Make the FQCN warning happy again
This commit is contained in:
parent
210c335e90
commit
7f6b52b225
@ -1,8 +1,8 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: restart cron
|
- name: restart cron
|
||||||
service: name=cron state=restarted
|
ansible.builtin.service: name=cron state=restarted
|
||||||
become: yes
|
become: yes
|
||||||
- name: regen initramfs
|
- name: regen initramfs
|
||||||
command: /usr/sbin/update-initramfs -c -k all
|
ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
|
||||||
become: yes
|
become: yes
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
- hosts: all
|
- hosts: all
|
||||||
tasks:
|
tasks:
|
||||||
- name: collect service facts
|
- name: collect service facts
|
||||||
service_facts:
|
ansible.builtin.service_facts:
|
||||||
tags: [ always ]
|
tags: [ always ]
|
||||||
roles:
|
roles:
|
||||||
- role: common
|
- role: common
|
||||||
|
|||||||
@ -5,8 +5,8 @@
|
|||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: assure scanner user
|
- name: assure scanner user
|
||||||
user: name=scanner state=absent
|
ansible.builtin.user: name=scanner state=absent
|
||||||
tags: [ scanner, greenbone ]
|
tags: [ scanner, greenbone ]
|
||||||
- name: assure scanner user sudoers rule
|
- name: assure scanner user sudoers rule
|
||||||
lineinfile: path=/etc/sudoers line="scanner ALL=(ALL:ALL) NOPASSWD:ALL" state=absent
|
ansible.builtin.lineinfile: path=/etc/sudoers line="scanner ALL=(ALL:ALL) NOPASSWD:ALL" state=absent
|
||||||
tags: [ scanner, greenbone ]
|
tags: [ scanner, greenbone ]
|
||||||
|
|||||||
@ -5,5 +5,5 @@
|
|||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: touch ansible timestamp file
|
- name: touch ansible timestamp file
|
||||||
file: path=/var/lib/ansible-last-run state=touch mode='0644'
|
ansible.builtin.file: path=/var/lib/ansible-last-run state=touch mode='0644'
|
||||||
changed_when: no
|
changed_when: no
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
- hosts: device_roles_workstation
|
- hosts: device_roles_workstation
|
||||||
tasks:
|
tasks:
|
||||||
- name: assure vm-fs-1 nfs mountpoint
|
- name: assure vm-fs-1 nfs mountpoint
|
||||||
file: path=/nfs/vm-fs-1.home.mgmt.desu.ltd state=directory owner=root group=root mode=0755
|
ansible.builtin.file: path=/nfs/vm-fs-1.home.mgmt.desu.ltd state=directory owner=root group=root mode=0755
|
||||||
tags: [ desktop, nfs ]
|
tags: [ desktop, nfs ]
|
||||||
- name: assure vm-fs-1 nfs mount
|
- name: assure vm-fs-1 nfs mount
|
||||||
mount: path=/nfs/vm-fs-1.home.mgmt.desu.ltd src=vm-fs-1.home.mgmt.desu.ltd:/nfs fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
mount: path=/nfs/vm-fs-1.home.mgmt.desu.ltd src=vm-fs-1.home.mgmt.desu.ltd:/nfs fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||||
|
|||||||
@ -78,7 +78,7 @@
|
|||||||
tags: [ docker ]
|
tags: [ docker ]
|
||||||
tasks:
|
tasks:
|
||||||
- name: assure nfs mount directory
|
- name: assure nfs mount directory
|
||||||
file: path=/data/syncthing/data state=directory mode=0755
|
ansible.builtin.file: path=/data/syncthing/data state=directory mode=0755
|
||||||
tags: [ storage ]
|
tags: [ storage ]
|
||||||
- name: assure nfs mount
|
- name: assure nfs mount
|
||||||
mount: path=/data/syncthing/data src=192.168.190.1:/nfs/syncthing fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
mount: path=/data/syncthing/data src=192.168.190.1:/nfs/syncthing fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||||
@ -89,7 +89,7 @@
|
|||||||
- app/syncthing.yml
|
- app/syncthing.yml
|
||||||
tags: [ always ]
|
tags: [ always ]
|
||||||
- name: assure movement cronjobs
|
- name: assure movement cronjobs
|
||||||
cron:
|
ansible.builtin.cron:
|
||||||
name: "{{ item.name }}"
|
name: "{{ item.name }}"
|
||||||
minute: 0
|
minute: 0
|
||||||
hour: 5
|
hour: 5
|
||||||
@ -116,14 +116,14 @@
|
|||||||
dest: Pictures/Screenshots/Vidya/Cyberpunk 2077
|
dest: Pictures/Screenshots/Vidya/Cyberpunk 2077
|
||||||
tags: [ cron ]
|
tags: [ cron ]
|
||||||
- name: assure zone identifier cleanup cronjob
|
- name: assure zone identifier cleanup cronjob
|
||||||
cron:
|
ansible.builtin.cron:
|
||||||
name: cleanup zone.identtifier
|
name: cleanup zone.identtifier
|
||||||
minute: 0
|
minute: 0
|
||||||
hour: 3
|
hour: 3
|
||||||
job: 'find /data/syncthing/data/ -type f -iname "*:Zone.Identifier" -delete'
|
job: 'find /data/syncthing/data/ -type f -iname "*:Zone.Identifier" -delete'
|
||||||
tags: [ cron ]
|
tags: [ cron ]
|
||||||
- name: assure filename sanitize cronjobs
|
- name: assure filename sanitize cronjobs
|
||||||
cron:
|
ansible.builtin.cron:
|
||||||
name: "sanitize {{ item }}"
|
name: "sanitize {{ item }}"
|
||||||
minute: 0
|
minute: 0
|
||||||
hour: 4
|
hour: 4
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: assure nfs mount directory
|
- name: assure nfs mount directory
|
||||||
file: path=/nfs/projects state=directory mode=0755
|
ansible.builtin.file: path=/nfs/projects state=directory mode=0755
|
||||||
tags: [ storage ]
|
tags: [ storage ]
|
||||||
- name: assure nfs mount
