bofh/ansible-role-common
9
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix hostname, iptables, openssh-sftp an xbps

Browse Source
This commit is contained in:
Daniel A. Maierhofer
2018-07-26 12:28:49 +02:00
parent e347803f62
commit 9c065bf40d
6 changed files with 37 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
defaults/main.yml
View File

@@ -6,6 +6,8 @@ common_apt_repositories:
- "deb http://cdn.debian.net/debian {{ ansible_distribution_release }}-backports main contrib non-free" - "deb http://cdn.debian.net/debian {{ ansible_distribution_release }}-backports main contrib non-free"
- "deb http://security.debian.org/ {{ ansible_distribution_release }}/updates main contrib non-free" - "deb http://security.debian.org/ {{ ansible_distribution_release }}/updates main contrib non-free"
common_apt_upgrade_policy: "" common_apt_upgrade_policy: ""
common_xbps: False
common_xbps_upgrade_policy: True
common_hostname: True common_hostname: True
common_hostname_hosts_additional: [] common_hostname_hosts_additional: []

14
tasks/hostname.yml
View File

@@ -1,8 +1,18 @@
--- ---
- name: set hostname - name: set hostname for debian
hostname: hostname:
name: "{{ inventory_hostname_short }}" name: "{{ inventory_hostname_short }}"
ignore_errors: yes when: ansible_os_family == "Debian"
- name: check hostname for void
command: hostname
register: hostname
when: ansible_os_family != "Debian"
changed_when: False
- name: set hostname for void
command: hostname "{{ inventory_hostname_short }}"
when: ansible_os_family != "Debian" and hostname.stdout != inventory_hostname_short
- name: /etc/hostname - name: /etc/hostname
copy: copy:

11
tasks/iptables.yml
View File

@@ -1,13 +1,24 @@
--- ---
- name: iptables - install iptables-persistent - name: iptables - install iptables-persistent
package: name=iptables-persistent package: name=iptables-persistent
when: ansible_os_family == "Debian"
- name: iptables - install iptables
package: name=iptables
when: ansible_os_family != "Debian"
- name: /etc/iptables/rules.v4 - name: /etc/iptables/rules.v4
template: "dest=/etc/iptables/rules.v4 src={{ common_iptables_v4 }} owner=root group=root mode=0644" template: "dest=/etc/iptables/rules.v4 src={{ common_iptables_v4 }} owner=root group=root mode=0644"
notify: notify:
iptables restore iptables restore
- name: iptables - setup service for IPv4
service: name=iptables enabled=yes
- name: /etc/iptables/rules.v6 - name: /etc/iptables/rules.v6
template: "dest=/etc/iptables/rules.v6 src={{ common_iptables_v6 }} owner=root group=root mode=0644" template: "dest=/etc/iptables/rules.v6 src={{ common_iptables_v6 }} owner=root group=root mode=0644"
notify: notify:
iptables restore iptables restore
- name: iptables - setup service for IPv6
service: name=ip6tables enabled=yes

4
tasks/main.yml
View File

@@ -11,6 +11,10 @@
when: common_apt when: common_apt
tags: ['common', 'apt'] tags: ['common', 'apt']
- import_tasks: xbps.yml
when: common_xbps
tags: ['common', 'xbps']
- import_tasks: locales.yml - import_tasks: locales.yml
when: common_locales when: common_locales
tags: ['common', 'locales'] tags: ['common', 'locales']

2
tasks/openssh.yml
View File

@@ -21,7 +21,7 @@
src: sshd_config.j2 src: sshd_config.j2
owner: root owner: root
group: root group: root
mode: 0600 mode: 0644
validate: '/usr/sbin/sshd -T -f %s' validate: '/usr/sbin/sshd -T -f %s'
notify: reload openssh notify: reload openssh

7
tasks/xbps.yml Normal file
View File

@@ -0,0 +1,7 @@
- name: install basic tools
xbps: "name={{ item }} update_cache=yes"
with_items: "{{ common_basic_packages }}"
- name: apt - upgrade system
xbps: "upgrade={{ common_xbps_upgrade_policy }}"
when: common_xbps_upgrade_policy