {{ fp_nfs_bufpackets }}
13 fp_weak_mountd_authentication: {{ fp_weak_mountd_authentication }}
14 fp_nfsv4_server_enable: {{ fp_nfsv4_server_enable }}
15 fp_nfscbd_enable: {{ fp_nfscbd_enable }}
16 fp_nfscbd_flags: {{ fp_nfscbd_flags }}
17 fp_nfsuserd_enable: {{ fp_nfsuserd_enable }}
18 fp_nfsuserd_flags: {{ fp_nfsuserd_flags }}
19 fp_nfsd_enable_rcconf:
20 {{ fp_nfsd_enable_rcconf|to_yaml|indent(2) }}
21 fp_nfsd_disable_rcconf:
22 {{ fp_nfsd_disable_rcconf|to_yaml|indent(2) }}
23 fp_mountd_enable: {{ fp_mountd_enable }}
24 fp_mountd_flags: {{ fp_mountd_flags }}
25 fp_mountd_enable_rcconf:
26 {{ fp_mountd_enable_rcconf|to_yaml|indent(2) }}
27 fp_mountd_disable_rcconf:
28 {{ fp_mountd_disable_rcconf|to_yaml|indent(2) }}
29 fp_rpcbind_enable: {{ fp_rpcbind_enable }}
30 fp_rpcbind_flags: {{ fp_rpcbind_flags }}
31 fp_rpcbind_enable_rcconf:
32 {{ fp_rpcbind_enable_rcconf|to_yaml|indent(2) }}
33 fp_rpcbind_disable_rcconf:
34 {{ fp_rpcbind_disable_rcconf|to_yaml|indent(2) }}
35 fp_rpc_lockd_enable: {{ fp_rpc_lockd_enable }}
36 fp_rpc_lockd_flags: {{ fp_rpc_lockd_flags }}
37 fp_rpc_lockd_enable_rcconf:
38 {{ fp_rpc_lockd_enable_rcconf|to_yaml|indent(2) }}
39 fp_rpc_lockd_disable_rcconf:
40 {{ fp_rpc_lockd_disable_rcconf|to_yaml|indent(2) }}
41 fp_rpc_statd_enable: {{ fp_rpc_statd_enable }}
42 fp_rpc_statd_flags: {{ fp_rpc_statd_flags }}
43 fp_rpc_statd_enable_rcconf:
44 {{ fp_rpc_statd_enable_rcconf|to_yaml|indent(2) }}
45 fp_rpc_statd_disable_rcconf:
46 {{ fp_rpc_statd_disable_rcconf|to_yaml|indent(2) }}
47 fp_nfsd_service_paths:
48 {{ fp_nfsd_service_paths|to_nice_yaml|indent(2) }}
49 ansible.builtin.debug:
50 msg: "{{ '{}'.format(msg) }}"
51 when: fp_nfsd_debug|bool
52 tags: fp_nfsd_debug
53
54# Note: The module service_facts doesn't work in FreeBSD.
55- name: "nfsd: Service state info"
56 ansible.builtin.include_role:
57 name: vbotka.ansible_lib
58 tasks_from: al_bsd_service_facts
59 apply:
60 tags: fp_nfsd_services
61 tags: always
62 when: not ansible_check_mode
63 vars:
64 al_bsd_service_paths: "{{ fp_nfsd_service_paths }}"
65
66- name: "nfsd: Debug service state info"
67 ansible.builtin.debug:
68 var: al_ansible_facts_services|default({})
69 when: fp_nfsd_debug|bool
70 tags: fp_nfsd_services
71
72- name: "nfsd: Debug handlers"
73 ansible.builtin.debug:
74 var: fp_nfsd_handlers
75 when: fp_nfsd_debug|bool
76 tags: fp_nfsd_services
77
78- name: "nfsd: Configure /etc/exports"
79 ansible.builtin.template:
80 src: exports.j2
81 dest: /etc/exports
82 mode: "0644"
83 backup: "{{ fp_backup }}"
84 notify: reload mountd
85 tags: fp_nfsd_exports
86
87- name: "nfsd: Enable services"
88 ansible.builtin.include_tasks:
89 file: fn/rcconf-item.yml
90 loop:
91 - label: "nfsd: Enable and start nfs server"
92 conf: "{{ fp_nfsd_enable_rcconf }}"
93 when: "{{ fp_nfsd_enable|bool }}"
94 notify: "{{ fp_nfsd_handlers.nfsd }}"
95 - label: "nfsd: Enable and start mountd"
96 conf: "{{ fp_mountd_enable_rcconf }}"
97 when: "{{ fp_mountd_enable|bool }}"
98 notify: "{{ fp_nfsd_handlers.mountd }}"
99 - label: "nfsd: Enable and start rpcbind"
100 conf: "{{ fp_rpcbind_enable_rcconf }}"
101 when: "{{ fp_rpcbind_enable|bool }}"
102 notify: "{{ fp_nfsd_handlers.rpcbind }}"
103 - label: "nfsd: Enable and start lockd"
104 conf: "{{ fp_rpc_lockd_enable_rcconf }}"
105 when: "{{ fp_rpc_lockd_enable|bool }}"
106 notify: "{{ fp_nfsd_handlers.lockd }}"
107 - label: "nfsd: Enable and start statd"
108 conf: "{{ fp_rpc_statd_enable_rcconf }}"
109 when: "{{ fp_rpc_statd_enable|bool }}"
110 notify: "{{ fp_nfsd_handlers.statd }}"
111 loop_control:
112 loop_var: oi
113 label: "{{ oi.label }}"
114 tags: fp_nfsd_enable
115
116- name: "nfsd: Disable services"
117 ansible.builtin.include_tasks:
118 file: fn/rcconf-item.yml
119 loop:
120 - label: "nfsd: Disable and stop nfs server"
121 conf: "{{ fp_nfsd_disable_rcconf }}"
122 when: "{{ not fp_nfsd_enable|bool }}"
123 notify: disable and stop nfs server
124 - label: "nfsd: Disable and stop mountd"
125 conf: "{{ fp_mountd_disable_rcconf }}"
126 when: "{{ not fp_mountd_enable|bool }}"
127 notify: disable and stop mountd
128 - label: "nfsd: Disable and stop rpcbind"
129 conf: "{{ fp_rpcbind_disable_rcconf }}"
130 when: "{{ not fp_rpcbind_enable|bool }}"
131 notify: disable and stop rpcbind
132 - label: "nfsd: Disable and stop lockd"
133 conf: "{{ fp_rpc_lockd_disable_rcconf }}"
134 when: "{{ not fp_rpc_lockd_enable|bool }}"
135 notify: disable and stop lockd
136 - label: "nfsd: Disable and stop statd"
137 conf: "{{ fp_rpc_statd_disable_rcconf }}"
138 when: "{{ not fp_rpc_statd_enable|bool }}"
139 notify: disable and stop statd
140 loop_control:
141 loop_var: oi
142 label: "{{ oi.label }}"
143 tags: fp_nfsd_disable
144
145# EOF
146...
See also
Handler nfsd.yml
Template exports.j2
<TBD>
Note
<TBD>
Hint
<TBD>
Warning
<TBD>
nfs.yml
Synopsis: Configure NFS client.
To display variables (3) enable fp_nfs_debug=true (27). Collect
status of the services (31) stored in the list
fp_nfs_service_paths. The module service_facts doesn’t work
in FreeBSD. Instead, use the task al_bsd_service_facts (34) from
the library (33). This task doesn’t support the check mode. This
task will return the dictionary
al_ansible_facts_services. Display this dictionary (42). This
dictionary is used to select the handlers in the dictionary
fp_nfs_handlers. There is no status option of the service
nfsclient. Insteda of starting the service, restart it if there
are any nfs mountpoints, i.e. the file /var/db/mounttab
exists. Test the existence of the file var/db/nounttab (50) and
display the result fp_var_db_mounttab.stat.exists (56). This
variable will be used to select the handler in the dictionary
fp_nfs_handlers. Display the dictionary fp_nfsd_handlers
(62). The defaults are used in check mode because of empty
dictionary al_ansible_facts_services. Configure and enable (68),
or disable (89) services. If the configuration of a service changes
the service will be reloaded or restarted when already running.