|
- name: assure nfs mount
|
||||||
mount: path=/nfs/projects src=192.168.190.1:/nfs/projects fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
mount: path=/nfs/projects src=192.168.190.1:/nfs/projects fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
- hosts: vm-fs-1.home.mgmt.desu.ltd
|
- hosts: vm-fs-1.home.mgmt.desu.ltd
|
||||||
tasks:
|
tasks:
|
||||||
- name: assure nfs directory
|
- name: assure nfs directory
|
||||||
file: path=/nfs state=directory mode=0755
|
ansible.builtin.file: path=/nfs state=directory mode=0755
|
||||||
roles:
|
roles:
|
||||||
- role: backup
|
- role: backup
|
||||||
vars:
|
vars:
|
||||||
|
|||||||
@ -10,7 +10,7 @@
|
|||||||
pull: yes
|
pull: yes
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: assure nfs mount directory
|
- name: assure nfs mount directory
|
||||||
file: path=/data state=directory mode=0755
|
ansible.builtin.file: path=/data state=directory mode=0755
|
||||||
tags: [ pis, storage ]
|
tags: [ pis, storage ]
|
||||||
- name: assure nfs mount
|
- name: assure nfs mount
|
||||||
mount: path=/data/shared src=192.168.190.1:/nfs/media fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
mount: path=/data/shared src=192.168.190.1:/nfs/media fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||||
|
|||||||
@ -25,7 +25,7 @@
|
|||||||
overwrite: yes
|
overwrite: yes
|
||||||
tasks:
|
tasks:
|
||||||
- name: clear host errors before dns loop
|
- name: clear host errors before dns loop
|
||||||
meta: clear_host_errors
|
ansible.builtin.meta: clear_host_errors
|
||||||
- name: configure dns
|
- name: configure dns
|
||||||
block:
|
block:
|
||||||
- name: configure main mgmt dns
|
- name: configure main mgmt dns
|
||||||
|
|||||||
@ -6,7 +6,7 @@
|
|||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: install raspi packages
|
- name: install raspi packages
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- libraspberrypi-bin
|
- libraspberrypi-bin
|
||||||
tags: [ pis, packages ]
|
tags: [ pis, packages ]
|
||||||
|
|||||||
@ -6,9 +6,9 @@
|
|||||||
- name: configure system76 for apt
|
- name: configure system76 for apt
|
||||||
block:
|
block:
|
||||||
- name: ensure system76 repo
|
- name: ensure system76 repo
|
||||||
apt_repository: repo="ppa:system76-dev/stable"
|
ansible.builtin.apt_repository: repo="ppa:system76-dev/stable"
|
||||||
- name: ensure system76 packages
|
- name: ensure system76 packages
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- firmware-manager
|
- firmware-manager
|
||||||
- kamoso
|
- kamoso
|
||||||
|
|||||||
@ -136,7 +136,7 @@
|
|||||||
pull: yes
|
pull: yes
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: clear host errors
|
- name: clear host errors
|
||||||
meta: clear_host_errors
|
ansible.builtin.meta: clear_host_errors
|
||||||
tasks:
|
tasks:
|
||||||
- name: ensure docker network
|
- name: ensure docker network
|
||||||
docker_network: name=web
|
docker_network: name=web
|
||||||
|
|||||||
@ -19,7 +19,7 @@
|
|||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: disable ansible-pull when not tagged
|
- name: disable ansible-pull when not tagged
|
||||||
systemd: name={{ item }} state=stopped enabled=no
|
ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
|
||||||
with_items:
|
with_items:
|
||||||
- ansible-pull.timer
|
- ansible-pull.timer
|
||||||
- ansible-pull.service
|
- ansible-pull.service
|
||||||
|
|||||||
@ -14,7 +14,7 @@
|
|||||||
serial: 1
|
serial: 1
|
||||||
tasks:
|
tasks:
|
||||||
- name: check for reboot-required
|
- name: check for reboot-required
|
||||||
stat: path=/var/run/reboot-required
|
ansible.builtin.stat: path=/var/run/reboot-required
|
||||||
register: s
|
register: s
|
||||||
- name: reboot
|
- name: reboot
|
||||||
block:
|
block:
|
||||||
@ -30,7 +30,7 @@
|
|||||||
delegate_to: web3.dallas.mgmt.desu.ltd
|
delegate_to: web3.dallas.mgmt.desu.ltd
|
||||||
rescue:
|
rescue:
|
||||||
- name: notify of failure to reboot
|
- name: notify of failure to reboot
|
||||||
debug: msg="Miscellaneous failure when scheduling downtime"
|
ansible.builtin.debug: msg="Miscellaneous failure when scheduling downtime"
|
||||||
- name: reboot
|
- name: reboot
|
||||||
reboot: reboot_timeout=600
|
ansible.builtin.reboot: reboot_timeout=600
|
||||||
when: s.stat.exists
|
when: s.stat.exists
|
||||||
|
|||||||
@ -12,10 +12,10 @@
|
|||||||
tags: [ nagios, git ]
|
tags: [ nagios, git ]
|
||||||
tasks:
|
tasks:
|
||||||
- name: assure nagios plugin packages
|
- name: assure nagios plugin packages
|
||||||
apt: name=monitoring-plugins,nagios-plugins-contrib
|
ansible.builtin.apt: name=monitoring-plugins,nagios-plugins-contrib
|
||||||
tags: [ nagios ]
|
tags: [ nagios ]
|
||||||
- name: assure nagios user
|
- name: assure nagios user
|
||||||
user: name=nagios-checker state=present system=yes
|
ansible.builtin.user: name=nagios-checker state=present system=yes
|
||||||
tags: [ nagios ]
|
tags: [ nagios ]
|
||||||
- name: assure nagios user ssh key
|
- name: assure nagios user ssh key
|
||||||
authorized_key:
|
