blob: 73cce2a266134b5532884ea8d9c6dc742e223ef0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
- name: Alpine is not supported due to lack of libfaketime
meta: end_host
when: ansible_distribution == 'Alpine'
- name: Include distribution specific variables
include_vars: "{{ lookup('first_found', search) }}"
vars:
search:
files:
- '{{ ansible_distribution | lower }}.yml'
- '{{ ansible_os_family | lower }}.yml'
- '{{ ansible_system | lower }}.yml'
- default.yml
paths:
- vars
- name: install cron package
package:
name: '{{ cron_pkg }}'
when: cron_pkg | default(false, true)
register: cron_package_installed
until: cron_package_installed is success
- when: faketime_pkg | default(false, true)
block:
- name: install faketime packages
package:
name: '{{ faketime_pkg }}'
register: faketime_package_installed
until: faketime_package_installed is success
when: ansible_distribution != 'Alpine'
- name: install faketime packages - Alpine
# NOTE: The `faketime` package is currently only available in the
# NOTE: `edge` branch.
# FIXME: If it ever becomes available in the `main` repository for
# FIXME: currently tested Alpine versions, the `--repository=...`
# FIXME: option can be dropped.
command: apk add -U {{ faketime_pkg }} --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing
when: ansible_distribution == 'Alpine'
- name: Find libfaketime path
shell: '{{ list_pkg_files }} {{ faketime_pkg }} | grep -F libfaketime.so.1'
register: libfaketime_path
when: list_pkg_files is defined
- when: ansible_service_mgr == 'systemd'
block:
- name: create directory for cron drop-in file
file:
path: '/etc/systemd/system/{{ cron_service }}.service.d'
state: directory
owner: root
group: root
mode: 0755
- name: Use faketime with cron service
copy:
content: |-
[Service]
Environment=LD_PRELOAD={{ libfaketime_path.stdout_lines[0].strip() }}
Environment="FAKETIME=+0y x10"
Environment=RANDOM_DELAY=0
dest: '/etc/systemd/system/{{ cron_service }}.service.d/faketime.conf'
owner: root
group: root
mode: 0644
- when: ansible_system == 'FreeBSD'
name: Use faketime with cron service
copy:
content: |-
cron_env='LD_PRELOAD={{ libfaketime_path.stdout_lines[0].strip() }} FAKETIME="+0y x10"'
dest: '/etc/rc.conf.d/cron'
owner: root
group: wheel
mode: 0644
- name: enable cron service
service:
daemon-reload: "{{ (ansible_service_mgr == 'systemd') | ternary(true, omit) }}"
name: '{{ cron_service }}'
state: restarted
when: ansible_distribution != 'Alpine'
- name: enable cron service - Alpine
command: nohup crond
environment:
FAKETIME: "+0y x10"
LD_PRELOAD: "/usr/lib/faketime/libfaketime.so.1"
when: ansible_distribution == 'Alpine'
- name: See if /etc/pam.d/crond exists
stat:
path: /etc/pam.d/crond
register: pamd
# https://github.com/lxc/lxc/issues/661#issuecomment-222444916
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726661
- name: Work around containers not being able to write to /proc/self/loginuid
command: sed -i '/pam_loginuid\.so$/ s/required/optional/' /etc/pam.d/crond
when:
- pamd.stat.exists
|
