easylinux/Maison
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initialisation depot

Browse Source
This commit is contained in:
Serge NOEL
2026-02-10 12:12:11 +01:00
commit c3176e8d79
818 changed files with 52573 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
Migration/Ansible/roles/nfs/tasks/main.yml Normal file
View File

@@ -0,0 +1,41 @@
---
# NFS Client Role - Main Tasks
- name: Ensure required variables are present
assert:
that:
- nfs_mounts is defined or (nfs_server is defined and nfs_share is defined and nfs_mount_point is defined)
fail_msg: "You must define either 'nfs_mounts' (a list of mounts) or the trio 'nfs_server', 'nfs_share' and 'nfs_mount_point'."
- name: Install nfs-common package (Debian/Ubuntu)
apt:
name: nfs-common
state: present
become: true
- name: Build `nfs_mounts` list from single-vars if needed
set_fact:
nfs_mounts: "{{ [ {'server': nfs_server, 'share': nfs_share, 'path': nfs_mount_point, 'options': (nfs_options | default(omit)) } ] }}"
when: nfs_mounts is not defined
- name: Validate each NFS server is reachable (port 2049)
wait_for:
host: "{{ item.server }}"
port: 2049
timeout: 5
state: started
loop: "{{ nfs_mounts }}"
loop_control:
label: "{{ item.server }}:{{ item.share }}"
- name: Ensure the NFS share is exported by the server
shell: |
showmount -e {{ item.server }} | awk 'NR>1 {print $1}' | grep -x -- "{{ item.share }}"
register: showmount_check
failed_when: showmount_check.rc != 0
changed_when: false
loop: "{{ nfs_mounts }}"
loop_control:
label: "{{ item.server }}:{{ item.share }}"

7
Migration/Ansible/roles/samba4-dc/tasks/configure_samba.yml Normal file
View File

@@ -0,0 +1,7 @@
- name: Configure DNS forwarders
lineinfile:
path: /etc/samba/smb.conf
regexp: '^(\s*)dns forwarder\s*='
line: ' dns forwarder = 8.8.8.8 1.1.1.1'
insertafter: '^\[global\]'

69
Migration/Ansible/roles/samba4-dc/tasks/dns_config.yml Normal file
View File

@@ -0,0 +1,69 @@
---
# DNS Configuration and Reverse DNS Setup
- name: Wait for Samba DNS to be ready
wait_for:
port: 53
host: 127.0.0.1
delay: 5
timeout: 30
- name: Check if reverse DNS zone already exists
command: >
samba-tool dns zonelist 127.0.0.1
--username=Administrator --password={{ samba_admin_password }}
register: existing_zones
changed_when: false
failed_when: false
- name: Create reverse DNS zone
command: >
samba-tool dns zonecreate 127.0.0.1 100.168.192.in-addr.arpa
--username=Administrator --password={{ samba_admin_password }}
register: reverse_zone
changed_when: reverse_zone.rc == 0
failed_when: reverse_zone.rc != 0 and "already exists" not in reverse_zone.stderr
when: "'100.168.192.in-addr.arpa' not in existing_zones.stdout"
- name: Check existing NS records in reverse zone
command: >
samba-tool dns query 127.0.0.1 100.168.192.in-addr.arpa @ NS
--username=Administrator --password={{ samba_admin_password }}
register: existing_ns_records
changed_when: false
failed_when: false
- name: Add NS record for reverse zone
command: >
samba-tool dns add 127.0.0.1 100.168.192.in-addr.arpa @ NS {{ target_hostname }}.{{ samba_realm }}.
--username=Administrator --password={{ samba_admin_password }}
register: dns_ns_record
changed_when: dns_ns_record.rc == 0
failed_when: dns_ns_record.rc != 0 and "already exists" not in dns_ns_record.stderr
when: "target_hostname + '.' + samba_realm + '.' not in existing_ns_records.stdout"
- name: Get current server IP address for DNS record
shell: |
ip route get 8.8.8.8 | grep -oP 'src \K\S+' | head -1
register: current_server_ip
changed_when: false
- name: Extract host part from IP address
set_fact:
ip_host_part: "{{ current_server_ip.stdout.split('.')[3] }}"
- name: Check existing PTR records in reverse zone
command: >
samba-tool dns query 127.0.0.1 100.168.192.in-addr.arpa {{ ip_host_part }} PTR
--username=Administrator --password={{ samba_admin_password }}
register: existing_ptr_records
changed_when: false
failed_when: false
- name: Add PTR record for reverse zone
command: >
samba-tool dns add 127.0.0.1 100.168.192.in-addr.arpa {{ ip_host_part }} PTR {{ target_hostname }}.{{ samba_realm }}.
--username=Administrator --password={{ samba_admin_password }}
register: dns_ptr_record
changed_when: dns_ptr_record.rc == 0
failed_when: dns_ptr_record.rc != 0 and "already exists" not in dns_ptr_record.stderr
when: "target_hostname + '.' + samba_realm + '.' not in existing_ptr_records.stdout"

