ansible issueshttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues2021-09-03T14:12:42+02:00https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/108Opera installation failing when GNOME group should be installed2021-09-03T14:12:42+02:00sg7149Opera installation failing when GNOME group should be installedCalling host: asterix.las.kit.edu (Fedora 32)
Failing nodes: asterix
Summary
-------
Running the Opera role fails when trying to install GNOME group. It seems that the group was renamed.
Steps to reproduce
------------------
Try to...Calling host: asterix.las.kit.edu (Fedora 32)
Failing nodes: asterix
Summary
-------
Running the Opera role fails when trying to install GNOME group. It seems that the group was renamed.
Steps to reproduce
------------------
Try to install opera via the ansible role on Fedora 32 (GNOME may already be installed).
What is the current bug behavior?
---------------------------------
Fails when trying to group install "@GNOME".
What is the expected correct behaviour?
---------------------------------------
The GNOME group is installed and Opera installation succeeds.
Relevant logs and/or screenshots
--------------------------------
```
TASK [opera : install dependencies] ********************************************************************************************************************************************************************************************************
fatal: [asterix.las.kit.edu]: FAILED! => {"changed": false, "msg": "No group GNOME available.", "results": []}
```
Possible fixes
--------------
Use the correct name for the GNOME group.zx8344samira.fatehi@kit.eduzx8344samira.fatehi@kit.eduhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/8elegant/blas2020-08-24T17:50:17+02:00sg7149elegant/blasgescheit die key-Verwaltung lösengescheit die key-Verwaltung lösenhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/21(KIT)Latex installation fails because of failing copy2020-08-24T17:49:50+02:00sg7149(KIT)Latex installation fails because of failing copyCalling host: las113.las.kit.edu (Fedora 27)
Failing nodes: las117 (Fedora 27)
Summary
``with_glob`` fails when used with ``copy`` and ``tempdir``
Steps to reproduce
Run the KITLaTeX tasks.
What is the current bug behavior?
Task...Calling host: las113.las.kit.edu (Fedora 27)
Failing nodes: las117 (Fedora 27)
Summary
``with_glob`` fails when used with ``copy`` and ``tempdir``
Steps to reproduce
Run the KITLaTeX tasks.
What is the current bug behavior?
Task `hack Helvetica into KIT styles due to broken font installation` fails because `copy tex files` does not work.
What is the expected correct behavior?
Files are copied and the task can run.
Relevant logs and/or screenshots
```
TASK [latex : copy pdf files] *********************************************************************************************************
task path: /home/gethmann/ansible/ansible/roles/latex/tasks/KITLaTeX.yml:68
[WARNING]: Unable to find '/tmp/ansiEtob1c/doc/latex/KIT' in expected paths.
```
/cc @gethmannhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/20ipynb fails2020-08-24T17:48:49+02:00sg7149ipynb fails```
RUNNING HANDLER [ipynb : activate ipywidgets] *****************************************************************************************
fatal: [las117.las.kit.edu]: FAILED! => {"changed": false, "cmd": "jupyter-nbextension enable --p...```
RUNNING HANDLER [ipynb : activate ipywidgets] *****************************************************************************************
fatal: [las117.las.kit.edu]: FAILED! => {"changed": false, "cmd": "jupyter-nbextension enable --py --sys-prefix widgetsnbextension", "failed": true, "msg": "[Errno 2] No such file or directory", "rc": 2}
```https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/12ripgrep for other OSes2020-08-24T17:47:12+02:00sg7149ripgrep for other OSes* ripgrep role for CentOS und Ubuntu
* make copr installation idempotent* ripgrep role for CentOS und Ubuntu
* make copr installation idempotenthttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/67NFS might not be mounted on start2020-08-24T17:46:02+02:00sg7149NFS might not be mounted on startCalling host: asterix.las.kit.edu (Fedora 29)
Failing nodes: asterix.las.kit.edu
Summary
-------
NFS is not mounted on boot.
Steps to reproduce
------------------
Boot the computer
What is the current bug behavior?
--------------...Calling host: asterix.las.kit.edu (Fedora 29)
Failing nodes: asterix.las.kit.edu
Summary
-------
NFS is not mounted on boot.
Steps to reproduce
------------------
Boot the computer
What is the current bug behavior?
---------------------------------
las-archiv1 is not mounted though it is in the fstab
What is the expected correct behaviour?
---------------------------------------
las-archiv1 is mounted after booting
Possible fixes
--------------
Probably the mounts are done before the network target is reached and therefore the NFS export is not viewable at that time, yet.
