Release of EvoBSD 6.8.0 #37
|
@ -10,13 +10,13 @@
|
||||||
become: true
|
become: true
|
||||||
become_user: root
|
become_user: root
|
||||||
become_method: sudo
|
become_method: sudo
|
||||||
# become_method: su
|
# become_method: su
|
||||||
|
|
||||||
|
|
||||||
vars_files:
|
vars_files:
|
||||||
- vars/main.yml
|
- vars/main.yml
|
||||||
# - vars/secrets.yml
|
# - vars/secrets.yml
|
||||||
# - vars/openbsd-secret.yml
|
# - vars/openbsd-secret.yml
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- etc-git
|
- etc-git
|
||||||
|
@ -27,9 +27,9 @@
|
||||||
- nagios-nrpe
|
- nagios-nrpe
|
||||||
- evocheck
|
- evocheck
|
||||||
- post-install
|
- post-install
|
||||||
#- openvpn
|
# - openvpn
|
||||||
#- ospf
|
# - ospf
|
||||||
#- bgp
|
# - bgp
|
||||||
|
|
||||||
post_tasks:
|
post_tasks:
|
||||||
- include: "tasks/commit_etc_git.yml"
|
- include: "tasks/commit_etc_git.yml"
|
||||||
|
@ -40,6 +40,4 @@
|
||||||
tasks_from: exec.yml
|
tasks_from: exec.yml
|
||||||
|
|
||||||
# environment:
|
# environment:
|
||||||
# PKG_PATH: "http://ftp.openbsd.org/pub/OpenBSD/{{ ansible_distribution_version }}/packages/{{ ansible_architecture }}/"
|
# PKG_PATH: "http://ftp.openbsd.org/pub/OpenBSD/{{ ansible_distribution_version }}/packages/{{ ansible_architecture }}/"
|
||||||
|
|
||||||
# vim:ft=ansible
|
|
||||||
|
|
|
@ -2,13 +2,13 @@
|
||||||
# ansible-playbook prerequisite.yml -CDi hosts -l HOSTNAME
|
# ansible-playbook prerequisite.yml -CDi hosts -l HOSTNAME
|
||||||
|
|
||||||
---
|
---
|
||||||
- hosts: all
|
- hosts: all
|
||||||
become: yes
|
become: yes
|
||||||
become_method: su
|
become_method: su
|
||||||
user: root
|
user: root
|
||||||
gather_facts: no
|
gather_facts: no
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
|
|
||||||
- name: Install ansible's prerequisite
|
- name: Install ansible's prerequisite
|
||||||
raw: export PKG_PATH=http://ftp.eu.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -p)/; pkg_add -z python-2
|
raw: export PKG_PATH=http://ftp.eu.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -p)/; pkg_add -z python-2
|
||||||
|
|
|
@ -30,12 +30,13 @@
|
||||||
check_mode: false
|
check_mode: false
|
||||||
register: grep_allowusers_ssh
|
register: grep_allowusers_ssh
|
||||||
|
|
||||||
- assert:
|
- name: "Check that AllowUsers and AllowGroup do not override each other"
|
||||||
|
assert:
|
||||||
that: "not (grep_allowusers_ssh.rc == 0 and grep_allowgroups_ssh.rc == 0)"
|
that: "not (grep_allowusers_ssh.rc == 0 and grep_allowgroups_ssh.rc == 0)"
|
||||||
msg: "We can't deal with AllowUsers and AllowGroups at the same time"
|
msg: "We can't deal with AllowUsers and AllowGroups at the same time"
|
||||||
|
|
||||||
- set_fact:
|
- name: "If AllowGroups is present then use it"
|
||||||
# If "AllowGroups is present"
|
set_fact:
|
||||||
ssh_allowgroups: "{{ (grep_allowgroups_ssh.rc == 0) or (grep_allowusers_ssh.rc != 0) }}"
|
ssh_allowgroups: "{{ (grep_allowgroups_ssh.rc == 0) or (grep_allowusers_ssh.rc != 0) }}"
|
||||||
|
|
||||||
- name: "Add AllowGroups sshd directive with '{{ evolinux_ssh_group }}'"
|
- name: "Add AllowGroups sshd directive with '{{ evolinux_ssh_group }}'"
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
when: not ansible_check_mode
|
when: not ansible_check_mode
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
