Ignore:
Timestamp:
Dec 7, 2024, 2:45:01 AM (5 months ago)
Author:
Bruno Cornec
Message:

Remove most of the content infavour of musique-ancienne.org management after machine move

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/3.3/ansible/roles/system/tasks/main.yml

    r3795 r3896  
    11---
    2 
    3 - name: Check that IP address is setup
    4   template: src=templates/ifcfg-enp2s0f0 dest=/etc/sysconfig/network-scripts/ifcfg-enp2s0f0 owner=root group=root mode=0600 backup=yes
    5   tags: system
    6 
    7 - name: Check that GW is setup
    8   template: src=templates/network dest=/etc/sysconfig/network owner=root group=root mode=0600 backup=yes
    9   tags: system
    10 
    11 # Validate the sudoers file before saving
    12 - name: Check that sudo is configured
    13   lineinfile: destfile=/etc/sudoers state=present line='{{ item }} ALL=(ALL) NOPASSWD:ALL' validate='visudo -cf %s' mode=0600 backup=yes
    14   with_items:
    15     - fwadmin
    16     - bruno
    17   tags: system
    18 
    19 - name: Check that sshd is installed
    20   urpmi: name=openssh-server state=installed update_cache=yes no_recommends=yes
    21   tags: system
    22 
    23 - name: Check that sshd is configured
    24   #lineinfile: destfile=/etc/ssh/sshd_config state=present line='PermitRootLogin prohibit-password' mode=0600 backup=yes
    25   lineinfile: destfile=/etc/ssh/sshd_config state=present line='PermitRootLogin no' mode=0600 backup=yes
    26   notify:
    27     - restart sshd
    28   tags: system
    29 
    30 - name: Ensure the groups exists
    31   group: name={{ item }} state=present
    32   tags: system
    33   with_items:
    34     - fwadmin
    35     - bruno
    36 
    37 - name: Ensure the accounts exists
    38   user: name={{ item }} state=present group={{ item }} home=/home/{{ item }} move_home=yes
    39   tags: system
    40   with_items:
    41     - fwadmin
    42     - bruno
    43 
    442- name: Copy special keys for remote access (git...)
    453  copy: src=/users/bruno/prj/musique-ancienne.org/mondorescue.org/{{ item.f }} dest=/home/bruno/{{ item.f }} mode={{ item.m }} backup=yes owner=bruno group=bruno
     
    5513    - bruno
    5614  tags: system
    57 
    58 - name: Check that sshd is running and enabled
    59   service: name=sshd state=started enabled=yes
    60   tags: system
    61 
    62 - name: Check that sshutout is installed
    63   urpmi: name=sshutout state=installed update_cache=yes no_recommends=yes
    64   tags: system
    65 
    66 - name: Check that sshutout is configured
    67   template: src=templates/sshutout.conf dest=/etc/sshutout.conf owner=root group=root mode=0600 backup=yes
    68   notify:
    69     - restart sshutout
    70   tags: system
    71 
    72 - name: Check that sshutout is running and enabled
    73   service: name=sshutout state=started enabled=yes
    74   tags: system
    75 
    76 - name: Setup backup script
    77   copy: src=files/{{ item }} dest=/usr/local/bin/{{ item }} owner=root group=root mode=0755 backup=yes
    78   with_items:
    79     - mkbkp
    80   tags: system
    81 
    82 - name: Setup autoupdate via cron
    83   cron: name=urpmi-upd minute=43 hour=03 user=root job="/usr/local/bin/upd" cron_file=urpmi-upd state=present backup=yes
    84   tags: system
    85 
    86 - name: Setup backup for bruno via cron
    87   cron: name=bkp minute=43 hour=02 user=bruno job="/usr/local/bin/mkbkp" cron_file=bkp state=present backup=yes
    88   tags: system
Note: See TracChangeset for help on using the changeset viewer.