...
 
Commits (55)
......@@ -18,12 +18,13 @@ dnf install ansible git python3-dnf libselinux-python python3-netaddr
Run
``` bash
git clone clone git@git.scc.kit.edu:las/ansible.git
git clone git@git.scc.kit.edu:las-it-organisation/32-0-IT-InstructionsAndRules/ansible.git
cd ansible
ansible-playbook --ask-become-pass --limit $(hostname -f) --vault-id @prompt site.yml
sudo ansible-playbook --limit $(hostname -f) --vault-id @prompt sites.yml
```
* If you only want some parts of the roles to be run, you can use the option `-t TAGNAME` to run only those tasks with the given tag.
* The vault-password is known to the usual suspects.
### Ask for new software
Open an issue in the GitLab issue tracker and use the template for softwarerequests.
......@@ -46,17 +47,19 @@ requst by adding the software name to the list of `extra_software` in the
* nfs.yml:
* nfs-server: export /las-archiv1 to our network
* lasarchiv: client side mount las126/las-archiv1
* dhcpd.yml: DHCPd primary and secondary server on Fedora
* opera.yml: Cobham's Opera3d (client) ^2 ^3
* admin.yml: tools for administrators
* latex.yml: basic LaTeX installation (Arial not yet) ^1
* kdev.yml: KDevelope (with Python PlugIn) ^1
* jabref.yml: Cross platform BibTeX bibilography software [JabRef](http://www.jabref.org/)
* pycharm.yml: Cross platform Python IDE: [PyCharm](https://www.jetbrains.com/pycharm/) IDE
* chrome.yml: Google Chrome for Fedora (for Adobe Connect usage)
* dhcpd.yml: DHCPd primary and secondary server on Fedora
* elegant.yml: elegant (no Pelegant, yet)
* inovesa.yml: [Inovesa](https://github.com/Inovesa/Inovesa)
* kdev.yml: KDevelope (with Python PlugIn) ^1
* latex.yml: basic LaTeX installation (Arial not yet) ^1
* opera.yml: Cobham's Opera3d (client) ^2 ^3
* pycharm.yml: Cross platform Python IDE: [PyCharm](https://www.jetbrains.com/pycharm/) IDE
* remmina.yml: remmina a Remote Desktop Protocol (Windows remote) client for e. g. [rds.scc.kit.edu](https://rds.scc.kit.edu)
* ripgrep.yml: ripgrep the better grep
* undulator_control.yml: Install the software stack that is necessary to develop the control system for the JENA TGU experiment
* zotero.yml: A citation management software
^1: (also put your FQDN to the \[common\] section in the hosts file as it depends hereon)
......@@ -75,12 +78,13 @@ For developement and testing you should use development branches like `dev-latex
You can check the syntax of the files by running `ansible-playbook --check-syntax filename.yml` (or by using the pre-commit-hook from the Snipplets.
If you just want to install one or many packages you can use `jabref.yml` as a basis.
If you just want to install one or many packages you can use `kdev.yml` as a basis or if it is not interesting for others you might want to add it to your host file instead.
Be aware that the development branches here are not save and the owner might force push to them!
# Run as admin
## Bootstraping
* Enable SSH on the new host (`lasXXX$ sudo systemctl start sshd && sudo systemctl enable sshd`)
* Add your SSH-key to the host `ssh-copy-id lasXXX.las.kit.edu`
* Install ansible dependencies: `dnf install python2-dnf libselinux-python`
* Check the `hosts` file for entries of `lasXXX.las.kit.edu`
......@@ -101,7 +105,7 @@ The prompts `#` show that you are working at root.
* For the host with the hostname `lasXXX.las.kit.edu` do the following
* edit a file ``host_vars/lasXXX.las.kit.edu``
```
las126# ansible-playbook -l lasXXX.las.kit.edu add_ipa_host.yml -k --vault-id @prompt
las126# ansible-playbook -l lasXXX.las.kit.edu add_ipa_host.yml --vault-id @prompt
```
and provide the root password for the new host.
......
......@@ -2,7 +2,7 @@
- hosts: all
remote_user: root
vars:
ipa_host: "las{{ ip_suffix }}.las.kit.edu"
ipa_host: "{{ computer_name }}.las.kit.edu"
ipa_host_ip: "129.13.108.{{ ip_suffix }}"
ipa_domain: las.kit.edu
vars_prompt:
......
......@@ -2,9 +2,14 @@
inventory=hosts
pipelining = True
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
remote_user=gethmann
remote_user=root
roles_path=roles
become=False
become_user="root"
become_ask_pass=True
become_method="sudo"
ansible_python_interpreter="/usr/bin/env python3"
gathering = smart
fact_caching = jsonfile
fact_caching_connection = cachedir
fact_caching_timeout = 86400
......@@ -2,9 +2,7 @@
tasks:
- name: install desktop software
dnf:
name: "{{ item }}"
name: "{{ desktop_software }}"
state: present
become: yes
when: ansible_distribution == 'Fedora'
with_items:
- "{{ desktop_software }}"
......@@ -35,12 +35,12 @@ desktop_software:
- thunderbird
- firefox
- libreoffice
# - bwSyncAndShare
- "https://download.bwsyncandshare.kit.edu/clients/bwSyncAndShare_Latest.x86_64.rpm"
- perl-Clipboard
- perl-Capture-Tiny
# this should be the IP or in the sshd_config the "UseDNS" must be set to yes
ansible_server: 129.13.108.126
ansible_server: 129.13.238.126
# file: group_vars/all/vault.yml
sudoer: "{{ vault_sudoer }}"
......
This diff is collapsed.
---
nfs_server: 129.13.108.126
nfs_server: 129.13.238.126
......@@ -21,23 +21,6 @@ python3pkg:
- python3-flake8
- python3-Cython
python3pip:
#- brewer2mpl
#- flake8-mypy
#- flake8-pep257
#- i18n
#- mypy_extensions
# - pre-commit
# - PyScaffold
# - yapf
# - nbdime
# - pytest-yapf
python2pkg:
- python2
- python2-setuptools
- python-pip
- python2-backports-functools_lru_cache
- python2-backports-shutil_get_terminal_size
python2pkg: ""
pip3bin: /bin/pip3
......@@ -2,5 +2,5 @@ ansible_user: root
user_account: richter
ip_suffix: 118
loc: 620
os: Fedora 28
computer_name: Amnesix
os: Fedora 29
computer_name: amnesix
ansible_user: root
user_account: gethmann
ip_suffix: 113
ip_suffix: 73
loc: 618
os: Fedora 27
computer_name: Asterix
os: Fedora 29
computer_name: asterix
extra_software:
- subversion # for ANKA software
......@@ -24,3 +24,4 @@ extra_software:
- gsl-devel # Needed to compile Eva Burkhards code
- mupdf # better alternative to pdftk than pdfseparate+pdfunite
- evince # for fixing RIP errors when printing LaTeX posters
- screen
ansible_user: root
user_account: widmann
ip_suffix: 112
loc: 618
os: Fedora 28
computer_name: Gutemine
computer_name: gutemine
extra_software:
- subversion # ANKA software
......