tags:
|
tags:
|
||||||
- commit-etc
|
- commit-etc
|
||||||
|
|
||||||
- name: /etc modifications are committed
|
- name: /etc modifications are committed
|
||||||
shell: "git add -A . && git commit -m \"{{ commit_message | default('Ansible run') }}\" --author=\"{{ ansible_env.SUDO_USER | default('Root') }} <{{ ansible_env.SUDO_USER | default('Root') }}@{{ general_technical_realm }}>\""
|
shell: "git add -A . && git commit -m \"{{ commit_message | default('Ansible run') }}\" --author=\"{{ ansible_env.SUDO_USER | default('Root') }} <{{ ansible_env.SUDO_USER | default('Root') }}@{{ general_technical_realm }}>\""
|
||||||
|
@ -18,4 +18,4 @@
|
||||||
when: not ansible_check_mode and git_status.stdout != ""
|
when: not ansible_check_mode and git_status.stdout != ""
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
tags:
|
tags:
|
||||||
- commit-etc
|
- commit-etc
|
||||||
|
|
|
@ -3,29 +3,29 @@
|
||||||
## Edit and uncomment to overwrite the default values ##
|
## Edit and uncomment to overwrite the default values ##
|
||||||
########################################################
|
########################################################
|
||||||
|
|
||||||
#ntpd_servers:
|
# ntpd_servers:
|
||||||
#- "ntp.evolix.net"
|
# - "ntp.evolix.net"
|
||||||
#
|
#
|
||||||
#general_alert_email: "root@localhost"
|
# general_alert_email: "root@localhost"
|
||||||
#general_technical_realm: "example.com"
|
# general_technical_realm: "example.com"
|
||||||
evolinux_ssh_group: "evolinux-ssh"
|
evolinux_ssh_group: "evolinux-ssh"
|
||||||
evolinux_sudo_group: "evolinux-sudo"
|
evolinux_sudo_group: "evolinux-sudo"
|
||||||
evolinux_root_disable_ssh: true
|
evolinux_root_disable_ssh: true
|
||||||
#
|
#
|
||||||
#evomaintenance_realm: "example.com"
|
# evomaintenance_realm: "example.com"
|
||||||
#evomaintenance_alert_email: "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}"
|
# evomaintenance_alert_email: "evomaintenance-{{ inventory_hostname }}@{{ evomaintenance_realm }}"
|
||||||
#evomaintenance_hostname: "{{ inventory_hostname }}.{{ general_technical_realm }}"
|
# evomaintenance_hostname: "{{ inventory_hostname }}.{{ general_technical_realm }}"
|
||||||
#evomaintenance_pg_host: Null
|
# evomaintenance_pg_host: Null
|
||||||
#evomaintenance_pg_passwd: Null
|
# evomaintenance_pg_passwd: Null
|
||||||
#evomaintenance_pg_db: Null
|
# evomaintenance_pg_db: Null
|
||||||
#evomaintenance_pg_table: Null
|
# evomaintenance_pg_table: Null
|
||||||
#evomaintenance_from_domain: "{{ evomaintenance_realm }}"
|
# evomaintenance_from_domain: "{{ evomaintenance_realm }}"
|
||||||
#evomaintenance_from: "evomaintenance@{{ evomaintenance_from_domain }}"
|
# evomaintenance_from: "evomaintenance@{{ evomaintenance_from_domain }}"
|
||||||
#evomaintenance_full_from: "Evomaintenance <{{ evomaintenance_from }}>"
|
# evomaintenance_full_from: "Evomaintenance <{{ evomaintenance_from }}>"
|
||||||
#evomaintenance_urgency_from: mama.doe@example.com
|
# evomaintenance_urgency_from: mama.doe@example.com
|
||||||
#evomaintenance_urgency_tel: "06.00.00.00.00"
|
# evomaintenance_urgency_tel: "06.00.00.00.00"
|
||||||
#
|
#
|
||||||
#evolix_users:
|
# evolix_users:
|
||||||
# foo:
|
# foo:
|
||||||
# name: foo
|
# name: foo
|
||||||
# uid: 1042
|
# uid: 1042
|
||||||
|
|
Loading…
Reference in a new issue