1---
2
3- name: "nfs: Debug (fp_nfs_debug={{ fp_nfs_debug }})"
4 vars:
5 msg: |-
6 fp_nfs_enable: {{ fp_nfs_enable }}
7 fp_nfs_enable_rcconf:
8 {{ fp_nfs_enable_rcconf|to_yaml|indent(2) }}
9 fp_nfs_disable_rcconf:
10 {{ fp_nfs_disable_rcconf|to_yaml|indent(2) }}
11 fp_rpc_lockd_enable: {{ fp_rpc_lockd_enable }}
12 fp_rpc_lockd_flags: {{ fp_rpc_lockd_flags }}
13 fp_rpc_lockd_enable_rcconf:
14 {{ fp_rpc_lockd_enable_rcconf|to_yaml|indent(2) }}
15 fp_rpc_lockd_disable_rcconf:
16 {{ fp_rpc_lockd_disable_rcconf|to_yaml|indent(2) }}
17 fp_rpc_statd_enable: {{ fp_rpc_statd_enable }}
18 fp_rpc_statd_flags: {{ fp_rpc_statd_flags }}
19 fp_rpc_statd_enable_rcconf:
20 {{ fp_rpc_statd_enable_rcconf|to_yaml|indent(2) }}
21 fp_rpc_statd_disable_rcconf:
22 {{ fp_rpc_statd_disable_rcconf|to_yaml|indent(2) }}
23 fp_nfs_service_paths:
24 {{ fp_nfs_service_paths|to_nice_yaml|indent(2) }}
25 ansible.builtin.debug:
26 msg: "{{ '{}'.format(msg) }}"
27 when: fp_nfs_debug|bool
28 tags: fp_nfs_debug
29
30# Note: The module service_facts doesn't work in FreeBSD.
31- name: "nfs: Service state info"
32 ansible.builtin.include_role:
33 name: vbotka.ansible_lib
34 tasks_from: al_bsd_service_facts
35 apply:
36 tags: fp_nfs_services
37 tags: always
38 when: not ansible_check_mode
39 vars:
40 al_bsd_service_paths: "{{ fp_nfs_service_paths }}"
41
42- name: "nfs: Debug service state info"
43 ansible.builtin.debug:
44 var: al_ansible_facts_services|default({})
45 when: fp_nfs_debug|bool
46 tags: fp_nfs_services
47
48# Note: There is no status option of nfsclient. If needed, restart the
49# service when /var/db/mounttab exists.
50- name: "nfs: Stat /var/db/mounttab"
51 ansible.builtin.stat:
52 path: /var/db/mounttab
53 register: fp_var_db_mounttab
54 tags: fp_nfs_services
55
56- name: "nfs: Debug stat /var/db/mounttab"
57 ansible.builtin.debug:
58 var: fp_var_db_mounttab.stat.exists
59 when: fp_nfs_debug|bool
60 tags: fp_nfs_services
61
62- name: "nfs: Debug handlers"
63 ansible.builtin.debug:
64 var: fp_nfs_handlers
65 when: fp_nfs_debug|bool
66 tags: fp_nfs_services
67
68- name: "nfs: Enable services"
69 ansible.builtin.include_tasks:
70 file: fn/rcconf-item.yml
71 loop:
72 - label: "nfs: Enable and start nfs client"
73 conf: "{{ fp_nfs_enable_rcconf }}"
74 when: "{{ fp_nfs_enable|bool }}"
75 notify: "{{ fp_nfs_handlers.nfsclient }}"
76 - label: "nfs: Enable and start lockd"
77 conf: "{{ fp_rpc_lockd_enable_rcconf }}"
78 when: "{{ fp_rpc_lockd_enable|bool }}"
79 notify: "{{ fp_nfs_handlers.lockd }}"
80 - label: "nfs: Enable and start statd"
81 conf: "{{ fp_rpc_statd_enable_rcconf }}"
82 when: "{{ fp_rpc_statd_enable|bool }}"
83 notify: "{{ fp_nfs_handlers.statd }}"
84 loop_control:
85 loop_var: oi
86 label: "{{ oi.label }}"
87 tags: fp_nfs_enable
88
89- name: "nfsd: Disable services"
90 ansible.builtin.include_tasks:
91 file: fn/rcconf-item.yml
92 loop:
93 - label: "nfs: Disable and stop nfs client"
94 conf: "{{ fp_nfs_disable_rcconf }}"
95 when: "{{ not fp_nfs_enable|bool }}"
96 notify: disable and stop nfs client
97 - label: "nfs: Disable and stop lockd"
98 conf: "{{ fp_rpc_lockd_disable_rcconf }}"
99 when: "{{ not fp_rpc_lockd_enable|bool }}"
100 notify: disable and stop lockd
101 - label: "nfs: Disable and stop statd"
102 conf: "{{ fp_rpc_statd_disable_rcconf }}"
103 when: "{{ not fp_rpc_statd_enable|bool }}"
104 notify: disable and stop statd
105 loop_control:
106 loop_var: oi
107 label: "{{ oi.label }}"
108 tags: fp_nfs_disable
109
110# EOF
111...
Note
<TBD>
Hint
<TBD>
Warning
<TBD>
ntpdate.yml
Synopsis: Configure ntpdate.
Description of the task.
1---
2
3- name: "ntpdate: Configure ntpdate in /etc/rc.conf"
4 ansible.builtin.lineinfile:
5 dest: /etc/rc.conf
6 regexp: '^\s*{{ item.key }}\s*=(.*)$'
7 line: '{{ item.key }}="{{ item.value }}"'
8 backup: "{{ fp_backup }}"
9 loop: "{{ fp_ntpdate_rcconf }}"
10
11# EOF
12...
ntp.yml
Synopsis: Configure ntp.
Description of the task.
1---
2
3- name: "ntp: Enable and start ntpd"
4 ansible.builtin.lineinfile:
5 dest: /etc/rc.conf
6 regexp: '^\s*ntpd_enable\s*=(.*)$'
7 line: 'ntpd_enable="YES"'
8 backup: "{{ fp_backup }}"
9 when: fp_ntp_enable|bool
10 notify: enable and start ntpd
11 tags: fp_ntp_rcconf
12
13- name: "ntp: Disable and stop ntpd"
14 ansible.builtin.lineinfile:
15 dest: /etc/rc.conf
16 regexp: '^\s*ntpd_enable\s*=(.*)$'
17 line: 'ntpd_enable="NO"'
18 backup: "{{ fp_backup }}"
19 when: not fp_ntp_enable|bool
20 notify: disable and stop ntpd
21 tags: fp_ntp_rcconf
22
23- name: "ntp: Create /etc/ntp.conf from template"
24 ansible.builtin.template:
25 src: "{{ fp_ntp_conf_template }}"
26 dest: "{{ fp_ntp_conf_file }}"
27 mode: "{{ fp_ntp_conf_mode }}"
28 backup: "{{ fp_backup }}"
29 notify: restart ntpd
30 tags: fp_ntp_conf
31
32# EOF
33...
packages-install.yml
Synopsis: Configure packages-install.
Description of the task.
1---
2
3- name: "packages-install: Get list of packages for {{ item.list }}"
4 ansible.builtin.set_fact:
5 local_pkg_list: "{{ lookup('vars', 'pkg_dict_' ~ ansible_architecture)|json_query(query) }}"
6 vars:
7 query: "[?pkglist=='{{ item.list }}'].packages"
8
9- name: "packages-install: Install packages"
10 community.general.pkgng:
11 name: "{{ local_pkg }}"
12 autoremove: "{{ fp_pkg_autoremove|default(omit) }}"
13 cached: "{{ fp_pkg_cached|default(omit) }}"
14 chroot: "{{ fp_pkg_chroot|default(omit) }}"
15 jail: "{{ fp_pkg_jail|default(omit) }}"
16 pkgsite: "{{ fp_pkg_pkgsite|default(omit) }}"
17 rootdir: "{{ fp_pkg_rootdir|default(omit) }}"
18 state: "{{ fp_pkg_state|default(omit) }}"
19 loop: "{{ local_pkg_list }}"
20 loop_control:
21 loop_var: local_pkg
22 label: "{{ local_pkg }}"
23 register: result
24 retries: "{{ freebsd_install_retries }}"
25 until: result is succeeded
26 delay: "{{ freebsd_install_delay }}"
27 when: freebsd_install_method|lower == "packages"
28
29- name: "packages-install: Install ports"
30 community.general.portinstall:
31 name: "{{ local_pkg }}"
32 use_packages: "{{ freebsd_use_packages }}"
33 loop: "{{ local_pkg_list }}"
34 loop_control:
35 loop_var: local_pkg
36 register: result
37 retries: "{{ freebsd_install_retries }}"
38 until: result is succeeded
39 delay: "{{ freebsd_install_delay }}"
40 when: freebsd_install_method|lower == "ports"
41
42# EOF
43...
packages.yml
Synopsis: Configure packages.
Description of the task.