......@@ -3,4 +3,4 @@ user_account: damminsek
ip_suffix: 117
loc: 620
os: Fedora 27
computer_name: Idefix
computer_name: idefix
ansible_user: root
ansible_ssh_user: root
ansible_remote_user: gethmann
remote_user: gethmann
ip_suffix: 100
loc: 612
os: CentOS 7.4
computer_name: kantine
......@@ -3,4 +3,4 @@ user_account: bernhard
ip_suffix: 127
loc: 622
os: Fedora 27
computer_name: Majestix
computer_name: majestix
......@@ -2,8 +2,8 @@ ansible_user: root
user_account: gethmann
ip_suffix: 126
loc: 618
os: Fedora 27
computer_name: Obelix
os: Fedora 29
computer_name: obelix
extra_software:
- borgbackup
......@@ -3,7 +3,7 @@ user_account: ning
ip_suffix: 115
loc: 619
os: Fedora 29
computer_name: Costa Y Bravo
computer_name: pepe
extra_software:
- python-qt5
......
......@@ -3,5 +3,5 @@ ansible_user: root
user_account: rossmanith
ip_suffix: 116
loc: 619
os: Fedora 27
computer_name: Spürnix
os: Fedora 29
computer_name: spuernix
......@@ -3,4 +3,4 @@ user_account: tong
ip_suffix: 120
loc: 621
os: Fedora 28
computer_name: Teefax
computer_name: teefax
# stable
[clients]
las112.las.kit.edu
las113.las.kit.edu
las115.las.kit.edu
las116.las.kit.edu
las117.las.kit.edu
las118.las.kit.edu
las120.las.kit.edu
# las122.las.kit.edu
las126.las.kit.edu
las-gethmann.las.kit.edu
gutemine.las.kit.edu
asterix.las.kit.edu
pepe.las.kit.edu
spuernix.las.kit.edu
idefix.las.kit.edu
amnesix.las.kit.edu
teefax.las.kit.edu
obelix.las.kit.edu
lysander.las.kit.edu
[desktop]
las112.las.kit.edu
las113.las.kit.edu
las115.las.kit.edu
las116.las.kit.edu
las117.las.kit.edu
las118.las.kit.edu
las120.las.kit.edu
# las122.las.kit.edu
las-gethmann.las.kit.edu
gutemine.las.kit.edu
asterix.las.kit.edu
pepe.las.kit.edu
spuernix.las.kit.edu
idefix.las.kit.edu
amnesix.las.kit.edu
teefax.las.kit.edu
lysander.las.kit.edu
[graphics]
las113.las.kit.edu
las-gethmann.las.kit.edu
las118.las.kit.edu
asterix.las.kit.edu
lysander.las.kit.edu
amnesix.las.kit.edu
[lasarchiv]
las113.las.kit.edu
las115.las.kit.edu
las117.las.kit.edu
las118.las.kit.edu
las120.las.kit.edu
las122.las.kit.edu
las126.las.kit.edu
las127.las.kit.edu
las-gethmann.las.kit.edu
asterix.las.kit.edu
pepe.las.kit.edu
idefix.las.kit.edu
amnesix.las.kit.edu
teefax.las.kit.edu
obelix.las.kit.edu
majestix.las.kit.edu
lysander.las.kit.edu
[python]
las112.las.kit.edu
las113.las.kit.edu
las115.las.kit.edu
las117.las.kit.edu
las118.las.kit.edu
las120.las.kit.edu
las122.las.kit.edu
las-gethmann.las.kit.edu
gutemine.las.kit.edu
asterix.las.kit.edu
pepe.las.kit.edu
idefix.las.kit.edu
amnesix.las.kit.edu
teefax.las.kit.edu
lysander.las.kit.edu
[kdev] # KDevelope
[jabref]
las113.las.kit.edu
las117.las.kit.edu
las-gethmann.las.kit.edu
[zotero]
asterix.las.kit.edu
idefix.las.kit.edu
lysander.las.kit.edu
gutemine.las.kit.edu
[pynaff]
las-gethmann.las.kit.edu
las113.las.kit.edu
las126.las.kit.edu
lysander.las.kit.edu
asterix.las.kit.edu
obelix.las.kit.edu
[pycharm]
las-gethmann.las.kit.edu
las113.las.kit.edu
las115.las.kit.edu
las117.las.kit.edu
lysander.las.kit.edu
asterix.las.kit.edu
pepe.las.kit.edu
idefix.las.kit.edu
[chrome]
las-gethmann.las.kit.edu
lysander.las.kit.edu
[rdp]
gutemine.las.kit.edu
asterix.las.kit.edu
amnesix.las.kit.edu
[latex]
las112.las.kit.edu
las-gethmann.las.kit.edu
las113.las.kit.edu
las115.las.kit.edu
las117.las.kit.edu
las118.las.kit.edu
las120.las.kit.edu
gutemine.las.kit.edu
lysander.las.kit.edu
asterix.las.kit.edu
pepe.las.kit.edu
idefix.las.kit.edu
amnesix.las.kit.edu
teefax.las.kit.edu
[opera]
las113.las.kit.edu
las115.las.kit.edu
las117.las.kit.edu
las126.las.kit.edu
las127.las.kit.edu
asterix.las.kit.edu
amnesix.las.kit.edu
idefix.las.kit.edu
obelix.las.kit.edu
majestix.las.kit.edu
[mad8]
# depercated for Fedora >=26
[nfs-server]
las126.las.kit.edu
obelix.las.kit.edu
# developement
[dhcpd]
las101.las.kit.edu
las126.las.kit.edu
[lab]
# las93.las.kit.edu
[rpmbuild]
las113.las.kit.edu
las-gethmann.las.kit.edu
asterix.las.kit.edu
lysander.las.kit.edu
[elegant]
las113.las.kit.edu
las117.las.kit.edu
las126.las.kit.edu
las-gethmann.las.kit.edu
asterix.las.kit.edu ansible_python_interpreter=/usr/bin/python3
idefix.las.kit.edu ansible_python_interpreter=/usr/bin/python3
obelix.las.kit.edu ansible_python_interpreter=/usr/bin/python3
lysander.las.kit.edu ansible_python_interpreter=/usr/bin/python3
[epics]
las112.las.kit.edu
las113.las.kit.edu
las115.las.kit.edu
las117.las.kit.edu
las-gethmann.las.kit.edu
gutemine.las.kit.edu
asterix.las.kit.edu
pepe.las.kit.edu
idefix.las.kit.edu
lysander.las.kit.edu
[ripgrep]
las101.las.kit.edu
las113.las.kit.edu
las-gethmann.las.kit.edu
asterix.las.kit.edu
lysander.las.kit.edu
[inovesa]
las113.las.kit.edu
asterix.las.kit.edu
[ipynb] # Jupyter notebook
las117.las.kit.edu
las120.las.kit.edu
las122.las.kit.edu
las-gethmann.las.kit.edu
idefix.las.kit.edu
teefax.las.kit.edu
lysander.las.kit.edu
# semi stable
[tgu]
las115.las.kit.edu
pepe.las.kit.edu
[local]
127.0.0.1 ansible_connection=local
[admin_pcs]
las101.las.kit.edu
las113.las.kit.edu
las-gethmann.las.kit.edu
asterix.las.kit.edu
lysander.las.kit.edu
[server]
las101.las.kit.edu
......@@ -5,3 +5,8 @@
dnf:
name: jabref
state: present
when: (ansible_distribution == "Fedora" and (ansible_distribution_major_version | int) <= 28)
- name: UNSUPPORTED
fail:
msg: Jabref is no longer maintained by Fedora! Use zotero instead.
