Make the FQCN warning happy again
This commit is contained in:
parent
210c335e90
commit
7f6b52b225
@ -1,8 +1,8 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: restart cron
|
||||
service: name=cron state=restarted
|
||||
ansible.builtin.service: name=cron state=restarted
|
||||
become: yes
|
||||
- name: regen initramfs
|
||||
command: /usr/sbin/update-initramfs -c -k all
|
||||
ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
|
||||
become: yes
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
- hosts: all
|
||||
tasks:
|
||||
- name: collect service facts
|
||||
service_facts:
|
||||
ansible.builtin.service_facts:
|
||||
tags: [ always ]
|
||||
roles:
|
||||
- role: common
|
||||
|
||||
@ -5,8 +5,8 @@
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: assure scanner user
|
||||
user: name=scanner state=absent
|
||||
ansible.builtin.user: name=scanner state=absent
|
||||
tags: [ scanner, greenbone ]
|
||||
- name: assure scanner user sudoers rule
|
||||
lineinfile: path=/etc/sudoers line="scanner ALL=(ALL:ALL) NOPASSWD:ALL" state=absent
|
||||
ansible.builtin.lineinfile: path=/etc/sudoers line="scanner ALL=(ALL:ALL) NOPASSWD:ALL" state=absent
|
||||
tags: [ scanner, greenbone ]
|
||||
|
||||
@ -5,5 +5,5 @@
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: touch ansible timestamp file
|
||||
file: path=/var/lib/ansible-last-run state=touch mode='0644'
|
||||
ansible.builtin.file: path=/var/lib/ansible-last-run state=touch mode='0644'
|
||||
changed_when: no
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
- hosts: device_roles_workstation
|
||||
tasks:
|
||||
- name: assure vm-fs-1 nfs mountpoint
|
||||
file: path=/nfs/vm-fs-1.home.mgmt.desu.ltd state=directory owner=root group=root mode=0755
|
||||
ansible.builtin.file: path=/nfs/vm-fs-1.home.mgmt.desu.ltd state=directory owner=root group=root mode=0755
|
||||
tags: [ desktop, nfs ]
|
||||
- name: assure vm-fs-1 nfs mount
|
||||
mount: path=/nfs/vm-fs-1.home.mgmt.desu.ltd src=vm-fs-1.home.mgmt.desu.ltd:/nfs fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||
|
||||
@ -78,7 +78,7 @@
|
||||
tags: [ docker ]
|
||||
tasks:
|
||||
- name: assure nfs mount directory
|
||||
file: path=/data/syncthing/data state=directory mode=0755
|
||||
ansible.builtin.file: path=/data/syncthing/data state=directory mode=0755
|
||||
tags: [ storage ]
|
||||
- name: assure nfs mount
|
||||
mount: path=/data/syncthing/data src=192.168.190.1:/nfs/syncthing fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||
@ -89,7 +89,7 @@
|
||||
- app/syncthing.yml
|
||||
tags: [ always ]
|
||||
- name: assure movement cronjobs
|
||||
cron:
|
||||
ansible.builtin.cron:
|
||||
name: "{{ item.name }}"
|
||||
minute: 0
|
||||
hour: 5
|
||||
@ -116,14 +116,14 @@
|
||||
dest: Pictures/Screenshots/Vidya/Cyberpunk 2077
|
||||
tags: [ cron ]
|
||||
- name: assure zone identifier cleanup cronjob
|
||||
cron:
|
||||
ansible.builtin.cron:
|
||||
name: cleanup zone.identtifier
|
||||
minute: 0
|
||||
hour: 3
|
||||
job: 'find /data/syncthing/data/ -type f -iname "*:Zone.Identifier" -delete'
|
||||
tags: [ cron ]
|
||||
- name: assure filename sanitize cronjobs
|
||||
cron:
|
||||
ansible.builtin.cron:
|
||||
name: "sanitize {{ item }}"
|
||||
minute: 0
|
||||
hour: 4
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: assure nfs mount directory
|
||||
file: path=/nfs/projects state=directory mode=0755
|
||||
ansible.builtin.file: path=/nfs/projects state=directory mode=0755
|
||||
tags: [ storage ]
|
||||
- name: assure nfs mount
|
||||
mount: path=/nfs/projects src=192.168.190.1:/nfs/projects fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
- hosts: vm-fs-1.home.mgmt.desu.ltd
|
||||
