Compare commits

...

2 commits

8 changed files with 81 additions and 39 deletions

View file

@ -10,7 +10,12 @@
with_first_found:
- "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "borgbackup-{{ ansible_distribution }}.yml"
- "borgbackup-{{ ansible_os_family }}.yml"
- "borgbackup-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml"
ignore_errors: true
when:
- borgbackup_passphrase is defined
- borgbackup_repo is defined
- borgbackup_hostname is defined
# copy backup script and enable cronjob
- name: borgbackup - Copy Borgbackup script

View file

@ -9,5 +9,34 @@
state: present
vars:
packages:
- exim4
- mailutils
- exim
# Configure exim
- name: cronmails - Create exim config folder
become: yes
file:
path: /etc/exim
state: directory
# TODO: exim config works quite differently on CentOS compared to Debian!!!
# # - name: cronmails - Copy exim config template
# # become: yes
# # copy:
# # src: "{{ role_path }}/files/exim4.conf.template"
# # dest: /etc/exim/exim.conf.template
# # register: cronmails_conftmp_update
# # - name: cronmails - Copy exim config file
# # become: yes
# # template:
# # src: "{{ role_path }}/templates/update-exim4.conf.conf"
# # dest: /etc/exim/update-exim.conf.conf
# # register: cronmails_conffile_update
# # - name: cronmails - Run update-exim.conf
# # become: yes
# # shell: "update-exim.conf"
# # when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
# - name: cronmails - Enable and start exim
# become: yes
# service:
# name: exim
# state: started
# enabled: yes

View file

@ -11,3 +11,32 @@
packages:
- exim4
- mailutils
# Configure exim
- name: cronmails - Create exim4 config folder
become: yes
file:
path: /etc/exim4
state: directory
- name: cronmails - Copy exim4 config template
become: yes
copy:
src: "{{ role_path }}/files/exim4.conf.template"
dest: /etc/exim4/exim4.conf.template
register: cronmails_conftmp_update
- name: cronmails - Copy exim4 config file
become: yes
template:
src: "{{ role_path }}/templates/update-exim4.conf.conf"
dest: /etc/exim4/update-exim4.conf.conf
register: cronmails_conffile_update
- name: cronmails - Run update-exim4.conf
become: yes
shell: "update-exim4.conf"
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
- name: cronmails - Enable and start exim4
become: yes
service:
name: exim4
state: started
enabled: yes

View file

@ -7,36 +7,7 @@
with_first_found:
- "cronmails-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "cronmails-{{ ansible_distribution }}.yml"
- "cronmails-{{ ansible_os_family }}.yml"
# Configure exim
- name: cronmails - Create exim4 config folder
become: yes
file:
path: /etc/exim4
state: directory
- name: cronmails - Copy exim4 config template
become: yes
copy:
src: "{{ role_path }}/files/exim4.conf.template"
dest: /etc/exim4/exim4.conf.template
register: cronmails_conftmp_update
- name: cronmails - Copy exim4 config file
become: yes
template:
src: "{{ role_path }}/templates/update-exim4.conf.conf"
dest: /etc/exim4/update-exim4.conf.conf
register: cronmails_conffile_update
- name: cronmails - Run update-exim4.conf
become: yes
shell: "update-exim4.conf"
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
- name: cronmails - Enable and start exim4
become: yes
service:
name: exim4
state: started
enabled: yes
- "cronmails-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml"
# Set crobjob env variables/ settings
- name: cronmails - Crontab set path

View file

@ -4,8 +4,8 @@
# SSH
- name: setup - Copy sshd_config
become: yes
copy:
src: "{{ role_path }}/files/sshd_config"
template:
src: "{{ role_path }}/templates/sshd_config.j2"
dest: "/etc/ssh/sshd_config"
backup: yes
notify:

View file

@ -5,11 +5,11 @@
become: yes
yum_repository:
name: influxdb
description: "InfluxDB Repository - RHEL \$releasever"
baseurl: "https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable"
description: InfluxDB Repository
baseurl: https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled: yes
gpgcheck: yes
gpgkey: "https://repos.influxdata.com/influxdb.key"
gpgkey: https://repos.influxdata.com/influxdb.key
- name: telegraf - Install telegraf
become: yes
yum:

View file

@ -7,7 +7,7 @@
with_first_found:
- "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "telegraf-{{ ansible_distribution }}.yml"
- "telegraf-{{ ansible_os_family }}.yml"
- "telegraf-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml"
# Configure
- name: telegraf - Copy telegraf config

View file

@ -18,7 +18,11 @@ LogLevel VERBOSE
# Authentication:
#LoginGraceTime 2m
{% if 'root' == ansible_user_id %}
PermitRootLogin yes
{% else %}
PermitRootLogin no
{% endif %}
#StrictModes yes
MaxAuthTries 2
MaxSessions 2
@ -59,7 +63,11 @@ UseDNS no
AcceptEnv LANG LC_*
# Log sftp level file access (read/write/etc.) that would not be easily logged otherwise.
{% if ((override_os_family is defined) | ternary(override_os_family,ansible_os_family)) == 'Centos' %}
Subsystem sftp /usr/libexec/openssh/sftp-server -f AUTHPRIV -l INFO
{% else %}
Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO
{% endif %}
# Example of overriding settings on a per-user basis
#Match User anoncvs