Compare commits
2 commits
24a10d19a9
...
11174830cf
Author | SHA1 | Date | |
---|---|---|---|
Jannik Beyerstedt | 11174830cf | ||
Jannik Beyerstedt | 4c11ea5dfe |
|
@ -10,7 +10,12 @@
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
|
- "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
|
||||||
- "borgbackup-{{ ansible_distribution }}.yml"
|
- "borgbackup-{{ ansible_distribution }}.yml"
|
||||||
- "borgbackup-{{ ansible_os_family }}.yml"
|
- "borgbackup-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml"
|
||||||
|
ignore_errors: true
|
||||||
|
when:
|
||||||
|
- borgbackup_passphrase is defined
|
||||||
|
- borgbackup_repo is defined
|
||||||
|
- borgbackup_hostname is defined
|
||||||
|
|
||||||
# copy backup script and enable cronjob
|
# copy backup script and enable cronjob
|
||||||
- name: borgbackup - Copy Borgbackup script
|
- name: borgbackup - Copy Borgbackup script
|
||||||
|
|
|
@ -9,5 +9,34 @@
|
||||||
state: present
|
state: present
|
||||||
vars:
|
vars:
|
||||||
packages:
|
packages:
|
||||||
- exim4
|
- exim
|
||||||
- mailutils
|
|
||||||
|
# Configure exim
|
||||||
|
- name: cronmails - Create exim config folder
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: /etc/exim
|
||||||
|
state: directory
|
||||||
|
# TODO: exim config works quite differently on CentOS compared to Debian!!!
|
||||||
|
# # - name: cronmails - Copy exim config template
|
||||||
|
# # become: yes
|
||||||
|
# # copy:
|
||||||
|
# # src: "{{ role_path }}/files/exim4.conf.template"
|
||||||
|
# # dest: /etc/exim/exim.conf.template
|
||||||
|
# # register: cronmails_conftmp_update
|
||||||
|
# # - name: cronmails - Copy exim config file
|
||||||
|
# # become: yes
|
||||||
|
# # template:
|
||||||
|
# # src: "{{ role_path }}/templates/update-exim4.conf.conf"
|
||||||
|
# # dest: /etc/exim/update-exim.conf.conf
|
||||||
|
# # register: cronmails_conffile_update
|
||||||
|
# # - name: cronmails - Run update-exim.conf
|
||||||
|
# # become: yes
|
||||||
|
# # shell: "update-exim.conf"
|
||||||
|
# # when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
|
||||||
|
# - name: cronmails - Enable and start exim
|
||||||
|
# become: yes
|
||||||
|
# service:
|
||||||
|
# name: exim
|
||||||
|
# state: started
|
||||||
|
# enabled: yes
|
||||||
|
|
|
@ -11,3 +11,32 @@
|
||||||
packages:
|
packages:
|
||||||
- exim4
|
- exim4
|
||||||
- mailutils
|
- mailutils
|
||||||
|
|
||||||
|
# Configure exim
|
||||||
|
- name: cronmails - Create exim4 config folder
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: /etc/exim4
|
||||||
|
state: directory
|
||||||
|
- name: cronmails - Copy exim4 config template
|
||||||
|
become: yes
|
||||||
|
copy:
|
||||||
|
src: "{{ role_path }}/files/exim4.conf.template"
|
||||||
|
dest: /etc/exim4/exim4.conf.template
|
||||||
|
register: cronmails_conftmp_update
|
||||||
|
- name: cronmails - Copy exim4 config file
|
||||||
|
become: yes
|
||||||
|
template:
|
||||||
|
src: "{{ role_path }}/templates/update-exim4.conf.conf"
|
||||||
|
dest: /etc/exim4/update-exim4.conf.conf
|
||||||
|
register: cronmails_conffile_update
|
||||||
|
- name: cronmails - Run update-exim4.conf
|
||||||
|
become: yes
|
||||||
|
shell: "update-exim4.conf"
|
||||||
|
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
|
||||||
|
- name: cronmails - Enable and start exim4
|
||||||
|
become: yes
|
||||||
|
service:
|
||||||
|
name: exim4
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
|
|
@ -7,36 +7,7 @@
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "cronmails-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
|
- "cronmails-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
|
||||||
- "cronmails-{{ ansible_distribution }}.yml"
|
- "cronmails-{{ ansible_distribution }}.yml"
|
||||||
- "cronmails-{{ ansible_os_family }}.yml"
|
- "cronmails-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml"
|
||||||
|
|
||||||
# Configure exim
|
|
||||||
- name: cronmails - Create exim4 config folder
|
|
||||||
become: yes
|
|
||||||
file:
|
|
||||||