/cc @gethmannhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/48OKI printer fails when used with evince2020-08-24T17:44:41+02:00sg7149OKI printer fails when used with evinceCalling host: las113.las.kit.edu (Fedora 29)
Summary
-------
When I try to print a PDF opened with evince, the OKI fails and needs a restart.
Steps to reproduce
------------------
Print e.g. [Github-Forking.pdf](/uploads/abfd6b7cc5b...Calling host: las113.las.kit.edu (Fedora 29)
Summary
-------
When I try to print a PDF opened with evince, the OKI fails and needs a restart.
Steps to reproduce
------------------
Print e.g. [Github-Forking.pdf](/uploads/abfd6b7cc5bc48e8b151901e9848be8a/Github-Forking.pdf) with evince. Duplex
What is the current bug behavior?
---------------------------------
Schwerer Ausnahmefehler ...
Bitte starten Sie den Drucker neu
What is the expected correct behaviour?
---------------------------------------
Works like it does in okular
Relevant logs and/or screenshots
--------------------------------
```
TODO
```
Possible workaround
-------------------
Just as a workaround: use okular instead of evince.
/cc @gethmannhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/34Printer defaults to single page printing2020-08-24T17:43:49+02:00sg7149Printer defaults to single page printingFailing nodes: las113, las118 (Fedora 27, 28)
Summary
-------
Default for printing is no-duplex
Steps to reproduce
------------------
Print file from okular
What is the expected correct behaviour?
---------------------------------...Failing nodes: las113, las118 (Fedora 27, 28)
Summary
-------
Default for printing is no-duplex
Steps to reproduce
------------------
Print file from okular
What is the expected correct behaviour?
---------------------------------------
Duplex, long-edge as default.
Possible fixes
--------------
Either edit the files in the `client` role appropriately or change the default settings locally in CUPS (https://localhost:631) via KDE's printing dialogue and diff the files with the aforementioned.
/cc @gethmann @xr4779https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/93teamviewer installation stopps updates2020-08-17T09:57:29+02:00sg7149teamviewer installation stopps updatesCalling host: obelix.las.kit.edu (Fedora 31)
Failing nodes: pepe, asterix
Summary
-------
Updates fail, because teamviewer repo cannot be found
Steps to reproduce
------------------
enable the teamviewer repositories () and run `dn...Calling host: obelix.las.kit.edu (Fedora 31)
Failing nodes: pepe, asterix
Summary
-------
Updates fail, because teamviewer repo cannot be found
Steps to reproduce
------------------
enable the teamviewer repositories () and run `dnf update`
What is the current bug behavior?
---------------------------------
```
Failed to synchronize cache for repo 'tvinternal_dev'
Ignoring repositories: tvinternal_dev
```
when running via ansible, it fails due to timeouts.
What is the expected correct behaviour?
---------------------------------------
Update runs without any problems.
Relevant logs and/or screenshots
--------------------------------
```
(Paste any relevant logs - please use code blocks (```) to format console output,
logs, and code as it's very hard to read otherwise.)
```
Possible fixes
--------------
As a workaround one can deactivate the repository, but then teamviewer will not get updates!
/cc @vn4918lp5884lp5884https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/90Autoupdate on lab computers2020-07-15T15:40:04+02:00sg7149Autoupdate on lab computersChange the settings from security to all updates.
The computers are not used on a daily basis by one user, but may not be used interactively for some time. Hence the updates aren't triggered by the user, but there is also no user that ex...Change the settings from security to all updates.
The computers are not used on a daily basis by one user, but may not be used interactively for some time. Hence the updates aren't triggered by the user, but there is also no user that expects certain behaviour not to change.https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/9EPICS (for Jena and KARA)2020-07-15T14:59:38+02:00sg7149EPICS (for Jena and KARA)* Rollen für EPICS
* [x] KARA
* [x] Jena-Messaufbau* Rollen für EPICS
* [x] KARA
* [x] Jena-Messaufbauhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/102Environment dependent epics configuration2020-07-15T14:59:38+02:00sg7149Environment dependent epics configurationEPICS is used for different purposes/environments which currently include:
* KARA
* LASMagLab
* TGU measurement
* Jena magnet setup
The configuration so far is only valid for one case only and the other configurations are changed by han...EPICS is used for different purposes/environments which currently include:
* KARA
* LASMagLab
* TGU measurement
* Jena magnet setup
The configuration so far is only valid for one case only and the other configurations are changed by hand which
- needs more steps for the installation and
- is error prone to (re-)running ansible.
This should be fixed.