authorized_key:
|
||||||
@ -24,10 +24,10 @@
|
|||||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKNavw28C0mKIQVRLQDW2aoovliU1XCGaenDhIMwumK/ Nagios monitoring"
|
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKNavw28C0mKIQVRLQDW2aoovliU1XCGaenDhIMwumK/ Nagios monitoring"
|
||||||
tags: [ nagios ]
|
tags: [ nagios ]
|
||||||
- name: assure nagios user sudo rule file
|
- name: assure nagios user sudo rule file
|
||||||
file: path=/etc/sudoers.d/50-nagios-checker mode=0750 owner=root group=root state=touch modification_time=preserve access_time=preserve
|
ansible.builtin.file: path=/etc/sudoers.d/50-nagios-checker mode=0750 owner=root group=root state=touch modification_time=preserve access_time=preserve
|
||||||
tags: [ nagios, sudo ]
|
tags: [ nagios, sudo ]
|
||||||
- name: assure nagios user sudo rules
|
- name: assure nagios user sudo rules
|
||||||
lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: /etc/sudoers.d/50-nagios-checker
|
path: /etc/sudoers.d/50-nagios-checker
|
||||||
line: "nagios-checker ALL = (root) NOPASSWD: {{ item }}"
|
line: "nagios-checker ALL = (root) NOPASSWD: {{ item }}"
|
||||||
with_items:
|
with_items:
|
||||||
@ -39,6 +39,6 @@
|
|||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: disable nagios user when not tagged
|
- name: disable nagios user when not tagged
|
||||||
user: name=nagios-checker state=absent remove=yes
|
ansible.builtin.user: name=nagios-checker state=absent remove=yes
|
||||||
when: "'tags_nagios' not in group_names"
|
when: "'tags_nagios' not in group_names"
|
||||||
tags: [ nagios ]
|
tags: [ nagios ]
|
||||||
|
|||||||
@ -24,7 +24,7 @@
|
|||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: disable snmpd when not tagged
|
- name: disable snmpd when not tagged
|
||||||
systemd: name={{ item }} state=stopped enabled=no
|
ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
|
||||||
with_items:
|
with_items:
|
||||||
- snmpd.service
|
- snmpd.service
|
||||||
when: "'tags_snmp' not in group_names and item in services"
|
when: "'tags_snmp' not in group_names and item in services"
|
||||||
|
|||||||
@ -25,8 +25,8 @@
|
|||||||
- /srv/desu.ltd/nc:/var/www/html/data
|
- /srv/desu.ltd/nc:/var/www/html/data
|
||||||
tags: [ docker, nextcloud ]
|
tags: [ docker, nextcloud ]
|
||||||
- name: assure nextcloud cron cronjob
|
- name: assure nextcloud cron cronjob
|
||||||
cron: user=root name=nextcloud minute=*/5 job="docker exec --user www-data nextcloud php -f /var/www/html/cron.php"
|
ansible.builtin.cron: user=root name=nextcloud minute=*/5 job="docker exec --user www-data nextcloud php -f /var/www/html/cron.php"
|
||||||
tags: [ docker, nextcloud, cron ]
|
tags: [ docker, nextcloud, cron ]
|
||||||
- name: assure nextcloud update cronjob
|
- name: assure nextcloud update cronjob
|
||||||
cron: user=root name=nextcloud-update minute=*/30 job="docker exec --user www-data nextcloud php occ app:update --all"
|
ansible.builtin.cron: user=root name=nextcloud-update minute=*/30 job="docker exec --user www-data nextcloud php occ app:update --all"
|
||||||
tags: [ docker, nextcloud, cron ]
|
tags: [ docker, nextcloud, cron ]
|
||||||
|
|||||||
@ -1,13 +1,13 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: assure admin user
|
- name: assure admin user
|
||||||
user:
|
ansible.builtin.user:
|
||||||
name: "{{ adminuser_name }}"
|
name: "{{ adminuser_name }}"
|
||||||
append: "{{ adminuser_groups_append }}"
|
append: "{{ adminuser_groups_append }}"
|
||||||
groups: "{{ adminuser_groups + adminuser_groups_extra }}"
|
groups: "{{ adminuser_groups + adminuser_groups_extra }}"
|
||||||
shell: "{{ adminuser_shell }}"
|
shell: "{{ adminuser_shell }}"
|
||||||
- name: assure admin user ssh key
|
- name: assure admin user ssh key
|
||||||
user:
|
ansible.builtin.user:
|
||||||
name: "{{ adminuser_name }}"
|
name: "{{ adminuser_name }}"
|
||||||
generate_ssh_key: yes
|
generate_ssh_key: yes
|
||||||
ssh_key_type: "{{ adminuser_ssh_key_type }}"
|
ssh_key_type: "{{ adminuser_ssh_key_type }}"
|
||||||
@ -20,8 +20,8 @@
|
|||||||
authorized_key: state=absent user={{ adminuser_name }} key={{ item }}
|
authorized_key: state=absent user={{ adminuser_name }} key={{ item }}
|
||||||
loop: "{{ adminuser_ssh_unauthorized_keys }}"
|
loop: "{{ adminuser_ssh_unauthorized_keys }}"
|
||||||
- name: assure admin user pass
|
- name: assure admin user pass
|
||||||
user: name={{ adminuser_name }} password={{ adminuser_password }}
|
ansible.builtin.user: name={{ adminuser_name }} password={{ adminuser_password }}
|
||||||
when: adminuser_password is defined
|
when: adminuser_password is defined
|
||||||
- name: assure admin user sudo rule
|
- name: assure admin user sudo rule
|
||||||
lineinfile: path=/etc/sudoers line={{ adminuser_sudo_rule }}
|
ansible.builtin.lineinfile: path=/etc/sudoers line={{ adminuser_sudo_rule }}
|
||||||
when: adminuser_sudo
|
when: adminuser_sudo
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: restart ansiblepull timer
|
- name: restart ansiblepull timer
|
||||||
