diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1948548 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +SOURCES/kdump-4b40b01.tar.gz +SOURCES/network-64b2d76.tar.gz +SOURCES/postfix-0.1.tar.gz +SOURCES/selinux-1.0.0.tar.gz +SOURCES/timesync-1.0.0.tar.gz diff --git a/.rhel-system-roles.metadata b/.rhel-system-roles.metadata new file mode 100644 index 0000000..9f67635 --- /dev/null +++ b/.rhel-system-roles.metadata @@ -0,0 +1,5 @@ +0d49f208eb69b9266de9bd4505cfe5858af0f54a SOURCES/kdump-4b40b01.tar.gz +7199b5d21ccced62f4cc754f536bedcf68b3ad86 SOURCES/network-64b2d76.tar.gz +66c82331f4ac9598c506c3999965b4d07dbfe49d SOURCES/postfix-0.1.tar.gz +ad58a43c113551559d1a5bab9f9c6c99f923f7c3 SOURCES/selinux-1.0.0.tar.gz +7e6559e43aa58796a67b6341abe484e3cbc3db27 SOURCES/timesync-1.0.0.tar.gz diff --git a/SOURCES/md2html.sh b/SOURCES/md2html.sh new file mode 100644 index 0000000..d062eb9 --- /dev/null +++ b/SOURCES/md2html.sh @@ -0,0 +1,6 @@ +for file in "$@"; do + pandoc -f markdown_github "${file}" -t asciidoc -o "${file%.md}.tmp.adoc" ||exit $? + touch -r "${file}" "${file%.md}.tmp.adoc" ||exit $? + TZ=UTC asciidoc -o "${file%.md}.html" -a footer-style=none -a toc2 -a source-highlighter=highlight "${file%.md}.tmp.adoc" ||exit $? + rm "${file%.md}.tmp.adoc" +done diff --git a/SOURCES/network-permissions.diff b/SOURCES/network-permissions.diff new file mode 100644 index 0000000..2c39494 --- /dev/null +++ b/SOURCES/network-permissions.diff @@ -0,0 +1,6 @@ +diff --git a/library/network_connections.py b/library/network_connections.py +old mode 100755 +new mode 100644 +diff --git a/tests/test_network_connections.py b/tests/test_network_connections.py +old mode 100755 +new mode 100644 diff --git a/SOURCES/rhel-system-roles-kdump-pr22.diff b/SOURCES/rhel-system-roles-kdump-pr22.diff new file mode 100644 index 0000000..67fd986 --- /dev/null +++ b/SOURCES/rhel-system-roles-kdump-pr22.diff @@ -0,0 +1,99 @@ +diff --git a/tasks/ssh.yml b/tasks/ssh.yml +index 1573e90..172fd5b 100644 +--- a/tasks/ssh.yml ++++ b/tasks/ssh.yml +@@ -15,3 +15,15 @@ + key: "{{ keydata.stdout }}" + state: present + delegate_to: "{{ kdump_ssh_server }}" ++ ++- name: fetch the servers public key ++ slurp: ++ src: /etc/ssh/ssh_host_rsa_key.pub ++ register: serverpubkey ++ delegate_to: "{{ kdump_ssh_server }}" ++ ++- name: ++ known_hosts: ++ key: "{{ kdump_ssh_server_location }} {{ serverpubkey.content | b64decode }}" ++ name: "{{ kdump_ssh_server_location }}" ++ path: /etc/ssh/ssh_known_hosts +diff --git a/templates/kdump.conf.j2 b/templates/kdump.conf.j2 +index bf24210..504ff34 100644 +--- a/templates/kdump.conf.j2 ++++ b/templates/kdump.conf.j2 +@@ -1,12 +1,17 @@ + # {{ ansible_managed }} + + {% if kdump_target %} +-{{ kdump_target.type }} {{ kdump_target.location }} +-{% endif %} ++{% if kdump_target.type == "ssh" %} ++ssh {{ kdump_target.location | d(kdump_ssh_user ~ '@' ~ kdump_ssh_server) }} + +-{% if kdump_target and kdump_target.type == "ssh" and kdump_sshkey != '/root/.ssh/kdump_id_rsa' %} ++{% if kdump_sshkey != '/root/.ssh/kdump_id_rsa' %} + sshkey {{ kdump_sshkey }} + {% endif %} ++{% else %} ++{{ kdump_target.type }} {{ kdump_target.location }} ++ ++{% endif %} ++{% endif %} + + path {{ kdump_path }} + {% if kdump_core_collector %} +diff --git a/tests/tests_ssh.yml b/tests/tests_ssh.yml +index 679148e..bcd1795 100644 +--- a/tests/tests_ssh.yml ++++ b/tests/tests_ssh.yml +@@ -6,6 +6,11 @@ + # known and ansible is supposed to be configured to be able to + # connect to it (via inventory). + kdump_ssh_server_outside: localhost ++ kdump_ssh_source: "{{ ansible_env['SSH_CONNECTION'].split()[0] }}" ++ ++ # this is the address at which the ssh dump server can be reached ++ # from the managed host. Dumps will be uploaded there. ++ kdump_ssh_server_inside: "{{ kdump_ssh_source if kdump_ssh_source in hostvars[kdump_ssh_server_outside]['ansible_all_ipv4_addresses'] + hostvars[kdump_ssh_server_outside]['ansible_all_ipv6_addresses'] else