36
Migration/Ansible/roles/samba4-dc/tasks/install_samba.yml Normal file
View File

@@ -0,0 +1,36 @@
---
# Samba4 installation tasks
- name: Check if Samba domain is already provisioned
stat:
path: /var/lib/samba/private/sam.ldb
register: samba_provisioned
- name: Provision Samba4 domain
command: >
samba-tool domain provision
--use-rfc2307
--realm={{ samba_realm }}
--domain={{ samba_domain }}
--adminpass={{ samba_admin_password }}
--server-role=dc
--dns-backend=SAMBA_INTERNAL
--domain-sid={{ samba_domain_sid }}
when: not samba_provisioned.stat.exists
- name: Copy Kerberos configuration
copy:
src: /var/lib/samba/private/krb5.conf
dest: /etc/krb5.conf
remote_src: yes
backup: yes
- name: Enable and start samba-ad-dc service
systemd:
name: samba-ad-dc
enabled: yes
state: started
daemon_reload: yes
- name: Include DNS configuration tasks
include_tasks: dns_config.yml

15
Migration/Ansible/roles/samba4-dc/tasks/main.yml Normal file
View File

@@ -0,0 +1,15 @@
- name: Include pre-installation tasks
include_tasks: pre_install.yml
- name: Include network configuration
include_tasks: network.yml
- name: Include Samba4 installation
include_tasks: install_samba.yml
- name: Include Samba4 configuration
include_tasks: configure_samba.yml
- name: Include post-installation tasks
include_tasks: post_install.yml

9
Migration/Ansible/roles/samba4-dc/tasks/network.yml Normal file
View File

@@ -0,0 +1,9 @@
---
# Network configuration tasks
- name: Configure DNS resolution
template:
src: resolv.conf.j2
dest: /etc/resolv.conf
backup: yes

38
Migration/Ansible/roles/samba4-dc/tasks/post_install.yml Normal file
View File

@@ -0,0 +1,38 @@
---
- name: Create backup script
template:
src: samba-backup.sh.j2
dest: /usr/local/bin/samba-backup.sh
mode: '0755'
- name: Create restore script
template:
src: samba-restore.sh.j2
dest: /usr/local/bin/samba-restore.sh
mode: '0755'
- name: Create ChangeNextRid script
template:
src: samba-changenextrid.sh.j2
dest: /usr/local/bin/samba-changenextrid.sh
mode: '0755'
- name: Setup NFS backup storage
include_role:
name: nfs
vars:
nfs_mounts:
- server: "192.168.100.210"
share: "/mnt/zpool20T/data-encrypt/NFS"
path: "/backup"
options: "rw,sync,hard,intr,rsize=8192,wsize=8192"
subdirs:
- "samba"
- name: Setup backup cron job
cron:
name: "Samba4 weekly backup"
minute: "0"
hour: "2"
weekday: "0"
job: "/usr/local/bin/samba-backup.sh"