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
||||||
become: yes
|
become: yes
|
||||||
|
|||||||
@ -1,15 +1,15 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: assure vault password file
|
- name: assure vault password file
|
||||||
copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
|
ansible.builtin.copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
|
||||||
become: yes
|
become: yes
|
||||||
become_user: ansible
|
become_user: ansible
|
||||||
- name: install ansible
|
- name: install ansible
|
||||||
pip: name=ansible<5,ansible-lint state=latest
|
ansible.builtin.pip: name=ansible<5,ansible-lint state=latest
|
||||||
- name: configure systemd service
|
- name: configure systemd service
|
||||||
template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644
|
ansible.builtin.template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644
|
||||||
- name: configure systemd timer
|
- name: configure systemd timer
|
||||||
template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644
|
ansible.builtin.template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644
|
||||||
notify: restart ansiblepull timer
|
notify: restart ansiblepull timer
|
||||||
- name: enable timer
|
- name: enable timer
|
||||||
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
||||||
|
|||||||
@ -2,5 +2,5 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
- name: restart backup timer
|
- name: restart backup timer
|
||||||
systemd: name=backup.timer state=restarted daemon_reload=yes
|
ansible.builtin.systemd: name=backup.timer state=restarted daemon_reload=yes
|
||||||
become: yes
|
become: yes
|
||||||
|
|||||||
@ -2,13 +2,13 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
- name: template out backup script
|
- name: template out backup script
|
||||||
template: src={{ backup_script }}.sh dest=/opt/backup.sh mode=0700 owner=root group=root
|
ansible.builtin.template: src={{ backup_script }}.sh dest=/opt/backup.sh mode=0700 owner=root group=root
|
||||||
- name: template out restore script
|
- name: template out restore script
|
||||||
template: src={{ restore_script }}.sh dest=/opt/restore.sh mode=0700 owner=root group=root
|
ansible.builtin.template: src={{ restore_script }}.sh dest=/opt/restore.sh mode=0700 owner=root group=root
|
||||||
- name: configure systemd service
|
- name: configure systemd service
|
||||||
template: src=backup.service dest=/etc/systemd/system/backup.service mode=0644
|
ansible.builtin.template: src=backup.service dest=/etc/systemd/system/backup.service mode=0644
|
||||||
- name: configure systemd timer
|
- name: configure systemd timer
|
||||||
template: src=backup.timer dest=/etc/systemd/system/backup.timer mode=0644
|
ansible.builtin.template: src=backup.timer dest=/etc/systemd/system/backup.timer mode=0644
|
||||||
notify: restart backup timer
|
notify: restart backup timer
|
||||||
- name: enable timer
|
- name: enable timer
|
||||||
systemd: name=backup.timer state=started enabled=yes daemon_reload=yes
|
ansible.builtin.systemd: name=backup.timer state=started enabled=yes daemon_reload=yes
|
||||||
|
|||||||
@ -1,8 +1,8 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: restart cron
|
- name: restart cron
|
||||||
service: name=cron state=restarted
|
ansible.builtin.service: name=cron state=restarted
|
||||||
become: yes
|
become: yes
|
||||||
- name: regen initramfs
|
- name: regen initramfs
|
||||||
command: /usr/sbin/update-initramfs -c -k all
|
ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
|
||||||
become: yes
|
become: yes
|
||||||
|
|||||||
@ -1,10 +1,10 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: create ansible user
|
- name: create ansible user
|
||||||
user: name=ansible password_lock=yes
|
ansible.builtin.user: name=ansible password_lock=yes
|
||||||
- name: configure ansible user home directory
|
- name: configure ansible user home directory
|
||||||
file: path=/home/ansible owner=ansible group=ansible
|
ansible.builtin.file: path=/home/ansible owner=ansible group=ansible
|
||||||
- name: configure ansible user keys
|
- name: configure ansible user keys
|
||||||
authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }}
|
authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }}
|
||||||
- name: configure ansible user sudo
|
- name: configure ansible user sudo
|
||||||
lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"
|
ansible.builtin.lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"
|
||||||
|
|||||||
@ -3,9 +3,9 @@
|
|||||||
- name: configure packages via apt
|
- name: configure packages via apt
|
||||||
block:
|
block:
|
||||||
- name: update apt packages
|
- name: update apt packages
|
||||||
apt: upgrade=yes update_cache=yes cache_valid_time=86400
|
ansible.builtin.apt: upgrade=yes update_cache=yes cache_valid_time=86400
|
||||||
- name: install basic packages
|
- name: install basic packages
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- acl
|
- acl
|
||||||
- apt-file
|
- apt-file
|
||||||
@ -37,9 +37,9 @@
|
|||||||
- vim
|
- vim
|
||||||
