Merge pull request #1230 from stackhpc/2023.1-zed-merge

markgoddard · web-flow · commit f30b30926d5b · 2024-08-16T17:07:10.000+01:00
2023.1: zed merge
diff --git a/etc/kayobe/ansible/cis.yml b/etc/kayobe/ansible/cis.yml
@@ -35,9 +35,7 @@
     - include_role:
         name: ansible-lockdown.rhel9_cis
       when: ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_major_version == '9'
-      tags: always
 
     - include_role:
         name: ansible-lockdown.ubuntu22_cis
       when: ansible_facts.distribution == 'Ubuntu' and ansible_facts.distribution_major_version == '22'
-      tags: always
diff --git a/etc/kayobe/ansible/reboot.yml b/etc/kayobe/ansible/reboot.yml
@@ -4,6 +4,7 @@
   serial: "{{ lookup('env', 'ANSIBLE_SERIAL') | default(1, true) }}"
   gather_facts: false
   vars:
+    reboot_timeout_s: "{{ 20 * 60 }}"
     reboot_with_bootstrap_user: false
     ansible_user: "{{ bootstrap_user if reboot_with_bootstrap_user | bool else kayobe_ansible_user }}"
     ansible_ssh_common_args: "{{ '-o StrictHostKeyChecking=no' if reboot_with_bootstrap_user | bool else '' }}"
@@ -14,3 +15,13 @@
     - name: Reboot and wait
       become: true
       reboot:
+        reboot_timeout: "{{ reboot_timeout_s }}"
+        search_paths:
+          # Systems running molly-guard hang waiting for confirmation before rebooting without this.
+          - "/lib/molly-guard"
+          # Default list:
+          - "/sbin"
+          - "/bin"
+          - "/usr/sbin"
+          - "/usr/bin"
+          - "/usr/local/sbin"
diff --git a/etc/kayobe/ansible/ubuntu-upgrade.yml b/etc/kayobe/ansible/ubuntu-upgrade.yml
@@ -40,6 +40,15 @@
       reboot:
         reboot_timeout: "{{ reboot_timeout_s }}"
         connect_timeout: 600
+        search_paths:
+          # Systems running molly-guard hang waiting for confirmation before rebooting without this.
+          - "/lib/molly-guard"
+          # Default list:
+          - "/sbin"
+          - "/bin"
+          - "/usr/sbin"
+          - "/usr/bin"
+          - "/usr/local/sbin"
       become: true
       when: file_status.stat.exists
 
@@ -101,6 +110,15 @@
       reboot:
         reboot_timeout: "{{ reboot_timeout_s }}"
         connect_timeout: 600
+        search_paths:
+          # Systems running molly-guard hang waiting for confirmation before rebooting without this.
+          - "/lib/molly-guard"
+          # Default list:
+          - "/sbin"
+          - "/bin"
+          - "/usr/sbin"
+          - "/usr/bin"
+          - "/usr/local/sbin"
       become: true
 
     - name: Update distribution facts
diff --git a/terraform/aio/vm.tf b/terraform/aio/vm.tf
@@ -35,7 +35,7 @@ variable "aio_vm_subnet" {
 
 variable "aio_vm_volume_size" {
   type = number
-  default = 35
+  default = 40
 }
 
 variable "aio_vm_tags" {

Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@ variable "aio_vm_subnet" {`
`35`	`35`
`36`	`36`	`variable "aio_vm_volume_size" {`
`37`	`37`	`type = number`
`38`		`- default = 35`
	`38`	`+ default = 40`
`39`	`39`	`}`
`40`	`40`
`41`	`41`	`variable "aio_vm_tags" {`