tasks:
|
||||
- name: assure nfs directory
|
||||
file: path=/nfs state=directory mode=0755
|
||||
ansible.builtin.file: path=/nfs state=directory mode=0755
|
||||
roles:
|
||||
- role: backup
|
||||
vars:
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
pull: yes
|
||||
pre_tasks:
|
||||
- name: assure nfs mount directory
|
||||
file: path=/data state=directory mode=0755
|
||||
ansible.builtin.file: path=/data state=directory mode=0755
|
||||
tags: [ pis, storage ]
|
||||
- name: assure nfs mount
|
||||
mount: path=/data/shared src=192.168.190.1:/nfs/media fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
overwrite: yes
|
||||
tasks:
|
||||
- name: clear host errors before dns loop
|
||||
meta: clear_host_errors
|
||||
ansible.builtin.meta: clear_host_errors
|
||||
- name: configure dns
|
||||
block:
|
||||
- name: configure main mgmt dns
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: install raspi packages
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- libraspberrypi-bin
|
||||
tags: [ pis, packages ]
|
||||
|
||||
@ -6,9 +6,9 @@
|
||||
- name: configure system76 for apt
|
||||
block:
|
||||
- name: ensure system76 repo
|
||||
apt_repository: repo="ppa:system76-dev/stable"
|
||||
ansible.builtin.apt_repository: repo="ppa:system76-dev/stable"
|
||||
- name: ensure system76 packages
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- firmware-manager
|
||||
- kamoso
|
||||
|
||||
@ -136,7 +136,7 @@
|
||||
pull: yes
|
||||
pre_tasks:
|
||||
- name: clear host errors
|
||||
meta: clear_host_errors
|
||||
ansible.builtin.meta: clear_host_errors
|
||||
tasks:
|
||||
- name: ensure docker network
|
||||
docker_network: name=web
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: disable ansible-pull when not tagged
|
||||
systemd: name={{ item }} state=stopped enabled=no
|
||||
ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
|
||||
with_items:
|
||||
- ansible-pull.timer
|
||||
- ansible-pull.service
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
serial: 1
|
||||
tasks:
|
||||
- name: check for reboot-required
|
||||
stat: path=/var/run/reboot-required
|
||||
ansible.builtin.stat: path=/var/run/reboot-required
|
||||
register: s
|
||||
- name: reboot
|
||||
block:
|
||||
@ -30,7 +30,7 @@
|
||||
delegate_to: web3.dallas.mgmt.desu.ltd
|
||||
rescue:
|
||||
- name: notify of failure to reboot
|
||||
debug: msg="Miscellaneous failure when scheduling downtime"
|
||||
ansible.builtin.debug: msg="Miscellaneous failure when scheduling downtime"
|
||||
- name: reboot
|
||||
reboot: reboot_timeout=600
|
||||
ansible.builtin.reboot: reboot_timeout=600
|
||||
when: s.stat.exists
|
||||
|
||||
@ -12,10 +12,10 @@
|
||||
tags: [ nagios, git ]
|
||||
tasks:
|
||||
- name: assure nagios plugin packages
|
||||
apt: name=monitoring-plugins,nagios-plugins-contrib
|
||||
ansible.builtin.apt: name=monitoring-plugins,nagios-plugins-contrib
|
||||
tags: [ nagios ]
|
||||
- name: assure nagios user
|
||||
user: name=nagios-checker state=present system=yes
|
||||
ansible.builtin.user: name=nagios-checker state=present system=yes
|
||||
tags: [ nagios ]
|
||||
- name: assure nagios user ssh key
|
||||
authorized_key:
|
||||
@ -24,10 +24,10 @@
|
||||
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKNavw28C0mKIQVRLQDW2aoovliU1XCGaenDhIMwumK/ Nagios monitoring"
|
||||
tags: [ nagios ]
|
||||
- name: assure nagios user sudo rule file
|
||||
file: path=/etc/sudoers.d/50-nagios-checker mode=0750 owner=root group=root state=touch modification_time=preserve access_time=preserve
|
||||
ansible.builtin.file: path=/etc/sudoers.d/50-nagios-checker mode=0750 owner=root group=root state=touch modification_time=preserve access_time=preserve
