Update CentOS7 reboot handling (#186)
* fix typos in CHANGELOG * update CentOS7 reboot handling
This commit is contained in:
Robert Wimmer
GitHub
parent
c58f736e32
commit
0cd8d01fb3
4 changed files with 40 additions and 15 deletions
|
|
@ -7,7 +7,8 @@ SPDX-License-Identifier: GPL-3.0-or-later
|
|||
|
||||
## 14.0.0
|
||||
|
||||
- add reboot to the standard mode to make sure the WireGuard kernel module is available (contribution by @mofelee)
|
||||
- **BREAKING** CentOS7: Introduce `wireguard_centos7_kernel_plus_reboot` and `wireguard_centos7_standard_reboot` variables. Both are set to "true" by default. This will cause the host to be rebooted in case the "wireguard" kernel module was installed the very first time. If `wireguard_centos7_installation_method: "kernel-plus"` is set and the host wasn't booted with a `kernel-plus` kernel already you most probably need to reboot. For the `standard` kernel this might not be needed.
|
||||
- CentOS7: Add reboot to the standard mode to make sure the WireGuard kernel module is available (contribution by @mofelee)
|
||||
|
||||
## 13.0.1
|
||||
|
||||
|
|
@ -22,7 +23,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
|
|||
|
||||
- remove Fedora 35 support (reached EOL)
|
||||
- remove openSUSE 15.3 support (reached EOL)
|
||||
- remove Debian 10 (Buster) support (readed EOL)
|
||||
- remove Debian 10 (Buster) support (reached EOL)
|
||||
- fix Molecule prepare for Archlinux
|
||||
- fix `ansible-lint` issue in `tasks/setup-debian-raspbian-buster.yml`
|
||||
|
||||
|
|
@ -34,7 +35,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
|
|||
## 11.0.0
|
||||
|
||||
- add support for Rocky Linux 9 (original PR from @vincentDcmps: https://github.com/githubixx/ansible-role-wireguard/pull/163)
|
||||
- add support for AlamaLinux 9 (original PR from @trunet: https://github.com/githubixx/ansible-role-wireguard/pull/164)
|
||||
- add support for AlmaLinux 9 (original PR from @trunet: https://github.com/githubixx/ansible-role-wireguard/pull/164)
|
||||
- add `EL9` to `meta/main.yml`
|
||||
- require Ansible >= `2.11` as Rocky Linux is only supported with this version or above
|
||||
- `ansible-lint`: use `community.general.pacman` module instead of `ansible.builtin.pacman` for Archlinux setup
|
||||
|
|
|
|||
15
README.md
15
README.md
|
|
@ -1,5 +1,5 @@
|
|||
<!--
|
||||
Copyright (C) 2018-2022 Robert Wimmer
|
||||
Copyright (C) 2018-2023 Robert Wimmer
|
||||
Copyright (C) 2019 fbourqui
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
-->
|
||||
|
|
@ -161,14 +161,25 @@ wireguard_ubuntu_cache_valid_time: "3600"
|
|||
# Set wireguard_centos7_installation_method to "kernel-plus"
|
||||
# to use the kernel-plus kernel, which includes a built-in,
|
||||
# signed WireGuard module.
|
||||
# UTILIZING KERNEL-PLUS WILL PERFORM A SYSTEM REBOOT DURING SETUP!!
|
||||
#
|
||||
# The default of "standard" will use the standard kernel and
|
||||
# the ELRepo module for WireGuard.
|
||||
wireguard_centos7_installation_method: "standard"
|
||||
|
||||
# Reboot host if necessary if the "kernel-plus" kernel is in use
|
||||
wireguard_centos7_kernel_plus_reboot: true
|
||||
|
||||
# The default seconds to wait for machine to reboot and respond
|
||||
# if "kernel-plus" is in use. Is only relevant if
|
||||
# "wireguard_centos7_kernel_plus_reboot" is set to "true".
|
||||
wireguard_centos7_kernel_plus_reboot_timeout: "600"
|
||||
|
||||
# Reboot host if necessary if the standard kernel is in use
|
||||
wireguard_centos7_standard_reboot: true
|
||||
|
||||
# The default seconds to wait for machine to reboot and respond
|
||||
# if "standard" kernel is in use. Is only relevant if
|
||||
# "wireguard_centos7_standard_reboot" is set to "true".
|
||||
wireguard_centos7_standard_reboot_timeout: "600"
|
||||
|
||||
#########################################
|
||||
|
|
|
|||
|
|
@ -86,14 +86,25 @@ wireguard_ubuntu_cache_valid_time: "3600"