92
Migration/Ansible/roles/samba4-dc/tasks/pre_install.yml Normal file
View File

@@ -0,0 +1,92 @@
---
# Pre-installation tasks
- name: Install required Samba packages
apt:
name:
- samba
- samba-dsdb-modules
- samba-vfs-modules
- winbind
- libnss-winbind
- libpam-winbind
- krb5-config
- krb5-user
- dnsutils
- acl
- attr
- ldb-tools
- smbclient
state: present
- name: Stop default Samba services
systemd:
name: "{{ item }}"
state: stopped
enabled: no
loop:
- smbd
- nmbd
- winbind
ignore_errors: yes
- name: Mask default Samba services to prevent conflicts
systemd:
name: "{{ item }}"
masked: yes
loop:
- smbd
- nmbd
- winbind
ignore_errors: yes
- name: Check if server is already an Active Directory Domain Controller
shell: |
if [ -f /etc/samba/smb.conf ]; then
grep -i "server role.*active directory domain controller" /etc/samba/smb.conf || echo "not_ad_dc"
else
echo "no_config"
fi
register: samba_role_check
changed_when: false
failed_when: false
- name: Display current Samba role status
debug:
msg: |
{% if 'active directory domain controller' in samba_role_check.stdout.lower() %}
✅ Server is already configured as Active Directory Domain Controller
⚠️ Skipping backup and cleanup to preserve existing AD configuration
{% else %}
Server is not configured as AD DC ({{ samba_role_check.stdout }})
🔄 Will backup existing config and clean databases
{% endif %}
- name: Backup existing Samba configuration
copy:
src: /etc/samba/smb.conf
dest: /etc/samba/smb.conf.orig
remote_src: yes
backup: yes
ignore_errors: yes
when: "'active directory domain controller' not in samba_role_check.stdout.lower()"
- name: Clean existing Samba databases
file:
path: "{{ item }}"
state: absent
loop:
- /var/lib/samba/private
- /var/cache/samba
- /etc/samba/smb.conf
ignore_errors: yes
when: "'active directory domain controller' not in samba_role_check.stdout.lower()"
- name: Recreate Samba directories
file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- /var/lib/samba
- /var/cache/samba
when: "'active directory domain controller' not in samba_role_check.stdout.lower()"

6
Migration/Ansible/roles/samba4-dc/templates/resolv.conf.j2 Normal file
View File

@@ -0,0 +1,6 @@
# DNS resolver configuration
{% for dns_server in dns_servers %}
nameserver {{ dns_server }}
{% endfor %}
search {{ samba_realm }}
domain {{ samba_realm }}