hostvars[kdump_ssh_server_outside]['ansible_default_ipv4']['address'] }}" + + tasks: + - name: gather facts from {{ kdump_ssh_server_outside }} +@@ -13,6 +18,18 @@ + delegate_to: "{{ kdump_ssh_server_outside }}" + delegate_facts: True + ++ - name: debug kdump_ssh_server_inside ++ debug: ++ var: kdump_ssh_server_inside ++ ++ - name: debug ansible_ssh_private_key_file ++ debug: ++ var: ansible_ssh_private_key_file ++ ++ - name: debug {{ kdump_ssh_server_outside }} ++ debug: ++ msg: "{{ kdump_ssh_server_outside }}: {{ hostvars[kdump_ssh_server_outside]['ansible_host'] |d('') }}, {{ hostvars[kdump_ssh_server_outside]['ansible_ssh_host'] |d('') }}" ++ + - include_role: + name: kdump + vars: +@@ -25,8 +42,5 @@ + type: ssh + # This is the ssh dump server address visible from inside + # the machine being configured. Dumps are to be copied +- # there. We make here the assumption that this machine is +- # being run as a VM and the dump server is the VM host +- # (i.e. for ansible this is localhost). From the VM its +- # address is then identical to the default route. +- location: "{{ kdump_ssh_user }}@{{ ansible_default_ipv4.gateway }}" ++ # there. ++ location: "{{ kdump_ssh_user }}@{{ kdump_ssh_server_inside }}" +diff --git a/vars/main.yml b/vars/main.yml +new file mode 100644 +index 0000000..34d2d62 +--- /dev/null ++++ b/vars/main.yml +@@ -0,0 +1,2 @@ ++# determine the managed node facing ssh server address ++kdump_ssh_server_location: "{{ kdump_target.location | regex_replace('.*@(.*)$', '\\1') if kdump_target.location is defined else kdump_ssh_server }}" diff --git a/SOURCES/rhel-system-roles-network-prefix.diff b/SOURCES/rhel-system-roles-network-prefix.diff new file mode 100644 index 0000000..d60a8ea --- /dev/null +++ b/SOURCES/rhel-system-roles-network-prefix.diff @@ -0,0 +1,57 @@ +diff --git a/examples/bond-with-vlan.yml b/examples/bond-with-vlan.yml +index 2e6be23..3b7a6dc 100644 +--- a/examples/bond-with-vlan.yml ++++ b/examples/bond-with-vlan.yml +@@ -35,4 +35,4 @@ + - "192.0.2.{{ network_iphost }}/24" + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/bridge-with-vlan.yml b/examples/bridge-with-vlan.yml +index 037ff8e..83c586d 100644 +--- a/examples/bridge-with-vlan.yml ++++ b/examples/bridge-with-vlan.yml +@@ -33,4 +33,4 @@ + - "192.0.2.{{ network_iphost }}/24" + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/eth-simple-auto.yml b/examples/eth-simple-auto.yml +index 0ba168a..e4c4a54 100644 +--- a/examples/eth-simple-auto.yml ++++ b/examples/eth-simple-auto.yml +@@ -15,4 +15,4 @@ + mtu: 1450 + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/eth-with-vlan.yml b/examples/eth-with-vlan.yml +--- a/examples/eth-with-vlan.yml 2018-08-21 20:47:38.000000000 +0200 ++++ b/examples/eth-with-vlan.yml 2018-11-06 22:29:14.591770335 +0100 +@@ -26,4 +26,4 @@ + - "192.0.2.{{ network_iphost }}/24" + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/infiniband.yml b/examples/infiniband.yml +--- a/examples/infiniband.yml 2018-08-21 20:47:38.000000000 +0200 ++++ b/examples/infiniband.yml 2018-11-06 22:29:14.591770335 +0100 +@@ -23,4 +23,4 @@ + - 198.51.100.133/30 + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network +diff --git a/examples/macvlan.yml b/examples/macvlan.yml +--- a/examples/macvlan.yml ++++ b/examples/macvlan.yml +@@ -26,4 +26,4 @@ + - 192.168.1.1/24 + + roles: +- - linux-system-roles.network ++ - rhel-system-roles.network diff --git a/SOURCES/rhel-system-roles-postfix-pr5.diff b/SOURCES/rhel-system-roles-postfix-pr5.diff new file mode 100644 index 0000000..4da6f48 --- /dev/null +++ b/SOURCES/rhel-system-roles-postfix-pr5.diff @@ -0,0 +1,40 @@ +diff --git a/README.md b/README.md +index 5950215..df64284 100644 +--- a/README.md ++++ b/README.md +@@ -17,7 +17,7 @@ Example Playbook + + Install and enable postfix. Configure "relay_domains=$mydestination" and + +-``` ++```yaml + --- + - hosts: all + vars: +@@ -31,7 +31,7 @@ Install and enable postfix. Configure "relay_domains=$mydestination" and + Install and enable postfix. Do not run 'postfix check' before restarting + postfix: + +-``` ++```yaml + --- + - hosts: all + vars: +@@ -43,7 +43,7 @@ postfix: + Install and enable postfix. Do single backup of main.cf (older backup will be + rewritten) and configure "relay_host=example.com": + +-``` ++```yaml + --- + - hosts: all + vars: +@@ -58,7 +58,7 @@ Install and enable postfix. Do timestamped backup of main.cf and + configure "relay_host=example.com" (if postfix_backup_multiple is + set to true postfix_backup is ignored): + +-``` ++```yaml + --- + - hosts: all + vars: diff --git a/SOURCES/rhel-system-roles-postfix-prefix.diff b/SOURCES/rhel-system-roles-postfix-prefix.diff new file mode 100644 index 0000000..65ab2a1 --- /dev/null +++ b/SOURCES/rhel-system-roles-postfix-prefix.diff @@ -0,0 +1,40 @@ +diff --git a/README.md b/README.md +index 5950215..a59d72f 100644 +--- a/README.md ++++ b/README.md +@@ -25,7 +25,7 @@ Install and enable postfix. Configure "relay_domains=$mydestination" and + relay_domains: "$mydestination" + relay_host: "example.com" + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + Install and enable postfix. Do not run 'postfix check' before restarting +@@ -37,7 +37,7 @@ postfix: + vars: + postfix_check: false + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + Install and enable postfix. Do single backup of main.cf (older backup will be +@@ -51,7 +51,7 @@ rewritten) and configure "relay_host=example.com": + relay_host: "example.com" + postfix_backup: true + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + Install and enable postfix. Do timestamped backup of main.cf and +@@ -66,7 +66,7 @@ set to true postfix_backup is ignored): + relay_host: "example.com" + postfix_backup_multiple: true + roles: +- - postfix ++ - linux-system-roles.postfix + ``` + + diff --git a/SOURCES/rhel-system-roles-selinux-prefix.diff b/SOURCES/rhel-system-roles-selinux-prefix.diff new file mode 100644 index 0000000..8820d6d --- /dev/null +++ b/SOURCES/rhel-system-roles-selinux-prefix.diff @@ -0,0 +1,32 @@ +diff --git a/README.md b/README.md +index a0385b0..6efc62d 100644 +--- a/README.md ++++ b/README.md +@@ -41,7 +41,7 @@ This role can be configured using variables as it is described below. + vars: + [ see below ] + roles: +- - role: linux-system-roles.selinux ++ - role: rhel-system-roles.selinux + become: true + ``` + +diff --git a/selinux-playbook.yml b/selinux-playbook.yml +index 78d3953..b2348d5 100644 +--- a/selinux-playbook.yml ++++ b/selinux-playbook.yml +@@ -31,7 +31,7 @@ + - name: execute the role and catch errors + block: + - include_role: +- name: linux-system-roles.selinux ++ name: rhel-system-roles.selinux + rescue: + # Fail if failed for a different reason than selinux_reboot_required. + - name: handle errors +@@ -52,4 +52,4 @@ + + - name: reapply the role + include_role: +- name: linux-system-roles.selinux ++ name: rhel-system-roles.selinux diff --git a/SOURCES/rhel-system-roles-timesync-prefix.diff b/SOURCES/rhel-system-roles-timesync-prefix.diff new file mode 100644 index 0000000..e985a80 --- /dev/null +++ b/SOURCES/rhel-system-roles-timesync-prefix.diff @@ -0,0 +1,28 @@ +diff -up timesync-1.0.0/README.md.orig timesync-1.0.0/README.md +--- timesync-1.0.0/README.md.orig 2018-08-21 11:46:41.000000000 +0200 ++++ timesync-1.0.0/README.md 2018-11-06 22:29:14.586770442 +0100 +@@ -81,7 +81,7 @@ Install and configure ntp to synchronize + - hostname: baz.example.com + iburst: yes + roles: +- - timesync ++ - rhel-system-roles.timesync + ``` + + Install and configure linuxptp to synchronize the system clock with a +@@ -94,7 +94,7 @@ grandmaster in PTP domain number 0, whic + - number: 0 + interfaces: [ eth0 ] + roles: +- - timesync ++ - rhel-system-roles.timesync + ``` + + Install and configure chrony and linuxptp to synchronize the system clock with +@@ -121,5 +121,5 @@ synchronization: + transport: UDPv4 + delay: 0.000010 + roles: +- - timesync ++ - rhel-system-roles.timesync + ``` diff --git a/SOURCES/timesync-playbook.yml b/SOURCES/timesync-playbook.yml new file mode 100644 index 0000000..782ea91 --- /dev/null +++ b/SOURCES/timesync-playbook.yml @@ -0,0 +1,14 @@ +--- +- hosts: targets + vars: + timesync_ntp_servers: + - hostname: 0.rhel.pool.ntp.org + iburst: yes + - hostname: 1.rhel.pool.ntp.org + iburst: yes + - hostname: 2.rhel.pool.ntp.org + iburst: yes + - hostname: 3.rhel.pool.ntp.org + iburst: yes + roles: + - rhel-system-roles.timesync diff --git a/SOURCES/timesync-pool-playbook.yml b/SOURCES/timesync-pool-playbook.yml new file mode 100644 index 0000000..ed07d4b --- /dev/null +++ b/SOURCES/timesync-pool-playbook.yml @@ -0,0 +1,9 @@ +--- +- hosts: targets + vars: + timesync_ntp_servers: + - hostname: 2.rhel.pool.ntp.org + pool: yes + iburst: yes + roles: + - rhel-system-roles.timesync diff --git a/SPECS/rhel-system-roles.spec b/SPECS/rhel-system-roles.spec new file mode 100644 index 0000000..a68d439 --- /dev/null +++ b/SPECS/rhel-system-roles.spec @@ -0,0 +1,356 @@ +%if 0%{?rhel} +Name: rhel-system-roles +%else +Name: linux-system-roles +%endif +Summary: Set of interfaces for unified system management +Version: 1.0 +Release: 5%{?dist} + +#Group: Development/Libraries +License: GPLv3+ and MIT and BSD +%if 0%{?rhel} +%global rolealtprefix linux-system-roles. +%endif +%global roleprefix %{name}. + +# For each role, call either defcommit() or deftag(). The other macros +# (%%id and %%shortid) can be then used in the same way in both cases. +# This way the rest of the spec file des not need to know whether we are +# dealing with a tag or a commit. +%define defcommit() %{expand:%%global id%{1} %{2} +%%global shortid%{1} %%(c=%%{id%{1}}; echo ${c:0:7}) +} + +%define deftag() %{expand:%%global id%{1} %{2} +%%global shortid%{1} %{2} +} + +%defcommit 0 4b40b01079e82b1c5f948ae87d81a135069747cc +%global rolename0 kdump +#%%deftag 0 1.0.0 + +#%%defcommit 1 43eec5668425d295dce3801216c19b1916df1f9b +%global rolename1 postfix +%deftag 1 0.1 + +#%%defcommit 2 6dd057aa434a31cb6ee67d02967362f9131e0c50 +%global rolename2 selinux +%deftag 2 1.0.0 + +#%%defcommit 3 33a1a8c349de10d6281ed83d4c791e9177d7a141 +%global rolename3 timesync +%deftag 3 1.0.0 + +%defcommit 5 64b2d76de74df2d480394d02aae204beda4d9257 +%global rolename5 network +#%%deftag 5 1.0.0 + +Source: https://github.com/linux-system-roles/%{rolename0}/archive/%{id0}.tar.gz#/%{rolename0}-%{shortid0}.tar.gz +Source1: https://github.com/linux-system-roles/%{rolename1}/archive/%{id1}.tar.gz#/%{rolename1}-%{shortid1}.tar.gz +Source2: https://github.com/linux-system-roles/%{rolename2}/archive/%{id2}.tar.gz#/%{rolename2}-%{shortid2}.tar.gz +Source3: https://github.com/linux-system-roles/%{rolename3}/archive/%{id3}.tar.gz#/%{rolename3}-%{shortid3}.tar.gz +Source5: https://github.com/linux-system-roles/%{rolename5}/archive/%{id5}.tar.gz#/%{rolename5}-%{shortid5}.tar.gz + +Source6: timesync-playbook.yml +Source7: timesync-pool-playbook.yml + +Source8: md2html.sh + +%if "%{roleprefix}" != "linux-system-roles." +Patch1: rhel-system-roles-%{rolename1}-prefix.diff +Patch2: rhel-system-roles-%{rolename2}-prefix.diff +Patch3: rhel-system-roles-%{rolename3}-prefix.diff +Patch5: rhel-system-roles-%{rolename5}-prefix.diff +%endif + +Patch11: rhel-system-roles-postfix-pr5.diff +Patch101: rhel-system-roles-kdump-pr22.diff + +Patch52: network-permissions.diff + +Url: https://github.com/linux-system-roles/ +BuildArch: noarch + +BuildRequires: asciidoc +BuildRequires: pandoc +BuildRequires: highlight + +Requires: python3-jmespath + +Obsoletes: rhel-system-roles-techpreview < 1.0-3 + +# We need to put %%description within the if block to avoid empty +# lines showing up. +%if 0%{?rhel} +%description +Collection of Ansible roles and modules that provide a stable and +consistent configuration interface for managing multiple versions +of Red Hat Enterprise Linux. +%else +%description +Collection of Ansible roles and modules that provide a