1---
2
3- name: "packages: Debug (fp_packages_debug={{ fp_packages_debug }})"
4 vars:
5 msg: |-
6 freebsd_install_method: {{ freebsd_install_method }}
7 freebsd_use_packages: {{ freebsd_use_packages }}
8 freebsd_install_retries: {{ freebsd_install_retries }}
9 freebsd_install_delay: {{ freebsd_install_delay }}
10 fp_install: {{ fp_install }}
11 fp_pkg_autoremove: {{ fp_pkg_autoremove|default('UNDEFINED') }}
12 fp_pkg_cached: {{ fp_pkg_cached|default('UNDEFINED') }}
13 fp_pkg_chroot: {{ fp_pkg_chroot|default('UNDEFINED') }}
14 fp_pkg_jail: {{ fp_pkg_jail|default('UNDEFINED') }}
15 fp_pkg_pkgsite: {{ fp_pkg_pkgsite|default('UNDEFINED') }}
16 fp_pkg_rootdir: {{ fp_pkg_rootdir|default('UNDEFINED') }}
17 fp_pkg_state: {{ fp_pkg_state|default('UNDEFINED') }}
18 fp_packages:
19 {{ fp_packages|sort(attribute='list')|to_yaml|indent(2) }}
20 fp_links:
21 {{ fp_links|to_yaml|indent(2) }}
22 ansible_architecture: {{ ansible_architecture }}
23 pkg_dict_{{ ansible_architecture }}:
24 {{ lookup('vars', 'pkg_dict_' ~ ansible_architecture)|
25 sort(attribute='pkglist')|to_yaml|indent(2) }}
26 ansible.builtin.debug:
27 msg: "{{ '{}'.format(msg) }}"
28 when: fp_packages_debug|bool
29 tags: fp_packages_debug
30
31- name: "packages: Install packages"
32 ansible.builtin.include_tasks: packages-install.yml
33 loop: "{{ fp_packages }}"
34 when: item.enabled
35
36# links
37- name: "packages: Create symbolic links"
38 ansible.builtin.file:
39 src: "{{ item.target }}"
40 dest: "{{ item.link }}"
41 state: link
42 force: true
43 loop: "{{ fp_links }}"
44 tags: fp_packages_links
45
46# EOF
47...
passwords.yml
Synopsis: Configure passwords.
Description of the task.
1---
2
3- name: "passwords: Debug (fp_passwords_debug={{ fp_passwords_debug }})"
4 vars:
5 msg: |-
6 fp_passwords_fail_gracefully: {{ fp_passwords_fail_gracefully }}
7 fp_passwords_update_password: {{ fp_passwords_update_password }}
8 fp_users_conf:
9 {% if fp_passwords_debug_classified|bool %}
10 {{ fp_users_conf|default([])|to_nice_yaml|indent(2) }}
11 {% else %}
12 {% for user in fp_users_conf|default([]) %}
13 - userpass: ************
14 {% for k,v in user.items() %}
15 {% if k not in ['userpass'] %}
16 {{ k }}: {{ v }}
17 {% endif %}
18 {% endfor %}
19 {% endfor %}
20 {% endif %}
21 fp_passwordstore: {{ fp_passwordstore }}
22 fp_passwordstore_install: {{ fp_passwordstore_install }}
23 fp_passwordstore_debug: {{ fp_passwordstore_debug }}
24 fp_passwordstore_backup: {{ fp_passwordstore_backup }}
25 fp_passwordstore_create: {{ fp_passwordstore_create }}
26 fp_passwordstore_length: {{ fp_passwordstore_length }}
27 fp_passwordstore_nosymbols: {{ fp_passwordstore_nosymbols }}
28 fp_passwordstore_overwrite: {{ fp_passwordstore_overwrite }}
29 fp_passwordstore_passwordstore: {{ fp_passwordstore_passwordstore }}
30 fp_passwordstore_returnall: {{ fp_passwordstore_returnall }}
31 fp_passwordstore_subkey: {{ fp_passwordstore_subkey }}
32 fp_passwordstore_idempotent_password_hash: {{ fp_passwordstore_idempotent_password_hash }}
33 fp_passwordstore_hostname_var: {{ fp_passwordstore_hostname_var }}
34 fp_passwordstore_packages:
35 {{ fp_passwordstore_packages|to_nice_yaml|indent(2) }}
36 ansible.builtin.debug:
37 msg: "{{ '{}'.format(msg) }}"
38 when: fp_passwords_debug|bool
39 tags: fp_passwords_debug
40
41- name: "passwords: Passwordstore"
42 block:
43 - name: "passwords: Passwordstore: Install packages"
44 ansible.builtin.include_tasks:
45 file: packages-install.yml
46 loop:
47 - "{{ fp_passwordstore_packages }}"
48 - "{{ fp_gpg_packages }}"
49 - "{{ fp_gpg_packages_extra }}"
50 vars:
51 my_delegate_to_localhost: true
52 run_once: true
53 when: fp_passwordstore_install|bool
54 - name: "passwords: Passwordstore: Retrieve, create, or update userpass"
55 ansible.builtin.include_role:
56 name: vbotka.ansible_lib
57 tasks_from: al_pws_user_host.yml
58 vars:
59 al_pws_debug: "{{ fp_passwordstore_debug }}"
60 al_pws_backup: "{{ fp_passwordstore_backup }}"
61 al_pws_create: "{{ fp_passwordstore_create }}"
62 al_pws_length: "{{ fp_passwordstore_length }}"
63 al_pws_nosymbols: "{{ fp_passwordstore_nosymbols }}"
64 al_pws_overwrite: "{{ fp_passwordstore_overwrite }}"
65 al_pws_passwordstore: "{{ fp_passwordstore_passwordstore }}"
66 al_pws_returnall: "{{ fp_passwordstore_returnall }}"
67 al_pws_subkey: "{{ fp_passwordstore_subkey }}"
68 al_pws_idempotent_password_hash: "{{ fp_passwordstore_idempotent_password_hash }}"
69 al_pws_hostname_var: "{{ fp_passwordstore_hostname_var }}"
70 al_pws_query: "{{ fp_users_conf }}"
71 register: result
72 - name: "passwords: Passwordstore: Create empty list my_passwords"
73 ansible.builtin.set_fact:
74 my_passwords: [] # noqa no-log-password
75 - name: "passwords: Passwordstore: Create my_passwords"
76 ansible.builtin.set_fact:
77 my_passwords: "{{ my_passwords +
78 [item|dict2items|
79 rejectattr('key', 'equalto', 'userpass')|
80 list|items2dict|
81 combine({'update_password': fp_passwords_update_password})] }}"
82 loop: "{{ al_pws_query_result }}"
83 loop_control:
84 label: "{{ item.name }}"
85 no_log: "{{ not fp_passwords_debug_classified }}"
86 - name: "passwords: Passwordstore: Debug my_passwords"
87 ansible.builtin.debug:
88 var: my_passwords
89 when: fp_passwords_debug_classified|bool
90 - name: "passwords: Passwordstore: Include users"
91 ansible.builtin.include_tasks:
92 file: users.yml
93 vars:
94 fp_users: "{{ my_passwords }}"
95 rescue:
96 - name: "passwords: Passwordstore: Debug fail"
97 ansible.builtin.debug:
98 var: result
99 when: fp_passwords_debug_classified|bool
100 - name: "passwords: Passwordstore: Fail"
101 ansible.builtin.fail:
102 msg: "[ERROR] Passwordstore failed."
103 when: not fp_passwords_fail_gracefully|bool
104 when: fp_passwordstore|bool
105 tags: fp_passwords_passwordstore
106
107# EOF
108...
periodic.yml
Synopsis: Configure periodic.
Description of the task.
1---
2
3- name: "periodic: Debug (fp_periodic_debug={{ fp_periodic_debug }})"
4 vars:
5 msg: |-
6 fp_periodic_conf_local_file: {{ fp_periodic_conf_local_file }}
7 fp_periodic_conf_local:
8 {{ fp_periodic_conf_local|to_yaml|indent(2) }}
9 ansible.builtin.debug:
10 msg: "{{ '{}'.format(msg) }}"
11 when: fp_periodic_debug|bool
12 tags: fp_periodic_debug
13
14- name: "periodic: Configure {{ fp_periodic_conf_local_file }}"
15 ansible.builtin.lineinfile:
16 create: true
17 mode: "0644"
18 dest: "{{ fp_periodic_conf_local_file }}"
19 regexp: '^\s*{{ item.key }}\s*=(.*)$'
20 line: '{{ item.key }}="{{ item.value }}"'
21 backup: "{{ fp_backup }}"
22 loop: "{{ fp_periodic_conf_local }}"
23 tags: fp_periodic_conf_local
24
25# NOTES
26#
27# 13.10. Monitoring Third Party Security Issues
28# https://www.freebsd.org/doc/handbook/security-pkg.html
29#
30# Not Getting Security Reports
31# https://forums.freebsd.org/threads/not-getting-security-reports.21841/
32#
33# Daily security scripts: best practice for jails?
34# https://forums.freebsd.org/threads/daily-security-scripts-best-practice-for-jails.55868/
35
36# EOF
37...
procmail.yml
Synopsis: Configure procmail.
Description of the task.
