-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ENH: more steps, full remote setup from factory #13
Merged
Merged
Changes from 7 commits
Commits
Show all changes
9 commits
Select commit
Hold shift + click to select a range
4981050
WIP: more steps needed for prod use, not tested yet
ZLLentz 261272b
DOC: fix instruction order
ZLLentz 877e660
MAINT: add vim swp files to gitignore
ZLLentz 2b56460
BUG: fix various typos/errors in playbook
ZLLentz 3d48ef8
ENH: figure out how to force a timely ntp sync
ZLLentz 91f4496
MAINT: somehow this is needed again, I don't understand
ZLLentz 8536122
ENH: make the static ip optional and configurable
ZLLentz 1089f3a
MAINT: typos
ZLLentz bda1126
ENH: use boolean switches instead of checking for empty strings
ZLLentz File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,3 +4,4 @@ | |
TCBSD*.vdi | ||
TCBSD*.iso | ||
venv | ||
*.swp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,3 +2,6 @@ | |
inventory = ./inventory/ | ||
deprecation_warnings = True | ||
role_path = ./roles | ||
|
||
[ssh_connection] | ||
ssh_args = |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,6 +13,68 @@ | |
path: /usr/local/etc/pkg/repos/FreeBSD.conf | ||
state: absent | ||
|
||
- name: Setup psproxy | ||
when: use_psproxy | ||
register: psproxy_setup | ||
ansible.builtin.blockinfile: | ||
# Appending to this file lets us install packages from Beckhoff, etc. | ||
# By using psproxy as our http/https proxy | ||
dest: /usr/local/etc/pkg.conf | ||
block: | | ||
PKG_ENV { | ||
http_proxy: "http://psproxy:3128", | ||
https_proxy: "http://psproxy:3128", | ||
} | ||
|
||
# We need NTP sync in order to install packages. | ||
# Use internal ntp servers | ||
- name: Setup psntp | ||
when: use_psntp | ||
register: psntp_setup | ||
ansible.builtin.blockinfile: | ||
dest: /etc/ntp.conf | ||
block: | | ||
disable monitor | ||
|
||
# Permit time synchronization with our time source, but do not | ||
# permit the source to query or modify the service on this system. | ||
restrict default kod nomodify notrap nopeer noquery | ||
restrict 127.0.0.1 | ||
|
||
server psntp1.pcdsn iburst | ||
server psntp2.pcdsn iburst | ||
server psntp3.pcdsn iburst | ||
|
||
- name: Set timezone | ||
when: plc_timezone != "" | ||
ansible.builtin.copy: | ||
# Strangely, copying a file is the designated way to set timezones. | ||
remote_src: true | ||
src: "/usr/share/zoneinfo/{{ plc_timezone }}" | ||
dest: /etc/localtime | ||
|
||
# ntpd does not necessarily re-sync promptly after start or reconfig | ||
# stop the service, sync manually, then start it again | ||
# (cannot run sync manually if the service is running) | ||
- name: Stop NTP Service | ||
when: psntp_setup.changed | ||
ansible.builtin.service: | ||
name: ntpd | ||
enabled: yes | ||
state: stopped | ||
|
||
- name: Force NTP Sync Now | ||
when: psntp_setup.changed | ||
ansible.builtin.command: ntpd -g -q | ||
changed_when: true | ||
|
||
- name: (Re) Start NTP Service | ||
when: psntp_setup.changed | ||
ansible.builtin.service: | ||
name: ntpd | ||
enabled: yes | ||
state: started | ||
|
||
- name: Install helpful system packages | ||
ansible.builtin.package: | ||
name: | ||
|
@@ -44,8 +106,8 @@ | |
ansible.builtin.pip: | ||
name: "{{ tc_install_pip_packages }}" | ||
|
||
- name: Install pip | ||
# Packages only available via pip will be installed after this | ||
- name: Unstall pip | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I swear I read the previous PR 😓 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm pretty upset at myself for |
||
# Packages only available via pip will be installed before this | ||
# As far as the security implications go: well, that's up to you! | ||
when: tc_uninstall_pip | ||
ansible.builtin.package: | ||
|
@@ -188,3 +250,17 @@ | |
enabled: yes | ||
state: restarted | ||
when: ams_net_id.changed or locked_memory_size.changed or heap_memory_size.changed | ||
|
||
# We use the second port as a LAN port with a known static IP | ||
# This makes it easy to use if we need it for e.g. doing service | ||
- name: Set static IP on X000 | ||
when: x000_static != "" | ||
register: static_ip_x000_set | ||
community.general.sysrc: | ||
name: ifconfig_igb1 | ||
value: "inet {{ x000_static }} netmask 255.255.255.0" | ||
|
||
- name: Reset X000 | ||
when: static_ip_x000_set.changed | ||
ansible.builtin.command: /etc/rc.d/netif restart igb1 | ||
changed_when: true |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose this would need to be filled, but it doesn't break anything now because we don't use the VMs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The intent here is that it is set to empty string, but maybe this is fundamentally unclear and I should add boolean switches for using the setting
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll do this clarity change and then I think this PR is done after that