83
Migration/Ansible/roles/samba4-dc/templates/samba-backup.sh.j2 Normal file
View File

@@ -0,0 +1,83 @@
#!/bin/bash
# Samba4 Backup Script
# Generated by Ansible
TIMESTAMP=$(date '+%Y-%m-%d_%H-%M-%S')
DATE=$(date +%Y%m%d_%H%M%S) # Kept for compatibility
HOSTNAME="{{ target_hostname }}"
NFS_SERVER="{{ nfs_server | default('192.168.100.210') }}"
NFS_MOUNT="/backup"
BACKUP_BASE_DIR="{{ backup_dir | default('/backup/samba') }}"
RETENTION_DAYS="28"
# End of configuration
BACKUP_FILE="$BACKUP_BASE_DIR/$HOSTNAME-$TIMESTAMP.tgz"
{% raw %}
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
echo -e "${CYAN}🔄 Samba4 Backup Script"
echo "==============================${NC}"
# Function to check NFS availability
echo "Checking NFS availability..."
# Test 1: Check if backup directory is mounted
if ! mountpoint -q "$NFS_MOUNT"; then
echo -e "${RED}❌ ERROR: NFS mount point $NFS_MOUNT is not mounted!${NC}"
exit 1
fi
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Starting backup : $BACKUP_FILE" >> "$BACKUP_BASE_DIR/backup.log"
# Create backup folder
mkdir -p "$BACKUP_BASE_DIR"
if [ ! -d "$BACKUP_BASE_DIR" ]; then
echo -e "${RED}❌ ERROR: cannot create $BACKUP_BASE_DIR${NC}"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: cannot create $BACKUP_BASE_DIR" >> "$BACKUP_BASE_DIR/backup.log"
exit 2
fi
# Create backup file
touch $BACKUP_FILE
if [ ! -f "$BACKUP_FILE" ]; then
echo -e "${RED}❌ ERROR: Cannot create backup file${NC}"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: Cannot create backup file" >> "$BACKUP_BASE_DIR/backup.log"
exit 3
fi
# Stop samba
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Stopping Samba service" >> "$BACKUP_BASE_DIR/backup.log"
systemctl stop samba-ad-dc
tar -czf "$BACKUP_FILE" \
/var/lib/samba \
/etc/samba \
/etc/krb5.conf \
/etc/resolv.conf 2>/dev/null
# Restart Samba
echo -e "${YELLOW}🔄 Restarting Samba service${NC}"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Starting Samba service" >> "$BACKUP_BASE_DIR/backup.log"
systemctl start samba-ad-dc
# Wait for Samba to be fully operational
sleep 10
if ! systemctl is-active --quiet samba-ad-dc; then
echo -e "${YELLOW}⚠️ WARNING: Samba service may not be fully operational${NC}"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] WARNING: Samba service may not be fully operational" >> "$BACKUP_BASE_DIR/backup.log"
fi
# Clean old backups
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Clean old backups" >> "$BACKUP_BASE_DIR/backup.log"
find "$BACKUP_BASE_DIR" -type f -mtime +$RETENTION_DAYS -delete
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Backup done" >> "$BACKUP_BASE_DIR/backup.log"
echo -e "${GREEN}Backup done${NC}"
{% endraw %}