1---
2
3- name: "procmail: Remove forwarders"
4 ansible.builtin.file:
5 state: absent
6 dest: "/home/{{ item.user }}/.forward"
7 loop: "{{ fp_procmail_forwarders }}"
8 when: fp_procmail_forwarders_rebuild|bool
9 tags: fp_procmail_forwarders
10
11- name: "procmail: Configure forwarders"
12 ansible.builtin.blockinfile:
13 create: true
14 dest: "/home/{{ item.user }}/.forward"
15 owner: "{{ item.user }}"
16 mode: "0644"
17 marker: "# {mark} ANSIBLE MANAGED BLOCK"
18 backup: "{{ fp_backup }}"
19 block: |
20 "{{ item.forward }}"
21 loop: "{{ fp_procmail_forwarders }}"
22 tags: fp_procmail_forwarders
23
24- name: "procmail: Configure .procmailrc"
25 ansible.builtin.blockinfile:
26 create: true
27 dest: "/home/{{ item.user }}/.procmailrc"
28 owner: "{{ item.user }}"
29 mode: "0644"
30 marker: "# {mark} ANSIBLE MANAGED BLOCK"
31 backup: "{{ fp_backup }}"
32 block: |
33 SHELL={{ fp_procmail_shell }}
34 VERBOSE={{ fp_procmail_verbose }}
35 PATH={{ fp_procmail_path }}
36 MAILDIR={{ fp_procmail_maildir }}
37 DEFAULT=/var/mail/{{ item.user }}
38 PMDIR={{ fp_procmail_pmdir }}
39 LOGFILE=$PMDIR/pm.log
40 LOCKFILE=$PMDIR/.lockfile
41 SENDMAIL=/usr/sbin/sendmail
42 loop: "{{ fp_procmail_forwarders }}"
43 tags: fp_procmail_procmailrc
44
45- name: "procmail: Create .procmail directory"
46 ansible.builtin.file:
47 state: directory
48 mode: "0755"
49 path: "/home/{{ item.user }}/.procmail"
50 owner: "{{ item.user }}"
51 loop: "{{ fp_procmail_forwarders }}"
52 tags: fp_procmail_dir
53
54- name: "procmail: Create includerc files"
55 ansible.builtin.template:
56 src: "procmailrc-includerc-{{ item.template }}.j2"
57 dest: "/home/{{ item.user }}/.procmail/{{ item.template }}.rc"
58 owner: "{{ item.user }}"
59 mode: "0644"
60 backup: "{{ fp_backup }}"
61 loop: "{{ fp_procmail_includerc }}"
62 loop_control:
63 label: "{{ item.user }} {{ item.template }}"
64 tags: fp_procmail_includerc
65
66- name: "procmail: Include rc files in .procmailrc"
67 ansible.builtin.lineinfile:
68 create: true
69 dest: "/home/{{ item.user }}/.procmailrc"
70 owner: "{{ item.user }}"
71 mode: "0644"
72 line: "INCLUDERC=$PMDIR/{{ item.template }}.rc"
73 insertafter: EOF
74 backup: "{{ fp_backup }}"
75 loop: "{{ fp_procmail_includerc }}"
76 loop_control:
77 label: "{{ item.user }} {{ item.template }}"
78 tags: fp_procmail_includerc
79
80# EOF
81...
resolvconf.yml
Synopsis: Configure resolvconf.
Description of the task.
1---
2
3# resolv.conf
4- name: "resolvconf: Absent lines in {{ fp_resolv_conf_file }}"
5 ansible.builtin.lineinfile:
6 create: true
7 state: absent
8 dest: "{{ fp_resolv_conf_file }}"
9 owner: "{{ fp_resolv_conf_owner }}"
10 group: "{{ fp_resolv_conf_group }}"
11 mode: "{{ fp_resolv_conf_mode }}"
12 regexp: '^\s*{{ item }}\s*$'
13 backup: "{{ fp_backup }}"
14 loop: "{{ fp_resolv_conf_absent }}"
15 tags: fp_resolv_conf_absent
16
17- name: "resolvconf: Present lines in {{ fp_resolv_conf_file }}"
18 ansible.builtin.lineinfile:
19 create: true
20 dest: "{{ fp_resolv_conf_file }}"
21 owner: "{{ fp_resolv_conf_owner }}"
22 group: "{{ fp_resolv_conf_group }}"
23 mode: "{{ fp_resolv_conf_mode }}"
24 regexp: '^\s*{{ item.key }}(.*)$'
25 line: '{{ item.key }} {{ item.value }}'
26 backup: "{{ fp_backup }}"
27 loop: "{{ fp_resolv_conf }}"
28 tags: fp_resolv_conf
29
30# resolvconf.conf
31- name: "resolvconf: Absent lines in {{ fp_resolvconf_conf_file }}"
32 ansible.builtin.lineinfile:
33 create: true
34 state: absent
35 dest: "{{ fp_resolvconf_conf_file }}"
36 owner: "{{ fp_resolvconf_conf_owner }}"
37 group: "{{ fp_resolvconf_conf_group }}"
38 mode: "{{ fp_resolvconf_conf_mode }}"
39 regexp: '^\s*{{ item }}\s*$'
40 backup: "{{ fp_backup }}"
41 loop: "{{ fp_resolvconf_conf_absent }}"
42 notify: resolvconf apply
43 tags: fp_resolvconf_conf_absent
44
45- name: "resolvconf: Present lines in {{ fp_resolvconf_conf_file }}"
46 ansible.builtin.lineinfile:
47 create: true
48 dest: "{{ fp_resolvconf_conf_file }}"
49 owner: "{{ fp_resolvconf_conf_owner }}"
50 group: "{{ fp_resolvconf_conf_group }}"
51 mode: "{{ fp_resolvconf_conf_mode }}"
52 regexp: '^\s*{{ item.key }}\s*=(.*)$'
53 line: '{{ item.key }}="{{ item.value }}"'
54 backup: "{{ fp_backup }}"
55 loop: "{{ fp_resolvconf_conf }}"
56 notify: resolvconf apply
57 tags: fp_resolvconf_conf
58
59# EOF
60...
smartd.yml
Synopsis: Configure smartd.
Description of the task.
1---
2
3- name: "smartd: Enable and start smartd"
4 ansible.builtin.lineinfile:
5 dest: /etc/rc.conf
6 regexp: '^\s*smartd_enable\s*=(.*)$'
7 line: 'smartd_enable="YES"'
8 backup: "{{ fp_backup }}"
9 when: fp_smartd_enabled|bool
10 notify: enable and start smartd
11 tags: fp_smartd_rcconf
12
13- name: "smartd: Disable and stop smartd"
14 ansible.builtin.lineinfile:
15 dest: /etc/rc.conf
16 regexp: '^\s*smartd_enable\s*=(.*)$'
17 line: 'smartd_enable="NO"'
18 backup: "{{ fp_backup }}"
19 when: not fp_smartd_enabled|bool
20 notify: disable and stop smartd
21 tags: fp_smartd_rcconf
22
23- name: "smartd: Configure smartd.conf"
24 ansible.builtin.lineinfile:
25 dest: "{{ fp_smartd_conf_file }}"
26 regexp: '^\s*DEVICESCAN(.*)$'
27 state: absent
28 backup: "{{ fp_backup }}"
29 notify: reload smartd
30 tags: fp_smartd_conf
31
32- name: "smartd: Configure devices in {{ fp_smartd_conf_file }}"
33 ansible.builtin.lineinfile:
34 create: true
35 dest: "{{ fp_smartd_conf_file }}"
36 regexp: "{{ item.regexp }}"
37 line: "{{ item.line }}"
38 state: "{{ item.state|default(omit) }}"
39 owner: "{{ fp_smartd_conf_owner }}"
40 group: "{{ fp_smartd_conf_group }}"
41 mode: "{{ fp_smartd_conf_mode }}"
42 backup: "{{ fp_backup }}"
43 loop: "{{ fp_smartd_devices }}"
44 notify: reload smartd
45 tags: fp_smartd_conf
46
47# EOF
48...
sanity.yml
Synopsis: Configure sanity.
Description of the task.
1---
2
3- name: "sanity: Debug (fp_sanity_debug={{ fp_sanity_debug }})"
4 ansible.builtin.debug:
5 msg: |-
6 ansible_run_tags:
7 {{ ansible_run_tags|to_yaml }}
8 ansible_skip_tags:
9 {{ ansible_skip_tags|to_yaml }}
10 fp_sanity_tags:
11 {{ fp_sanity_tags|to_yaml }}
12 when: fp_sanity_debug|bool
13 tags: fp_sanity_debug
14
15- name: "sanity: Unknown run tags"
16 ansible.builtin.fail:
17 msg: "[ERROR] Unknown run tag(s): {{ _tags_unknown }}"
18 vars:
19 _tags_unknown: "{{ ansible_run_tags|difference(fp_sanity_tags) }}"
20 when:
21 - fp_sanity_tags_fatal|bool
22 - ansible_run_tags|length > 0
23 - _tags_unknown|length > 0
24
25- name: "sanity: Unknown skip tags"
26 ansible.builtin.fail:
27 msg: "[ERROR] Unknown skip tag(s): {{ _tags_unknown }}"
28 vars:
29 _tags_unknown: "{{ ansible_skip_tags|difference(fp_sanity_tags) }}"
30 when:
31 - fp_sanity_tags_fatal|bool
32 - ansible_skip_tags|length > 0
33 - _tags_unknown|length > 0
34
35# EOF
36...
snmpd.yml
Synopsis: Configure snmpd.
