-
Notifications
You must be signed in to change notification settings - Fork 113
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
25 changed files
with
506 additions
and
204 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
--- | ||
|
||
# Password used while deploying OS on bare metal servers and for Cobbler UI. | ||
# The Length of the password should be atleast 8. | ||
# The password must not contain -,\, '," | ||
provision_password: "" | ||
|
||
# Password used for the AWX UI. | ||
# The Length of the password should be atleast 8. | ||
# The password must not contain -,\, '," | ||
awx_password: "" | ||
|
||
# Password used for Slurm database. | ||
# The Length of the password should be atleast 8. | ||
# The password must not contain -,\, '," | ||
mariadb_password: "" | ||
|
||
# The nic/ethernet card that needs to be connected to the HPC switch. | ||
# This nic will be configured by Omnia for the DHCP server. | ||
# Default value of nic is em1. | ||
hpc_nic: "em1" | ||
|
||
# The nic card that needs to be connected to the public internet. | ||
# The public_nic should be em2, em1 or em3 | ||
# Default value of nic is em2. | ||
public_nic: "em2" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -16,5 +16,5 @@ | |
- name: Install packages | ||
package: | ||
name: "{{ common_packages }}" | ||
state: latest | ||
state: present | ||
tags: install |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,117 @@ | ||
# Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
--- | ||
|
||
- name: Check input config file is encrypted | ||
command: cat {{ input_config_filename }} | ||
changed_when: false | ||
register: config_content | ||
|
||
- name: Decrpyt input_config.yml | ||
command: ansible-vault decrypt {{ input_config_filename }} --vault-password-file {{ role_path }}/files/{{ vault_filename }} | ||
changed_when: false | ||
when: "'$ANSIBLE_VAULT;' in config_content.stdout" | ||
|
||
- name: Include variable file input_config.yml | ||
include_vars: "{{ input_config_filename }}" | ||
|
||
- name: Validate input parameters are not empty | ||
fail: | ||
msg: "{{ input_config_failure_msg }}" | ||
register: input_config_check | ||
when: (provision_password | length < 1) or (awx_password | length < 1) or (mariadb_password | length < 1) or (hpc_nic | length < 1) or (public_nic | length < 1) | ||
|
||
- name: Save input variables from file | ||
set_fact: | ||
cobbler_password: "{{ provision_password }}" | ||
admin_password: "{{ awx_password }}" | ||
input_mariadb_password: "{{ mariadb_password }}" | ||
nic: "{{ hpc_nic }}" | ||
internet_nic: "{{ public_nic }}" | ||
|
||
- name: Assert provision_password | ||
assert: | ||
that: | ||
- cobbler_password | length > min_length | int - 1 | ||
- cobbler_password | length < max_length | int + 1 | ||
- '"-" not in cobbler_password ' | ||
- '"\\" not in cobbler_password ' | ||
- '"\"" not in cobbler_password ' | ||
- " \"'\" not in cobbler_password " | ||
success_msg: "{{ success_msg_provision_password }}" | ||
fail_msg: "{{ fail_msg_provision_password }}" | ||
register: cobbler_password_check | ||
|
||
- name: Assert awx_password | ||
assert: | ||
that: | ||
- admin_password | length > min_length | int - 1 | ||
- admin_password | length < max_length | int + 1 | ||
- '"-" not in admin_password ' | ||
- '"\\" not in admin_password ' | ||
- '"\"" not in admin_password ' | ||
- " \"'\" not in admin_password " | ||
success_msg: "{{ success_msg_awx_password }}" | ||
fail_msg: "{{ fail_msg_awx_password }}" | ||
register: awx_password_check | ||
|
||
- name: Assert mariadb_password | ||
assert: | ||
that: | ||
- input_mariadb_password | length > min_length | int - 1 | ||
- input_mariadb_password | length < max_length | int + 1 | ||
- '"-" not in input_mariadb_password ' | ||
- '"\\" not in input_mariadb_password ' | ||
- '"\"" not in input_mariadb_password ' | ||
- " \"'\" not in input_mariadb_password " | ||
success_msg: "{{ success_msg_mariadb_password }}" | ||
fail_msg: "{{ fail_msg_mariadb_password }}" | ||
register: mariadb_password_check | ||
|
||
- name: Assert hpc_nic | ||
assert: | ||
that: | ||
- nic | length > nic_min_length | int - 1 | ||
- nic != internet_nic | ||
success_msg: "{{ success_msg_hpc_nic }}" | ||
fail_msg: "{{ fail_msg_hpc_nic }}" | ||
register: hpc_nic_check | ||
|
||
- name: Assert public_nic | ||
assert: | ||
that: | ||
- internet_nic | length > nic_min_length | int - 1 | ||
- nic != internet_nic | ||
- "('em1' in internet_nic) or ('em2' in internet_nic) or ('em3' in internet_nic)" | ||
success_msg: "{{ success_msg_public_nic }}" | ||
fail_msg: "{{ fail_msg_public_nic }}" | ||
register: public_nic_check | ||
|
||
- name: Create ansible vault key | ||
set_fact: | ||
vault_key: "{{ lookup('password', '/dev/null chars=ascii_letters') }}" | ||
when: "'$ANSIBLE_VAULT;' not in config_content.stdout" | ||
|
||
- name: Save vault key | ||
copy: | ||
dest: "{{ role_path }}/files/{{ vault_filename }}" | ||
content: | | ||
{{ vault_key }} | ||
owner: root | ||
force: yes | ||
when: "'$ANSIBLE_VAULT;' not in config_content.stdout" | ||
|
||
- name: Encrypt input config file | ||
command: ansible-vault encrypt {{ input_config_filename }} --vault-password-file {{ role_path }}/files/{{ vault_filename }} | ||
changed_when: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.