ceph-rollout/basics.yaml

    - name: download asc and cephadm for ceph
      get_url:
        url: "{{ item.url }}"
        dest: "{{ item.dest }}"
      loop:
        - { url: "https://nexus.test.repo.int.nt-com.ru/repository/keys/ceph/release.asc", dest: "/tmp" }

    - name: Delete previously install ceph.gpg
      file:
        path: /usr/share/keyrings/ceph.gpg
        state: absent

    - name: import downloaded asc
      shell:
        chdir: /tmp
        cmd: echo y | gpg -o /usr/share/keyrings/ceph.gpg --dearmor release.asc;

    - name: Add ceph repo
      apt_repository:
        filename: ceph
        repo: "deb [signed-by=/usr/share/keyrings/ceph.gpg] {{ ceph_repo }} {{ ansible_distribution_release }} main"
        state: present

    - name: install packages
      apt:
        pkg:
          - ceph-common
          - cephadm
          - lvm2
          - podman
          - chrony
          - mc
        state: present

    - name: Setup ntp client
      template:
        src: chrony.yaml.j2
        dest: /etc/chrony/chrony.conf
      notify:
        - ceph-rollout:restart_chrony

    - name: Templating cluster settings files
      template:
        src:  "{{ item.name }}"
        dest: "{{ item.dest }}"
        trim_blocks: true
        lstrip_blocks: true
      loop:
#        - { name: "ceph.conf.j2", dest: "/root/ceph.conf" }
        - { name: "cluster_spec.yml.j2", dest: "/root/cluster_spec.yml" }
        - { name: "initial-ceph.j2", dest: "/root/initial-ceph.conf" }
#        - { name: "sshd_config.j2", dest: "/etc/ssh/sshd_config"}
      run_once: true
      delegate_to: "{{ ansible_play_hosts[0] }}"
#      notify:
#        - ceph-rollout:restart_sshd

    - name: Templating sshd config to enable password and root
      template:
        src:  "{{ item.name }}"
        dest: "{{ item.dest }}"
        trim_blocks: true
        lstrip_blocks: true
      loop:
        - { name: "sshd_config.j2", dest: "/etc/ssh/sshd_config"}
      notify:
        - ceph-rollout:restart_sshd


    - name: set root password
      user:
        name: root
        password: "{{ '12345' | password_hash('sha512') }}"


    # UNCOMMENT ONLY IN CASE OF NO ACCESS TO REPOS AND CANNOT DOWNLOAD CEPHADM
    #    - name: copy onto target host
    #      copy:
    #        src: "cephadm"
    #        dest: "/root/cephadm"
    #        mode: '0777'
    #      delegate_to: "{{ ansible_play_hosts[0] }}"

    - name: Flush restart handlers
      meta: flush_handlers