- hosts: rdp
roles:
- rdp
......@@ -41,7 +41,7 @@ ErrorPolicy stop-printer
UUID urn:uuid:c20b481d-848e-30e6-5eab-8ba9fb397809
Info Oki MC851(PS)
Location Library
DeviceURI socket://129.13.108.106/
DeviceURI socket://oki.las.kit.edu/
State Idle
StateTime 1414591314
Type 8433756
......
---
- name: "Install basic client software"
apt:
name: "{{ item }}"
name: "{{ client_software }}"
state: present
with_items: "{{ client_software }}"
# with_items: "{{ client_software }}"
when: ansible_distribution == 'Ubuntu'
become: yes
- name: "Install basic client software"
dnf:
name: "{{ item }}"
name: "{{ client_software }}"
state: present
with_items: "{{ client_software }}"
# with_items: "{{ client_software }}"
when: ansible_distribution == 'Fedora'
become: yes
......@@ -9,11 +9,8 @@
- name: install dependencies
become: yes
dnf:
name: "{{ item }}"
name: ["hplip-common", "hplip"]
state: present
with_items:
- "hplip-common"
- "hplip"
when: ansible_distribution == 'Fedora'
- name: install CUPS
......
......@@ -2,7 +2,7 @@
- name: install fonts
become: true
dnf:
name: https://downloads.sourceforge.net/project/mscorefonts2/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm
name: https://kent.dl.sourceforge.net/project/mscorefonts2/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm
state: installed
tags: fonts
when: ansible_distribution == "Fedora"
[commands]
# What kind of upgrade to perform:
# default = all available upgrades
# security = only the security upgrades
upgrade_type = security
random_sleep = 0
# To just receive updates use dnf-automatic-notifyonly.timer
# Whether updates should be downloaded when they are available, by
# dnf-automatic.timer. notifyonly.timer, download.timer and
# install.timer override this setting.
download_updates = yes
# Whether updates should be applied when they are available, by
# dnf-automatic.timer. notifyonly.timer, download.timer and
# install.timer override this setting.
apply_updates = yes
[emitters]
# Name to use for this system in messages that are emitted. Default is the
# hostname.
# system_name = my-host
# How to send messages. Valid options are stdio, email and motd. If
# emit_via includes stdio, messages will be sent to stdout; this is useful
# to have cron send the messages. If emit_via includes email, this
# program will send email itself according to the configured options.
# If emit_via includes motd, /etc/motd file will have the messages. if
# emit_via includes command_email, then messages will be send via a shell
# command compatible with sendmail.
# Default is email,stdio.
# If emit_via is None or left blank, no messages will be sent.
emit_via = stdio,motd
[email]
# The address to send email messages from.
email_from = root@localhost
# List of addresses to send messages to.
email_to = root
# Name of the host to connect to to send email messages.
email_host = localhost
[command]
# The shell command to execute. This is a Python format string, as used in
# str.format(). The format function will pass a shell-quoted argument called
# `body`.
# command_format = "cat"
# The contents of stdin to pass to the command. It is a format string with the
# same arguments as `command_format`.
# stdin_format = "{body}"
[command_email]
