diff options
| -rw-r--r-- | files/virthost/libvirtd.conf | 3 | ||||
| -rw-r--r-- | handlers/restart_services.yml | 3 | ||||
| -rw-r--r-- | playbooks/groups/virthost.yml | 33 | ||||
| -rw-r--r-- | tasks/virthost.yml | 28 |
4 files changed, 67 insertions, 0 deletions
diff --git a/files/virthost/libvirtd.conf b/files/virthost/libvirtd.conf new file mode 100644 index 000000000..e36ce0a36 --- /dev/null +++ b/files/virthost/libvirtd.conf @@ -0,0 +1,3 @@ +unix_sock_group = "sysadmin-main" +unix_sock_rw_perms = "0770" +auth_unix_rw = "none" diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml index 278bf3048..d1a9c5ef0 100644 --- a/handlers/restart_services.yml +++ b/handlers/restart_services.yml @@ -32,6 +32,9 @@ - name: restart jenkins action: service name=jenkins state=restarted +- name: restart libvirtd + action: service name=libvirtd state=restarted + - name: restart lighttpd action: service name=lighttpd state=restarted diff --git a/playbooks/groups/virthost.yml b/playbooks/groups/virthost.yml new file mode 100644 index 000000000..56032a002 --- /dev/null +++ b/playbooks/groups/virthost.yml @@ -0,0 +1,33 @@ +# create a new virthost server system +# NOTE: should be used with --limit most of the time +# NOTE: most of these vars come from group_vars/backup_server or from hostvars + +- name: make virthost server system + hosts: virthost + user: root + gather_facts: False + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - ${private}/vars.yml + - ${vars}/${ansible_distribution}.yml + + tasks: + tasks: + - include: $tasks/hosts.yml + - include: $tasks/yumrepos.yml + - include: $tasks/base.yml + - include: $tasks/fas_client.yml + - include: $tasks/2fa_client.yml + - include: $tasks/motd.yml + - include: $tasks/sudo.yml + - include: $tasks/rkhunter.yml + - include: $tasks/denyhosts.yml + - include: $tasks/nagios_client.yml + - include: $tasks/collectd/client.yml + - include: $tasks/virthost.yml + +# TODO: add iscsi task + + handlers: + - include: $handlers/restart_services.yml diff --git a/tasks/virthost.yml b/tasks/virthost.yml new file mode 100644 index 000000000..535eca115 --- /dev/null +++ b/tasks/virthost.yml @@ -0,0 +1,28 @@ +--- +# tasklist for setting up the virthost server. + +- name: set selinux to enforcing + selinux: policy=targeted state=enforcing + +- name: install libvirt packages + yum: pkg=$item state=installed + with_items: + - qemu-kvm + - libvirtd + - python-virtinst + tags: + - packages + +# install libvirtd.conf +# +# This provides us with the ability to use virt-manager from non root accounts. +# +- name: install libvirtd.conf + copy: src=$files/virthost/libvirtd.conf dest=/etc/libvirt/libvirtd.conf + notify: + - restart libvirtd + tags: + - config + +- name: enable libvirtd + service: name=libvirtd state=started enabled=yes |