stable and +consistent configuration interface for managing multiple versions +of Fedora, Red Hat Enterprise Linux & CentOS. +%endif + +%prep +%setup -qc -a1 -a2 -a3 -a5 +cd %{rolename0}-%{id0} +%patch101 -p1 +cd .. +cd %{rolename1}-%{id1} +%if "%{roleprefix}" != "linux-system-roles." +%patch1 -p1 +%endif +%patch11 -p1 +cd .. +cd %{rolename2}-%{id2} +%if "%{roleprefix}" != "linux-system-roles." +%patch2 -p1 +%endif +cd .. +cd %{rolename3}-%{id3} +%if "%{roleprefix}" != "linux-system-roles." +%patch3 -p1 +%endif +cd .. +cd %{rolename5}-%{id5} +%if "%{roleprefix}" != "linux-system-roles." +%patch5 -p1 +%endif +%patch52 -p1 +cd .. + +%build +sh %{SOURCE8} \ +%{rolename0}-%{id0}/README.md \ +%{rolename1}-%{id1}/README.md \ +%{rolename2}-%{id2}/README.md \ +%{rolename3}-%{id3}/README.md \ +%{rolename5}-%{id5}/README.md + +%install +mkdir -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles + +cp -pR %{rolename0}-%{id0} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename0} +cp -pR %{rolename1}-%{id1} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename1} +cp -pR %{rolename2}-%{id2} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename2} +cp -pR %{rolename3}-%{id3} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename3} +cp -pR %{rolename5}-%{id5} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}%{rolename5} + +%if 0%{?rolealtprefix:1} +ln -s %{roleprefix}%{rolename0} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename0} +ln -s %{roleprefix}%{rolename1} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename1} +ln -s %{roleprefix}%{rolename2} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename2} +ln -s %{roleprefix}%{rolename3} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename3} +ln -s %{roleprefix}%{rolename5} $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{rolealtprefix}%{rolename5} +%endif + +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/kdump +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/postfix +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/selinux +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/timesync +install -p -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_pkgdocdir}/timesync/example-timesync-playbook.yml +install -p -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_pkgdocdir}/timesync/example-timesync-pool-playbook.yml +mkdir -p $RPM_BUILD_ROOT%{_pkgdocdir}/network + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kdump/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kdump/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}kdump/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/kdump + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}postfix/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}postfix/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}postfix/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/postfix + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/selinux +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}selinux/selinux-playbook.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/selinux/example-selinux-playbook.yml + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}timesync/COPYING \ + $RPM_BUILD_ROOT%{_pkgdocdir}/timesync + +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/README.md \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/README.html \ + $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/LICENSE \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/bond-with-vlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-bond-with-vlan-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/bridge-with-vlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-bridge-with-vlan-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/eth-simple-auto.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-eth-simple-auto-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/eth-with-vlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-eth-with-vlan-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/infiniband.