Description of the task.
1---
2
3- name: "snmpd: Enable and start snmpd"
4 ansible.builtin.lineinfile:
5 dest: /etc/rc.conf
6 regexp: '^\s*snmpd_enable\s*=(.*)$'
7 line: 'snmpd_enable="YES"'
8 backup: "{{ fp_backup }}"
9 when: fp_snmpd_enabled|bool
10 notify: enable and start snmpd
11 tags: fp_snmpd_rcconf
12
13- name: "snmpd: Disable and stop snmpd"
14 ansible.builtin.lineinfile:
15 dest: /etc/rc.conf
16 regexp: '^\s*snmpd_enable\s*=(.*)$'
17 line: 'snmpd_enable="NO"'
18 backup: "{{ fp_backup }}"
19 when: not fp_snmpd_enabled|bool
20 notify: disable and stop snmpd
21 tags: fp_snmpd_rcconf
22
23- name: "snmpd: Configure /etc/rc.conf"
24 ansible.builtin.lineinfile:
25 dest: /etc/rc.conf
26 regexp: '^\s*{{ item.key }}\s*=(.*)$'
27 line: '{{ item.key }}="{{ item.value }}"'
28 backup: "{{ fp_backup }}"
29 loop: "{{ fp_snmpd_rcconf }}"
30 notify: restart snmpd
31 tags: fp_snmpd_rcconf
32
33- name: "snmpd: Copy snmpd.conf.example to snmpd.conf if not exist"
34 ansible.builtin.copy:
35 force: false
36 remote_src: true
37 src: /usr/local/share/snmp/snmpd.conf.example
38 dest: /usr/local/etc/snmpd.conf
39 owner: root
40 group: wheel
41 mode: "0644"
42 notify: restart snmpd
43 tags: fp_snmpd_conf_copy
44
45- name: "snmpd: Configure /usr/local/etc/snmpd.conf"
46 ansible.builtin.lineinfile:
47 path: /usr/local/etc/snmpd.conf
48 regexp: '^\s*{{ item.key }}\s*=(.*)$'
49 line: "{{ item.key }} {{ item.value }}"
50 state: "{{ item.state|default(omit) }}"
51 backup: "{{ fp_backup }}"
52 loop: "{{ fp_snmpd_conf }}"
53 notify: restart snmpd
54 tags: fp_snmpd_conf
55
56# EOF
57...
sshd.yml
Synopsis: Configure sshd.
Description of the task.
1---
2
3- name: "sshd: Debug (fp_sshd_debug={{ fp_sshd_debug }})"
4 vars:
5 msg: |-
6 fp_sshd_bin: {{ fp_sshd_bin }}
7 fp_sshd_conf_file: {{ fp_sshd_conf_file }}
8 fp_sshd_conf:
9 {{ fp_sshd_conf|to_yaml|indent(2) }}
10 ansible.builtin.debug:
11 msg: "{{ '{}'.format(msg) }}"
12 when: fp_sshd_debug|bool
13 tags: fp_sshd_debug
14
15- name: "sshd: Enable and start sshd"
16 ansible.builtin.lineinfile:
17 dest: /etc/rc.conf
18 regexp: '^\s*sshd_enable\s*=(.*)$'
19 line: 'sshd_enable="YES"'
20 backup: "{{ fp_backup }}"
21 notify: enable and start sshd
22 when: fp_sshd_enable|bool
23 tags: fp_sshd_rcconf
24
25- name: "sshd: Disable and stop sshd"
26 ansible.builtin.lineinfile:
27 dest: /etc/rc.conf
28 regexp: '^\s*sshd_enable\s*=(.*)$'
29 line: 'sshd_enable="NO"'
30 backup: "{{ fp_backup }}"
31 notify: disable and stop sshd
32 when: not fp_sshd_enable|bool
33 tags: fp_sshd_rcconf
34
35- name: "sshd: Configure {{ fp_sshd_conf_file }}"
36 ansible.builtin.lineinfile:
37 dest: "{{ fp_sshd_conf_file }}"
38 regexp: '^\s*{{ item.key }}\s+(.*)$'
39 insertbefore: '^\s*#\s*{{ item.key }}'
40 line: "{{ item.key }} {{ item.value }}"
41 backup: "{{ fp_backup }}"
42 validate: "{{ fp_sshd_bin }} -t -f %s"
43 loop: "{{ fp_sshd_conf }}"
44 notify: reload sshd
45 tags: fp_sshd_config
46
47# EOF
48...
ssh.yml
Synopsis: Configure ssh.
Description of the task.
1---
2
3- name: "ssh: Debug (fp_ssh_debug={{ fp_ssh_debug }})"
4 vars:
5 msg: |-
6 fp_ssh_conf_file: {{ fp_ssh_conf_file }}
7 fp_ssh_conf:
8 {{ fp_ssh_conf|to_yaml|indent(2) }}
9 ansible.builtin.debug:
10 msg: "{{ '{}'.format(msg) }}"
11 when: fp_ssh_debug|bool
12 tags: fp_ssh_debug
13
14- name: "ssh: Configure {{ fp_ssh_conf_file }}"
15 ansible.builtin.template:
16 src: "{{ fp_ssh_conf_template }}"
17 dest: "{{ fp_ssh_conf_file }}"
18 owner: "{{ fp_ssh_conf_owner }}"
19 group: "{{ fp_ssh_conf_group }}"
20 mode: "{{ fp_ssh_conf_mode }}"
21 backup: "{{ fp_backup }}"
22 tags: fp_ssh_config
23
24# EOF
25...
sudoers.yml
Synopsis: Configure sudoers.
Description of the task.
1---
2
3- name: "sudoers: Configure {{ fp_sudoers_conf_file }}"
4 ansible.builtin.lineinfile:
5 dest: "{{ fp_sudoers_conf_file }}"
6 regexp: '^\s*{{ item.key }}\s+(.*)$'
7 line: "{{ item.key }} {{ item.value }}"
8 state: "{{ item.state|default(omit) }}"
9 insertafter: EOF
10 owner: "{{ fp_sudoers_conf_owner }}"
11 group: "{{ fp_sudoers_conf_group }}"
12 mode: "{{ fp_sudoers_conf_mode }}"
13 backup: "{{ fp_backup }}"
14 loop: "{{ fp_sudoers_conf }}"
15
16# TODO:
17# (1) configure /usr/local/etc/sudoers.d
18# (2) configure /usr/local/etc/sudoers.dist
19
20# EOF
21...
swap.yml
Synopsis: Configure swap.
Description of the task.
1---
2
3- name: "swap: Debug (fp_swap_debug={{ fp_swap_debug }})"
4 vars:
5 msg: |-
6 fp_swap_enable: {{ fp_swap_enable }}
7 fp_swap_file: {{ fp_swap_file|default("UNDEFINED") }}
8 fp_swap_md: {{ fp_swap_md|default("UNDEFINED") }}
9 fp_swap_size: {{ fp_swap_size|default("UNDEFINED") }}
10 fp_swap_stsize: {{ fp_swap_stsize|default("UNDEFINED") }}
11 ansible.builtin.debug:
12 msg: "{{ '{}'.format(msg) }}"
13 when: fp_swap_debug|bool
14 tags: fp_swap_debug
15
16- name: "swap: Enable swap and add entry in /etc/fstab"
17 block:
18 - name: "swap: Create swapfile {{ fp_swap_file }}"
19 ansible.builtin.shell:
20 cmd: >
21 sh -c
22 'if [ ! -e {{ fp_swap_file }} ]; then
23 printf "create";
24 fi'
25 register: command_result
26 changed_when: command_result.stdout|default("none") == "create"
27 notify: create swap
28 - name: "swap: Create swap entry in /etc/fstab"
29 ansible.builtin.lineinfile:
30 path: /etc/fstab
31 regexp: '^\s*{{ fp_swap_md }}\s+(.*)$'
32 line: "{{ fp_swap_md }} none swap sw,file={{ fp_swap_file }},late 0 0"
33 backup: "{{ fp_backup }}"
34 notify: mount swap
35# ansible.posix.mount:
36# name="none"
37# src="{{ fp_swap_md }}"
38# fstype="swap"
39# opts="sw,file={{ fp_swap_file }},late"
40# passno="0"
41# dump="0"
42# state="present"
43# backup yes
44# Note: mount module fstype swap does not work with FreeBSD as
45# expected. Instead of adding the src all swap mount points present in
46# the fstab are replaced with src.
