Compare commits

..

No commits in common. "11174830cf0c17524d387e576d9a248b955e07bf" and "24a10d19a90e7c8b3b21c5354929918dbdfb45e9" have entirely different histories.

8 changed files with 39 additions and 81 deletions

View file

@ -18,11 +18,7 @@ LogLevel VERBOSE
# Authentication: # Authentication:
#LoginGraceTime 2m #LoginGraceTime 2m
{% if 'root' == ansible_user_id %}
PermitRootLogin yes
{% else %}
PermitRootLogin no PermitRootLogin no
{% endif %}
#StrictModes yes #StrictModes yes
MaxAuthTries 2 MaxAuthTries 2
MaxSessions 2 MaxSessions 2
@ -63,11 +59,7 @@ UseDNS no
AcceptEnv LANG LC_* AcceptEnv LANG LC_*
# Log sftp level file access (read/write/etc.) that would not be easily logged otherwise. # Log sftp level file access (read/write/etc.) that would not be easily logged otherwise.
{% if ((override_os_family is defined) | ternary(override_os_family,ansible_os_family)) == 'Centos' %}
Subsystem sftp /usr/libexec/openssh/sftp-server -f AUTHPRIV -l INFO
{% else %}
Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO
{% endif %}
# Example of overriding settings on a per-user basis # Example of overriding settings on a per-user basis
#Match User anoncvs #Match User anoncvs

View file

@ -10,12 +10,7 @@
with_first_found: with_first_found:
- "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml" - "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "borgbackup-{{ ansible_distribution }}.yml" - "borgbackup-{{ ansible_distribution }}.yml"
- "borgbackup-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml" - "borgbackup-{{ ansible_os_family }}.yml"
ignore_errors: true
when:
- borgbackup_passphrase is defined
- borgbackup_repo is defined
- borgbackup_hostname is defined
# copy backup script and enable cronjob # copy backup script and enable cronjob
- name: borgbackup - Copy Borgbackup script - name: borgbackup - Copy Borgbackup script

View file

@ -9,34 +9,5 @@
state: present state: present
vars: vars:
packages: packages:
- exim - exim4
- mailutils
# Configure exim
- name: cronmails - Create exim config folder
become: yes
file:
path: /etc/exim
state: directory
# TODO: exim config works quite differently on CentOS compared to Debian!!!
# # - name: cronmails - Copy exim config template
# # become: yes
# # copy:
# # src: "{{ role_path }}/files/exim4.conf.template"
# # dest: /etc/exim/exim.conf.template
# # register: cronmails_conftmp_update
# # - name: cronmails - Copy exim config file
# # become: yes
# # template:
# # src: "{{ role_path }}/templates/update-exim4.conf.conf"
# # dest: /etc/exim/update-exim.conf.conf
# # register: cronmails_conffile_update
# # - name: cronmails - Run update-exim.conf
# # become: yes
# # shell: "update-exim.conf"
# # when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
# - name: cronmails - Enable and start exim
# become: yes
# service:
# name: exim
# state: started
# enabled: yes

View file

@ -11,32 +11,3 @@
packages: packages:
- exim4 - exim4
- mailutils - mailutils
# Configure exim
- name: cronmails - Create exim4 config folder
become: yes
file:
path: /etc/exim4
state: directory
- name: cronmails - Copy exim4 config template
become: yes
copy:
src: "{{ role_path }}/files/exim4.conf.template"
dest: /etc/exim4/exim4.conf.template
register: cronmails_conftmp_update
- name: cronmails - Copy exim4 config file
become: yes
template:
src: "{{ role_path }}/templates/update-exim4.conf.conf"
dest: /etc/exim4/update-exim4.conf.conf
register: cronmails_conffile_update
- name: cronmails - Run update-exim4.conf
become: yes
shell: "update-exim4.conf"
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
- name: cronmails - Enable and start exim4
become: yes
service:
name: exim4
state: started
enabled: yes

View file

@ -7,7 +7,36 @@
with_first_found: with_first_found:
- "cronmails-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml" - "cronmails-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "cronmails-{{ ansible_distribution }}.yml" - "cronmails-{{ ansible_distribution }}.yml"
- "cronmails-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml" - "cronmails-{{ ansible_os_family }}.yml"
# Configure exim
- name: cronmails - Create exim4 config folder
become: yes
file:
path: /etc/exim4
state: directory
- name: cronmails - Copy exim4 config template
become: yes
copy:
src: "{{ role_path }}/files/exim4.conf.template"
dest: /etc/exim4/exim4.conf.template
register: cronmails_conftmp_update
- name: cronmails - Copy exim4 config file
become: yes
template:
src: "{{ role_path }}/templates/update-exim4.conf.conf"
dest: /etc/exim4/update-exim4.conf.conf
register: cronmails_conffile_update
- name: cronmails - Run update-exim4.conf
become: yes
shell: "update-exim4.conf"
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
- name: cronmails - Enable and start exim4
become: yes
service:
name: exim4
state: started
enabled: yes
# Set crobjob env variables/ settings # Set crobjob env variables/ settings
- name: cronmails - Crontab set path - name: cronmails - Crontab set path

View file

@ -4,8 +4,8 @@
# SSH # SSH
- name: setup - Copy sshd_config - name: setup - Copy sshd_config
become: yes become: yes
template: copy:
src: "{{ role_path }}/templates/sshd_config.j2" src: "{{ role_path }}/files/sshd_config"
dest: "/etc/ssh/sshd_config" dest: "/etc/ssh/sshd_config"
backup: yes backup: yes
notify: notify:

View file

@ -5,11 +5,11 @@
become: yes become: yes
yum_repository: yum_repository:
name: influxdb name: influxdb
description: InfluxDB Repository description: "InfluxDB Repository - RHEL \$releasever"
baseurl: https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable baseurl: "https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable"
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
gpgkey: https://repos.influxdata.com/influxdb.key gpgkey: "https://repos.influxdata.com/influxdb.key"
- name: telegraf - Install telegraf - name: telegraf - Install telegraf
become: yes become: yes
yum: yum:

View file

@ -7,7 +7,7 @@
with_first_found: with_first_found:
- "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml" - "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "telegraf-{{ ansible_distribution }}.yml" - "telegraf-{{ ansible_distribution }}.yml"
- "telegraf-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml" - "telegraf-{{ ansible_os_family }}.yml"
# Configure # Configure
- name: telegraf - Copy telegraf config - name: telegraf - Copy telegraf config