baserock_frontend/image-config.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

# System configuration for Baserock HAProxy instance.
---
- hosts: frontend-haproxy
  gather_facts: false
  sudo: yes
  tasks:
  # See: https://fedoramagazine.org/getting-ansible-working-fedora-23/
  - name: install Python2 and required deps for Ansible modules
    raw: dnf install -y python2 python2-dnf

  - name: enable persistant journal
    shell: mkdir /var/log/journal
    args:
      creates: /var/log/journal

  - name: ensure system up to date
    dnf: name=* state=latest

  - name: HAProxy installed
    dnf: name=haproxy state=latest

  - name: netcat installed
    dnf: name=nc state=latest

  # Yes, SELinux prevents HAProxy from working. In this case I think it's
  # because we ask it to listen on port 29418 for Gerrit's SSH connections.
  - name: install libselinux-python, so Ansible can control selinux
    dnf: name=libselinux-python state=latest

  - name: disable SELinux on subsequent boots
    selinux: state=disabled

  - name: disable SELinux on current boot
    command: setenforce 0