|
||||
tags: [ nagios, sudo ]
|
||||
- name: assure nagios user sudo rules
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/sudoers.d/50-nagios-checker
|
||||
line: "nagios-checker ALL = (root) NOPASSWD: {{ item }}"
|
||||
with_items:
|
||||
@ -39,6 +39,6 @@
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: disable nagios user when not tagged
|
||||
user: name=nagios-checker state=absent remove=yes
|
||||
ansible.builtin.user: name=nagios-checker state=absent remove=yes
|
||||
when: "'tags_nagios' not in group_names"
|
||||
tags: [ nagios ]
|
||||
|
||||
@ -24,7 +24,7 @@
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: disable snmpd when not tagged
|
||||
systemd: name={{ item }} state=stopped enabled=no
|
||||
ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
|
||||
with_items:
|
||||
- snmpd.service
|
||||
when: "'tags_snmp' not in group_names and item in services"
|
||||
|
||||
@ -25,8 +25,8 @@
|
||||
- /srv/desu.ltd/nc:/var/www/html/data
|
||||
tags: [ docker, nextcloud ]
|
||||
- name: assure nextcloud cron cronjob
|
||||
cron: user=root name=nextcloud minute=*/5 job="docker exec --user www-data nextcloud php -f /var/www/html/cron.php"
|
||||
ansible.builtin.cron: user=root name=nextcloud minute=*/5 job="docker exec --user www-data nextcloud php -f /var/www/html/cron.php"
|
||||
tags: [ docker, nextcloud, cron ]
|
||||
- name: assure nextcloud update cronjob
|
||||
cron: user=root name=nextcloud-update minute=*/30 job="docker exec --user www-data nextcloud php occ app:update --all"
|
||||
ansible.builtin.cron: user=root name=nextcloud-update minute=*/30 job="docker exec --user www-data nextcloud php occ app:update --all"
|
||||
tags: [ docker, nextcloud, cron ]
|
||||
|
||||
@ -1,13 +1,13 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: assure admin user
|
||||
user:
|
||||
ansible.builtin.user:
|
||||
name: "{{ adminuser_name }}"
|
||||
append: "{{ adminuser_groups_append }}"
|
||||
groups: "{{ adminuser_groups + adminuser_groups_extra }}"
|
||||
shell: "{{ adminuser_shell }}"
|
||||
- name: assure admin user ssh key
|
||||
user:
|
||||
ansible.builtin.user:
|
||||
name: "{{ adminuser_name }}"
|
||||
generate_ssh_key: yes
|
||||
ssh_key_type: "{{ adminuser_ssh_key_type }}"
|
||||
@ -20,8 +20,8 @@
|
||||
authorized_key: state=absent user={{ adminuser_name }} key={{ item }}
|
||||
loop: "{{ adminuser_ssh_unauthorized_keys }}"
|
||||
- name: assure admin user pass
|
||||
user: name={{ adminuser_name }} password={{ adminuser_password }}
|
||||
ansible.builtin.user: name={{ adminuser_name }} password={{ adminuser_password }}
|
||||
when: adminuser_password is defined
|
||||
- name: assure admin user sudo rule
|
||||
lineinfile: path=/etc/sudoers line={{ adminuser_sudo_rule }}
|
||||
ansible.builtin.lineinfile: path=/etc/sudoers line={{ adminuser_sudo_rule }}
|
||||
when: adminuser_sudo
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: restart ansiblepull timer
|
||||
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
||||
ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
||||
become: yes
|
||||
|
||||
@ -1,15 +1,15 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: assure vault password file
|
||||
copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
|
||||
ansible.builtin.copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
|
||||
become: yes
|
||||
become_user: ansible
|
||||
- name: install ansible
|
||||
pip: name=ansible<5,ansible-lint state=latest
|
||||
ansible.builtin.pip: name=ansible<5,ansible-lint state=latest
|
||||
- name: configure systemd service
|
||||
template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644
|
||||