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-infiniband-playbook.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/macvlan.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-macvlan-playbook.yml +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/remove-profile.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-remove-profile-playbook.yml +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/remove-profile.yml +cp -p $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/down-profile.yml \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-down-profile-playbook.yml +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/down-profile.yml +mv $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/inventory \ + $RPM_BUILD_ROOT%{_pkgdocdir}/network/example-inventory + +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/.gitignore +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/tests/.gitignore +rm $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples/roles +rmdir $RPM_BUILD_ROOT%{_datadir}/ansible/roles/%{roleprefix}network/examples + +%files +%dir %{_datadir}/ansible +%dir %{_datadir}/ansible/roles +%if 0%{?rolealtprefix:1} +%{_datadir}/ansible/roles/%{rolealtprefix}kdump +%{_datadir}/ansible/roles/%{rolealtprefix}postfix +%{_datadir}/ansible/roles/%{rolealtprefix}selinux +%{_datadir}/ansible/roles/%{rolealtprefix}timesync +%{_datadir}/ansible/roles/%{rolealtprefix}network +%endif +%{_datadir}/ansible/roles/%{roleprefix}kdump +%{_datadir}/ansible/roles/%{roleprefix}postfix +%{_datadir}/ansible/roles/%{roleprefix}selinux +%{_datadir}/ansible/roles/%{roleprefix}timesync +%{_datadir}/ansible/roles/%{roleprefix}network +%doc %{_pkgdocdir}/*/example-*-playbook.yml +%doc %{_pkgdocdir}/network/example-inventory +%doc %{_pkgdocdir}/*/README.md +%doc %{_pkgdocdir}/*/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}kdump/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}postfix/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}selinux/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}timesync/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}network/README.md +%doc %{_datadir}/ansible/roles/%{roleprefix}kdump/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}postfix/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}selinux/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}timesync/README.html +%doc %{_datadir}/ansible/roles/%{roleprefix}network/README.html + + +%license %{_pkgdocdir}/*/COPYING +%license %{_pkgdocdir}/*/LICENSE +%license %{_datadir}/ansible/roles/%{roleprefix}kdump/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}postfix/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}selinux/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}timesync/COPYING +%license %{_datadir}/ansible/roles/%{roleprefix}network/LICENSE + +%changelog +* Sat Jan 12 2019 Pavel Cahyna - 1.0-5 +- spec file improvement: Unify the source macros with deftag() and defcommit() +- Update to upstream released versions and drop unnecessary patches. +- Unify the spec file with Fedora (no functional changes intended). +- Misc spec file comments fixes (by Mike DePaulo) +- Fix rpmlint error by escaping a previous changelog entry with a macro (by Mike DePaulo) +- Comply with Fedora guidelines by always using "cp -p" in %%install (by Mike DePaulo) +- Rebase network role - doc improvements, Fedora 29 and Ansible 2.7 support +- Regenerate network role patch to apply without offset +- Rebase kdump role to fix a forgotten edit, rhbz#1645633 +- Update timesync examples: add var prefix (rhbz#1642152), correct role prefix +- Add Obsoletes for the -techpreview subpackage +- Add warnings to role READMEs and other doc updates, rhbz#1616018 +- network: split the state setting into state and persistent_state, rhbz#1616014 +- depend on python-jmespath as Ansible will not ship