- name: "Update apt package cache" ansible.builtin.apt: update_cache: yes when: ansible_facts["os_family"]=="Debian" - name: "Upgrade all packages to the latest version" ansible.builtin.apt: upgrade: dist when: ansible_facts["os_family"]=="Debian" - name: "Install common packages" package: name: "{{ list_of_packages }}" state: latest - name: "Remove packages" package: name: "{{ list_of_packages_to_remove }}" state: absent - name: "Install Redhat Packages" yum: name: "{{ list_of_redhat_packages }}" state: latest when: ansible_facts["os_family"]=="RedHat" - name: "Install Debian Packages" apt: name: "{{ list_of_debian_packages }}" force_apt_get: yes state: latest when: ansible_facts["os_family"]=="Debian" - name: "Link python3 to python since Ubuntu 22.04 doesn't create python." file: src: /usr/bin/python3 dest: /usr/bin/python state: link ignore_errors: true - name: "Setup the dummy interface" block: - name: "Add the dummy module file for reboots" copy: content: "dummy" dest: "/etc/modules-load.d/dummy.conf" owner: "root" group: "root" mode: '0644' when: ansible_facts["os_family"]=="RedHat" - name: "Add the dummy module" modprobe: name: "dummy" state: "present" when: ansible_facts["os_family"]=="RedHat" - name: "Setup dummy interface for perforce license (RedHat)" copy: src: "./ifcfg-dummy0" dest: "/etc/sysconfig/network-scripts/ifcfg-dummy0" owner: "root" group: "root" mode: '0644' when: ansible_facts["os_family"]=="RedHat" - name: "Start the dummy interface" command: "ifup dummy0" when: ansible_facts["os_family"]=="RedHat" - name: "Setup dummy netdev for perforce license (Debian)" copy: src: "./10-dummy0.netdev" dest: "/etc/systemd/network/10-dummy0.netdev" owner: "root" group: "root" mode: '0644' when: ansible_facts["os_family"]=="Debian" - name: "Setup dummy network for perforce license (Debian)" copy: src: "./20-dummy0.network" dest: "/etc/systemd/network/20-dummy0.network" owner: "root" group: "root" mode: '0644' when: ansible_facts["os_family"]=="Debian" - name: "Restart systemd-networkd" ansible.builtin.systemd: name: "{{ item }}" state: restarted loop: - systemd-networkd - systemd-resolved when: ansible_facts["os_family"]=="Debian" when: dummy_interface - name: "Pause to give DNS a chance to recover." pause: seconds: 15 when: dummy_interface - name: "Exclude p4d_1 and p4broker_1 from being auto restarted" copy: src: "./policy-rc.d" dest: "/usr/sbin/policy-rc.d" owner: "root" group: "root" - name: "Add recommended settings for Ubuntu to sysctl.conf" blockinfile: path: "/etc/sysctl.conf" insertafter: "EOF" block: | net.ipv4.tcp_congestion_control = bbr net.ipv4.tcp_window_scaling = 1 # allow testing with buffers up to 128MB net.core.rmem_max = 62500000 net.core.wmem_max = 62500000 # increase Linux autotuning TCP buffer limit to 64MB net.ipv4.tcp_rmem = 4096 87380 62500000 net.ipv4.tcp_wmem = 4096 16384 62500000 # recommended for hosts with jumbo frames enabled net.ipv4.tcp_mtu_probing = 1 # recommended to enable 'fair queueing' net.core.default_qdisc = fq notify: "restart_sysctl" when: ansible_facts["os_family"]=="Debian" # "Set up tuned to disable transparent pages" - name: "Install tuned" yum: name: "tuned" state: "latest" when: ansible_facts["os_family"]=="RedHat" - name: "Create tuned nothp_profile directory" file: path: '/etc/tuned/nothp_profile' state: "directory" mode: "0755" owner: 'root' group: 'root' when: ansible_facts["os_family"]=="RedHat" - name: "Setup nothp_profile tuned.conf file" copy: src: "./nothp_profile_tuned.conf" dest: "/etc/tuned/nothp_profile/tuned.conf" owner: "root" group: "root" mode: '0755' when: ansible_facts["os_family"]=="RedHat" - name: "Disable transparent huge pages" copy: src: "./disable-thp.service" dest: "/etc/systemd/system/disable-thp.service" owner: "root" group: "root" mode: '0755' notify: "start_thp" when: ansible_facts["os_family"]=="Debian" # Set up perforce user/group - name: "Create Perforce group" group: name: "{{ perforce_group }}" gid: "{{ perforce_gid }}" - name: "Create Perforce user" user: name: "{{ perforce_user }}" uid: "{{ perforce_uid }}" comment: "Perforce user" group: "{{ perforce_group }}" system: true generate_ssh_key: no home: "/p4" shell: "/bin/bash" password: "{{ perforce_user_password }}" - name: "Create .ssh folder" file: state: directory path: "/p4/.ssh" owner: "{{ perforce_user }}" group: "{{ perforce_group }}" mode: "0700" - name: "Create or modify known_hosts file" file: state: "touch" path: "/p4/.ssh/known_hosts" owner: "{{ perforce_user }}" group: "{{ perforce_group }}" mode: "0600" - name: Copy ssh configuration file. copy: src: ./ssh_config dest: /p4/.ssh/config owner: "{{ perforce_user }}" group: "{{ perforce_group }}" mode: '0600' - name: "Add .vimrc settings" blockinfile: create: yes path: "/p4/.vimrc" insertafter: "EOF" owner: "{{ perforce_user }}" group: "{{ perforce_group }}" marker: '" {mark} ANSIBLE MANAGED BLOCK' block: | colorscheme industry set nocompatible set backspace=2 # Set up ansibleuser user/group - name: "Create ansibleuser group" group: name: ansibleuser - name: "Create ansibleuser user" user: name: ansibleuser comment: "Ansible User for management" group: ansibleuser system: false generate_ssh_key: yes home: /home/ansibleuser shell: /bin/bash password: "" force: yes update_password: on_create - name: "add ansibleuser to appropriate sudo group" user: name: ansibleuser groups: "{{ 'sudo' if ansible_facts['os_family'] == 'Debian' else 'wheel' }}" append: yes - name: "Setup ansibleuser sudo file" copy: content: "ansibleuser ALL=(ALL:ALL) NOPASSWD:ALL\n" dest: "/etc/sudoers.d/ansibleuser" mode: "0440" owner: "root" group: "root" - name: "Setup additional admin sudo files" copy: content: "{{ item }} ALL=(ALL:ALL) NOPASSWD:ALL\n" dest: "/etc/sudoers.d/{{ item }}" mode: "0440" owner: "root" group: "root" loop: "{{ admin_users | default([]) }}" - name: "Install pyenv" become: yes become_user: perforce shell: "curl -fsSL https://pyenv.run | bash" args: executable: "/bin/bash" creates: "/p4/.pyenv/bin/pyenv" register: "curl_pyenv_output" - name: "Add Pyenv to perforce user bashrc" become: yes become_user: perforce blockinfile: path: "/p4/.bashrc" owner: "{{ perforce_user }}" group: "{{ perforce_group }}" prepend_newline: true insertafter: EOF create: true block: | export PATH="${HOME}/.pyenv/bin:$PATH" eval "$(pyenv init -)" eval "$(pyenv virtualenv-init -)" - name: "Add Pyenv to perforce user profile" become: yes become_user: perforce blockinfile: path: "/p4/.profile" owner: "{{ perforce_user }}" group: "{{ perforce_group }}" prepend_newline: true insertafter: EOF create: true block: | export PATH="${HOME}/.pyenv/bin:$PATH" eval "$(pyenv init -)" eval "$(pyenv virtualenv-init -)" - name: "Get latest Python version available in pyenv" become: yes become_user: perforce shell: "/p4/.pyenv/bin/pyenv install --list | grep -E '^\\s+3\\.[0-9]+\\.[0-9]+$' | tail -1 | tr -d ' '" args: executable: "bash" register: "latest_python_version" changed_when: false - name: "Install latest Python ({{ latest_python_version.stdout | default('N/A') }}) and set environment using pyenv" become: yes become_user: perforce shell: "echo N|/p4/.pyenv/bin/pyenv install {{ latest_python_version.stdout }};/p4/.pyenv/bin/pyenv global {{ latest_python_version.stdout }}" args: executable: "bash" register: "pyenv_python_output" - name: "Install p4python" become: yes become_user: perforce shell: "source /p4/.profile;source /p4/.bashrc;pip3 install --upgrade pip;pip3 install p4python" args: executable: "bash" register: "pyenv_p4python_output" - name: "Create the p4python/bin directory" ansible.builtin.file: path: /p4/p4python/bin state: directory mode: '0755' owner: "{{ perforce_user }}" group: "{{ perforce_group }}" - name: "Link python3 to old venv python3 location to avoid trigger breaks." file: src: /p4/.pyenv/shims/python3 dest: /p4/p4python/bin/python3 state: link force: true owner: "{{ perforce_user }}" group: "{{ perforce_group }}" ignore_errors: true