- whois
|
- whois
|
||||||
- name: remove basic packages
|
- name: remove basic packages
|
||||||
apt: state=absent name=unattended-upgrades
|
ansible.builtin.apt: state=absent name=unattended-upgrades
|
||||||
- name: autoremove
|
- name: autoremove
|
||||||
apt: autoremove=yes purge=yes
|
ansible.builtin.apt: autoremove=yes purge=yes
|
||||||
- name: autoclean
|
- name: autoclean
|
||||||
apt: autoclean=yes
|
ansible.builtin.apt: autoclean=yes
|
||||||
when: ansible_os_family == "Debian"
|
when: ansible_os_family == "Debian"
|
||||||
|
|||||||
@ -1,11 +1,11 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: configure hostname
|
- name: configure hostname
|
||||||
hostname: name={{ inventory_hostname }}
|
ansible.builtin.hostname: name={{ inventory_hostname }}
|
||||||
- name: ensure loopback name
|
- name: ensure loopback name
|
||||||
lineinfile: path=/etc/hosts line="127.0.0.1 {{ inventory_hostname }}"
|
ansible.builtin.lineinfile: path=/etc/hosts line="127.0.0.1 {{ inventory_hostname }}"
|
||||||
- name: configure timezone
|
- name: configure timezone
|
||||||
timezone: name=America/Chicago
|
timezone: name=America/Chicago
|
||||||
notify: restart cron
|
notify: restart cron
|
||||||
- name: configure shell profile
|
- name: configure shell profile
|
||||||
template: src=profile.sh dest=/etc/profile.d/50-ansible.sh mode=0644
|
ansible.builtin.template: src=profile.sh dest=/etc/profile.d/50-ansible.sh mode=0644
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: regen initramfs
|
- name: regen initramfs
|
||||||
command: /usr/sbin/update-initramfs -c -k all
|
ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
|
||||||
become: yes
|
become: yes
|
||||||
|
|||||||
@ -2,9 +2,9 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
- name: assure xorg.conf.d
|
- name: assure xorg.conf.d
|
||||||
file: path=/etc/X11/xorg.conf.d state=directory mode=0755
|
ansible.builtin.file: path=/etc/X11/xorg.conf.d state=directory mode=0755
|
||||||
- name: configure X misc
|
- name: configure X misc
|
||||||
template: src={{ item }} dest=/etc/X11/xorg.conf.d/{{ item }} mode=0644
|
ansible.builtin.template: src={{ item }} dest=/etc/X11/xorg.conf.d/{{ item }} mode=0644
|
||||||
loop:
|
loop:
|
||||||
# Disables mouse acceleration on all mouse peripherals
|
# Disables mouse acceleration on all mouse peripherals
|
||||||
- 90-mouse-acceleration.conf
|
- 90-mouse-acceleration.conf
|
||||||
|
|||||||
@ -5,26 +5,26 @@
|
|||||||
block:
|
block:
|
||||||
# Manage archs
|
# Manage archs
|
||||||
- name: enable archs
|
- name: enable archs
|
||||||
lineinfile: dest=/var/lib/dpkg/arch line={{ item }} create=yes mode=0644
|
ansible.builtin.lineinfile: dest=/var/lib/dpkg/arch line={{ item }} create=yes mode=0644
|
||||||
loop: "{{ desktop_apt_archs }}"
|
loop: "{{ desktop_apt_archs }}"
|
||||||
# Manage keys
|
# Manage keys
|
||||||
- name: enroll keys from keyserver
|
- name: enroll keys from keyserver
|
||||||
apt_key: keyserver=keyserver.ubuntu.com id={{ item }}
|
ansible.builtin.apt_key: keyserver=keyserver.ubuntu.com id={{ item }}
|
||||||
loop: "{{ desktop_apt_keys_keyserver + desktop_apt_keys_keyserver_extra }}"
|
loop: "{{ desktop_apt_keys_keyserver + desktop_apt_keys_keyserver_extra }}"
|
||||||
- name: enroll keys by url
|
- name: enroll keys by url
|
||||||
apt_key: url={{ item }}
|
ansible.builtin.apt_key: url={{ item }}
|
||||||
loop: "{{ desktop_apt_keys_url + desktop_apt_keys_url_extra }}"
|
loop: "{{ desktop_apt_keys_url + desktop_apt_keys_url_extra }}"
|
||||||
# Manage repos
|
# Manage repos
|
||||||
- name: configure repos
|
- name: configure repos
|
||||||
apt_repository: repo={{ item }}
|
ansible.builtin.apt_repository: repo={{ item }}
|
||||||
loop: "{{ desktop_apt_repos + desktop_apt_repos_extra }}"
|
loop: "{{ desktop_apt_repos + desktop_apt_repos_extra }}"
|
||||||
# Manage packages
|
# Manage packages
|
||||||
- name: configure installed packages
|
- name: configure installed packages
|
||||||
apt: name="{{ desktop_apt_packages + desktop_apt_packages_extra }}"
|
ansible.builtin.apt: name="{{ desktop_apt_packages + desktop_apt_packages_extra }}"
|
||||||
- name: configure removed packages
|
- name: configure removed packages
|
||||||
apt: name="{{ desktop_apt_packages_remove + desktop_apt_packages_remove_extra }}" state=absent
|
ansible.builtin.apt: name="{{ desktop_apt_packages_remove + desktop_apt_packages_remove_extra }}" state=absent
|
||||||
- name: configure out-of-repo packages
|
- name: configure out-of-repo packages
|
||||||
apt: deb="{{ item }}"
|
ansible.builtin.apt: deb="{{ item }}"
|
||||||
loop: "{{ desktop_apt_debs + desktop_apt_debs_extra }}"
|
loop: "{{ desktop_apt_debs + desktop_apt_debs_extra }}"
|
||||||
when: ansible_pkg_mgr == "apt"
|
when: ansible_pkg_mgr == "apt"
|
||||||
- name: configure portage
|
- name: configure portage
|
||||||
@ -35,12 +35,12 @@
|
|||||||
synchronize: src="portage/" dest="/etc/portage/"
|
synchronize: src="portage/" dest="/etc/portage/"
|
||||||
