- name: Update and upgrade system.
apt:
upgrade: yes
update_cache: yes
cache_valid_time: 86400
- name: Install packages
apt:
name: [ 'nscd',
'curl',
'wget',
'gzip',
'atop',
'git',
'gvfs',
'cifs-utils',
's3fs',
'default-jre-headless',
'default-jdk-headless',
'python3-cryptography']
- name: Set up dhclient.conf
ansible.builtin.lineinfile:
insertafter: EOF
line: send dhcp-client-identifier = hardware;
path: /etc/dhcp/dhclient.conf
notify: restart-network
- name: Create eci group.
ansible.builtin.group:
name: eci
- name: Get eci's GID.
ansible.builtin.getent:
database: group
key: eci
- name: Create /eci-users.
ansible.builtin.file:
path: /eci-users
state: directory
mode: '0711'
- name: Create /eci-users/user.
ansible.builtin.file:
path: "/eci-users/{{ item }}"
state: directory
owner: "{{ eci_users_uid[item] }}"
group: eci
mode: '0771'
loop: "{{ eci_users }}"
- name: Create /etc/eci-platform.
ansible.builtin.file:
path: /etc/eci-platform
state: directory
mode: '0711'
- name: Create /etc/eci-platform/priv.
ansible.builtin.file:
path: /etc/eci-platform/priv
state: directory
mode: '0700'
- name: Create /etc/eci-platform/pub.
ansible.builtin.file:
path: /etc/eci-platform/pub
state: directory
mode: '0755'
- name: Create private key.
community.crypto.openssl_privatekey:
path: /etc/eci-platform/priv/certificate.key
- name: Create certificate signing request (CSR) for self-signed certificate.
community.crypto.openssl_csr_pipe:
privatekey_path: /etc/eci-platform/priv/certificate.key
common_name: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}.uni.lux"
organization_name: Environmental Cheminformatics
subject_alt_name:
- "DNS:{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}.uni.lux"
register: csr
- name: Create self-signed certificate from CSR
community.crypto.x509_certificate:
path: /etc/eci-platform/pub/certificate.key
csr_content: "{{ csr.csr }}"
privatekey_path: /etc/eci-platform/priv/certificate.key
provider: selfsigned