# The shell command to use to send email. This is a Python format string,
# as used in str.format(). The format function will pass shell-quoted arguments
# called body, subject, email_from, email_to.
# command_format = "mail -s {subject} -r {email_from} {email_to}"
# The contents of stdin to pass to the command. It is a format string with the
# same arguments as `command_format`.
# stdin_format = "{body}"
# The address to send email messages from.
email_from = root@localhost
# List of addresses to send messages to.
email_to = root
[base]
# This section overrides dnf.conf
# Use this to filter DNF core messages
debuglevel = 1
-----BEGIN CERTIFICATE-----
MIIKcjCCCVqgAwIBAgIMIKiiExs4FR9L2Kp4MA0GCSqGSIb3DQEBCwUAMHsxCzAJ
BgNVBAYTAkRFMRswGQYDVQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxEjAQBgNVBAcM
CUthcmxzcnVoZTEqMCgGA1UECgwhS2FybHNydWhlIEluc3RpdHV0ZSBvZiBUZWNo
bm9sb2d5MQ8wDQYDVQQDDAZLSVQtQ0EwHhcNMTkwMzEzMTU0MDU0WhcNMjEwNjE0
MTU0MDU0WjCBhDELMAkGA1UEBhMCREUxGzAZBgNVBAgMEkJhZGVuLVd1ZXJ0dGVt
YmVyZzESMBAGA1UEBwwJS2FybHNydWhlMSowKAYDVQQKDCFLYXJsc3J1aGUgSW5z
dGl0dXRlIG9mIFRlY2hub2xvZ3kxGDAWBgNVBAMMD3dlYi5sYXMua2l0LmVkdTCC
AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKLgVunuUl0m3520OuAnewPw
N+zG0A295N4wSIS5KYflOxfmGBKKnAwefSzNvUIIOnyr+rrD2GdVG4ZMjQXmATAm
ibiQLVAYsPu+yTOfWUmwKDJCYLOCH1VkwPJbebSMTTuSGC3uRaKdtCucXX6TnHqY
jB0LPs730+KVPDFIiKps6U/SqfOmoCTr5owDiZXM75rl4sPtHSvNpsfFC1Ls6RIm
z2moISu0Q1wLdU6sPUMmvjRtv+pkPD6nMLfO0j9y6SL2z7AbOVJt+JcXZLteGW11
nQnRDOkHwpldy8xrYczIHd6bMp0hllVHSE8LsXs9H16yOy7LNkUMS8SfGFVlam84
yn5/h7jFUgHY1BCsORyfR2w5MznOWH+HIy2U+RKA3u1JlPQZtH1Q6hHR6oSRgx8O
4cf4lqgUELM2TydxEBiEupcHhiIHwleGHfTXL3ChtxSu/VyJZQcIiZ8gSDVTDrG7
bAX5rnXEoTeqvenLJAv8cAECl9J22wUCzSz3MzFpalDQY2+P7mpPxYKcRcQQxCpo
wVuKiiRw+JjN51AKkmELtZ5a/SD5JOy9PvmfAN1OUqJguxO+MbhYfp2If47Gy0ht
WuYZ47H8VFIPbVD7a8uVKX1VWKBaBvW5N4Cl7Wu/2yny3Zw+yw2XZFpPvmSNlq/T
8CYw0kFOQynCDzhrKASnAgMBAAGjggXqMIIF5jAJBgNVHRMEAjAAMA4GA1UdDwEB
/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQU/hB/iqc12SwT
I7iIPJPSnPnKgLcwHwYDVR0jBBgwFoAUBBq/HJORPdPZPbDeEyPlmnD0LggwaAYD
VR0RBGEwX4IPZG5mLmxhcy5raXQuZWR1ghFtdW5pbi5sYXMua2l0LmVkdYIQcHlw
aS5sYXMua2l0LmVkdYIWc2hhcmVsYXRleC5sYXMua2l0LmVkdYIPd2ViLmxhcy5r
aXQuZWR1MH0GA1UdHwR2MHQwOKA2oDSGMmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUv
a2l0LWNhLWcyL3B1Yi9jcmwvY2FjcmwuY3JsMDigNqA0hjJodHRwOi8vY2RwMi5w
Y2EuZGZuLmRlL2tpdC1jYS1nMi9wdWIvY3JsL2NhY3JsLmNybDCBzQYIKwYBBQUH
AQEEgcAwgb0wMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NT
UC1TZXJ2ZXIvT0NTUDBCBggrBgEFBQcwAoY2aHR0cDovL2NkcDEucGNhLmRmbi5k
ZS9raXQtY2EtZzIvcHViL2NhY2VydC9jYWNlcnQuY3J0MEIGCCsGAQUFBzAChjZo
dHRwOi8vY2RwMi5wY2EuZGZuLmRlL2tpdC1jYS1nMi9wdWIvY2FjZXJ0L2NhY2Vy
dC5jcnQwWQYDVR0gBFIwUDAIBgZngQwBAgIwDQYLKwYBBAGBrSGCLB4wDwYNKwYB
BAGBrSGCLAEBBDARBg8rBgEEAYGtIYIsAQEEAwkwEQYPKwYBBAGBrSGCLAIBBAMJ
MIIDXgYKKwYBBAHWeQIEAgSCA04EggNKA0gAdwBvU3asMfAxGdiZAKRRFf93FRwR
2QLBACkGjbIImjfZEwAAAWl3tsubAAAEAwBIMEYCIQDleY52tBqLOUlBzrb6Dz5M
uWEXellG3NnTfBaN87g67AIhAPHCGa4Y2xNiGoTecdUngDbbj+xdQyBLFR1mFrQV
m0V9AHcAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFpd7bMqAAA
BAMASDBGAiEA/mfu1lL6ri+Ib4fRjPRkLiSzriZQgHOt+ew5UVI0YHoCIQDXtv2r
HG6aNaa9YCunjpA7Bc3w/RBjkCWmwKKoRzKzlwB2AKrnC388uNVmyGwvFpecn0Rf
aasOtFNVibL3egMBBPPNAAABaXe2y7QAAAQDAEcwRQIgOWYMd92nC6diBFP9EJk2
rvjYZMq92BSuGBKjy8P+OQQCIQCq2c2bqSRqX8biZ/WrpUgUs3CxOiX+OnUkci49
RXxCFwB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaXe2y+AA
AAQDAEcwRQIhALRrZGVHHpPLjOWbrs6xb+DCeRnXDyfZR5ttNezHZirFAiA80IU7
FTBq3H7kswcnSiK3RAs0WLd5h5NpV+CsmeNzmgB1AKS5CZC0GFgUh7sTosxncAo8
NZgE+RvfuON3zQ7IDdwQAAABaXe2y+AAAAQDAEYwRAIgbb9xvS1vv31chFtfr/nl
9GPzyx9Uo2vjIJKgk8KcTKkCIAtl6Zgda9Bnj47yTfVkbM3Tzc6ZvxOToqVVWO9v
Z4a9AHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFpd7bL2wAA
BAMARzBFAiBD2wzVFDMmTRHKnF0vZN4Yia4Z2xe11iBpYtQU5mZ3vQIhAOgfeMi9
7x96dZRZLsTs8J00KGz4NJcHX9RHRXyjeXQlAHUARJRlLrDuzq/EQAfYqP4owNrm
gr7YyzG1P9MzlrW2gagAAAFpd7bScAAABAMARjBEAh8PGD3UXg5AeqX1KK2rEZWY
jDyVOKXiaNM5uyEzGPIgAiEAuSLcjMd8cDtFuRotM+Jn9aIXiJIIcRpexcoA26PL
PJkwDQYJKoZIhvcNAQELBQADggEBAE5OhnWn7XdXaIbX16SpWHV/Qfb/4+Hzzf6F
KVl6bUJJ/maIUkmrjUWVYxHSfkL0Kx6aYL/WEdjZD0S40rjCZkEETJo3Lqy+WDgT
ChgWEGzRBvqoNDVkywevsE77K5w2HaGKogWvD8IeOu/YOfZYKqTYYFz4ej7/PUit
8TNbY0pYyEhXoKmoXsBJUvY0Fc03GJZDTevC6iEqCQOlMLprQxT/KuYthIHc/lv/
qCIlbzsml0poyglupVIwzhvarFsQUPyZGoSEHcMG82Ors9VJbTaBk28uvdtORX9m
gCkCBwb7DRxZb5US49rygRGROHqRaqlC/ASoXSznJgxUj8jL7Lc=
-----END CERTIFICATE-----
subject= /C=DE/ST=Baden-Wuerttemberg/L=Karlsruhe/O=Karlsruhe Institute of Technology/CN=KIT-CA
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIMHDrUjCTtki6w9JCuMA0GCSqGSIb3DQEBCwUAMIGVMQsw
CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
IDIwHhcNMTYxMTAzMTUyNTQ4WhcNMzEwMjIyMjM1OTU5WjB7MQswCQYDVQQGEwJE
RTEbMBkGA1UECAwSQmFkZW4tV3VlcnR0ZW1iZXJnMRIwEAYDVQQHDAlLYXJsc3J1
aGUxKjAoBgNVBAoMIUthcmxzcnVoZSBJbnN0aXR1dGUgb2YgVGVjaG5vbG9neTEP
MA0GA1UEAwwGS0lULUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
1cwA90GCGWXXCQ+V4MkCc9CaPcYU0hrUc0mTyvbQ3DuOMey+w5aFI8JkmAD5CHsj
jDWe/uuANc6OR828xLoN6EV4AsNMhD9HMelYZrGuBS2nsOVlGzIIf8t+RX7pDVQg
Dc/UvczziO45HmLCoYeUDcqn9Qho8Jnuh4nXJdPCRB4UvcwtRCpYkgCeC+Llxfe4
IpdnvABTX1kwYR4TVmnAg3Mel5tLoV+WcxTdwJMpsbjFz8P11qMta53Nactef4gx
BWMSEpDlnGL+swzkUfd1s+3NQkFKBbAZ6ehZivOZc4ah4iRxB1T/5v2Tza+Hyao0
4f5SbkkD2Y1p0Z5vdMVEPwIDAQABo4ICBTCCAgEwEgYDVR0TAQH/BAgwBgEB/wIB
ATAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0gBCIwIDANBgsrBgEEAYGtIYIsHjAPBg0r
BgEEAYGtIYIsAQEEMB0GA1UdDgQWBBQEGr8ck5E909k9sN4TI+WacPQuCDAfBgNV
HSMEGDAWgBST49gyJtrV8UqlkUrg6kviogzP4TCBjwYDVR0fBIGHMIGEMECgPqA8
hjpodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9j
cmwvY2FjcmwuY3JsMECgPqA8hjpodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2Jh
bC1yb290LWcyLWNhL3B1Yi9jcmwvY2FjcmwuY3JsMIHdBggrBgEFBQcBAQSB0DCB
zTAzBggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZl
ci9PQ1NQMEoGCCsGAQUFBzAChj5odHRwOi8vY2RwMS5wY2EuZGZuLmRlL2dsb2Jh
bC1yb290LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDBKBggrBgEFBQcwAoY+
aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY2Fj
ZXJ0L2NhY2VydC5jcnQwDQYJKoZIhvcNAQELBQADggEBAH+/QKluUYGThHAZeh5I
erhZdIN9B488jjjexsfs1p0IHjKAElUaxHdjTfHc2zENqfPtc+EKRJL04MOUWJj7
8BSR2MOWu8WrOVXYmIZAJAzH1L1eFNR6cem3d1nsnjqtqw21EQ+/O/kXb9lIK/sv
YDwudINFcdWE5UmOic9ZHSwFPb4oEeM97tG18WQkiVzKF1cM6nzLHWp78uRLwD1Q
ek1y7eX5gc8iQSvv33wTlh0ppmbDqfaMTR/X/ED7SFfd5S9CF07EXj/XWlv7ps2g
afR793FaPrPloGvghtC7pKT8uOMNBXC02Xq6drN6JlU+5k+bbSRcAd40Bqn6vyYA
RKQ=
-----END CERTIFICATE-----
subject= /C=DE/O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V./OU=DFN-PKI/CN=DFN-Verein Certification Authority 2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIJAOML1fivJdmBMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
VQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMg
R21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwc
VC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMjAeFw0xNjAyMjIxMzM4MjJaFw0z
MTAyMjIyMzU5NTlaMIGVMQswCQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1
ciBGb2VyZGVydW5nIGVpbmVzIERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUu
IFYuMRAwDgYDVQQLEwdERk4tUEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRp
ZmljYXRpb24gQXV0aG9yaXR5IDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLYNf/ZqFBzdL6h5eKc6uZTepnOVqhYIBHFU6MlbLlz87TV0uNzvhWbBVV
dgfqRv3IA0VjPnDUq1SAsSOcvjcoqQn/BV0YD8SYmTezIPZmeBeHwp0OzEoy5xad
rg6NKXkHACBU3BVfSpbXeLY008F0tZ3pv8B3Teq9WQfgWi9sPKUA3DW9ZQ2PfzJt
8lpqS2IB7qw4NFlFNkkF2njKam1bwIFrEczSPKiL+HEayjvigN0WtGd6izbqTpEp
PbNRXK2oDL6dNOPRDReDdcQ5HrCUCxLx1WmOJfS4PSu/wI7DHjulv1UQqyquF5de
M87I8/QJB+MChjFGawHFEAwRx1npAgMBAAGjggF0MIIBcDAOBgNVHQ8BAf8EBAMC
AQYwHQYDVR0OBBYEFJPj2DIm2tXxSqWRSuDqS+KiDM/hMB8GA1UdIwQYMBaAFL9Z
IDYAeaCgImuM1fJh0rgsy4JKMBIGA1UdEwEB/wQIMAYBAf8CAQIwMwYDVR0gBCww
KjAPBg0rBgEEAYGtIYIsAQEEMA0GCysGAQQBga0hgiweMAgGBmeBDAECAjBMBgNV
HR8ERTBDMEGgP6A9hjtodHRwOi8vcGtpMDMzNi50ZWxlc2VjLmRlL3JsL1RlbGVT
ZWNfR2xvYmFsUm9vdF9DbGFzc18yLmNybDCBhgYIKwYBBQUHAQEEejB4MCwGCCsG
AQUFBzABhiBodHRwOi8vb2NzcDAzMzYudGVsZXNlYy5kZS9vY3NwcjBIBggrBgEF
BQcwAoY8aHR0cDovL3BraTAzMzYudGVsZXNlYy5kZS9jcnQvVGVsZVNlY19HbG9i
YWxSb290X0NsYXNzXzIuY2VyMA0GCSqGSIb3DQEBCwUAA4IBAQCHC/8+AptlyFYt
1juamItxT9q6Kaoh+UYu9bKkD64ROHk4sw50unZdnugYgpZi20wz6N35at8yvSxM
R2BVf+d0a7Qsg9h5a7a3TVALZge17bOXrerufzDmmf0i4nJNPoRb7vnPmep/11I5
LqyYAER+aTu/de7QCzsazeX3DyJsR4T2pUeg/dAaNH2t0j13s+70103/w+jlkk9Z
PpBHEEqwhVjAb3/4ru0IQp4e1N8ULk2PvJ6Uw+ft9hj4PEnnJqinNtgs3iLNi4LY
2XjiVRKjO4dEthEL1QxSr2mMDwbf0KJTi1eYe8/9ByT0/L3D/UqSApcb8re2z2WK
GqK1chk5
-----END CERTIFICATE-----
subject= /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 2
-----BEGIN CERTIFICATE-----
MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx
KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd
BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl
YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1
OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy
aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50
ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd
AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC
FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi
1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq
jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ
wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj
QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/
WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy
NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC
uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw
IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6
g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN
9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP
BSeOE6Fuwg==
-----END CERTIFICATE-----
......@@ -78,3 +78,10 @@
service:
name: smartd
state: restarted
- name: enable automatic
become: yes
service:
name: dnf-automatic.timer
state: started
enabled: yes
---
- name: copy certificate to the hosts
become: yes
copy:
src: web.las.pub
dest: /etc/pki/ca-trust/source/anchors/web.las.pem
notify:
- "update-ca-trust"
......@@ -20,7 +20,7 @@
line: "HIGHLEVEL_PACKAGE_MANAGER=dnf"
regexp: "HIGHLEVEL_PACKAGE_MANAGER=.*"
backup: yes
when: (ansible_distribution == "Fedora" and ansible_distribution_major_version >= "18")
when: (ansible_distribution == "Fedora" and (ansible_distribution_major_version|int) >= 18)
- name: yum as package manager
become: yes
......@@ -29,7 +29,7 @@
line: "HIGHLEVEL_PACKAGE_MANAGER=yum"
regexp: "HIGHLEVEL_PACKAGE_MANAGER=.*"
backup: yes
when: (ansible_distribution == "CentOS" and ansible_distribution_major_version <= "7")
when: (ansible_distribution == "CentOS" and (ansible_distribution_major_version|int) <= 7)
- name: apt as package manager
lineinfile:
......