# This is my bootstrap script, which can cause damage if invoked by root again, so we remove it
|
# This is my bootstrap script, which can cause damage if invoked by root again, so we remove it
|
||||||
- name: remove gentoostrap
|
- name: remove gentoostrap
|
||||||
file: path=/gentoostrap.sh state=absent
|
ansible.builtin.file: path=/gentoostrap.sh state=absent
|
||||||
- name: remove gentoostrap package.use
|
- name: remove gentoostrap package.use
|
||||||
file: path=/etc/portage/package.use/gentoostrap state=absent
|
ansible.builtin.file: path=/etc/portage/package.use/gentoostrap state=absent
|
||||||
when: ansible_os_family == "Gentoo"
|
when: ansible_os_family == "Gentoo"
|
||||||
- name: configure pip3 packages
|
- name: configure pip3 packages
|
||||||
pip: executable=/usr/bin/pip3 state=latest name="{{ desktop_pip3_packages + desktop_pip3_packages_extra }}"
|
ansible.builtin.pip: executable=/usr/bin/pip3 state=latest name="{{ desktop_pip3_packages + desktop_pip3_packages_extra }}"
|
||||||
when: ansible_os_family != "Gentoo"
|
when: ansible_os_family != "Gentoo"
|
||||||
- name: configure flatpak
|
- name: configure flatpak
|
||||||
block:
|
block:
|
||||||
|
|||||||
@ -2,7 +2,7 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
- name: assure tmodloader {{ tmodloader_name }} directory structure
|
- name: assure tmodloader {{ tmodloader_name }} directory structure
|
||||||
file:
|
ansible.builtin.file:
|
||||||
state: directory
|
state: directory
|
||||||
owner: "{{ tmodloader_uid }}"
|
owner: "{{ tmodloader_uid }}"
|
||||||
group: "{{ tmodloader_gid }}"
|
group: "{{ tmodloader_gid }}"
|
||||||
@ -18,30 +18,31 @@
|
|||||||
- "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
|
- "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
|
||||||
- "{{ tmodloader_data_prefix }}/data/ModLoader/Worlds"
|
- "{{ tmodloader_data_prefix }}/data/ModLoader/Worlds"
|
||||||
- name: assure mods
|
- name: assure mods
|
||||||
shell:
|
ansible.builtin.shell:
|
||||||
cmd: "curl -L \"{{ tmodloader_mod_server }}\" -o \"{{ item }}.tmod\" && chown \"{{ tmodloader_uid }}:{{ tmodloader_gid }}\" \"{{ item }}.tmod\""
|
cmd: "curl -L \"{{ tmodloader_mod_server }}\" -o \"{{ item }}.tmod\" && chown \"{{ tmodloader_uid }}:{{ tmodloader_gid }}\" \"{{ item }}.tmod\""
|
||||||
chdir: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
|
chdir: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
|
||||||
creates: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/{{ item }}.tmod"
|
creates: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/{{ item }}.tmod"
|
||||||
with_list: "{{ tmodloader_mods }}"
|
with_list: "{{ tmodloader_mods }}"
|
||||||
notify: "restart tmodloader {{ tmodloader_name }}"
|
notify: "restart tmodloader {{ tmodloader_name }}"
|
||||||
- name: enable mods
|
- name: enable mods
|
||||||
template:
|
ansible.builtin.template:
|
||||||
src: enabled.json
|
src: enabled.json
|
||||||
dest: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/enabled.json"
|
dest: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/enabled.json"
|
||||||
owner: "{{ tmodloader_uid }}"
|
owner: "{{ tmodloader_uid }}"
|
||||||
group: "{{ tmodloader_gid }}"
|
group: "{{ tmodloader_gid }}"
|
||||||
|
mode: "0750"
|
||||||
notify: "restart tmodloader {{ tmodloader_name }}"
|
notify: "restart tmodloader {{ tmodloader_name }}"
|
||||||
- name: assure tmodloader {{ tmodloader_name }} files
|
- name: assure tmodloader {{ tmodloader_name }} files
|
||||||
file:
|
ansible.builtin.file:
|
||||||
state: touch
|
state: touch
|
||||||
owner: "{{ tmodloader_uid }}"
|
owner: "{{ tmodloader_uid }}"
|
||||||
group: "{{ tmodloader_gid }}"
|
group: "{{ tmodloader_gid }}"
|
||||||
mode: "0640"
|
mode: "0750"
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
with_items:
|
with_items:
|
||||||
- "{{ tmodloader_data_prefix }}/config.txt"
|
- "{{ tmodloader_data_prefix }}/config.txt"
|
||||||
- name: assure {{ tmodloader_name }} configs
|
- name: assure {{ tmodloader_name }} configs
|
||||||
lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
state: present
|
state: present
|
||||||
regexp: "^{{ item.key }}"
|
regexp: "^{{ item.key }}"
|
||||||
line: "{{ item.key }}={{ item.value }}"
|
line: "{{ item.key }}={{ item.value }}"
|
||||||
@ -49,7 +50,7 @@
|
|||||||
with_dict: "{{ tmodloader_config | combine(tmodloader_config_extra) | combine(tmodloader_config_internal) }}"
|
with_dict: "{{ tmodloader_config | combine(tmodloader_config_extra) | combine(tmodloader_config_internal) }}"
|
||||||
notify: "restart tmodloader {{ tmodloader_name }}"
|
notify: "restart tmodloader {{ tmodloader_name }}"
|
||||||
- name: assure {{ tmodloader_name }} backup cronjob
|
- name: assure {{ tmodloader_name }} backup cronjob
|
||||||
cron:
|
ansible.builtin.cron:
|
||||||
user: root
|
user: root
|
||||||
name: "terraria-{{ tmodloader_name }}"
|
name: "terraria-{{ tmodloader_name }}"
|
||||||
minute: "*/30"
|
minute: "*/30"
|
||||||
|
|||||||
@ -2,7 +2,7 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
- name: clone git repos
|