ansible.builtin.template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644
|
||||
- name: configure systemd timer
|
||||
template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644
|
||||
ansible.builtin.template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644
|
||||
notify: restart ansiblepull timer
|
||||
- name: enable timer
|
||||
systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
||||
ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
|
||||
|
||||
@ -2,5 +2,5 @@
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: restart backup timer
|
||||
systemd: name=backup.timer state=restarted daemon_reload=yes
|
||||
ansible.builtin.systemd: name=backup.timer state=restarted daemon_reload=yes
|
||||
become: yes
|
||||
|
||||
@ -2,13 +2,13 @@
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: template out backup script
|
||||
template: src={{ backup_script }}.sh dest=/opt/backup.sh mode=0700 owner=root group=root
|
||||
ansible.builtin.template: src={{ backup_script }}.sh dest=/opt/backup.sh mode=0700 owner=root group=root
|
||||
- name: template out restore script
|
||||
template: src={{ restore_script }}.sh dest=/opt/restore.sh mode=0700 owner=root group=root
|
||||
ansible.builtin.template: src={{ restore_script }}.sh dest=/opt/restore.sh mode=0700 owner=root group=root
|
||||
- name: configure systemd service
|
||||
template: src=backup.service dest=/etc/systemd/system/backup.service mode=0644
|
||||
ansible.builtin.template: src=backup.service dest=/etc/systemd/system/backup.service mode=0644
|
||||
- name: configure systemd timer
|
||||
template: src=backup.timer dest=/etc/systemd/system/backup.timer mode=0644
|
||||
ansible.builtin.template: src=backup.timer dest=/etc/systemd/system/backup.timer mode=0644
|
||||
notify: restart backup timer
|
||||
- name: enable timer
|
||||
systemd: name=backup.timer state=started enabled=yes daemon_reload=yes
|
||||
ansible.builtin.systemd: name=backup.timer state=started enabled=yes daemon_reload=yes
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: restart cron
|
||||
service: name=cron state=restarted
|
||||
ansible.builtin.service: name=cron state=restarted
|
||||
become: yes
|
||||
- name: regen initramfs
|
||||
command: /usr/sbin/update-initramfs -c -k all
|
||||
ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
|
||||
become: yes
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: create ansible user
|
||||
user: name=ansible password_lock=yes
|
||||
ansible.builtin.user: name=ansible password_lock=yes
|
||||
- name: configure ansible user home directory
|
||||
file: path=/home/ansible owner=ansible group=ansible
|
||||
ansible.builtin.file: path=/home/ansible owner=ansible group=ansible
|
||||
- name: configure ansible user keys
|
||||
authorized_key: user=ansible manage_dir=yes key={{ common_ansible_pubkey }}
|
||||
- name: configure ansible user sudo
|
||||
lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"
|
||||
ansible.builtin.lineinfile: path=/etc/sudoers line="ansible ALL=(ALL:ALL) NOPASSWD:ALL"
|
||||
|
||||
@ -3,9 +3,9 @@
|
||||
- name: configure packages via apt
|
||||
block:
|
||||
- name: update apt packages
|
||||
apt: upgrade=yes update_cache=yes cache_valid_time=86400
|
||||
ansible.builtin.apt: upgrade=yes update_cache=yes cache_valid_time=86400
|
||||
- name: install basic packages
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- acl
|
||||
- apt-file
|
||||
@ -37,9 +37,9 @@
|
||||
- vim
|
||||
- whois
|
||||
- name: remove basic packages
|
||||
apt: state=absent name=unattended-upgrades
|
||||
ansible.builtin.apt: state=absent name=unattended-upgrades
|
||||
- name: autoremove
|
||||
apt: autoremove=yes purge=yes
|
||||
