# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: Find reachable hosts
hosts: all
gather_facts: false
ignore_unreachable: true
ignore_errors: true
tasks:
- name: Check for reachable nodes
command: ping -c1 {{ inventory_hostname }}
delegate_to: localhost
register: ping_result
ignore_errors: yes
changed_when: false
- name: Refresh ssh keys
command: ssh-keygen -R {{ inventory_hostname }}
delegate_to: localhost
changed_when: false
- name: Group reachable hosts
group_by:
key: "reachable"
when: "'100% packet loss' not in ping_result.stdout"
- name: Get provision password
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Include vars file of inventory role
include_vars: ../vars/main.yml
- name: Check if omnia config file is encrypted
command: "cat {{ omnia_config_file }}"
changed_when: false
register: config_content
#no_log: True
- name: Decrpyt omnia_config.yml
command: >-
ansible-vault decrypt "{{ omnia_config_file }}"
--vault-password-file "{{ omnia_config_vault_file }}"
when: "'$ANSIBLE_VAULT;' in config_content.stdout"
- name: Include vars file of inventory role
include_vars: "{{ omnia_config_file }}"
- name: Set hostname for reachable nodes and gather facts
hosts: reachable
gather_facts: False
ignore_unreachable: true
remote_user: "{{ host_username }}"
vars:
ansible_password: "{{ host_password }}"
ansible_become_pass: "{{ host_password }}"
ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
mapping_file_present: ""
tasks:
- name: Setup
setup:
filter: ansible_*
- name: Check hostname of server
command: hostname
register: hostname_check
changed_when: false
ignore_errors: true
- name: Check if IP is present in mapping file
command: grep "{{ inventory_hostname }}" ../../provision_cobbler/files/new_host_mapping_file.csv
delegate_to: localhost
register: file_present
when: mapping_file | bool == true
ignore_errors: true
- name: Set fact if mapping file is present
set_fact:
mapping_file_present: "{{ file_present.stdout }}"
when: mapping_file | bool == true
ignore_errors: true
- name: Get the static hostname from mapping file
shell: awk -F',' '$3 == "{{ inventory_hostname }}" { print $2 }' ../../provision_cobbler/files/new_host_mapping_file.csv
delegate_to: localhost
when: ('localhost' in hostname_check.stdout) and (mapping_file_present != "" ) and ( mapping_file | bool == true )
register: host_name
ignore_errors: true
- name: Set the hostname from mapping file
hostname:
name: "{{ host_name.stdout + '.' + hostvars['localhost']['domain_name'] }}"
when: ('localhost' in hostname_check.stdout) and (mapping_file_present != "" ) and (mapping_file | bool == true )
ignore_errors: true
- name: Set the hostname if hostname not present mapping file
hostname:
name: "compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1] + '.' + hostvars['localhost']['domain_name'] }}"
when: ('localhost' in hostname_check.stdout) and (file_present.rc != 0) and (mapping_file | bool == true )
ignore_errors: true
- name: Set the system hostname
hostname:
name: "compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1]+'.'+ hostvars['localhost']['domain_name'] }}"
when: ('localhost' in hostname_check.stdout) and (mapping_file | bool == false)
ignore_errors: true
- name: Add new hostname to /etc/hosts from mapping file
lineinfile:
dest: /etc/hosts
line: "{{ inventory_hostname }} {{ host_name.stdout + '.' + hostvars['localhost']['domain_name'] }}"
state: present
when: ('localhost' in hostname_check.stdout) and ( mapping_file_present != "" ) and ( mapping_file | bool == true )
ignore_errors: true
- name: Add new hostname to /etc/hosts if hostname not present mapping file
lineinfile:
dest: /etc/hosts
line: "{{ inventory_hostname }} compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1]+'.'+ hostvars['localhost']['domain_name'] }}"
state: present
when: ('localhost' in hostname_check.stdout) and ( file_present.rc != 0 ) and ( mapping_file | bool == true )
ignore_errors: true
- name: Add new hostname to /etc/hosts
lineinfile:
dest: /etc/hosts
line: "{{ inventory_hostname }} compute{{ inventory_hostname.split('.')[-2] + '-' + inventory_hostname.split('.')[-1] +'.'+ hostvars['localhost']['domain_name'] }}"
state: present
when: ('localhost' in hostname_check.stdout) and (mapping_file | bool == false )
ignore_errors: true
- name: Update inventory
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Encrypt omnia_config.yml file
command: >-
ansible-vault encrypt "{{ omnia_config_file }}"
--vault-password-file "{{ omnia_config_vault_file }}"
changed_when: false
- name: Update omnia_config.yml permissions
file:
path: "{{ omnia_config_file }}"
mode: "{{ file_perm }}"
- name: Check if tower_config_file file is encrypted
command: cat "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
changed_when: false
no_log: true
register: tower_config_content
run_once: true
- name: Decrypt tower_config_file
command: >-
ansible-vault decrypt "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
--vault-password-file "{{ playbook_dir }}/../../webui_awx/files/.tower_vault_key"
changed_when: false
when: "'$ANSIBLE_VAULT;' in tower_config_content.stdout"
run_once: true
- name: Change file permissions
file:
path: "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
mode: "{{ file_perm }}"
- name: Fetch awx host
command: grep "host:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
register: fetch_awx_host
changed_when: false
run_once: true
- name: Fetch awx username
command: grep "username:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
register: fetch_awx_username
changed_when: false
run_once: true
no_log: true
- name: Fetch awx password
command: grep "password:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
register: fetch_awx_password
changed_when: false
run_once: true
no_log: true
- name: Set awx variables
set_fact:
awx_host: "{{ fetch_awx_host.stdout | regex_replace('host: ','') }}"
awx_username: "{{ fetch_awx_username.stdout | regex_replace('username: ','') }}"
awx_password: "{{ fetch_awx_password.stdout | regex_replace('password: ','') }}"
no_log: true
- name: Encrypt tower_config_file
command: >-
ansible-vault encrypt "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg"
--vault-password-file "{{ playbook_dir }}/../../webui_awx/files/.tower_vault_key"
changed_when: false
when: "'$ANSIBLE_VAULT;' in tower_config_content.stdout"
run_once: true
- name: Update inventory file
block:
- name: Fetch facts and add new hosts
include_tasks: add_host.yml
with_items: "{{ groups['reachable'] }}"
when: "'reachable' in groups"
- name: Show unreachable hosts
debug:
msg: "{{ host_unreachable_msg }} + {{ groups['ungrouped'] }}"
when: "'ungrouped' in groups"