path: /etc/exim4
|
|
||||||
state: directory
|
|
||||||
- name: cronmails - Copy exim4 config template
|
|
||||||
become: yes
|
|
||||||
copy:
|
|
||||||
src: "{{ role_path }}/files/exim4.conf.template"
|
|
||||||
dest: /etc/exim4/exim4.conf.template
|
|
||||||
register: cronmails_conftmp_update
|
|
||||||
- name: cronmails - Copy exim4 config file
|
|
||||||
become: yes
|
|
||||||
template:
|
|
||||||
src: "{{ role_path }}/templates/update-exim4.conf.conf"
|
|
||||||
dest: /etc/exim4/update-exim4.conf.conf
|
|
||||||
register: cronmails_conffile_update
|
|
||||||
- name: cronmails - Run update-exim4.conf
|
|
||||||
become: yes
|
|
||||||
shell: "update-exim4.conf"
|
|
||||||
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
|
|
||||||
- name: cronmails - Enable and start exim4
|
|
||||||
become: yes
|
|
||||||
service:
|
|
||||||
name: exim4
|
|
||||||
state: started
|
|
||||||
enabled: yes
|
|
||||||
|
|
||||||
# Set crobjob env variables/ settings
|
# Set crobjob env variables/ settings
|
||||||
- name: cronmails - Crontab set path
|
- name: cronmails - Crontab set path
|
||||||
|
|
|
@ -4,8 +4,8 @@
|
||||||
# SSH
|
# SSH
|
||||||
- name: setup - Copy sshd_config
|
- name: setup - Copy sshd_config
|
||||||
become: yes
|
become: yes
|
||||||
copy:
|
template:
|
||||||
src: "{{ role_path }}/files/sshd_config"
|
src: "{{ role_path }}/templates/sshd_config.j2"
|
||||||
dest: "/etc/ssh/sshd_config"
|
dest: "/etc/ssh/sshd_config"
|
||||||
backup: yes
|
backup: yes
|
||||||
notify:
|
notify:
|
||||||
|
|
|
@ -5,11 +5,11 @@
|
||||||
become: yes
|
become: yes
|
||||||
yum_repository:
|
yum_repository:
|
||||||
name: influxdb
|
name: influxdb
|
||||||
description: "InfluxDB Repository - RHEL \$releasever"
|
description: InfluxDB Repository
|
||||||
baseurl: "https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable"
|
baseurl: https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
|
||||||
enabled: yes
|
enabled: yes
|
||||||
gpgcheck: yes
|
gpgcheck: yes
|
||||||
gpgkey: "https://repos.influxdata.com/influxdb.key"
|
gpgkey: https://repos.influxdata.com/influxdb.key
|
||||||
- name: telegraf - Install telegraf
|
- name: telegraf - Install telegraf
|
||||||
become: yes
|
become: yes
|
||||||
yum:
|
yum:
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
|
- "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
|
||||||
- "telegraf-{{ ansible_distribution }}.yml"
|
- "telegraf-{{ ansible_distribution }}.yml"
|
||||||
- "telegraf-{{ ansible_os_family }}.yml"
|
- "telegraf-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml"
|
||||||
|
|
||||||
# Configure
|
# Configure
|
||||||
- name: telegraf - Copy telegraf config
|
- name: telegraf - Copy telegraf config
|
||||||
|
|
|
@ -18,7 +18,11 @@ LogLevel VERBOSE
|
||||||
|
|
||||||
# Authentication:
|
# Authentication:
|
||||||
#LoginGraceTime 2m
|
#LoginGraceTime 2m
|
||||||
|
{% if 'root' == ansible_user_id %}
|
||||||
|
PermitRootLogin yes
|
||||||
|
{% else %}
|
||||||
PermitRootLogin no
|
PermitRootLogin no
|
||||||
|
{% endif %}
|
||||||
#StrictModes yes
|
#StrictModes yes
|
||||||
MaxAuthTries 2
|
MaxAuthTries 2
|
||||||
MaxSessions 2
|
MaxSessions 2
|
||||||
|
@ -59,7 +63,11 @@ UseDNS no
|
||||||
AcceptEnv LANG LC_*
|
AcceptEnv LANG LC_*
|
||||||
|
|
||||||
# Log sftp level file access (read/write/etc.) that would not be easily logged otherwise.
|
# Log sftp level file access (read/write/etc.) that would not be easily logged otherwise.
|
||||||
|
{% if ((override_os_family is defined) | ternary(override_os_family,ansible_os_family)) == 'Centos' %}
|
||||||
|
Subsystem sftp /usr/libexec/openssh/sftp-server -f AUTHPRIV -l INFO
|
||||||
|
{% else %}
|
||||||
Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO
|
Subsystem sftp /usr/lib/openssh/sftp-server -f AUTHPRIV -l INFO
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# Example of overriding settings on a per-user basis
|
# Example of overriding settings on a per-user basis
|
||||||
#Match User anoncvs
|
#Match User anoncvs
|
Loading…
Reference in a new issue