Select Git revision
site.yml 1.97 KiB
---
- hosts: localhost
connection: local
post_tasks:
- name: check for FIXMEs
find:
path: "{{ playbook_dir }}"
pattern: "*.yml"
recurse: true
contains: ".*(FIXME|TODO).*"
excludes:
- "site.yml"
register: result_fixmes
- name: CHECK FOR UNRESOLVED ISSUES/TODOs
debug:
msg: "Unresolved FIXME/TODO in {{ item.path }}"
loop: "{{ result_fixmes.files }}"
when: result_fixmes.matched > 0
- hosts: lza_ingest_*
# strategy plugin setting, default: linear, docu: https://docs.ansible.com/ansible/latest/plugins/strategy.html
# execution strategy, possible values: debug, linear, serial, free (https://docs.ansible.com/ansible/latest/user_guide/playbooks_strategies.html)
#strategy: free
#strategy: debug
strategy: linear
pre_tasks:
- name: Verify that the installed version of Ansible meets this playbook's version requirements.
assert:
that: "ansible_version.full is version_compare('2.8', '>=')"
msg: >
"You must update Ansible to at least 2.8 to use this playbook."
# Collect facts from remote system? Possible values: true, false
gather_facts: true
# Gather only certain subsects of facts. Ansible supports network, hardware, virtual, facter, ohai as subset.
gather_subset:
- network
- virtual
- hardware
# any_error_fatal will mark all the hosts as failed if fails and immediately abort the playbook execution. Possible values: true, false
any_errors_fatal: false
# max_fail_percentage allows you to abort the play if certain threshold of failures have been reached.
max_fail_percentage: 30
serial: 30
# hide sensitive information in verbose/debugging output from others. Possible values: true, false
no_log: false
roles:
- { role: ansible_lza_install_common, become: true }
- { role: ansible_lza_server_hardening, become: true }
- { role: ansible_slub_osquery, become: true }
- { role: ansible_lza_ingest, become: true}