Test dependencies

2023-02-22 21:24:42 +01:00
commit f2b0a5e7c7
429 changed files with 20330 additions and 0 deletions
--- a/ansible/roles/providers/files/etc/azure/iptables
+++ b/ansible/roles/providers/files/etc/azure/iptables
@ -0,0 +1,8 @@
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A FORWARD -d 168.63.129.16/32 -p tcp -m tcp --dport 80 -m comment --comment "block traffic to 168.63.129.16 for cve-2021-27075" -j DROP
+-A OUTPUT -d 168.63.129.16/32 -p tcp -m owner --uid-owner 0 -j ACCEPT
+-A OUTPUT -d 168.63.129.16/32 -p tcp -m conntrack --ctstate INVALID,NEW -j DROP
+COMMIT
--- a/ansible/roles/providers/files/etc/cloud/cloud.cfg.d/05_logging.cfg
+++ b/ansible/roles/providers/files/etc/cloud/cloud.cfg.d/05_logging.cfg
@ -0,0 +1,67 @@
+## This yaml formated config file handles setting
+## logger information.  The values that are necessary to be set
+## are seen at the bottom.  The top '_log' are only used to remove
+## redundency in a syslog and fallback-to-file case.
+##
+## The 'log_cfgs' entry defines a list of logger configs
+## Each entry in the list is tried, and the first one that
+## works is used.  If a log_cfg list entry is an array, it will
+## be joined with '\n'.
+_log:
+ - &log_base |
+   [loggers]
+   keys=root,cloudinit
+   
+   [handlers]
+   keys=consoleHandler,cloudLogHandler
+   
+   [formatters]
+   keys=simpleFormatter,arg0Formatter
+   
+   [logger_root]
+   level=DEBUG
+   formatter=arg0Formatter
+   handlers=consoleHandler,cloudLogHandler
+   
+   [logger_cloudinit]
+   level=DEBUG
+   qualname=cloudinit
+   handlers=
+   propagate=1
+   
+   [handler_consoleHandler]
+   class=StreamHandler
+   level=WARNING
+   formatter=arg0Formatter
+   args=(sys.stderr,)
+   
+   [formatter_arg0Formatter]
+   format=%(asctime)s - %(filename)s[%(levelname)s]: %(message)s
+   
+   [formatter_simpleFormatter]
+   format=[CLOUDINIT]%(asctime)s - %(filename)s[%(levelname)s]: %(message)s
+ - &log_file |
+   [handler_cloudLogHandler]
+   class=FileHandler
+   level=DEBUG
+   formatter=arg0Formatter
+   args=('/var/log/cloud-init.log',)
+ - &log_syslog |
+   [handler_cloudLogHandler]
+   class=handlers.SysLogHandler
+   level=DEBUG
+   formatter=simpleFormatter
+   args=("/dev/log", handlers.SysLogHandler.LOG_USER)
+
+log_cfgs:
+# These will be joined into a string that defines the configuration
+ - [ *log_base, *log_syslog ]
+# These will be joined into a string that defines the configuration
+ - [ *log_base, *log_file ]
+# A file path can also be used
+# - /etc/log.conf
+
+# this tells cloud-init to redirect its stdout and stderr to
+# 'tee -a /var/log/cloud-init-output.log' so the user can see output
+# there without needing to look on the console.
+output: {all: '| python3 -c ''import sys,time;sys.stdout.write("".join(( " ".join((time.strftime("[%Y-%m-%d %H:%M:%S]", time.localtime()), line)) for line in sys.stdin )))'' | tee -a /var/log/cloud-init-output.log'}
--- a/ansible/roles/providers/files/etc/cloud/cloud.cfg.d/99_metadata.cfg
+++ b/ansible/roles/providers/files/etc/cloud/cloud.cfg.d/99_metadata.cfg
@ -0,0 +1,2 @@
+disable-ec2-metadata: false
+datasource_list: [ Outscale ] 
--- a/ansible/roles/providers/files/etc/networkd-dispatcher/no-carrier.d/20-chrony.j2
+++ b/ansible/roles/providers/files/etc/networkd-dispatcher/no-carrier.d/20-chrony.j2
@ -0,0 +1,26 @@
+#!/bin/bash
+
+# This is a networkd-dispatcher script for chronyd to handle its NTP
+# sources. It sets the NTP sources online or offline when a network
+# interface is configured or removed. On DHCP change, chrony will
+# update its NTP sources passed from DHCP options.
+
+export LC_ALL=C
+
+DHCP_SERVER_FILE={{ server_dir }}/chrony.servers.$IFACE
+
+clear_servers_from_dhcp() {
+    if [ -f "$DHCP_SERVER_FILE" ]; then
+        rm -f "$DHCP_SERVER_FILE"
+        {{ chrony_helper_dir }}/chrony-helper update-daemon || :
+    fi
+}
+
+if [ "$STATE" = "no-carrier" ]; then
+    clear_servers_from_dhcp
+    # The onoffline command tells chronyd to switch all sources to
+    # the online (routable) or offline (off) status according to the current network configuration.
+    chronyc onoffline > /dev/null 2>&1
+fi
+
+exit 0
--- a/ansible/roles/providers/files/etc/networkd-dispatcher/off.d/20-chrony.j2
+++ b/ansible/roles/providers/files/etc/networkd-dispatcher/off.d/20-chrony.j2
@ -0,0 +1,26 @@
+#!/bin/bash
+
+# This is a networkd-dispatcher script for chronyd to handle its NTP
+# sources. It sets the NTP sources online or offline when a network
+# interface is configured or removed. On DHCP change, chrony will
+# update its NTP sources passed from DHCP options.
+
+export LC_ALL=C
+
+DHCP_SERVER_FILE={{ server_dir }}/chrony.servers.$IFACE
+
+clear_servers_from_dhcp() {
+    if [ -f "$DHCP_SERVER_FILE" ]; then
+        rm -f "$DHCP_SERVER_FILE"
+        {{ chrony_helper_dir }}/chrony-helper update-daemon || :
+    fi
+}
+
+if [ "$STATE" = "off" ]; then
+    clear_servers_from_dhcp
+    # The onoffline command tells chronyd to switch all sources to
+    # the online (routable) or offline (off) status according to the current network configuration.
+    chronyc onoffline > /dev/null 2>&1
+fi
+
+exit 0
--- a/ansible/roles/providers/files/etc/networkd-dispatcher/routable.d/20-chrony.j2
+++ b/ansible/roles/providers/files/etc/networkd-dispatcher/routable.d/20-chrony.j2
@ -0,0 +1,27 @@
+#!/bin/bash
+
+# This is a networkd-dispatcher script for chronyd to handle its NTP
+# sources. It sets the NTP sources online or offline when a network
+# interface is configured or removed. On DHCP change, chrony will
+# update its NTP sources passed from DHCP options.
+
+export LC_ALL=C
+
+DHCP_SERVER_FILE={{ server_dir }}/chrony.servers.$IFACE
+
+add_servers_from_dhcp() {
+    if [ -f "$DHCP_SERVER_FILE" ]; then
+        rm -f "$DHCP_SERVER_FILE"
+    fi
+    echo "$json" | jq -r 'select(.NTP !=null) .NTP[]' >> $DHCP_SERVER_FILE
+    {{ chrony_helper_dir }}/chrony-helper update-daemon || :
+}
+
+if [ "$STATE" = "routable" ]; then
+    add_servers_from_dhcp
+    # The onoffline command tells chronyd to switch all sources to
+    # the online (routable) or offline (off) status according to the current network configuration.
+    chronyc onoffline > /dev/null 2>&1
+fi
+
+exit 0
--- a/ansible/roles/providers/files/etc/systemd/system/cloud-config.service.d/boot-order.conf
+++ b/ansible/roles/providers/files/etc/systemd/system/cloud-config.service.d/boot-order.conf
@ -0,0 +1,3 @@
+[Unit]
+After=containerd.service
+Wants=containerd.service
--- a/ansible/roles/providers/files/etc/systemd/system/cloud-final.service.d/boot-order.conf
+++ b/ansible/roles/providers/files/etc/systemd/system/cloud-final.service.d/boot-order.conf
@ -0,0 +1,3 @@
+[Unit]
+After=containerd.service
+Wants=containerd.service
--- a/ansible/roles/providers/files/etc/systemd/system/modify-cloud-init-cfg.service
+++ b/ansible/roles/providers/files/etc/systemd/system/modify-cloud-init-cfg.service
@ -0,0 +1,12 @@
+[Unit]
+Description=Modify cloud-init config
+After=cloud-final.service
+AssertFileIsExecutable=/usr/local/bin/modify-cloud-init-cfg.sh
+
+[Install]
+WantedBy=cloud-init.target
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/modify-cloud-init-cfg.sh
+SuccessExitStatus=0
--- a/ansible/roles/providers/files/etc/vmware-tools/tools.conf
+++ b/ansible/roles/providers/files/etc/vmware-tools/tools.conf
@ -0,0 +1,3 @@
+[guestinfo]
+exclude-nics=antrea-*,cali*,cilium*,lxc*,ovs-system,br*,flannel*,veth*,vxlan_sys_*,genev_sys_*,gre_sys_*,stt_sys_*,????????-??????
+