- name: clone git repos
|
||||||
git:
|
ansible.builtin.git:
|
||||||
accept_hostkey: yes
|
accept_hostkey: yes
|
||||||
depth: "{{ item.depth | default(1, true) }}"
|
depth: "{{ item.depth | default(1, true) }}"
|
||||||
dest: "{{ item.dest }}"
|
dest: "{{ item.dest }}"
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: grub mkconfig
|
- name: grub mkconfig
|
||||||
command: "grub-mkconfig -o /boot/grub/grub.cfg"
|
ansible.builtin.command: "grub-mkconfig -o /boot/grub/grub.cfg"
|
||||||
become: yes
|
become: yes
|
||||||
|
|||||||
@ -4,5 +4,5 @@
|
|||||||
- name: configure grub
|
- name: configure grub
|
||||||
block:
|
block:
|
||||||
- name: template out grub config
|
- name: template out grub config
|
||||||
template: src=grub.conf dest=/etc/default/grub mode=0644
|
ansible.builtin.template: src=grub.conf dest=/etc/default/grub mode=0644
|
||||||
notify: grub mkconfig
|
notify: grub mkconfig
|
||||||
|
|||||||
@ -1,12 +1,12 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: assure ingress container persist directories
|
- name: assure ingress container persist directories
|
||||||
file: path="{{ ingress_container_persist_dir }}/{{ item }}" state=directory owner=root mode=0755
|
ansible.builtin.file: path="{{ ingress_container_persist_dir }}/{{ item }}" state=directory owner=root mode=0755
|
||||||
with_items:
|
with_items:
|
||||||
- letsencrypt
|
- letsencrypt
|
||||||
- user_conf.d
|
- user_conf.d
|
||||||
- name: template out ingress configuration file
|
- name: template out ingress configuration file
|
||||||
template: src=vhosts.conf.j2 dest="{{ ingress_container_persist_dir }}/user_conf.d/vhosts.conf" mode="0640"
|
ansible.builtin.template: src=vhosts.conf.j2 dest="{{ ingress_container_persist_dir }}/user_conf.d/vhosts.conf" mode="0640"
|
||||||
notify: restart ingress container
|
notify: restart ingress container
|
||||||
- name: assure ingress container
|
- name: assure ingress container
|
||||||
docker_container:
|
docker_container:
|
||||||
|
|||||||
@ -1,11 +1,11 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: remove default motd items
|
- name: remove default motd items
|
||||||
file: state=absent path=/etc/update-motd.d/{{ item }}
|
ansible.builtin.file: state=absent path=/etc/update-motd.d/{{ item }}
|
||||||
loop: "{{ motd_remove + motd_remove_extra }}"
|
loop: "{{ motd_remove + motd_remove_extra }}"
|
||||||
- name: disable motd-news
|
- name: disable motd-news
|
||||||
systemd: name="{{ item }}" state=stopped enabled=no
|
ansible.builtin.systemd: name="{{ item }}" state=stopped enabled=no
|
||||||
with_items:
|
with_items:
|
||||||
- motd-news.timer
|
- motd-news.timer
|
||||||
- name: template out motd script
|
- name: template out motd script
|
||||||
template: src=motd.sh dest=/etc/update-motd.d/50-ansible mode=0755
|
ansible.builtin.template: src=motd.sh dest=/etc/update-motd.d/50-ansible mode=0755
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: assure data directory for nagios
|
- name: assure data directory for nagios
|
||||||
file: path="{{ nagios_data_dir }}" state=directory mode=0755
|
ansible.builtin.file: path="{{ nagios_data_dir }}" state=directory mode=0755
|
||||||
tags: [ nagios ]
|
tags: [ nagios ]
|
||||||
- name: docker deploy nagios
|
- name: docker deploy nagios
|
||||||
docker_container:
|
docker_container:
|
||||||
@ -27,15 +27,15 @@
|
|||||||
- /dev/null:/opt/nagios/bin/send_nsca
|
- /dev/null:/opt/nagios/bin/send_nsca
|
||||||
tags: [ docker, nagios ]
|
tags: [ docker, nagios ]
|
||||||
- name: template out scripts for nagios
|
- name: template out scripts for nagios
|
||||||
template: src="{{ item }}" dest="{{ nagios_data_dir }}/plugins/{{ item }}" owner=root group=root mode=0755
|
ansible.builtin.template: src="{{ item }}" dest="{{ nagios_data_dir }}/plugins/{{ item }}" owner=root group=root mode=0755
|
||||||
with_items:
|
with_items:
|
||||||
- notify-by-matrix
|
- notify-by-matrix
|
||||||
tags: [ nagios, template, plugins ]
|
tags: [ nagios, template, plugins ]
|
||||||
- name: template out config for nagios
|
- name: template out config for nagios
|
||||||
template: src=nagios-ansible-inventory.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=101 group=100 mode=0644
|
ansible.builtin.template: src=nagios-ansible-inventory.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=101 group=100 mode=0644
|
||||||
tags: [ nagios, template ]
|
tags: [ nagios, template ]
|
||||||
notify: restart nagios
|
notify: restart nagios
|
||||||
- name: assure config file is loaded
|
- name: assure config file is loaded
|
||||||
lineinfile: path="{{ nagios_data_dir }}/etc/nagios.cfg" line='cfg_file=/opt/nagios/etc/objects/ansible.cfg'
|
ansible.builtin.lineinfile: path="{{ nagios_data_dir }}/etc/nagios.cfg" line='cfg_file=/opt/nagios/etc/objects/ansible.cfg'
|
||||||
tags: [ nagios, template ]
|
tags: [ nagios, template ]
|
||||||
notify: restart nagios
|
notify: restart nagios
|
||||||
|
|||||||
@ -1,21 +1,21 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: assure pulse package
|
