forked from evolix/ansible-roles
174 lines
4.7 KiB
YAML
174 lines
4.7 KiB
YAML
---
|
|
|
|
- name: "System compatibility checks"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- ansible_distribution == "Debian"
|
|
- ansible_distribution_major_version is version('8', '>=')
|
|
msg: only compatible with Debian >= 8
|
|
|
|
- name: Apt configuration
|
|
ansible.builtin.include_role:
|
|
name: evolix/apt
|
|
vars:
|
|
apt_install_basics: "{{ evolinux_apt_replace_default_sources }}"
|
|
apt_install_evolix_public: "{{ evolinux_apt_public_sources }}"
|
|
apt_upgrade: "{{ evolinux_apt_upgrade }}"
|
|
apt_basics_components: "{{ (ansible_virtualization_role == 'host') | ternary('main contrib non-free', 'main') }}"
|
|
when: evolinux_apt_include | bool
|
|
|
|
- name: /etc versioning with Git
|
|
ansible.builtin.include_role:
|
|
name: evolix/etc-git
|
|
when: evolinux_etcgit_include | bool
|
|
|
|
- name: /etc/evolinux base
|
|
ansible.builtin.import_tasks: etc-evolinux.yml
|
|
when: evolinux_etcevolinux_include | bool
|
|
|
|
- name: Hostname
|
|
ansible.builtin.import_tasks: hostname.yml
|
|
when: evolinux_hostname_include | bool
|
|
|
|
- name: Kernel tuning
|
|
ansible.builtin.import_tasks: kernel.yml
|
|
when: evolinux_kernel_include | bool
|
|
|
|
- name: Fstab configuration
|
|
ansible.builtin.import_tasks: fstab.yml
|
|
when: evolinux_fstab_include | bool
|
|
|
|
- name: Packages
|
|
ansible.builtin.import_tasks: packages.yml
|
|
when: evolinux_packages_include | bool
|
|
|
|
- name: System settings
|
|
ansible.builtin.import_tasks: system.yml
|
|
when: evolinux_system_include | bool
|
|
|
|
- name: Minifirewall
|
|
ansible.builtin.include_role:
|
|
name: evolix/minifirewall
|
|
when: evolinux_minifirewall_include | bool
|
|
|
|
- name: Evomaintenance
|
|
ansible.builtin.include_role:
|
|
name: evolix/evomaintenance
|
|
when: evolinux_evomaintenance_include | bool
|
|
|
|
- name: SSH configuration (single file)
|
|
ansible.builtin.import_tasks: ssh.single-file.yml
|
|
when:
|
|
- ansible_distribution_major_version is version('12', '<')
|
|
- evolinux_ssh_include | bool
|
|
|
|
- name: SSH configuration (included-files)
|
|
ansible.builtin.import_tasks: ssh.included-files.yml
|
|
when:
|
|
- ansible_distribution_major_version is version('12', '>=')
|
|
- evolinux_ssh_include | bool
|
|
|
|
### disabled because of a memory leak
|
|
# - name: Create evolinux users
|
|
# include_role:
|
|
# name: evolix/evolinux-users
|
|
# when: evolinux_users_include
|
|
|
|
- name: Bash configuration
|
|
ansible.builtin.import_tasks: bash.yml
|
|
|
|
- name: Root user configuration
|
|
ansible.builtin.import_tasks: root.yml
|
|
when: evolinux_root_include | bool
|
|
|
|
- name: Postfix role
|
|
ansible.builtin.include_role:
|
|
name: evolix/postfix
|
|
when: evolinux_postfix_include | bool
|
|
tags:
|
|
- postfix
|
|
|
|
- name: Configure /etc/aliases
|
|
ansible.builtin.import_tasks: mail_aliases.yml
|
|
when: evolinux_mail_aliases_include | bool
|
|
|
|
- name: Logs management
|
|
ansible.builtin.import_tasks: logs.yml
|
|
when: evolinux_logs_include | bool
|
|
|
|
- name: Default index page
|
|
ansible.builtin.import_tasks: default_www.yml
|
|
when: evolinux_default_www_include | bool
|
|
|
|
- name: Hardware drivers and tools
|
|
ansible.builtin.import_tasks: hardware.yml
|
|
when:
|
|
- evolinux_hardware_include | bool
|
|
- ansible_virtualization_role == "host"
|
|
|
|
- name: Customize for Online.net
|
|
ansible.builtin.import_tasks: provider_online.yml
|
|
when: evolinux_provider_online_include | bool
|
|
|
|
- name: Customize for Orange FCE
|
|
ansible.builtin.import_tasks: provider_orange_fce.yml
|
|
when: evolinux_provider_orange_fce_include | bool
|
|
|
|
- name: Override Log2mail service
|
|
ansible.builtin.import_tasks: log2mail.yml
|
|
when: evolinux_log2mail_include | bool
|
|
|
|
- ansible.builtin.import_tasks: motd.yml
|
|
when: evolinux_motd_include | bool
|
|
|
|
- ansible.builtin.import_tasks: utils.yml
|
|
when: evolinux_utils_include | bool
|
|
|
|
- name: Munin
|
|
ansible.builtin.include_role:
|
|
name: evolix/munin
|
|
when: evolinux_munin_include | bool
|
|
|
|
- name: Nagios/NRPE
|
|
ansible.builtin.include_role:
|
|
name: evolix/nagios-nrpe
|
|
when: evolinux_nagios_nrpe_include | bool
|
|
|
|
- name: check_free_space
|
|
ansible.builtin.include_role:
|
|
name: evolix/check_free_space
|
|
when: evolinux_check_free_space_include | bool
|
|
|
|
# postfix role must be after nagios-nrpe role
|
|
- name: Postfix role
|
|
ansible.builtin.include_role:
|
|
name: evolix/postfix
|
|
when: evolinux_postfix_include | bool
|
|
tags:
|
|
- postfix
|
|
|
|
- name: Autosysadmin
|
|
ansible.builtin.include_role:
|
|
name: 'evolix/autosysadmin-agent'
|
|
when: evolinux_autosysadmin_include | bool
|
|
|
|
- name: fail2ban
|
|
ansible.builtin.include_role:
|
|
name: evolix/fail2ban
|
|
when: evolinux_fail2ban_include | bool
|
|
|
|
- name: Evocheck
|
|
ansible.builtin.include_role:
|
|
name: evolix/evocheck
|
|
when: evolinux_evocheck_include | bool
|
|
|
|
- name: Listupgrade
|
|
ansible.builtin.include_role:
|
|
name: evolix/listupgrade
|
|
when: evolinux_listupgrade_include | bool
|
|
|
|
- name: Generate ldif script
|
|
ansible.builtin.include_role:
|
|
name: evolix/generate-ldif
|
|
when: evolinux_generateldif_include | bool
|