......@@ -26,5 +26,4 @@
- name: set hostname
become: yes
hostname:
name: "las{{ ip_suffix }}.las.kit.edu"
name: "{{ computer_name }}.las.kit.edu"
......@@ -7,9 +7,8 @@
- import_tasks: sudoer.yml
- import_tasks: sysupdate.yml
- import_tasks: ntp.yml
- import_tasks: yumrepos.yml
tags: lasrepo
- import_tasks: software.yml
- import_tasks: smartd.yml
tags: smartd
- import_tasks: sysrq.yml
- import_tasks: certificate.yml
......@@ -26,7 +26,7 @@
server ntp3.scc.kit.edu
server ntp4.scc.kit.edu
tags: ntp
when: (ansible_distribution == 'Fedora' and ansible_distribution_major_version >= 28)
when: (ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) >= 28)
- name: insert SCC into ntp configuration
become: yes
......@@ -41,7 +41,7 @@
server ntp3.scc.kit.edu
server ntp4.scc.kit.edu
tags: ntp
when: (ansible_distribution == 'Fedora' and ansible_distribution_major_version < 28)
when: (ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) < 28)
- name: Set timezone
become: yes
......
......@@ -10,13 +10,13 @@
package:
name: python-firewall
state: present
when: ((ansible_distribution == "Fedora" and ansible_distribution_major_version < 28) or
(ansible_distribution == "CentOS" and ansible_distribution_major_version >= 7))
when: ((ansible_distribution == "Fedora" and (ansible_distribution_major_version|int) < 28) or
(ansible_distribution == "CentOS" and (ansible_distribution_major_version|int) >= 7))
- name: Warn about firewalld not working
debug:
msg: Because python3-firewall is not working with the firewalld module, this tasks will not work!
when: (ansible_distribution == "Fedora" and ansible_distribution_major_version >= 28)
when: (ansible_distribution == "Fedora" and (ansible_distribution_major_version|int) >= 28)
- name: Open port 22 on Fedora/CentOS
become: yes
......@@ -24,8 +24,8 @@
port: 22/tcp
state: enabled
permanent: true
when: ((ansible_distribution == "Fedora" and ansible_distribution_major_version < 28) or
(ansible_distribution == "CentOS" and ansible_distribution_major_version >= 7))
when: ((ansible_distribution == "Fedora" and (ansible_distribution_major_version|int) < 28) or
(ansible_distribution == "CentOS" and (ansible_distribution_major_version|int) >= 7))
notify:
- reload firewalld
- restart firewalld
......
---
- name: Updating the system
become: yes
package: name=* state=latest
package:
name: "*"
state: latest
tags:
- skip_ansible_lint
when: ansible_distribution != "Ubuntu"
- name: install autoupdate for Fedora
become: yes
package:
name: "dnf-automatic"
state: installed
when: ansible_distribution == "Fedora"
- name: configure autoupdate
become: yes
copy:
src: automatic.conf
dest: /etc/dnf/automatic.conf
mode: 644
owner: root
group: root
when: ansible_distribution == "Fedora"
notify:
- enable automatic
This diff is collapsed.
export MPIR_CVAR_CH3_PORT_RANGE=10000:10100
export PATH=/usr/lib64/mpich/bin:"${PATH}"
export HYDRA_HOST_FILE=~/.mpihosts
export RPN_DEFNS=~/.defns.rpn
export RPN_DEFNS=/usr/local/share/defns.rpn
#!/bin/bash
# bash >= 4 required
# This script assumes to be run only once per day and overwrites files
# It also shouldn't be run for different hosts in parallel
# Search the "Edit"-line
#
# - This script has not been tested so far
# - Mounting via sshfs is not included yet
set -euo pipefail
IFS=$'\n\t'
############################################################
# Edit:
declare -A host_cpus=( ["129.13.108.79"]="3" ["129.13.108.113"]="6" )
############################################################
# main_host=$(hostname -f)
main_host=$(ip -br -4 addr|\
grep '129.13.108.'|\
awk '{print $3}'|\
cut -d"/" -f1)
printf "Generating SSH keys\n"
filename=~/.ssh/"id_Pelegant_$(date --iso)"
ssh-keygen -q -t ed25519 -o -f "${filename}" -C "Pelegant run from ${main_host} at $(date)"
printf "Creating mpihosts file\n"
if [ -f ~/.mpihosts ]; then
/usr/bin/mv ~/.mpihosts ~/.mpihosts.$(date --iso)
fi
for host in "${!host_cpus[@]}"; do
printf "%s:%s user=%s\n", "${host}" "${host_cpus[$host]}" "${USER}" >> ~/.mpihosts
done
printf "Copying files and mounting SSHFS\n"
for host in "${!host_cpus[@]}"; do
printf "SSH copy from %s to %s (%s)", "${main_host}" "${host}" "${filename}"
scp "${filename}" "${host}:~/.ssh/"
scp "${filename}.pub" "${host}:~/.ssh/"
ssh-copy-id -i "${filename}" "${host}"
ssh-copy-id -i "${filename}" "${main_host}"
scp ~/.mpihosts "${host}:.mpihosts"
curdir=${PWD}
ssh -i "${filename}" "${host}"\
"mkdir ${curdir} && "\
"sshfs ${main_host}:${curdir} ${curdir} -o IdentityFile=\"${filename}\""
done
---
- name: "BLAS (needed by elegant)"
become: yes
dnf:
name: "{{ prePelegant }}"
state: present
tags: pelegant
- name: ansible dependencies for firewalld
become: yes
dnf:
name: ["python3-decorator", "python3-slip", "python3-firewall"]
state: present
tags: pelegant
- name: Pelegant open ports
become: yes
firewalld:
state: enabled
permanent: true
rich_rule: 'rule family="ipv4" source address="129.13.238.64/24" port port="10000-10100" protocol="tcp" accept'
notify:
- reload firewall
- restart firewall
tags: pelegant
- name: Pelegant open ports
become: yes
firewalld:
state: disabled
permanent: true
rich_rule: 'rule family="ipv4" source address="129.13.108.64/24" port port="10000-10100" protocol="tcp" accept'
notify:
- reload firewall
- restart firewall
tags: pelegant
- name: export variable
become: yes
copy:
src: mpich.sh
dest: /etc/profile.d/pelegant.sh
group: root
owner: root
backup: yes
notify: run profiled
tags: pelegant
- name: install sshfs
become: yes
dnf:
name: ["fuse-sshfs"]
state: present
tags: pelegant
......@@ -4,7 +4,7 @@
dnf:
name: "http://www.aps.anl.gov/Accelerator_Systems_Division/Accelerator_Operations_Physics/downloads/elegant-{{ item.value }}.{{ ansible_distribution|lower }}.{{ ansible_distribution_major_version }}.mpich.{{ ansible_architecture }}.rpm"
state: present
when: ansible_distribution == 'Fedora' and ansible_distribution_major_version|int == item.key|int
when: ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) == item.key|int
with_dict: "{{ ele_version }}"
tags: elegant
......@@ -33,9 +33,8 @@
- name: install sddstoolkit dependencies
become: yes
dnf:
name: "{{ item }}"
name: "{{ preSDDSdev }}"
state: present
with_items: "{{ preSDDSdev }}"
when: ansible_distribution == 'Fedora'
tags:
- elegant
......
