zhouyuhuan
/
Cloudpods


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133
							- name: disable apt-daily update service
  shell: |
    systemctl mask apt-daily.service apt-daily-upgrade.service
    systemctl disable apt-daily.service apt-daily-upgrade.service
    systemctl disable apt-daily.timer apt-daily-upgrade.timer
  become: true

- name: ensure gnupng installed
  shell: |
    apt-get update -y && apt-get install gnupg -y
  become: true

- name: download SHA1 gpg public key for {{ansible_distribution}}
  get_url:
    url: https://iso.yunion.cn/apt/yunion.gpg-key.asc
    dest: /tmp/yunion.gpg-key.asc
    validate_certs: no
  become: true
  when:
    - ansible_distribution in ["Debian", "Ubuntu"]
    - ansible_distribution_major_version in ["10", "11", "12", "20", "22", "24"]

- name: download SHA512 gpg public key for {{ansible_distribution}}
  get_url:
    url: https://iso.yunion.cn/apt/yunion2.gpg-key.asc
    dest: /tmp/yunion2.gpg-key.asc
    validate_certs: no
  become: true
  when:
    - ansible_distribution in ["Debian", "Ubuntu"]
    - ansible_distribution_major_version in ["13", "25"]

- name: import SHA1 {{ansible_distribution}} sig key
  shell: |
    apt-key add /tmp/yunion.gpg-key.asc
    rm -fr /tmp/yunion.gpg-key.asc
  become: true
  args:
    executable: /bin/bash
  when:
    - ansible_distribution in ["Debian", "Ubuntu"]
    - ansible_distribution_major_version in ["10", "11", "12", "20", "22", "24"]

- name: import SHA512 {{ansible_distribution}} sig key
  shell: |
    mv /tmp/yunion2.gpg-key.asc /etc/apt/keyrings/yunion2.gpg-key.asc
  become: true
  args:
    executable: /bin/bash
  when:
    - ansible_distribution in ["Debian", "Ubuntu"]
    - ansible_distribution_major_version in ["13", "25"]

# https://iso.yunion.cn/debian/10/3.9/x86_64/
- name: apply {{ansible_distribution}} sig key
  shell: |
    curl "https://iso.yunion.cn/apt/{{ansible_distribution | lower}}-{{ ansible_distribution_major_version }}/base/cloudpods-base.sources" -o /etc/apt/sources.list.d/cloudpods-base.sources
    curl "https://iso.yunion.cn/apt/{{ansible_distribution | lower}}-{{ ansible_distribution_major_version }}/updates/cloudpods-updates.sources" -o /etc/apt/sources.list.d/cloudpods-updates.sources
    apt-get update -y
  become: true
  args:
    executable: /bin/bash

- name: Unified Cgroup Hierarchy
  include_tasks: utils/unified_cgroup_hierarchy.yml
  when:
    - ansible_distribution in ["Debian", "Ubuntu"]
    - ansible_distribution_major_version in ["11", "12", "13", "22", "24", "25"]
    - onecloud_version is defined
    - onecloud_version is version('v3.10', '<=')
    - upgrade_onecloud_version is not defined or upgrade_onecloud_version is version('v3.10', '<=')

- name: Append ovs_packages to common_packages if ovs_packages is defined
  set_fact:
    common_packages: "{{ common_packages + ovs_packages }}"
  when:
  - ovs_packages is defined
  - common_packages is defined
  - onecloud_version is version('v4.0', '<')
  - upgrade_onecloud_version is not defined or upgrade_onecloud_version is version('v4.0', '<')

- name: Append ceph_packages to common_packages if ceph_packages is defined
  set_fact:
    common_packages: "{{ common_packages + ceph_packages }}"
  when:
  - ceph_packages is defined
  - common_packages is defined
  - onecloud_version is version('v4.0', '<')
  - upgrade_onecloud_version is not defined or upgrade_onecloud_version is version('v4.0', '<')

- name: Install common packages via loop for Debian Family
  package:
    name: "{{ package_item }}"
  become: true
  with_items:
  - "{{ common_packages }}"
  loop_control:
    index_var: item_index
    label: "[{{ item_index + 1 }}/{{ common_packages|length }}] {{ package_item }}"
    loop_var: package_item
  tags:
  - package

- name: Install latest packages via loop for debian-based system
  package:
    name: "{{ package_item }}"
  become: true
  with_items:
  - "{{ latest_packages }}"
  when:
  - latest_packages is defined
  loop_control:
    index_var: item_index
    label: "[{{ '%02d'|format(item_index + 1) }}/{{ common_packages|length }}] {{ package_item }}"
    loop_var: package_item
  tags:
  - package
  - common_packages

- name: Check that if selinux config exists
  stat:
    path: /etc/selinux/config
  register: selinux_conf_exists

- name: Turn off selinux
  selinux:
    state: disabled
  become: true
  when:
    - selinux_conf_exists.stat.exists

- name: Import task utils/config_iptables.yml
  include_tasks: utils/config_iptables.yml