47 - name: "swap: Change swapfile {{ fp_swap_file }}"
48 ansible.builtin.shell:
49 cmd: >
50 sh -c
51 'if [ -e {{ fp_swap_file }} ] &&
52 [ "`stat -f %z {{ fp_swap_file }}`" -ne "{{ fp_swap_stsize }}" ]; then
53 printf "change";
54 fi'
55 register: command_result
56 changed_when: command_result.stdout|default("none") == "change"
57 notify: change and mount swap
58 when: fp_swap_enable|bool
59
60- name: "swap: Disable swap and remove entry from /etc/fstab"
61 ansible.builtin.lineinfile:
62 path: /etc/fstab
63 regexp: '^\s*{{ fp_swap_md }}\s+(.*)$'
64 state: absent
65 backup: "{{ fp_backup }}"
66 notify: umount and delete swap
67 when:
68 - not fp_swap_enable|bool
69 - fp_swap_md is defined
70
71# EOF
72...
sysctl.yml
Synopsis: Configure sysctl.
Description of the task.
1---
2
3- name: "sysctl: Debug (fp_sysctl_debug={{ fp_sysctl_debug }})"
4 vars:
5 msg: |-
6 fp_sysctl_warning_loader_needed: {{ fp_sysctl_warning_loader_needed }}
7 fp_sysctl_conf_file: {{ fp_sysctl_conf_file }}
8 fp_sysctl_ignoreerrors: {{ fp_sysctl_ignoreerrors }}
9 fp_sysctl_conf:
10 {{ fp_sysctl_conf|to_yaml|indent(2) }}
11 ansible.builtin.debug:
12 msg: "{{ '{}'.format(msg) }}"
13 when: fp_sysctl_debug|bool
14
15- name: "sysctl: Register sysctl variables that are settable via loader"
16 ansible.builtin.command:
17 cmd: sysctl -aNT
18 register: tmp_loader_vars
19 changed_when: false
20
21- name: "sysctl: Create empty list fp_sysctl_noloader_conf"
22 ansible.builtin.set_fact:
23 fp_sysctl_noloader_conf: []
24
25- name: "sysctl: [WARNING] Does not report changes in check mode because of empty tmp_loader_vars"
26 ansible.builtin.debug:
27 msg: "[WARNING] Next task does not report changes in check mode because of empty tmp_loader_vars"
28 when:
29 - ansible_check_mode|bool
30 - fp_sysctl_debug|bool
31
32- name: "sysctl: Add items to fp_sysctl_noloader_conf"
33 ansible.builtin.set_fact:
34 fp_sysctl_noloader_conf: "{{ fp_sysctl_noloader_conf + [item] }}"
35 loop: "{{ fp_sysctl_conf }}"
36 when:
37 - tmp_loader_vars.stdout_lines|default([])|length > 0
38 - item.name not in tmp_loader_vars.stdout_lines
39
40- name: "sysctl: Debug fp_sysctl_noloader_conf"
41 ansible.builtin.debug:
42 var: fp_sysctl_noloader_conf|to_yaml
43 when: fp_sysctl_debug|bool
44
45- name: "sysctl: [WARNING] Does not report changes in check mode because of empty fp_sysctl_noloader_conf"
46 ansible.builtin.debug:
47 msg: "[WARNING] Next task does not report changes in check mode because of empty fp_sysctl_noloader_conf"
48 when:
49 - ansible_check_mode|bool
50 - fp_sysctl_debug|bool
51
52- name: "sysctl: Configure {{ fp_sysctl_conf_file }}"
53 ansible.posix.sysctl:
54 sysctl_file: "{{ fp_sysctl_conf_file }}"
55 name: "{{ item.name }}"
56 value: "{{ item.value }}"
57 state: "{{ item.state|default(omit) }}"
58 reload: "{{ item.reload|default(omit) }}"
59 sysctl_set: "{{ item.set|default(omit) }}"
60 ignoreerrors: "{{ fp_sysctl_ignoreerrors|default(omit) }}"
61 loop: "{{ fp_sysctl_noloader_conf }}"
62
63
64- name: "sysctl: [WARNING] Tuneables present in fp_sysctl_conf but fp_loader not enabled"
65 ansible.builtin.debug:
66 msg: "[WARNING] Tuneables present in fp_sysctl_conf but fp_loader not enabled"
67 when:
68 - not ansible_check_mode|bool
69 - fp_sysctl_debug|bool
70 - fp_sysctl_warning_loader_needed|bool
71 - fp_sysctl_conf|length > fp_sysctl_noloader_conf|length
72 - not fp_loader|bool
73
74# NOTES
75# 1) As of v2.6 module sysctl 'optionally performs a /sbin/sysctl -p'
76# http://ansible-manual.readthedocs.io/en/latest/sysctl_module.html
77# 2) freebsd doesn't support -p, so reload the sysctl service
78# rc,out,err = self.module.run_command('/etc/rc.d/sysctl reload')
79# https://github.com/ansible/ansible-modules-core/blob/devel/system/sysctl.py
80# 3) See loader.yml how tuneables are settable via loader.
81# https://forums.freebsd.org/threads/reload-loader-conf.72010/
82
83# EOF
84...
timezone.yml
Synopsis: Configure timezone.
Description of the task.
1---
2
3- name: "timezone: Debug (fp_timezone_debug={{ fp_timezone_debug }})"
4 ansible.builtin.debug:
5 msg: |-
6 fp_zoneinfo: {{ fp_zoneinfo }}
7 when: fp_timezone_debug|bool
8 tags: fp_timezone_debug
9
10- name: "timezone: set timezone to {{ fp_zoneinfo }}"
11 community.general.timezone:
12 name: "{{ fp_zoneinfo }}"
13 notify: adjust CMOS
14
15# EOF
16...
tmpmfs.yml
Synopsis: Configure tmpmfs.
Description of the task.
1---
2
3- name: "tmpmfs: Debug (fp_tmpmfs_debug={{ fp_tmpmfs_debug }})"
4 vars:
5 msg: |-
6 fp_tmpmfs_rcconf:
7 {{ fp_tmpmfs_rcconf|to_yaml|indent(2) }}
8 ansible.builtin.debug:
9 msg: "{{ '{}'.format(msg) }}"
10 when: fp_tmpmfs_debug|bool
11 tags: fp_tmpmfs_debug
12
13- name: "tmpmfs: Configure tmpmfs"
14 ansible.builtin.lineinfile:
15 dest: /etc/rc.conf
16 regexp: '^\s*{{ item.key }}\s*=(.*)$'
17 line: '{{ item.key }}="{{ item.value }}"'
18 backup: "{{ fp_backup }}"
19 loop: "{{ fp_tmpmfs_rcconf }}"
20 tags: fp_tmpmfs_rcconf
21
22# EOF
23...
users.yml
Synopsis: Configure users.
Description of the task.
1---
2
3- name: "users: Debug (fp_users_debug={{ fp_users_debug }})"
4 vars:
5 msg: |-
6 fp_users_debug_classified: {{ fp_users_debug_classified }}
7 fp_users_conf:
8 {{ fp_users_conf|to_nice_yaml|indent(2) }}
9 ansible.builtin.debug:
10 msg: "{{ '{}'.format(msg) }}"
11 when: fp_users_debug|bool
12 tags: fp_users_debug
13
14- name: "users: Manage user accounts"
15 ansible.builtin.user:
16 name: "{{ item.name }}"
17 append: "{{ item.append|default(omit) }}"
18 authorization: "{{ item.authorization|default(omit) }}"
19 comment: "{{ item.comment|default(omit) }}"
20 create_home: "{{ item.create_home|default(omit) }}"
21 expires: "{{ item.expires|default(omit) }}"
22 force: "{{ item.force|default(omit) }}"
23 generate_ssh_key: "{{ item.generate_ssh_key|default(omit) }}"
24 group: "{{ item.group|default(omit) }}"
25 groups: "{{ item.groups|default(omit) }}"
26 hidden: "{{ item.hidden|default(omit) }}"
27 home: "{{ item.home|default(omit) }}"
28 local: "{{ item.local|default(omit) }}"
29 login_class: "{{ item.login_class|default(omit) }}"
30 move_home: "{{ item.move_home|default(omit) }}"
31 non_unique: "{{ item.non_unique|default(omit) }}"
32 password: "{{ item.password|default(omit) }}"
33 password_lock: "{{ item.password_lock|default(omit) }}"
34 profile: "{{ item.profile|default(omit) }}"
35 remove: "{{ item.remove|default(omit) }}"
36 role: "{{ item.role|default(omit) }}"
37 seuser: "{{ item.seuser|default(omit) }}"
38 shell: "{{ item.shell|default(omit) }}"
39 skeleton: "{{ item.skeleton|default(omit) }}"
40 ssh_key_bits: "{{ item.ssh_key_bits|default(omit) }}"
41 ssh_key_comment: "{{ item.ssh_key_comment|default(omit) }}"
42 ssh_key_file: "{{ item.ssh_key_file|default(omit) }}"
43 ssh_key_passphrase: "{{ item.ssh_key_passphrase|default(omit) }}"
44 ssh_key_type: "{{ item.ssh_key_type|default(omit) }}"
45 state: "{{ item.state|default(omit) }}"
46 system: "{{ item.system|default(omit) }}"
47 uid: "{{ item.uid|default(omit) }}"
48 update_password: "{{ item.update_password|default(omit) }}"
49 loop: "{{ fp_users_conf }}"
50 loop_control:
51 label: "{{ item.name }}"
52 no_log: "{{ not fp_users_debug_classified }}"
53
54# EOF
55...
wpasupplicant.yml
Synopsis: Configure wpasupplicant.