109
Migration/Ansible/roles/samba4-dc/templates/samba-changenextrid.sh.j2 Normal file
View File

@@ -0,0 +1,109 @@
#!/bin/bash
# Script to modify the next RID
# Configuration variables from Ansible
TARGET_HOSTNAME="{{ target_hostname }}"
DOMAIN_DN="{{ samba_realm.split('.') | map('regex_replace', '^(.*)$', 'DC=\\1') | join(',') }}"
{% raw %}
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color
set_next_rid() {
local new_rid=$1
local pool_size=500
if [ -z "$new_rid" ]; then
echo -e "${RED}Usage: set_next_rid <new_rid>${NC}"
return 1
fi
if [ $new_rid -lt 1000 ]; then
echo -e "${RED}❌ Error: RID must be >= 1000 (RIDs < 1000 are reserved for system)${NC}"
return 1
fi
echo -e "${CYAN}🎯 Current configuration:${NC}"
ldbsearch -H /var/lib/samba/private/sam.ldb \
-b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
rIDNextRID rIDAllocationPool | grep -E "(rIDNextRID|rIDAllocationPool)"
echo ""
echo -e "${YELLOW}🔄 New configuration:${NC}"
echo -e " ${CYAN}rIDNextRID:${NC} $new_rid"
echo -e " ${CYAN}rIDAllocationPool:${NC} $new_rid-$((new_rid + pool_size - 1))"
echo ""
echo -n -e "${YELLOW}Continue? (y/N): ${NC}"
read confirm
if [ "$confirm" != "y" ]; then
echo -e "${YELLOW}🚫 Cancelled${NC}"
return 1
fi
echo -e "${CYAN}🛑 Stopping Samba...${NC}"
systemctl stop samba-ad-dc
# Create LDIF file
cat > /tmp/set-next-rid.ldif << EOF
dn: CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}
changetype: modify
replace: rIDNextRID
rIDNextRID: $new_rid
-
replace: rIDAllocationPool
rIDAllocationPool: $new_rid-$((new_rid + pool_size - 1))
-
replace: rIDPreviousAllocationPool
rIDPreviousAllocationPool: $new_rid-$((new_rid + pool_size - 1))
EOF
# Apply changes
if ldbmodify -H /var/lib/samba/private/sam.ldb /tmp/set-next-rid.ldif; then
echo -e "${GREEN}✅ RID modified successfully${NC}"
else
echo -e "${RED}❌ Error during modification${NC}"
systemctl start samba-ad-dc
return 1
fi
echo -e "${CYAN}🚀 Restarting Samba...${NC}"
systemctl start samba-ad-dc
# Verification
sleep 3
echo ""
echo -e "${CYAN}🔍 Verification:${NC}"
ldbsearch -H /var/lib/samba/private/sam.ldb \
-b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
rIDNextRID rIDAllocationPool | grep -E "(rIDNextRID|rIDAllocationPool)"
rm -f /tmp/set-next-rid.ldif
}
# Usage
case "$1" in
"show")
echo -e "${CYAN}📊 Current RID status:${NC}"
ldbsearch -H /var/lib/samba/private/sam.ldb \
-b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
rIDNextRID rIDAllocationPool rIDUsedPool | \
grep -E "(rIDNextRID|rIDAllocationPool|rIDUsedPool)"
;;
"set")
set_next_rid $2
;;
*)
echo -e "${YELLOW}Usage: $0 {show|set <new_rid>}${NC}"
echo ""
echo -e "${CYAN}Examples:${NC}"
echo -e " ${GREEN}$0 show${NC} # Show current status"
echo -e " ${GREEN}$0 set 2000${NC} # Force next RID to 2000"
echo -e " ${GREEN}$0 set 5000${NC} # Force next RID to 5000"
;;
esac
{% endraw %}

