diff --git a/requirements.yml b/requirements.yml index a6b0fd8..989f7ab 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,4 +1,5 @@ --- collections: - - ansible.posix - - community.general + - name: https://github.com/myllynen/rhel-ansible-roles + type: git + version: master diff --git a/roles/firewall/tasks/enable.yml b/roles/firewall/tasks/enable.yml index 797bb7a..e559021 100644 --- a/roles/firewall/tasks/enable.yml +++ b/roles/firewall/tasks/enable.yml @@ -40,7 +40,7 @@ ports_to_open: "{{ (__firewall_always_open_ports | default([], true) + firewall_open_ports | default([], true)) | select() | list | unique }}" - name: Open configured ports in firewall - firewalld: + ansible.posix.firewalld: zone: "{{ firewall_default_zone }}" port: "{{ item }}" permanent: true @@ -54,7 +54,7 @@ changed_when: false - name: Close unconfigured ports in firewall - firewalld: + ansible.posix.firewalld: zone: "{{ firewall_default_zone }}" port: "{{ item }}" permanent: true @@ -79,7 +79,7 @@ services_to_open: "{{ (__firewall_always_open_services | default([], true) + firewall_open_services | default([], true)) | select() | list | unique }}" - name: Open configured services in firewall - firewalld: + ansible.posix.firewalld: zone: "{{ firewall_default_zone }}" service: "{{ item }}" permanent: true @@ -93,7 +93,7 @@ changed_when: false - name: Close unconfigured services in firewall - firewalld: + ansible.posix.firewalld: zone: "{{ firewall_default_zone }}" service: "{{ item }}" permanent: true diff --git a/roles/repository_setup/tasks/disable.yml b/roles/repository_setup/tasks/disable.yml index b1418f6..4c5074c 100644 --- a/roles/repository_setup/tasks/disable.yml +++ b/roles/repository_setup/tasks/disable.yml @@ -1,6 +1,6 @@ --- - name: Unsubscribe from Red Hat Subscription Management - redhat_subscription: + community.general.redhat_subscription: state: absent - name: Remove Katello CA package diff --git a/roles/repository_setup/tasks/enable.yml b/roles/repository_setup/tasks/enable.yml index 7f08fb8..6e812d0 100644 --- a/roles/repository_setup/tasks/enable.yml +++ b/roles/repository_setup/tasks/enable.yml @@ -11,7 +11,7 @@ - repository_setup_install_katello_rpm | bool - name: Configure Red Hat Subscription - redhat_subscription: + community.general.redhat_subscription: activationkey: "{{ repository_setup_rhsm_parameters.activationkey | default(omit) }}" orgid: "{{ repository_setup_rhsm_parameters.orgid | default(omit) }}" username: "{{ repository_setup_rhsm_parameters.username | default(omit) }}" @@ -39,13 +39,13 @@ ('username' in repository_setup_rhsm_parameters) - name: Disable Red Hat repositories - rhsm_repository: + community.general.rhsm_repository: name: "{{ repository_setup_rhsm_repositories_disable }}" state: disabled when: repository_setup_rhsm_repositories_disable | default(false) - name: Enable Red Hat repositories - rhsm_repository: + community.general.rhsm_repository: name: "{{ repository_setup_rhsm_repositories_enable }}" purge: "{{ repository_setup_rhsm_repositories_purge }}" state: enabled diff --git a/roles/security_hardening/tasks/main.yml b/roles/security_hardening/tasks/main.yml index c026739..0235e3a 100644 --- a/roles/security_hardening/tasks/main.yml +++ b/roles/security_hardening/tasks/main.yml @@ -42,7 +42,7 @@ state: present - name: Configure SELinux state - selinux: + ansible.posix.selinux: policy: targeted state: "{{ selinux }}" register: selinux_config diff --git a/roles/splunk_forwarder/tasks/main.yml b/roles/splunk_forwarder/tasks/main.yml index 26ffb1b..14a37b2 100644 --- a/roles/splunk_forwarder/tasks/main.yml +++ b/roles/splunk_forwarder/tasks/main.yml @@ -109,6 +109,6 @@ when: package_install is changed - name: Log message on package install - syslogger: + community.general.syslogger: msg: "{{ splunk_version.stdout }} installed on {{ ansible_facts.fqdn }}." when: package_install is changed diff --git a/roles/system_coredump/tasks/disable.yml b/roles/system_coredump/tasks/disable.yml index 2158bfb..a7d80b8 100644 --- a/roles/system_coredump/tasks/disable.yml +++ b/roles/system_coredump/tasks/disable.yml @@ -15,7 +15,7 @@ when: core_config is changed - name: Disallow suid binary coredumps - sysctl: + ansible.posix.sysctl: name: fs.suid_dumpable value: '0' sysctl_file: /etc/sysctl.d/50-coredump.conf @@ -23,7 +23,7 @@ register: suid_config - name: Restore system default core pattern configuration - sysctl: + ansible.posix.sysctl: name: kernel.core_pattern value: 'core' sysctl_file: /etc/sysctl.d/50-coredump.conf diff --git a/roles/system_coredump/tasks/enable.yml b/roles/system_coredump/tasks/enable.yml index 975ea4b..fae6217 100644 --- a/roles/system_coredump/tasks/enable.yml +++ b/roles/system_coredump/tasks/enable.yml @@ -1,6 +1,6 @@ --- - name: Configure system core dump pattern - sysctl: + ansible.posix.sysctl: name: kernel.core_pattern value: '/var/lib/systemd/coredump/core' sysctl_file: /etc/sysctl.d/50-coredump.conf @@ -8,7 +8,7 @@ register: pattern_config - name: Allow safe suid binary coredumps - sysctl: + ansible.posix.sysctl: name: fs.suid_dumpable value: '2' sysctl_file: /etc/sysctl.d/50-coredump.conf diff --git a/roles/timezone/tasks/main.yml b/roles/timezone/tasks/main.yml index 77673f0..e4a2128 100644 --- a/roles/timezone/tasks/main.yml +++ b/roles/timezone/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: Configure system timezone - timezone: + community.general.timezone: name: "{{ timezone }}"