|
|||
# Set wireguard_centos7_installation_method to "kernel-plus"
|
||||
# to use the kernel-plus kernel, which includes a built-in,
|
||||
# signed WireGuard module.
|
||||
# UTILIZING KERNEL-PLUS WILL PERFORM A SYSTEM REBOOT DURING SETUP!!
|
||||
#
|
||||
# The default of "standard" will use the standard kernel and
|
||||
# the ELRepo module for WireGuard.
|
||||
wireguard_centos7_installation_method: "standard"
|
||||
|
||||
# Reboot host if necessary if the "kernel-plus" kernel is in use
|
||||
wireguard_centos7_kernel_plus_reboot: true
|
||||
|
||||
# The default seconds to wait for machine to reboot and respond
|
||||
# if "kernel-plus" is in use. Is only relevant if
|
||||
# "wireguard_centos7_kernel_plus_reboot" is set to "true".
|
||||
wireguard_centos7_kernel_plus_reboot_timeout: "600"
|
||||
|
||||
# Reboot host if necessary if the standard kernel is in use
|
||||
wireguard_centos7_standard_reboot: true
|
||||
|
||||
# The default seconds to wait for machine to reboot and respond
|
||||
# if "standard" kernel is in use. Is only relevant if
|
||||
# "wireguard_centos7_standard_reboot" is set to "true".
|
||||
wireguard_centos7_standard_reboot_timeout: "600"
|
||||
|
||||
#########################################
|
||||
|
|
|
|||
|
|
@ -27,10 +27,11 @@
|
|||
register: wireguard__centos7_yum_updates
|
||||
|
||||
- name: (CentOS 7) Reboot Instance to update kernel
|
||||
when:
|
||||
- wireguard_centos7_standard_reboot
|
||||
- wireguard__centos7_yum_updates.changed
|
||||
ansible.builtin.reboot:
|
||||
reboot_timeout: "{{ wireguard_centos7_standard_reboot_timeout }}"
|
||||
when:
|
||||
- wireguard__centos7_yum_updates.changed is true
|
||||
|
||||
- name: (CentOS 7) Ensure WireGuard DKMS package is removed
|
||||
ansible.builtin.yum:
|
||||
|
|
@ -38,7 +39,7 @@
|
|||
- "wireguard-dkms"
|
||||
state: absent
|
||||
|
||||
- name: (CentOS 7) Tasks for kernel-plus
|
||||
- name: (CentOS 7 - kernel-plus) Tasks for kernel-plus
|
||||
when:
|
||||
- wireguard_centos7_installation_method == "kernel-plus"
|
||||
block:
|
||||
|
|
@ -49,17 +50,17 @@
|
|||
- yum-utils
|
||||
update_cache: true
|
||||
|
||||
- name: (CentOS 7) Enable CentosPlus repo
|
||||
- name: (CentOS 7 - kernel-plus) Enable CentosPlus repo
|
||||
ansible.builtin.command: yum-config-manager --setopt=centosplus.includepkgs=kernel-plus --enablerepo=centosplus --save
|
||||
changed_when: false
|
||||
|
||||
- name: (CentOS 7) Update to kernel-plus
|
||||
- name: (CentOS 7 - kernel-plus) Update to kernel-plus
|
||||
ansible.builtin.replace:
|
||||
path: /etc/sysconfig/kernel
|
||||
regexp: '^DEFAULTKERNEL=kernel$'
|
||||
replace: 'DEFAULTKERNEL=kernel-plus'
|
||||
|
||||
- name: (CentOS 7) Install WireGuard packages
|
||||
- name: (CentOS 7 - kernel-plus) Install WireGuard packages
|
||||
ansible.builtin.yum:
|
||||
name:
|
||||
- "kernel-plus"
|
||||
|
|
@ -67,9 +68,10 @@
|
|||
state: present
|
||||
register: wireguard__centos7_yum_updates
|
||||
|
||||
- name: (CentOS 7) Reboot Instance to update kernel
|
||||
ansible.builtin.reboot:
|
||||
reboot_timeout: "{{ wireguard_centos7_kernel_plus_reboot_timeout }}"
|
||||
- name: (CentOS 7 - kernel-plus) Reboot Instance to update kernel
|
||||
when:
|
||||
- wireguard_centos7_kernel_plus_reboot
|
||||
- wireguard__centos7_yum_updates.changes is defined
|
||||
- wireguard__centos7_yum_updates.changes.installed|flatten|select('regex', '^kernel-plus$') is any
|
||||
ansible.builtin.reboot:
|
||||
reboot_timeout: "{{ wireguard_centos7_kernel_plus_reboot_timeout }}"
|
||||
|
|
|
|||
Loading…
Reference in a new issue