......@@ -2,9 +2,8 @@
- name: Install required software for elegants examples
become: yes
dnf:
name: "{{ item }}"
name: "{{ preElegantExamples }}"
state: present
with_items: "{{ preElegantExamples }}"
when: ansible_distribution == 'Fedora'
tags: examples
......
---
# - import_tasks: blas.yml
- import_tasks: blas.yml
- import_tasks: elegant.yml
- import_tasks: examples.yml
# - import_tasks: pyhonsdds.yml
- import_tasks: pythonsdds.yml
---
- name: install SDDS for Python 3
become: yes
dnf:
name: "http://www.aps.anl.gov/Accelerator_Systems_Division/Accelerator_Operations_Physics/downloads/SDDSPython3-{{ item.value }}.{{ ansible_distribution|lower }}.{{ ansible_distribution_major_version }}.{{ ansible_architecture }}.rpm"
state: present
when: ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) == item.key|int
with_dict: "{{ pythonsdds_version }}"
tags:
- elegant
- python
......@@ -4,7 +4,7 @@
dnf:
name: "http://www.aps.anl.gov/Accelerator_Systems_Division/Accelerator_Operations_Physics/downloads/SDDSToolKit-{{ item.value }}.{{ ansible_distribution|lower }}.{{ ansible_distribution_major_version }}.{{ ansible_architecture }}.rpm"
state: present
when: ansible_distribution == 'Fedora' and ansible_distribution_major_version|int == item.key|int
when: ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) == item.key|int
with_dict: "{{ sddstk_version }}"
tags:
- elegant
......
......@@ -3,33 +3,40 @@ ele_version:
25: 34.0.0-1
26: 34.0.0-1
27: 34.2.0-1
28: 34.2.0-1
28: 35.1.0-1
29: 35.1.0-1
sddstk_version:
25: 3.5-1
26: 3.5.1-1
27: 3.5.1-1
28: 3.6.1-1
28: 4.1-1
29: 4.1-1
oagtcltk_version:
25: 1.24-1
26: 1.24-1
27: 1.24-1
28: 1.25-1
28: 1.25-2
29: 1.25-2
defns_path: /usr/local/share/defns.rpn
prePelegant:
- mpich
- mpich-devel
- blas
- blas-devel
- "mpich"
- "mpich-devel"
- "blas"
- "blas-devel"
preSDDSdev:
- libXpm-devel
- ncurses-devel
# ln -s /usr/bin/gcc /usr/bin/g++
- zlib-devel
- readline-devel
- motif
- "libXpm-devel"
- "ncurses-devel"
# "ln -s /usr/bin/gcc /usr/bin/g++"
- "zlib-devel"
- "readline-devel"
- "motif"
preElegantExamples:
- tcl
- tcsh
pythonsdds_version:
29: 4.0-1
28: 4.0-1
......@@ -16,15 +16,8 @@
- name: ensure gcc is installed
become: yes
dnf:
name: "{{ item }}"
name: ["gcc", "gcc-c++", "readline-devel", "perl-ExtUtils-ParseXS", "perl-Pod-Checker", "perl-devel"]
state: installed
with_items:
- gcc
- gcc-c++
- readline-devel
- perl-ExtUtils-ParseXS
- perl-Pod-Checker
- perl-devel
- name: make links
become: yes
......
......@@ -2,21 +2,18 @@
# THIS ROLE IS NOT IDEMPOTENT, but just for installation!
- name: install host
become: yes
dnf:
name: "{{ item }}"
package:
name: ["freeipa-client", "sssd"]
state: installed
with_items:
- "freeipa-client"
- "sssd"
- name: add ipa hosts to etc
become: yes
lineinfile:
line: "{{ ipa_host_ip }} {{ ipa_host }}"
path: /etc/hosts
state: present
backup: yes
insertbefore: BOF
# - name: add ipa hosts to etc
# become: yes
# lineinfile:
# line: "{{ ipa_host_ip }} {{ ipa_host }}"
# path: /etc/hosts
# state: present
# backup: yes
# insertbefore: BOF
# TODO
# - name: copy server cert
......@@ -28,7 +25,7 @@
- name: set hostname
become: yes
hostname:
name: "las{{ ip_suffix }}.las.kit.edu"
name: "{{ computer_name }}.las.kit.edu"