See also issue #9https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/91Add networking to common role2020-05-13T12:10:22+02:00sg7149Add networking to common roleAdd some basic networking setup to the common role (maybe via nmcli-module)
* [ ] DNS v4, v6
* [ ] Default gateway v4 v6
* [x] Hostname
* [ ] dhclient on start
* [ ] auto negotiationAdd some basic networking setup to the common role (maybe via nmcli-module)
* [ ] DNS v4, v6
* [ ] Default gateway v4 v6
* [x] Hostname
* [ ] dhclient on start
* [ ] auto negotiationhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/92ansible ipv6 vs root2020-05-13T10:44:29+02:00sg7149ansible ipv6 vs rootansible tries to use IPv6 now that our hosts have proper DNS for IPv6.
Unfortunately the SSH-key for root only allows the IPv4 of obelix, so that running ansible fail atm.
One should either change the SSH-allowed IP addresses.
Or one sh...ansible tries to use IPv6 now that our hosts have proper DNS for IPv6.
Unfortunately the SSH-key for root only allows the IPv4 of obelix, so that running ansible fail atm.
One should either change the SSH-allowed IP addresses.
Or one should force ansible to use IPv4 only.https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/5IPA-setup2020-05-04T12:34:48+02:00sg7149IPA-setupIPA setup in ansibleIPA setup in ansiblehttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/4ansible-pull2020-05-04T12:33:50+02:00sg7149ansible-pullUpdate documentation on ansible-pullUpdate documentation on ansible-pullsg7149sg7149https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/22Run ansible as root with certificats2020-05-04T12:32:11+02:00sg7149Run ansible as root with certificatsRun ansible as root to avoid sudo-timeouts on slow hard disks.
* [x] certificate for root on one host
* [x] root login via ssh
* [ ] edit tasks not to use become any longer?Run ansible as root to avoid sudo-timeouts on slow hard disks.
* [x] certificate for root on one host
* [x] root login via ssh
* [ ] edit tasks not to use become any longer?https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/32sshd template causes error2020-05-04T12:30:17+02:00sg7149sshd template causes errorCalling host: las113.las.kit.edu (Fedora 27)
Failing nodes: localhost -i local
Summary
-------
ansible fails with an error message in the firewalld role complaining about syntax errors.
Steps to reproduce
------------------
run `an...Calling host: las113.las.kit.edu (Fedora 27)
Failing nodes: localhost -i local
Summary
-------
ansible fails with an error message in the firewalld role complaining about syntax errors.
Steps to reproduce
------------------
run `ansible-playbook latex.yml -l localhost --vault-id @prompt -K -i local`
What is the current bug behavior?
---------------------------------
fails with an error on my Fedora 27. Might work on Fedora 28.
What is the expected correct behaviour?
---------------------------------------
continue and install a proper sshd config
Relevant logs and/or screenshots
--------------------------------
```
TASK [common : install firewalld] ******************************************************
fatal: [127.0.0.1]: FAILED! => {"msg": "The conditional check '((ansible_distribution == \"Fedora\" and ansible_distribution_major_version < 28) or (ansible_distribution == \"CentOS\" and ansible_distribution_major_version >= 7))' failed. The error was: Unexpected templating type error occurred on ({% if ((ansible_distribution == \"Fedora\" and ansible_distribution_major_version < 28) or (ansible_distribution == \"CentOS\" and ansible_distribution_major_version >= 7)) %} True {% else %} False {% endif %}): '<' not supported between instances of 'AnsibleUnsafeText' and 'int'\n\nThe error appears to have been in '/home/gethmann/ansible/ansible/roles/common/tasks/sshd.yml': line 8, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: install firewalld\n ^ here\n"}
```
Possible fixes
--------------
/cc @gethmannhttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/65script to add ipa-replica to dns2020-05-04T12:21:08+02:00sg7149script to add ipa-replica to dnsScript the change of the DNS entries for a new IPA replica.
Add the SRV entries to DNSVS
See [IPA docu](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide...Script the change of the DNS entries for a new IPA replica.
Add the SRV entries to DNSVS
See [IPA docu](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/creating-the-replica) and the [NETVS docu](https://www-net-doku.scc.kit.edu/webapi/release/intro/)
```
_ldap._tcp
_kerberos._tcp
_kerberos._udp
_kerberos-master._tcp
_kerberos-master._udp
_ntp._udp
_kpasswd._tcp
_kpasswd._udp
```Network movehttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/70integrate ipa-healthcheck into munin2020-05-04T12:19:48+02:00sg7149integrate ipa-healthcheck into muninIntegrate the very new ipa-healthcheck tool into munin and/or a warning system, so one gets informed when a system fails.
Caution: one probably should take care of nodes that go down expectedly, because they run on clients.Integrate the very new ipa-healthcheck tool into munin and/or a warning system, so one gets informed when a system fails.
Caution: one probably should take care of nodes that go down expectedly, because they run on clients.