Disable reboot for non-cloud deployments

2025-09-03 02:23:39 +02:00 · 2018-06-27 10:53:22 +03:00 · 2018-06-27 10:53:22 +03:00 · fbc9ba8efb
commit fbc9ba8efb
parent 356bc38a5f
1 changed files with 37 additions and 42 deletions
--- a/roles/common/tasks/ubuntu.yml
+++ b/roles/common/tasks/ubuntu.yml
@ -19,56 +19,51 @@
  vars:
    ansible_python_interpreter: /usr/bin/python3
- setup:
+- name: Gather facts
  setup:
 - name: Cloud only tasks
  block:
-  - name: Install software updates
+    - name: Install software updates
-    apt:
+      apt:
-      update_cache: true
+        update_cache: true
-      install_recommends: true
+        install_recommends: true
-      upgrade: dist
+        upgrade: dist
-  - name: Upgrade the ca certificates
+    - name: Check if reboot is required
-    apt:
+      shell: >
-      name: ca-certificates
+        if [[ -e /var/run/reboot-required ]]; then echo "required"; else echo "no"; fi
-      state: latest
+      args:
        executable: /bin/bash
      register: reboot_required
-  - name: Check if reboot is required
+    - name: Reboot
-    shell: >
+      shell: sleep 2 && shutdown -r now "Ansible updates triggered"
-      if [[ -e /var/run/reboot-required ]]; then echo "required"; else echo "no"; fi
+      async: 1
-    args:
+      poll: 0
-      executable: /bin/bash
+      when: reboot_required is defined and reboot_required.stdout == 'required'
-    register: reboot_required
+      ignore_errors: true
-  - name: Reboot
+    - name: Wait until SSH becomes ready...
-    shell: sleep 2 && shutdown -r now "Ansible updates triggered"
+      local_action:
-    async: 1
+        module: wait_for
-    poll: 0
+        port: 22
-    when: reboot_required is defined and reboot_required.stdout == 'required'
+        host: "{{ inventory_hostname }}"
-    ignore_errors: true
+        search_regex: OpenSSH
        delay: 10
        timeout: 320
      when: reboot_required is defined and reboot_required.stdout == 'required'
      become: false
  when: algo_provider != "local"
-  - name: Wait until SSH becomes ready...
+- name: Include unatteded upgrades configuration
-    local_action:
+  import_tasks: unattended-upgrades.yml
      module: wait_for
      port: 22
      host: "{{ inventory_hostname }}"
      search_regex: OpenSSH
      delay: 10
      timeout: 320
    when: reboot_required is defined and reboot_required.stdout == 'required'
    become: false
-  - name: Include unatteded upgrades configuration
+- name: Disable MOTD on login and SSHD
-    import_tasks: unattended-upgrades.yml
+  replace: dest="{{ item.file }}" regexp="{{ item.regexp }}" replace="{{ item.line }}"
-
+  with_items:
-  - name: Disable MOTD on login and SSHD
+    - { regexp: '^session.*optional.*pam_motd.so.*', line: '# MOTD DISABLED', file: '/etc/pam.d/login' }
-    replace: dest="{{ item.file }}" regexp="{{ item.regexp }}" replace="{{ item.line }}"
+    - { regexp: '^session.*optional.*pam_motd.so.*', line: '# MOTD DISABLED', file: '/etc/pam.d/sshd' }
    with_items:
      - { regexp: '^session.*optional.*pam_motd.so.*', line: '# MOTD DISABLED', file: '/etc/pam.d/login' }
      - { regexp: '^session.*optional.*pam_motd.so.*', line: '# MOTD DISABLED', file: '/etc/pam.d/sshd' }
  tags:
    - cloud
 - name: Loopback for services configured
  template: