Upstream/k3s-ansible
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s-ansible.git synced 2024-06-22 09:54:43 +02:00
Code Issues Projects Releases Wiki Activity

Add /usr/local/bin to secure_path, Add br_netfilter on centos

Browse Source 
Signed-off-by: Julien DOCHE <julien.doche@gmail.com>
This commit is contained in:
Julien DOCHE 2020-04-29 22:28:36 +02:00
parent 1af4255e8f
commit 12aad6598a
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
roles/prereq/tasks/main.yml
View File

@ -18,6 +18,18 @@
state: present
reload: yes
- name: Add br_netfilter to /etc/modules-load.d/
copy:
content: "br_netfilter"
dest: /etc/modules-load.d/br_netfilter.conf
when: ansible_distribution in ['CentOS', 'Red Hat Enterprise Linux']
- name: Load br_netfilter
modprobe:
name: br_netfilter
state: present
when: ansible_distribution in ['CentOS', 'Red Hat Enterprise Linux']
- name: Set bridge-nf-call-iptables (just to be sure)
sysctl:
name: "{{ items }}"
@ -28,3 +40,13 @@
loop:
- net.bridge.bridge-nf-call-iptables
- net.bridge.bridge-nf-call-ip6tables
- name: Add /usr/local/bin to sudo secure_path
lineinfile:
line: 'Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin'
regexp: "Defaults(\\s)*secure_path(\\s)*="
state: present
insertafter: EOF
path: /etc/sudoers
validate: 'visudo -cf %s'
when: ansible_distribution in ['CentOS', 'Red Hat Enterprise Linux']