Description of the task.
1---
2
3- name: "wpasupplicant: Debug (fp_wpasupplicant_debug={{ fp_wpasupplicant_debug }})"
4 vars:
5 msg: |-
6 fp_wpasupplicant_backup: {{ fp_wpasupplicant_backup }}
7 fp_wpasupplicant_program: {{ fp_wpasupplicant_program }}
8 fp_wpasupplicant_flags: {{ fp_wpasupplicant_flags }}
9 fp_wpasupplicant_rcconf:
10 {{ fp_wpasupplicant_rcconf|to_yaml|indent(2) }}
11 fp_wpasupplicant_conf_rc: {{ fp_wpasupplicant_conf_rc }}
12 fp_wpasupplicant_conf_file_link: {{ fp_wpasupplicant_conf_file_link }}
13 fp_wpasupplicant_conf_owner: {{ fp_wpasupplicant_conf_owner }}
14 fp_wpasupplicant_conf_group: {{ fp_wpasupplicant_conf_group }}
15 fp_wpasupplicant_conf_mode: {{ fp_wpasupplicant_conf_mode }}
16 fp_wpasupplicant_conf_dir: {{ fp_wpasupplicant_conf_dir }}
17 fp_wpasupplicant_conf_file: {{ fp_wpasupplicant_conf_file }}
18 fp_wpasupplicant_conf_template: {{ fp_wpasupplicant_conf_template }}
19 fp_wpasupplicant_conf_ctrl_interface: {{ fp_wpasupplicant_conf_ctrl_interface }}
20 fp_wpasupplicant_conf_global:
21 {{ fp_wpasupplicant_conf_global|to_yaml|indent(2) }}
22 {% if fp_wpasupplicant_debug_classified %}
23 fp_wpasupplicant_conf:
24 {{ fp_wpasupplicant_conf|to_yaml|indent(2) }}
25 {% endif %}
26 ansible.builtin.debug:
27 msg: "{{ '{}'.format(msg) }}"
28 when: fp_wpasupplicant_debug|bool
29 tags: fp_wpasupplicant_debug
30
31- name: "wpasupplicant: Configure /etc/rc.conf"
32 ansible.builtin.lineinfile:
33 dest: /etc/rc.conf
34 regexp: '^\s*{{ item.key }}\s*=(.*)$'
35 line: '{{ item.key }}="{{ item.value }}"'
36 backup: "{{ fp_wpasupplicant_backup }}"
37 loop: "{{ fp_wpasupplicant_rcconf }}"
38 notify: restart netif
39 tags: fp_wpasupplicant_rcconf
40
41- name: "wpasupplicant: Configure {{ fp_wpasupplicant_conf_file }}.DEV"
42 ansible.builtin.template:
43 src: "{{ fp_wpasupplicant_conf_template }}"
44 dest: "{{ fp_wpasupplicant_conf_file }}.{{ item.dev }}"
45 owner: "{{ fp_wpasupplicant_conf_owner }}"
46 group: "{{ fp_wpasupplicant_conf_group }}"
47 mode: "{{ fp_wpasupplicant_conf_mode }}"
48 backup: "{{ fp_wpasupplicant_backup }}"
49 register: fp_wpa_supplicant_conf_changes
50 loop: "{{ fp_wpasupplicant_conf }}"
51 loop_control:
52 label: "{{ item.dev }}"
53 no_log: "{{ not fp_wpasupplicant_debug_classified }}"
54 tags: fp_wpasupplicant_conf
55
56- name: "wpasupplicant: Debug: registered to fp_wpa_supplicant_conf_changes"
57 ansible.builtin.debug:
58 msg: "{{ fp_wpa_supplicant_conf_changes }}"
59 no_log: "{{ not fp_wpasupplicant_debug_classified }}"
60 when: fp_wpasupplicant_debug|bool
61
62- name: "wpasupplicant: Link {{ fp_wpasupplicant_conf_file }}"
63 ansible.builtin.file:
64 state: link
65 src: "{{ fp_wpasupplicant_conf_file }}.{{ fp_wpasupplicant_conf_file_link }}"
66 dest: "{{ fp_wpasupplicant_conf_file }}"
67 force: true
68 when: fp_wpasupplicant_conf_file_link|length > 0
69 tags: fp_wpasupplicant_conf_file_link
70
71# Use device specific configuration. Example:
72# /usr/local/sbin/wpa_supplicant -s -B -i wlan1 -c /etc/wpa_supplicant.conf.wlan1
73- name: "wpasupplicant: Configure /etc/rc.d/wpa_supplicant"
74 ansible.builtin.lineinfile:
75 dest: /etc/rc.d/wpa_supplicant
76 regexp: '^\s*{{ item.key }}\s*=(.*)$'
77 line: '{{ item.key }}={{ item.value }}'
78 backup: "{{ fp_wpasupplicant_backup }}"
79 loop:
80 - {key: "conf_file", value: "${wpa_supplicant_conf_file}.${ifn}"}
81 when: fp_wpasupplicant_conf_rc|bool
82 tags: fp_wpasupplicant_conf_rc
83
84# EOF
85...
digitalocean.yml
Synopsis: Configure digitalocean.
Description of the task.
[tasks/cloud-providers/digitalocean.yml]
1---
2
3- name: "digitalocean: Debug"
4 vars:
5 msg: |-
6 ansible_distribution_major_version: {{ ansible_distribution_major_version }}
7 fp_do_default_user: {{ fp_do_default_user }}
8 fp_do_default_user_remove: {{ fp_do_default_user_remove }}
9 fp_do_default_user_remove_home: {{ fp_do_default_user_remove_home }}
10 fp_do_rcconf_cloudinit_enable: {{ fp_do_rcconf_cloudinit_enable }}
11 fp_do_rcconf_digitaloceanpre_enable: {{ fp_do_rcconf_digitaloceanpre_enable }}
12 fp_do_rcconf_digitalocean_enable: {{ fp_do_rcconf_digitalocean_enable }}
13 fp_do_rcconf:
14 {{ fp_do_rcconf|to_yaml|indent(2) }}
15 ansible.builtin.debug:
16 msg: "{{ '{}'.format(msg) }}"
17 when: fp_do_debug|bool
18 tags: fp_do_debug
19
20- name: "digitalocean: Configure /etc/rc.conf"
21 ansible.builtin.lineinfile:
22 dest: /etc/rc.conf
23 regexp: '^\s*{{ item.key }}\s*=(.*)$'
24 line: '{{ item.key }}="{{ item.value }}"'
25 backup: "{{ fp_backup }}"
26 loop: "{{ fp_do_rcconf }}"
27 tags: fp_do_rcconf
28
29- name: "digitalocean: Remove default user"
30 ansible.builtin.user:
31 name: "{{ fp_do_default_user }}"
32 state: absent
33 remove: "{{ fp_do_default_user_remove_home }}"
34 when: fp_do_default_user_remove|bool
35 tags: fp_do_defaul_user_remove
36
37# DO overwrites hostname from rc.conf
38- name: "hostname: Configure hostname in /etc/rc.digitalocean.d/droplet.conf"
39 ansible.builtin.lineinfile:
40 dest: /etc/rc.digitalocean.d/droplet.conf
41 regexp: '^\s*{{ item.key }}\s*=(.*)$'
42 line: '{{ item.key }}="{{ item.value }}"'
43 backup: "{{ fp_backup }}"
44 loop: "{{ fp_do_legacy_rcconf }}"
45 when: ansible_distribution_major_version|int < 11
46 tags: fp_do_hostname_rcconf
47
48# EOF
49...
sync-default.yml
Synopsis: Configure sync-default.
Description of the task.