135
Migration/Ansible/roles/samba4-dc/templates/samba-restore.sh.j2 Normal file
View File

@@ -0,0 +1,135 @@
#!/bin/bash
# Samba4 Simple Restore Script
# Generated by Ansible
BASE_BACKUP_DIR="{{ backup_dir | default('/backup/samba') }}"
HOSTNAME="{{ target_hostname }}"
SAMBA_DIR="/var/lib/samba"
ETC_DIR="/etc/samba"
{% raw %}
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color
echo -e "${CYAN}🔄 Samba4 Restore Script"
echo "==============================${NC}"
# Check if backup directory exists
if [ ! -d "$BASE_BACKUP_DIR" ]; then
echo -e "${RED}❌ Backup directory not found: $BASE_BACKUP_DIR${NC}"
exit 1
fi
# List available backups
echo -e "${YELLOW}📁 Available backups for ${HOSTNAME}:${NC}"
echo ""
backup_files=($(ls -1t "$BASE_BACKUP_DIR"/${HOSTNAME}*.tgz 2>/dev/null))
if [ ${#backup_files[@]} -eq 0 ]; then
echo -e "${RED}❌ No backup files found for ${HOSTNAME}${NC}"
exit 1
fi
# Display backup files with index and timestamp
for i in "${!backup_files[@]}"; do
file="${backup_files[$i]}"
filename=$(basename "$file")
filesize=$(du -h "$file" | cut -f1)
timestamp=$(stat -c %y "$file" | cut -d'.' -f1)
echo -e "${GREEN}[$((i+1))]${NC} $filename"
echo " 📅 Created: $timestamp"
echo " 📦 Size: $filesize"
echo ""
done
# Ask user which backup to restore
echo -n -e "${YELLOW}Select backup to restore [1-${#backup_files[@]}]: ${NC}"
read -r selection
# Validate selection
if ! [[ "$selection" =~ ^[0-9]+$ ]] || [ "$selection" -lt 1 ] || [ "$selection" -gt ${#backup_files[@]} ]; then
echo -e "${RED}❌ Invalid selection${NC}"
exit 1
fi
selected_backup="${backup_files[$((selection-1))]}"
echo -e "${GREEN}✅ Selected: $(basename "$selected_backup")${NC}"
echo ""
# Ask for restore location
echo -e "${YELLOW}Restore options:${NC}"
echo "1) In place (replace current Samba installation)"
echo "2) To custom directory"
echo ""
echo -n -e "${YELLOW}Choose option [1-2]: ${NC}"
read -r restore_option
case "$restore_option" in
1)
# In-place restore
echo -e "${YELLOW}⚠️ WARNING: This will replace your current Samba installation!${NC}"
echo -n -e "${RED}Are you sure? Type 'YES' to continue: ${NC}"
read -r confirmation
if [ "$confirmation" != "YES" ]; then
echo -e "${YELLOW}🚫 Restore cancelled${NC}"
exit 0
fi
echo -e "${CYAN}🛑 Stopping Samba service...${NC}"
systemctl stop samba-ad-dc
echo -e "${CYAN}📦 Restoring backup directly to filesystem...${NC}"
tar -xzf "$selected_backup" -C /
echo -e "${GREEN}✅ Samba directories restored${NC}"
echo -e "${CYAN}🚀 Starting Samba service...${NC}"
systemctl start samba-ad-dc
# Check service status
sleep 3
if systemctl is-active --quiet samba-ad-dc; then
echo -e "${GREEN}✅ Samba restore completed successfully!${NC}"
echo -e "${GREEN}✅ Samba service is running${NC}"
else
echo -e "${RED}❌ Samba service failed to start${NC}"
echo "Check logs: journalctl -u samba-ad-dc"
fi
;;
2)
# Custom directory restore
echo -n -e "${YELLOW}Enter target directory: ${NC}"
read -r target_dir
if [ -z "$target_dir" ]; then
echo -e "${RED}❌ Target directory cannot be empty${NC}"
exit 1
fi
mkdir -p "$target_dir"
echo -e "${CYAN}📦 Extracting backup to $target_dir...${NC}"
tar -xzf "$selected_backup" -C "$target_dir"
echo -e "${GREEN}✅ Backup extracted to: $target_dir${NC}"
echo -e "${CYAN}📁 Contents:${NC}"
ls -la "$target_dir"
;;
*)
echo -e "${RED}❌ Invalid option${NC}"
exit 1
;;
esac
echo ""
echo -e "${GREEN}🎉 Restore operation completed!${NC}"
{% endraw %}

35
Migration/Ansible/roles/system/tasks/bash_config.yml Normal file
View File

@@ -0,0 +1,35 @@
---
# Bash Configuration Tasks
- name: Configure bash prompt for installer user
lineinfile:
path: /home/installer/.bashrc
regexp: '^PS1='
line: 'PS1="\033[0;32m[\u@\h]\w\033[m: $ "'
create: yes
owner: installer
group: installer
mode: '0644'
backup: yes
- name: Configure bash prompt for root user
lineinfile:
path: /root/.bashrc
regexp: '^PS1='
line: 'PS1="\033[0;31m[\u@\h]\w\033[m: # "'
create: yes
owner: root
group: root
mode: '0644'
backup: yes
- name: Configure default bash prompt in /etc/skel for new users
lineinfile:
path: /etc/skel/.bashrc
regexp: '^PS1='
line: 'PS1="\033[0;32m[\u@\h]\w\033[m: $ "'
create: yes
owner: root
group: root
mode: '0644'
backup: yes