it, rhbz#1660559 + +* Tue Aug 14 2018 Pavel Cahyna - 1.0-4 +- Format the READMEs as html, by vdolezal, with changes to use highlight + (source-highlight does not understand YAML) + +* Thu Aug 9 2018 Pavel Cahyna - 1.0-3 +- Rebase the network role to the last revision (d866422). + Many improvements to tests, introduces autodetection of the current provider + and defaults to using profile name as interface name. +- Rebase the selinux, timesync and kdump roles to their 1.0rc1 versions. + Many changes to the role interfaces to make them more consistent + and conforming to Ansible best practices. +- Update the description. + +* Fri May 11 2018 Pavel Cahyna - 0.6-4 +- Fix complaints about /usr/bin/python during RPM build by making the affected scripts non-exec +- Fix merge botch + +* Mon Mar 19 2018 Troy Dawson - 0.6-3.1 +- Use -a (after cd) instead of -b (before cd) in %setup + +* Wed Mar 14 2018 Pavel Cahyna - 0.6-3 +- Minor corrections of the previous change by Till Maas. + +* Fri Mar 9 2018 Pavel Cahyna - 0.6-2 +- Document network role options: static routes, ethernet, dns + Upstream PR#36, bz1550128, documents bz1487747 and bz1478576 + +* Tue Jan 30 2018 Pavel Cahyna - 0.6-1 +- Drop hard dependency on ansible (#1525655), patch from Yaakov Selkowitz +- Update the network role to version 0.4, solves bz#1487747, bz#1478576 + +* Tue Dec 19 2017 Pavel Cahyna - 0.5-3 +- kdump: fix the wrong conditional for ssh checking and improve test (PR#10) + +* Tue Nov 07 2017 Pavel Cahyna - 0.5-2 +- kdump: add ssh support. upstream PR#9, rhbz1478707 + +* Tue Oct 03 2017 Pavel Cahyna - 0.5-1 +- SELinux: fix policy reload when SELinux is disabled on CentOS/RHEL 6 + (bz#1493574) +- network: update to b856c7481bf5274d419f71fb62029ea0044b3ec1 : + makes the network role idempotent (bz#1476053) and fixes manual + network provider selection (bz#1485074). + +* Mon Aug 28 2017 Pavel Cahyna - 0.4-1 +- network: update to b9b6f0a7969e400d8d6ba0ac97f69593aa1e8fa5: + ensure that state:absent followed by state:up works (bz#1478910), and change + the example IP adresses to the IANA-assigned ones. +- SELinux: fix the case when SELinux is disabled (bz#1479546). + +* Tue Aug 8 2017 Pavel Cahyna - 0.3-2 +- We can't change directories to symlinks (rpm bug #447156) so keep the old + names and create the new names as symlinks. + +* Tue Aug 8 2017 Pavel Cahyna - 0.3-1 +- Change the prefix to linux-system-roles., keeping compatibility + symlinks. +- Update the network role to dace7654feb7b5629ded0734c598e087c2713265: + adds InfiniBand support and other fixes. +- Drop a patch included upstream. + +* Mon Jun 26 2017 Pavel Cahyna - 0.2-2 +- Leave a copy of README and COPYING in every role's directory, as suggested by T. Bowling. +- Move the network example inventory to the documentation directory together. + with the example playbooks and delete the now empty "examples" directory. +- Use proper reserved (by RFC 7042) MAC addresses in the network examples. + +* Tue Jun 6 2017 Pavel Cahyna - 0.2-1 +- Update the networking role to version 0.2 (#1459203) +- Version every role and the package separately. They live in separate repos + and upstream release tags are not coordinated. + +* Mon May 22 2017 Pavel Cahyna - 0.1-2 +- Prefix the roles in examples and documentation with rhel-system-roles. + +* Thu May 18 2017 Pavel Cahyna - 0.1-1 +- Update to 0.1 (first upstream release). +- Remove the tuned role, it is not ready yet. +- Move the example playbooks to /usr/share/doc/rhel-system-roles/$SUBSYSTEM + directly to get rid of an extra directory. +- Depend on ansible. + +* Thu May 4 2017 Pavel Cahyna - 0-0.1.20170504 +- Initial release. +- kdump r. fe8bb81966b60fa8979f3816a12b0c7120d71140 +- postfix r. 43eec5668425d295dce3801216c19b1916df1f9b +- selinux r. 1e4a21f929455e5e76dda0b12867abaa63795ae7 +- timesync r. 33a1a8c349de10d6281ed83d4c791e9177d7a141 +- tuned r. 2e8bb068b9815bc84287e9b6dc6177295ffdf38b +- network r. 03ff040df78a14409a0d89eba1235b8f3e50a750 +