From 96f073c1dc20782ec7f006279dfdd0d5a7f72a6c Mon Sep 17 00:00:00 2001 From: Harald Pfeiffer Date: Sun, 27 Feb 2022 09:48:00 +0100 Subject: +new playbook elevating EOL centos 8 to stream --- migrate-centos8-eol-to-stream.yml | 102 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 migrate-centos8-eol-to-stream.yml diff --git a/migrate-centos8-eol-to-stream.yml b/migrate-centos8-eol-to-stream.yml new file mode 100644 index 0000000..a73cb55 --- /dev/null +++ b/migrate-centos8-eol-to-stream.yml @@ -0,0 +1,102 @@ +--- +- hosts: "{{runtime_hosts|default('CHANGEME')}}" + gather_facts: "no" + tasks: + - name: Gather necessary facts + setup: + gather_subset: + - "distribution" + - "distribution_version" + - "lsb" + - name: Check-in CentOS 8 + debug: + msg: "System is {{ansible_distribution}} {{ansible_distribution_version}} ({{ansible_lsb.description}}), checking in." + when: (ansible_distribution == "CentOS") and (ansible_distribution_major_version == "8") + changed_when: true + notify: "centos-8" + handlers: + - name: Check whether Stream release package is installed (changed = no) + shell: rpm --quiet -qi centos-stream-release + args: + warn: false + register: pkginst + changed_when: "pkginst.rc|int == 1" + failed_when: "pkginst.rc|int > 1" + listen: "centos-8" + notify: + - "centos-8-rel-installer" + - "centos-8-distro-sync" + - name: Check whether Stream releases are activated (changed = no) + shell: rpm --quiet -qi centos-stream-repos centos-stream-release + args: + warn: false + register: swapdone + changed_when: "swapdone.rc|int == 1 or swapdone.rc|int == 2" + failed_when: "pkginst.rc|int > 2" + listen: "centos-8" + notify: + - "centos-8-swap-releases" + - "centos-8-distro-sync" + - name: Check for existence of rkhunter + stat: + path: /usr/bin/rkhunter + register: rkhex + ignore_errors: true + no_log: true + listen: + - "centos-8-rel-installer" + - "centos-8-swap-releases" + changed_when: + - rkhex.stat is defined + - rkhex.stat.executable is defined + - rkhex.stat.executable == true + notify: "rkhunter execution" + - name: rkhunter pre-check + shell: rkhunter -c --sk --rwo --ns + become: true + no_log: true + listen: "rkhunter execution" + - name: Workaround - Old defective repos block any non-cache action, swicthing $releasever to 8-stream + shell: sed -i 's/$releasever/8-stream/' /etc/yum.repos.d/CentOS-Linux-* + args: + warn: false + listen: "centos-8-rel-installer" + become: true + - name: Install CentOS Stream release package + shell: dnf -qy install "http://mirror.centos.org/centos/8/extras/x86_64/os/Packages/centos-release-stream-8.1-1.1911.0.7.el8.x86_64.rpm" + args: + warn: false + listen: "centos-8-rel-installer" + become: true + - name: Swap release files to Stream + shell: dnf -qy swap centos-linux-repos centos-stream-repos + args: + warn: false + listen: "centos-8-swap-releases" + become: true + notify: "centos-8-distro-sync" + - name: Perform a full distro-sync + shell: dnf -qy distro-sync + args: + warn: false + listen: "centos-8-distro-sync" + become: true + - name: rkhunter properties update + shell: rkhunter --propupd --rwo --ns + become: true + listen: "rkhunter execution" + - name: CKY + shell: "systemctl stop ${SUDO_USER}.service" + args: + warn: false + become: true + listen: "centos-8-distro-sync" + failed_when: false + no_log: true + - name: Reboot system regardless of actual changes + reboot: + reboot_timeout: 360 + pre_reboot_delay: 5 + test_command: uptime + listen: "centos-8-distro-sync" + become: true -- cgit v1.2.3