1---
2# Sync default
3
4- name: "copy:sync-default: Debug default directory exists"
5 ansible.builtin.debug:
6 msg: "Directory {{ mypath }} exists: {{ mystat }}"
7 vars:
8 mypath: "{{ fp_copy_dir }}/{{ fp_copy_dir_default }}"
9 mystat: "{{ mypath is exists }}"
10 when: fp_copy_debug|bool
11
12- name: "copy:sync-default: Synchronize default files {{ fp_copy_dir }}/{{ fp_copy_dir_default }}"
13 ansible.posix.synchronize:
14 src: "{{ mypath_src }}"
15 dest: "{{ item.dest }}"
16 archive: "{{ item.archive|default(fp_synchronize_archive) }}"
17 checksum: "{{ item.checksum|default(fp_synchronize_checksum) }}"
18 compress: "{{ item.compress|default(fp_synchronize_compress) }}"
19 copy_links: "{{ item.copy_links|default(fp_synchronize_copy_links) }}"
20 delete: "{{ item.delete|default(fp_synchronize_delete) }}"
21 dirs: "{{ item.dirs|default(fp_synchronize_dirs) }}"
22 existing_only: "{{ item.existing_only|default(fp_synchronize_existing_only) }}"
23 mode: "{{ item.mode|default(fp_synchronize_mode) }}"
24 group: "{{ item.group|default(omit) }}"
25 owner: "{{ item.owner|default(omit) }}"
26 perms: "{{ item.synchronize_perms|default(omit) }}"
27 times: "{{ item.synchronize_times|default(omit) }}"
28 recursive: "{{ item.recursive|default(omit) }}"
29 verify_host: "{{ item.verify_host|default(fp_synchronize_verify_host) }}"
30 register: result
31 loop: "{{ fp_synchronize_default }}"
32 loop_control:
33 label: "{{ item.dest }}"
34 vars:
35 mypath: "{{ fp_copy_dir }}/{{ fp_copy_dir_default }}/{{ item.src }}"
36 when: mypath is exists
37
38- name: "copy:sync-optional: Debug synchronize default files result"
39 ansible.builtin.debug:
40 var: result
41 when: fp_copy_debug|bool
42
43# EOF
44...
sync-optional.yml
Synopsis: Configure sync-optional.
Description of the task.
[tasks/copy/sync-optional.yml]
1---
2# Sync optional
3
4- name: "copy:sync-optional: Debug optional directory exists"
5 ansible.builtin.debug:
6 msg: "Directory {{ mypath }} exists: {{ mystat }}"
7 vars:
8 mypath: "{{ fp_copy_dir }}/{{ fp_copy_dir_optional }}"
9 mystat: "{{ mypath is exists }}"
10 when: fp_copy_debug|bool
11
12- name: "copy:sync-optional: Synchronize optional files {{ fp_copy_dir }}/{{ fp_copy_dir_optional }}"
13 ansible.posix.synchronize:
14 src: "{{ mypath }}"
15 dest: "{{ item.dest }}"
16 archive: "{{ item.archive|default(fp_synchronize_archive) }}"
17 checksum: "{{ item.checksum|default(fp_synchronize_checksum) }}"
18 compress: "{{ item.compress|default(fp_synchronize_compress) }}"
19 copy_links: "{{ item.copy_links|default(fp_synchronize_copy_links) }}"
20 delete: "{{ item.delete|default(fp_synchronize_delete) }}"
21 dirs: "{{ item.dirs|default(fp_synchronize_dirs) }}"
22 existing_only: "{{ item.existing_only|default(fp_synchronize_existing_only) }}"
23 mode: "{{ item.mode|default(fp_synchronize_mode) }}"
24 group: "{{ item.group|default(omit) }}"
25 owner: "{{ item.owner|default(omit) }}"
26 perms: "{{ item.synchronize_perms|default(omit) }}"
27 times: "{{ item.synchronize_times|default(omit) }}"
28 recursive: "{{ item.recursive|default(omit) }}"
29 verify_host: "{{ item.verify_host|default(fp_synchronize_verify_host) }}"
30 register: result
31 loop: "{{ fp_synchronize_optional }}"
32 loop_control:
33 label: "{{ item.dest }}"
34 vars:
35 mypath: "{{ fp_copy_dir }}/{{ fp_copy_dir_optional }}/{{ item.src }}"
36 when: mypath is exists
37
38- name: "copy:sync-optional: Debug synchronize optional files result"
39 ansible.builtin.debug:
40 var: result
41 when: fp_copy_debug|bool
42
43# EOF
44...
unarch-default.yml
Synopsis: Configure unarch-default.
Description of the task.
[tasks/copy/unarch-default.yml]
1---
2# Unarch default
3
4- name: "copy:unarch-default: Debug default archive exists"
5 ansible.builtin.debug:
6 msg: "Archive {{ mypath }} exists: {{ mystat }}"
7 vars:
8 mypath: "{{ fp_copy_dir }}/{{ fp_copy_arch_default }}"
9 mystat: "{{ mypath is exists }}"
10 when: fp_copy_debug|bool
11
12- name: "copy:unarch-default: Extract default archive {{ fp_copy_dir }}/{{ fp_copy_arch_default }}"
13 ansible.builtin.unarchive:
14 src: "{{ fp_copy_dir }}/{{ fp_copy_arch_default }}"
15 dest: "/"
16 keep_newer: "{{ fp_unarchive_keep_newer }}"
17 vars:
18 mypath: "{{ fp_copy_dir }}/{{ fp_copy_arch_default }}"
19 when: mypath is exists
20
21# EOF
22...
unarch-optional.yml
Synopsis: Configure unarch-optional.
Description of the task.
[tasks/copy/unarch-optional.yml]
1---
2# Unarch optional
3
4- name: "copy:unarch-optional: Debug optional archive exists"
5 ansible.builtin.debug:
6 msg: "Archive {{ mypath }} exists: {{ mystat }}"
7 vars:
8 mypath: "{{ fp_copy_dir }}/{{ fp_copy_arch_optional }}"
9 mystat: "{{ mypath is exists }}"
10 when: fp_debug|bool
11
12- name: "copy:unarch-optional: Extract optional archive {{ fp_copy_dir }}/{{ fp_copy_arch_optional }}"
13 ansible.builtin.unarchive:
14 src: "{{ fp_copy_dir }}/{{ fp_copy_arch_optional }}"
15 dest: "/"
16 keep_newer: "{{ fp_unarchive_keep_newer }}"
17 vars:
18 mypath: "{{ fp_copy_dir }}/{{ fp_copy_arch_optional }}"
19 when: mypath is exists
20
21# EOF
22...
cron-rename-entry.yml
Synopsis: Configure cron-rename-entry.
Description of the task.
[tasks/fn/cron-rename-entry.yml]
1---
2
3- name: "cron-rename-entry: Stat {{ fp_cron_dir }}/{{ item.user }}"
4 ansible.builtin.stat:
5 path: "{{ fp_cron_dir }}/{{ item.user }}"
6 register: result
7
8- name: "cron-rename-entry: Rename present crontab entry"
9 ansible.builtin.replace:
10 path: "{{ fp_cron_dir }}/{{ item.user }}"
11 regexp: '^\s*#\s*{{ item.name }}$'
12 replace: "#Ansible: {{ item.name }}"
13 backup: "{{ fp_backup }}"
14 when: result.stat.exists
15
16# EOF
17...
mdconfig-attach-disk.yml
Synopsis: Configure mdconfig-attach-disk.
Description of the task.
[tasks/fn/mdconfig-attach-disk.yml]
1---
2
3- name: "mdconfig-attach-disk: Attach memory disk"
4 ansible.builtin.include_role:
5 name: vbotka.ansible_lib
6 tasks_from: al_mdconfig.yml
7 vars:
8 al_mdconfig_file: "{{ item[_fp_mount_task] }}"
9
10# EOF
11...
mdconfig-detach-disk.yml
Synopsis: Configure mdconfig-detach-disk.
Description of the task.
[tasks/fn/mdconfig-detach-disk.yml]
1---
2
3- name: "mdconfig-detach-disk: Detach memory disk"
4 ansible.builtin.include_role:
5 name: vbotka.ansible_lib
6 tasks_from: al_mdconfig.yml
7 vars:
8 al_mdconfig_file: "{{ item[_fp_mount_task] }}"
9 al_mdconfig_state: absent
10
11# EOF
12...
rcconf-item.yml
Synopsis: Configure rcconf-item.
Description of the task.
1---
2
3- name: "{{ oi.label }}"
4 ansible.builtin.lineinfile:
5 dest: "{{ oi.dest|default('/etc/rc.conf') }}"
6 regexp: '^\s*{{ item.key }}\s*=(.*)$'
7 line: '{{ item.key }}="{{ item.value }}"'
8 backup: "{{ fp_backup }}"
9 loop: "{{ oi.conf }}"
10 when: oi.when
11 notify: "{{ oi.notify }}"
12
13# EOF
14...