# This is not idempotent!
- name: add host
......@@ -58,5 +55,5 @@
- name: activate host
become: yes
command: "ipa-client-install --hostname={{ ansible_fqdn }} --domain={{ ipa_domain }} --server={{ ipaserver1 }} --server={{ ipaserver2 }} --server={{ ipaserver3 }} --fixed-primary --mkhomedir -N --no-sshd --no-ssh -U --password={{ random_pass.stdout }}"
command: "ipa-client-install --hostname={{ ansible_fqdn }} --mkhomedir -N -U --password={{ random_pass.stdout }}"
when: random_pass.changed
......@@ -28,7 +28,7 @@
opts: "soft,timeo=14,intr,nosuid"
state: "{{ item }}"
become: yes
when: ansible_default_ipv4.address | ipaddr('129.13.108.64/26')
when: (ansible_default_ipv4.address | ipaddr('129.13.108.64/26')) or (ansible_default_ipv4.address | ipaddr('129.13.238.64/26'))
with_items:
- mounted
- present
$ANSIBLE_VAULT;1.1;AES256
62633862303734626135346639383431363365663663613533386133623363633532643237623064
3362333163333633343031643835663234306331313561320a376331323930356632356139646236
38383761366263306436363434636230396237343730616463363632626466336534346330613536
3231633465323761370a313938623166626164306134373362613763666361343436323236356332
61386663373832636265343836346133663439363164643434626336633031613730393165383537
37316161383463353532633539656339643432386537376164653732376636663433333065383831
34646665313062343931306333393734653566363039383436626466346136616364333330666237
34313733313035343630623565626238366533313132323132353762316433393135333034343833
38376464343433346264616331393065356666613035393835373665346338623564656563383230
63363063643033623339366166613931373136333235323633316434376431626166396432313339
33306463613337353932306232663138393336306362386332326132336632313030353038633830
63313732363734336437363639353730613733306363303362323563383261613938383439353139
36393137383937356131653965653633663733383163396336626265383739333733633635343234
66356263653232303436633461306664343466636336636664313532343363373634653034666236
63646338616536326439323738656563623361363132306632646661313761383961646464326235
64346334353331356463613632643834363836656263306637623933633937626432663364326635
36353032643664376235633735303964656535623361663365366435313531386562363931333731
64653364643061363465306239303739633030363035303863373564303530333563663066306233
31653932353535373332343761303861623263383135353333393936333437303638656662623338
32393863663964356466616637626364623864373533623564323833643766663733333162303764
33313965653437313737343137633364333765396664633734656531396436636162616233343834
37653637616436386132326531323334396130396438336462383538336639313362376565313663
38633433653831306565633438353835393736623362643935643466643561333333313239666165
38363332356266616262626466336363343861396434636539643033646635663736636463336564
6337
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE46umtnq0fKQzTy0WzOJ0uffSPbb/ogZ9+nguZWVIL1 GitLab-download-only
......@@ -7,24 +7,10 @@
- name: install dependencies
dnf:
name: "{{ item }}"
name: ["texlive-a0poster", "texlive-beamer", "texlive-bophook", "texlive-boxedminipage", "texlive-dinbrief", "texlive-hyperref", "texlive-lettrine", "texlive-mathpazo", "texlive-rcs", "texlive-sciposter", "texlive-shadow", "texlive-pgf", "texlive-xcolor", "{{ kit_tikz }}",]
state: present
skip_broken: yes
become: yes
with_items:
- texlive-a0poster
- texlive-beamer
- texlive-bophook
- texlive-boxedminipage
- texlive-dinbrief
- texlive-hyperref
- texlive-lettrine
- texlive-mathpazo
- texlive-rcs
- texlive-sciposter
- texlive-shadow
- texlive-pgf
- texlive-xcolor
- "{{ kit_tikz }}"
- name: make tmpdir
tempfile:
......@@ -32,13 +18,24 @@
state: directory
register: tmpdir
- name: Add ssh-key for the LaTeX repository
become: yes
copy:
src: gitlab_ssh_key
dest: "/tmp/gitlab_ssh_key"
mode: 0600
backup: no
# This should be changed when the Arial task is working
- name: clone git repo
git:
repo: https://git.scc.kit.edu/las/templates/KITlatex.git
repo: "ssh://git@git.scc.kit.edu:/las-software/15-4-Utilities/KITlatex.git"
dest: "{{ tmpdir.path }}"
clone: yes
version: HEAD
version: helvetica
update: yes
key_file: "/tmp/gitlab_ssh_key"
accept_hostkey: yes
become: yes
register: kit_git
......@@ -50,14 +47,12 @@
- name: copy tex files
become: yes
copy:
src: "{{ item }}"
dest: "{{ texpath }}/tex/latex/KIT/"
remote_src: yes
synchronize:
src: "{{ tmpdir.path }}/tex/latex/KIT"
dest: "{{ texpath }}/tex/latex"
notify:
- update latex
with_fileglob:
- "{{ tmpdir.path }}/tex/latex/KIT/*"
delegate_to: "{{ inventory_hostname }}"
- name: create doc dir
become: yes
......@@ -67,14 +62,12 @@
- name: copy pdf files
become: yes
copy:
src: "{{ item }}"
dest: "{{ texpath }}/doc/latex/KIT/"
remote_src: yes
synchronize:
src: "{{ tmpdir.path }}/doc/latex/KIT"
dest: "{{ texpath }}/doc/latex/KIT"
notify:
- update latex
with_fileglob:
- "{{ tmpdir.path }}/doc/latex/KIT/*"
delegate_to: "{{ inventory_hostname }}"
# This should be deleted when the Arial task is working
- name: hack Helvetica into KIT styles due to broken font installation
......
/las-archiv1 129.13.108.64/26(rw,sync,root_squash)
/las-archiv1 2a00:1398:4:8200::/64(rw,sync,root_squash) 129.13.238.64/26(rw,sync,root_squash)
/las-archiv1/users 2a00:1398:4:8200::/64(rw,sync,root_squash) 129.13.238.64/26(rw,sync,root_squash)
......@@ -7,7 +7,7 @@
with_items:
- rpcbind
- python3-firewall
when: (ansible_distribution == 'Fedora' and ansible_distribution_major_version >= 28)
when: (ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) >= 28)
- name: install dependencies
dnf:
......@@ -16,7 +16,7 @@
with_items:
- rpcbind
- python-firewall
when: (ansible_distribution == 'Fedora' and ansible_distribution_major_version < 28)
when: (ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) < 28)
- name: copy export file
copy:
......@@ -40,4 +40,4 @@
- 2049/tcp
- 111/tcp
notify: reload firewall
when: (ansible_distribution == 'Fedora' and ansible_distribution_major_version < 28)
when: (ansible_distribution == 'Fedora' and (ansible_distribution_major_version|int) < 28)
export LMX_LICENSE_PATH=@129.13.108.100
export VECTORFIELD_LICENSE_PATH=@129.13.108.100
export LMX_LICENSE_PATH=@opera.las.kit.edu
export VECTORFIELD_LICENSE_PATH=@opera.las.kit.edu
export VFDIR=/usr/local/share/Opera_18R2/code/
# This causes git to not work properly anymore (e.g. git pull --rebase)
# export PATH=/usr/local/share/Opera_17R1/bin:"${PATH}"
......
......@@ -24,17 +24,9 @@
- name: install dependencies
become: yes
dnf:
name: "{{ item }}"
name: [<