- name: assure pulse package
|
||||||
apt: name=pulseaudio
|
ansible.builtin.apt: name=pulseaudio
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
- name: remove user pulseaudio services
|
- name: remove user pulseaudio services
|
||||||
file: state=absent path={{ item }}
|
ansible.builtin.file: state=absent path={{ item }}
|
||||||
loop:
|
loop:
|
||||||
- /etc/systemd/user/default.target.wants/pulseaudio.service
|
- /etc/systemd/user/default.target.wants/pulseaudio.service
|
||||||
- /etc/systemd/user/sockets.target.wants/pulseaudio.socket
|
- /etc/systemd/user/sockets.target.wants/pulseaudio.socket
|
||||||
- name: template out configs
|
- name: template out configs
|
||||||
template: src={{ item.src }} dest={{ item.dest }} mode=0644
|
ansible.builtin.template: src={{ item.src }} dest={{ item.dest }} mode=0644
|
||||||
loop:
|
loop:
|
||||||
- { src: "pulse-client.conf", dest: "/etc/pulse/client.conf" }
|
- { src: "pulse-client.conf", dest: "/etc/pulse/client.conf" }
|
||||||
- { src: "pulse-daemon.conf", dest: "/etc/pulse/daemon.conf" }
|
- { src: "pulse-daemon.conf", dest: "/etc/pulse/daemon.conf" }
|
||||||
- { src: "pulse-default.pa", dest: "/etc/pulse/default.pa" }
|
- { src: "pulse-default.pa", dest: "/etc/pulse/default.pa" }
|
||||||
- { src: "pulseaudio.service", dest: "/etc/systemd/system/pulseaudio.service" }
|
- { src: "pulseaudio.service", dest: "/etc/systemd/system/pulseaudio.service" }
|
||||||
- name: assure pulse user
|
- name: assure pulse user
|
||||||
user: name=pulseaudio password="!" system=yes home=/var/lib/pulse groups=audio
|
ansible.builtin.user: name=pulseaudio password="!" system=yes home=/var/lib/pulse groups=audio
|
||||||
- name: enable pulse service
|
- name: enable pulse service
|
||||||
systemd: name=pulseaudio enabled=yes state=started daemon_reload=yes
|
ansible.builtin.systemd: name=pulseaudio enabled=yes state=started daemon_reload=yes
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
#!/usr/bin/env ansible-playbook
|
#!/usr/bin/env ansible-playbook
|
||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
- name: reload udev
|
- name: reload udev
|
||||||
command: udevadm trigger
|
ansible.builtin.command: udevadm trigger
|
||||||
become: yes
|
become: yes
|
||||||
|
|||||||
@ -2,6 +2,6 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
- name: configure udev rules
|
- name: configure udev rules
|
||||||
lineinfile: path=/etc/udev/rules.d/50-ansible.rules line={{ item }} create=yes mode=0644
|
ansible.builtin.lineinfile: path=/etc/udev/rules.d/50-ansible.rules line={{ item }} create=yes mode=0644
|
||||||
loop: "{{ udev_rules }}"
|
loop: "{{ udev_rules }}"
|
||||||
notify: reload udev
|
notify: reload udev
|
||||||
|
|||||||
@ -2,7 +2,7 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
- name: restart zerotier
|
- name: restart zerotier
|
||||||
systemd:
|
ansible.builtin.systemd:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
name: zerotier-one.service
|
name: zerotier-one.service
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|||||||
@ -4,24 +4,24 @@
|
|||||||
- name: configure zerotier for apt
|
- name: configure zerotier for apt
|
||||||
block:
|
block:
|
||||||
- name: ensure zerotier repo key
|
- name: ensure zerotier repo key
|
||||||
apt_key: url="{{ zerotier_repo_deb_key }}"
|
ansible.builtin.apt_key: url="{{ zerotier_repo_deb_key }}"
|
||||||
- name: ensure zerotier repo
|
- name: ensure zerotier repo
|
||||||
apt_repository: repo="{{ zerotier_repo_deb }}"
|
ansible.builtin.apt_repository: repo="{{ zerotier_repo_deb }}"
|
||||||
- name: update apt cache
|
- name: update apt cache
|
||||||
apt: update_cache=yes cache_valid_time=86400
|
ansible.builtin.apt: update_cache=yes cache_valid_time=86400
|
||||||
- name: ensure packages
|
- name: ensure packages
|
||||||
apt: name=zerotier-one
|
ansible.builtin.apt: name=zerotier-one
|
||||||
when: ansible_pkg_mgr == "apt"
|
when: ansible_pkg_mgr == "apt"
|
||||||
- name: template unit file
|
- name: template unit file
|
||||||
template: src=zerotier-one.service dest=/etc/systemd/system/zerotier-one.service mode=0644
|
ansible.builtin.template: src=zerotier-one.service dest=/etc/systemd/system/zerotier-one.service mode=0644
|
||||||
notify: restart zerotier
|
notify: restart zerotier
|
||||||
- name: join networks
|
- name: join networks
|
||||||
command:
|
ansible.builtin.command:
|
||||||
argv: [ zerotier-cli, join, "{{ item }}" ]
|
argv: [ zerotier-cli, join, "{{ item }}" ]
|
||||||
with_items: "{{ zerotier_networks_join }}"
|
with_items: "{{ zerotier_networks_join }}"
|
||||||
changed_when: no
|
changed_when: no
|
||||||
- name: leave networks
|
- name: leave networks
|
||||||
command:
|
ansible.builtin.command:
|
||||||
argv: [ zerotier-cli, leave, "{{ item }}" ]
|
argv: [ zerotier-cli, leave, "{{ item }}" ]
|
||||||
register: zerotierleave
|
register: zerotierleave
|
||||||
with_items: "{{ zerotier_networks_leave }}"
|
with_items: "{{ zerotier_networks_leave }}"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user