whitelist_squid: support Stretch & Jessie
This commit is contained in:
parent
c43c830005
commit
55c8e462df
91
playbooks/whitelist_squid.yml
Normal file
91
playbooks/whitelist_squid.yml
Normal file
|
@ -0,0 +1,91 @@
|
|||
# Maintainer : Bruno TATU <btatu@evolix.fr> - Aout 2017
|
||||
# Ex: ansible-playbook -i ~/.ansible/hosts whitelist_squid.yml -K -e "host=serveur00"
|
||||
---
|
||||
- hosts: "{{ host }}"
|
||||
become: yes
|
||||
|
||||
vars_prompt:
|
||||
- name: urls
|
||||
prompt: "Liste des domaines à whitelister (ex : d1.com,d2.com)"
|
||||
private: no
|
||||
|
||||
vars:
|
||||
- ticket: "#mail.todo.support:"
|
||||
|
||||
tasks:
|
||||
|
||||
# Test
|
||||
#
|
||||
|
||||
- name: Verifie si c'est une Jessie
|
||||
stat:
|
||||
path: /etc/squid3/whitelist.conf
|
||||
register: config_jessie
|
||||
|
||||
- name: Verifie si c'est une Stretch
|
||||
stat:
|
||||
path: /etc/squid/evolinux-whitelist-defaults.conf
|
||||
register: config_stretch
|
||||
|
||||
# Apply :
|
||||
# Si seulement 1 domaines est déja présent alors, on ne fait pas d'evomaintenance
|
||||
|
||||
- block:
|
||||
|
||||
- block:
|
||||
|
||||
- name: Whitelist domaines pour Jessie
|
||||
lineinfile:
|
||||
dest: '{{ config_jessie.stat.path }}'
|
||||
line: "http://{{ item }}/.*"
|
||||
with_items:
|
||||
- '{{ urls.split(",") }}'
|
||||
|
||||
- name: Reload Squid
|
||||
command: /etc/init.d/squid3 reload
|
||||
|
||||
when: config_jessie.stat.exists
|
||||
|
||||
- block:
|
||||
|
||||
- name: Whitelist domaines pour Stretch
|
||||
lineinfile:
|
||||
dest: '{{ config_stretch.stat.path }}'
|
||||
line: "^{{ item }}$"
|
||||
with_items:
|
||||
- '{{ urls.split(",") }}'
|
||||
|
||||
- name: Reload Squid
|
||||
command: /etc/init.d/squid reload
|
||||
|
||||
when: config_stretch.stat.exists
|
||||
|
||||
|
||||
## Verify :
|
||||
# Doit plutôt vérifier si c'est "X-Squid-Error: ERR_ACCESS_DENIED" 0 ne bloque ou pas
|
||||
|
||||
# - name: test headers
|
||||
# uri:
|
||||
# url: http://placeholder.stratis.fr/700-394
|
||||
# method: HEAD
|
||||
# register: login
|
||||
# ignore_errors: yes
|
||||
#
|
||||
# - debug:
|
||||
# msg: "{{ login.x_squid_error }}"
|
||||
|
||||
# - name: Update successful?
|
||||
# uri:
|
||||
# url: "http://{{ item }}"
|
||||
# method: GET
|
||||
# status_code: 200,301,302,403,404
|
||||
# with_items:
|
||||
# - "{{ urls.split(',') }}"
|
||||
|
||||
## Save configuration
|
||||
#
|
||||
|
||||
- name: Evomaintenance
|
||||
shell: "echo '{{ ticket }} whitelist domaine(s) dans squid'|/bin/sh /usr/share/scripts/evomaintenance.sh"
|
||||
|
||||
when: config_jessie.stat.exists or config_stretch.stat.exists
|
Loading…
Reference in a new issue