# Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- - block: - name: Update resolv.conf to edit mode command: chattr -i "{{ resolv_conf_path }}" changed_when: true - block: - name: Check freeipa installed or not include_tasks: check_prerequisites.yml - block: - name: Add ports of manager and login node to firewall include_tasks: firewall_settings.yml - name: Enable module idm include_tasks: enable_dnf_module.yml - name: Install required packages include_tasks: install_packages.yml - name: Install FreeIPA server include_tasks: install_ipa_server.yml when: not freeipa_status - name: FreeIPA configuration include_tasks: ipa_configuration.yml when: os_supported_leap not in mgmt_os - block: - name: Install 389 directory server include_tasks: install_389ds.yml - name: Install Apparmor on Leap include_tasks: install_apparmor.yml when: os_supported_leap in mgmt_os - name: Install snoopy include_tasks: install_snoopy.yml - name: Install psacct/acct include_tasks: user_monitor.yml - name: Alert configuration include_tasks: configure_alerting.yml when: alert_email_address | length > 1 - name: Configure ssh access to login node include_tasks: configure_sshd.yml - name: Session timeout configuration include_tasks: session_timeout.yml - name: Restrict nonessential programs include_tasks: restrict_nonessentials.yml when: restrict_program_status - name: Update resolv.conf to read mode command: chattr +i "{{ resolv_conf_path }}" changed_when: true when: enable_security_support