Conversation
evgeni
force-pushed
the
debian
branch
6 times, most recently
from
3ef53b1 to
834aafa
Compare
| vars: | ||
| foreman_puppet_repositories_version: "8" | ||
| when: | ||
| - ansible_distribution_major_version == '9' |
There was a problem hiding this comment.
Should this be when the certificate source is the installer instead?
There was a problem hiding this comment.
Yepp, but this detail is not passed to the "setup repos" playbook, and I was lazy
evgeni
force-pushed
the
debian
branch
8 times, most recently
from
fbb356d to
0f719e0
Compare
| ansible.builtin.file: | ||
| path: /etc/httpd/conf.d/welcome.conf | ||
| path: "{{ httpd_conf_path }}/welcome.conf" | ||
| state: absent |
There was a problem hiding this comment.
A thought for upgrades and not necessary for this PR: RPM will place this file back. Should we ensure it's empty instead?
There was a problem hiding this comment.
Or just deploy on Debian, where the package manager is actually sane and respects the choices of the admin ;)
There was a problem hiding this comment.
Or just put it all in a container /me ducks
evgeni
force-pushed
the
debian
branch
3 times, most recently
from
50dede3 to
49d9e3f
Compare
| - ansible_selinux.status == 'enabled' | ||
|
|
||
| - name: Enable required modules | ||
| community.general.apache2_module: |
There was a problem hiding this comment.
I don't like pulling in community.general here, but this is something we'd have to consider anyway.
In the Puppet installer, we run with apache::default_mods: false, which wipes all enabled modules and then we enable the ones we need.
We didn't port that detail over to foremanctl, and rely on the OS to enable those modules for us. But it also most probably enables things we do not want.
There was a problem hiding this comment.
We may also want to enable the event MPM in a similar way.
There was a problem hiding this comment.
I don't like pulling in community.general here, but this is something we'd have to consider anyway.
May I ask why it is bad to use community.general?
There was a problem hiding this comment.
Mostly because it's a dependency we don't yet have
There was a problem hiding this comment.
It also mentions compatibility:
This does not work on RedHat-based distributions. It does work on Debian- and SuSE-based distributions. Whether it works on others depend on whether the C(a2enmod) and C(a2dismod) tools are available or not.
So configuring Apache with Ansible is certainly worse than what we had with our Puppet module.
evgeni
force-pushed
the
debian
branch
3 times, most recently
from
42c388f to
1660537
Compare
Otherwise the presense of entries in /etc/hosts depends on when the machine was exactly booted
4 participants
No description provided.