63
Migration/Ansible/roles/system/tasks/hostname.yml Normal file
View File

@@ -0,0 +1,63 @@
---
# Hostname configuration tasks
- name: Get current hostname
command: hostname
register: current_hostname_result
changed_when: false
- name: Validate target hostname is properly configured
fail:
msg: |
ERROR: target_hostname is not properly configured!
Current hostname: {{ current_hostname_result.stdout }}
Target hostname: {{ target_hostname | default('NOT SET') }}
Please update your inventory.yml file with the correct target_hostname.
Example:
all:
hosts:
your-server:
ansible_host: your_server_ip
target_hostname: your-desired-hostname
samba_realm: your.domain.local
The target_hostname must be set in inventory for Samba4 domain controller installation.
when:
- target_hostname is not defined or target_hostname == ""
- name: Display hostname validation status
debug:
msg: |
✅ Hostname validation passed:
Current: {{ current_hostname_result.stdout }}
Target: {{ target_hostname }}
Domain: {{ samba_realm }}
{% if current_hostname_result.stdout == target_hostname %}
✅ Hostname is already correctly set - no change needed.
{% else %}
⚠️ Hostname will be changed from {{ current_hostname_result.stdout }} to {{ target_hostname }}
{% endif %}
- name: Update /etc/hosts with new hostname
lineinfile:
path: /etc/hosts
regexp: '^127\.0\.1\.1\s+.*'
line: "127.0.1.1 {{ target_hostname }}.{{ samba_realm }} {{ target_hostname }}"
state: present
- name: Get current server IP address
shell: |
# Get the IP of the default route interface
ip route get 8.8.8.8 | grep -oP 'src \K\S+' | head -1
register: current_server_ip
changed_when: false
- name: Add domain entry to /etc/hosts
lineinfile:
path: /etc/hosts
regexp: "^{{ current_server_ip.stdout }}\\s+.*"
line: "{{ current_server_ip.stdout }} {{ target_hostname }}.{{ samba_realm }} {{ target_hostname }}"
state: present

83
Migration/Ansible/roles/system/tasks/main.yml Normal file
View File

@@ -0,0 +1,83 @@
---
# System Role - Main Tasks (Simplified for compatibility)
- name: Check if server has static IP configuration
block:
- name: Get network interface configuration
shell: |
# Check for static IP in netplan configuration
if [ -d /etc/netplan ]; then
grep -r "dhcp4.*false\|addresses:" /etc/netplan/ 2>/dev/null && echo "static_found" || echo "no_static"
# Check for static IP in network interfaces (older systems)
elif [ -f /etc/network/interfaces ]; then
grep -E "^iface.*static" /etc/network/interfaces 2>/dev/null && echo "static_found" || echo "no_static"
# Check for static IP in NetworkManager
elif [ -d /etc/NetworkManager/system-connections ]; then
grep -r "method=manual\|method=static" /etc/NetworkManager/system-connections/ 2>/dev/null && echo "static_found" || echo "no_static"
else
echo "no_config_found"
fi
register: static_ip_check
changed_when: false
- name: Verify static IP configuration exists
fail:
msg: |
ERROR: No static IP configuration detected!
A Samba4 Domain Controller requires a static IP address.
Please configure a static IP before proceeding.
Current network configuration method appears to be DHCP.
To configure static IP:
- For netplan: Edit /etc/netplan/*.yaml files
- For interfaces: Edit /etc/network/interfaces
- For NetworkManager: Use nmcli or edit connection files
when: static_ip_check.stdout == "no_static" or static_ip_check.stdout == "no_config_found"
- name: Display static IP confirmation
debug:
msg: "✓ Static IP configuration detected - proceeding with installation"
when: static_ip_check.stdout == "static_found"
- name: Update package cache
apt:
update_cache: yes
cache_valid_time: 3600
- name: Install base system packages
apt:
name:
- curl
- wget
- vim
- htop
- tree
- unzip
- software-properties-common
- apt-transport-https
- ca-certificates
- gnupg
- lsb-release
- rsyslog
- mc
- sudo
- nfs-common
state: present
- name: Cloud init is not wanted on DCs - remove if present
apt:
name:
- cloudinit
state: absent
- name: Configure timezone
timezone:
name: Europe/Paris
- name: Include bash configuration tasks
include_tasks: bash_config.yml
- name: Validate hostname configuration
include_tasks: hostname.yml