Add haveged role to bootstrap

It is helpful to install haveged so we don't run out of entropy.

Change-Id: I6c89b9d618a53f822ae8a9edb0528ac710f19da7
Signed-off-by: Paul Belanger <pabelanger@redhat.com>

playbooks/bootstrap/roles/haveged/defaults/main.yaml

@@ -0,0 +1,26 @@
+# Copyright 2019 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+---
+# tasks/main.yaml
+haveged_task_manager:
+  - install
+  - service
+
+haveged_package_name: haveged
+
+haveged_service_haveged_daemon_reload: true
+haveged_service_haveged_enabled: true
+haveged_service_haveged_manage: true
+haveged_service_haveged_name: haveged
+haveged_service_haveged_state: started

playbooks/bootstrap/roles/haveged/tasks/install.yaml

@@ -0,0 +1,19 @@
+# Copyright 2010 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+---
+- name: Install haveged from package
+  become: true
+  package:
+    name: "{{ haveged_package_name }}"
+    state: present

playbooks/bootstrap/roles/haveged/tasks/main.yaml

@@ -0,0 +1,18 @@
+# Copyright 2019 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+---
+- include: "{{ haveged_task }}.yaml"
+  with_items: "{{ haveged_task_manager }}"
+  loop_control:
+    loop_var: haveged_task

playbooks/bootstrap/roles/haveged/tasks/service.yaml

@@ -0,0 +1,33 @@
+# Copyright 2015 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+---
+- name: Enable haveged service
+  become: true
+  systemd:
+    daemon_reload: "{{ haveged_service_haveged_daemon_reload }}"
+    enabled: "{{ haveged_service_haveged_enabled }}"
+    name: "{{ haveged_service_haveged_name }}"
+  register: haveged_service_haveged
+  when: haveged_service_haveged_manage
+
+- name: Set haveged service state
+  become: true
+  systemd:
+    daemon_reload: "{{ haveged_service_haveged_daemon_reload }}"
+    name: "{{ haveged_service_haveged_name }}"
+    state: "{{ haveged_service_haveged_state }}"
+  register: haveged_service_haveged_state_info
+  when:
+    - haveged_service_haveged_manage
+    - haveged_service_haveged_state in ['reloaded', 'restarted', 'started', 'stopped']

playbooks/bootstrap/site.yaml

@@ -36,6 +36,10 @@
       include_role:
         name: swap
 
+    - name: Setup haveged role
+      include_role:
+        name: haveged
+
     - name: Setup postfix role
       include_role:
         name: postfix