diff options
| author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-03-09 07:05:07 -0500 |
|---|---|---|
| committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-03-09 07:14:48 -0500 |
| commit | 79794a00ef832365959404ca8499a545b6202d7c (patch) | |
| tree | 45ccfb6abfcc6e24f290c79de3869410f4cc6c2a /inventory-example/30-constructed.yml | |
| parent | 0a41c066909d8ff76f0306ea8450ecbfb48a5b6d (diff) | |
| download | selfhosted-79794a00ef832365959404ca8499a545b6202d7c.tar.gz selfhosted-79794a00ef832365959404ca8499a545b6202d7c.zip | |
dnf_automatic: don't automatically restart services on ipa servers
Turns out that restarting individual units on a freeipa server can leave
it in a bad state. Systemd isn't smart enough to restart things in the
right order - you have to use `ipactl restart`.
There's probably a way to make the daemon restart script smarter with
regard to IPA hosts, but since an IPA outage is incredibly disruptive,
I'm just disabling auto-restart on IPA hosts for now.
Diffstat (limited to 'inventory-example/30-constructed.yml')
| -rw-r--r-- | inventory-example/30-constructed.yml | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/inventory-example/30-constructed.yml b/inventory-example/30-constructed.yml index f519d22..5a776a1 100644 --- a/inventory-example/30-constructed.yml +++ b/inventory-example/30-constructed.yml @@ -10,6 +10,7 @@ compose: proxmox_memory: (ram | default('4g') | human_to_bytes / 1048576) | int proxmox_cores: cores | default(2) groups: + freeipa_replicas: "'freeipa_servers' in group_names and 'freeipa_master' not in group_names" el: (group_names | intersect(['unmanaged','opnsense_firewalls','proxmox_hypervisors']) | length) == 0 nagios_ansible_managed_clients: (group_names | intersect(['unmanaged','opnsense_firewalls','linux_laptops']) | length) == 0 nagios_el_clients: (group_names | intersect(['unmanaged','opnsense_firewalls','linux_laptops','proxmox_hypervisors']) | length) == 0 |