NAME
	blog.hoberg.ch - useless things for DevOps 

DESCRIPTION
	blog.hoberg.ch is a text mode blog about BSD, Linux and typical DevOP
        content like Ansible, Puppet etc. running on pyhpblog.
 
OPTIONS
	[website] [blog] [privacy] [impress]

CONTENT
        - Ansible with_sequence loop in when condition with zero/0 integer
	  When using Ansible function 'with_sequence' on a task where the end value
	  is zero (0) combained with a when condition it may fail with:

		to count backwards make stride negative

	  But there may be usecases where you want to evaluate the when condition
	  before the sequence will be and not to fail. So a negative value may still
	  be legit to use for your needs.

          For example you want to define if some hotfixes (or even no hotfix) should
	  be downloaded you propably would write:


		- name: Download patch files 
		    uri:
		        url: "https://files.hoberg.ch/patches/hotfix{{ item }}.tgz"
		    with_sequence: start=1 end={{ hotfix_max_patchfile }}
		    when: hotfix_max_patchfile|int > 0

	  But if 'hotfix_max_patchfile' is zero (0) it will fail. You will also find
	  some solutions like creating a condition for the end value that could look
	  like this:


		 - name: Download patch files  
    		uri:
        		url: "https://files.hoberg.ch/patches/hotfix{{ item }}.tgz"
    		with_sequence: start=1 end={{ hotfix_max_patchfile|int if hotfix_max_patchfile|int > 0 else 1 }} 
    		when: hotfix_max_patchfile|int > 0


	  This will work and set the variable 'hotfix_max_patchfile' to 1 which is no
	  problem in here, because of the defined when condition. The task will be simply
	  skipped - but this won't look that good.

	  A cleaner way would be to outsource the needed tasks in subplaybooks and
	  include them as a non static one. So the included tasks won't be executed
	  and skipped like the usual static way (default). So you could write:


	  main.yml:

		---
		- include: download.yml
  		static: no
		when:
		  - hotfix_max_patchfile|int > 0


	  download.yml:

		---
                - name: Download patch files
                    uri:
                        url: "https://files.hoberg.ch/patches/hotfix{{ item }}.tgz"
                    with_sequence: start=1 end={{ hotfix_max_patchfile }}


	  In that case you won't need any dirty hacks and have a clean way to write
	  your tasks.


	- Ansible callback module "audit": Logs all Ansible information to CSV file
	  This new Ansible callback module will log meta information to
          a given CSV file to make sure this can be audited at any time. 
          It will log the date, time, executor (who started the task),
          limits, extra vars, affected hosts etc.
          Download(s):
	  GitHub: audit.py, audit.ini


	- Ansible callback module "msteams": Send messages to Microsoft Teams chat
	  This new Ansible callback module will send start/fin notifications
          to a desired Microsoft Teams chat channel/room. It will inform the
          squad about ongoing deployments including who (executor), used
          playbook, limit, extra vars, affected hosts and duration.
          Download(s):
	  GitHub: msteams.py, msteams.ini


	- Linux Kernel 5.0.0-RC1: Precompiled for Debian 9 and CentOS 7
	  Attached you can find download links for precompiled Linux
	  Kernel images in version 5.0.0-RC1 for:
	    - Debian 9 (as .deb files)
	    - CentOS / RHEL 7 (as .rpm files)
	  This Kernel images are compiled with default config 'yes'
	  and only for x64 systems.
	  Download(s):
	  Debian 9: linux-image-5.0.0-RC1_5.0.0-RC1-1_amd64.deb
	  CentOS 7: kernel-5.0.0-RC1-1.x86_64.rpm


	- Linux Kernel 4.20: Precompiled for Debian 9 and CentOS 7
	  Attached you can find download links for precompiled Linux
	  Kernel images in version 4.20 for:
	    - Debian 9 (as .deb files)
	    - CentOS / RHEL 7 (as .rpm files)
	  This Kernel images are compiled with default config 'yes'
	  and only for x64 systems.
	  Download(s):
	  Debian 9: linux-image-4.20.0_4.20.0-1_amd64.deb
	  CentOS 7: kernel-4.20.0-1.x86_64.rpm


	- Ansible module "move": Moving files/directories across filesystems
	  This new Ansible module adds support to move files or directories
	  across filesystems. Instead of copy and delete it will try to use
	  systems mv action if possible. When moving files across different
	  partitions or filesystems it will fallback to copy und delete
	  source file. This module may be helpfull when moving larger files
	  or having less disk space.
	  Download(s):
	  GitHub: Upstream move.py


	- Ansible module "freshclam": Update ClamAV signatures from Ansible
	  This new and simple Ansible module allows to update ClamAV
	  signatures from an Ansible task. This may be used after
	  ClamAV packages have been installed to make sure these are
	  up2date.
	  Download(s):
	  GitHub: Upstream freshclam.py


	- Ansible module "java_cert": Import cert as trust cacert & force update
	  This PR for Ansible module 'java_cert' will add two new features
	  to trust an imported certificate as "trust cacert" and allows an
	  additional option as 'force_update' to force re-importing a cert
	  file. This may be helpfull to handle expired certificates.
          Download(s):
	  GitHub: Upstream java_cert.py
	  GitHub: Ansible Pull request #37708


	- Ansible module "cran": (Un)Install Microsoft R packages
	  This new Ansible module adds support to manage (install/remove) CRAN
          packages for Microsoft "R". Simple Ansible tasks will make sure to
	  (un)install your desired R package(s) and to return correct task
	  states like "ok", "changed" and "failed".
          Download(s):
	  GitHub: Upstream cran.py
	  GitHub: Ansible Pull request #42046


	- FreeIPA: User password expire notification
	  This script will send emails to FreeIPA users (email is
	  obtained from FreeIPA LDAP directory) when their password
	  is going to expire within a few days. You may configure
	  the days before this mail should be send. For security
	  reason you should avoid to use the DirectoryManager
	  credentials.
	  Download(s):
	  GitHub: Upstream freeipa_password_expire_notification.py


	- Ansible module "yum_versionlock": (Un)Locks package(s) from being updated by YUM
	  This new Ansible module adds support to prevent packages from
	  being updated by packagemanager YUM. This module may (un)lock
	  one or more packages and will support CentOS, RHEL, etc.
	  Download(s):
	  GitHub: Upstream yum_versionlock.py
	  GitHub: Ansible Pull request #41778


blog.hoberg.ch (C) 2019 [privacy] | [impress]