ansible.builtin.apt: autoremove=yes purge=yes
|
||||
- name: autoclean
|
||||
apt: autoclean=yes
|
||||
ansible.builtin.apt: autoclean=yes
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: configure hostname
|
||||
hostname: name={{ inventory_hostname }}
|
||||
ansible.builtin.hostname: name={{ inventory_hostname }}
|
||||
- name: ensure loopback name
|
||||
lineinfile: path=/etc/hosts line="127.0.0.1 {{ inventory_hostname }}"
|
||||
ansible.builtin.lineinfile: path=/etc/hosts line="127.0.0.1 {{ inventory_hostname }}"
|
||||
- name: configure timezone
|
||||
timezone: name=America/Chicago
|
||||
notify: restart cron
|
||||
- name: configure shell profile
|
||||
template: src=profile.sh dest=/etc/profile.d/50-ansible.sh mode=0644
|
||||
ansible.builtin.template: src=profile.sh dest=/etc/profile.d/50-ansible.sh mode=0644
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: regen initramfs
|
||||
command: /usr/sbin/update-initramfs -c -k all
|
||||
ansible.builtin.command: /usr/sbin/update-initramfs -c -k all
|
||||
become: yes
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: assure xorg.conf.d
|
||||
file: path=/etc/X11/xorg.conf.d state=directory mode=0755
|
||||
ansible.builtin.file: path=/etc/X11/xorg.conf.d state=directory mode=0755
|
||||
- name: configure X misc
|
||||
template: src={{ item }} dest=/etc/X11/xorg.conf.d/{{ item }} mode=0644
|
||||
ansible.builtin.template: src={{ item }} dest=/etc/X11/xorg.conf.d/{{ item }} mode=0644
|
||||
loop:
|
||||
# Disables mouse acceleration on all mouse peripherals
|
||||
- 90-mouse-acceleration.conf
|
||||
|
||||
@ -5,26 +5,26 @@
|
||||
block:
|
||||
# Manage archs
|
||||
- name: enable archs
|
||||
lineinfile: dest=/var/lib/dpkg/arch line={{ item }} create=yes mode=0644
|
||||
ansible.builtin.lineinfile: dest=/var/lib/dpkg/arch line={{ item }} create=yes mode=0644
|
||||
loop: "{{ desktop_apt_archs }}"
|
||||
# Manage keys
|
||||
- name: enroll keys from keyserver
|
||||
apt_key: keyserver=keyserver.ubuntu.com id={{ item }}
|
||||
ansible.builtin.apt_key: keyserver=keyserver.ubuntu.com id={{ item }}
|
||||
loop: "{{ desktop_apt_keys_keyserver + desktop_apt_keys_keyserver_extra }}"
|
||||
- name: enroll keys by url
|
||||
apt_key: url={{ item }}
|
||||
ansible.builtin.apt_key: url={{ item }}
|
||||
loop: "{{ desktop_apt_keys_url + desktop_apt_keys_url_extra }}"
|
||||
# Manage repos
|
||||
- name: configure repos
|
||||
apt_repository: repo={{ item }}
|
||||
ansible.builtin.apt_repository: repo={{ item }}
|
||||
loop: "{{ desktop_apt_repos + desktop_apt_repos_extra }}"
|
||||
# Manage packages
|
||||
- name: configure installed packages
|
||||
apt: name="{{ desktop_apt_packages + desktop_apt_packages_extra }}"
|
||||
ansible.builtin.apt: name="{{ desktop_apt_packages + desktop_apt_packages_extra }}"
|
||||
- name: configure removed packages
|
||||
apt: name="{{ desktop_apt_packages_remove + desktop_apt_packages_remove_extra }}" state=absent
|
||||
ansible.builtin.apt: name="{{ desktop_apt_packages_remove + desktop_apt_packages_remove_extra }}" state=absent
|
||||
- name: configure out-of-repo packages
|
||||
apt: deb="{{ item }}"
|
||||
ansible.builtin.apt: deb="{{ item }}"
|
||||
loop: "{{ desktop_apt_debs + desktop_apt_debs_extra }}"
|
||||
when: ansible_pkg_mgr == "apt"
|
||||
- name: configure portage
|
||||
@ -35,12 +35,12 @@
|
||||
synchronize: src="portage/" dest="/etc/portage/"
|
||||
# This is my bootstrap script, which can cause damage if invoked by root again, so we remove it
|
||||
- name: remove gentoostrap
|
||||
file: path=/gentoostrap.sh state=absent
|
||||
ansible.builtin.file: path=/gentoostrap.sh state=absent
|
||||
- name: remove gentoostrap package.use
|
||||
file: path=/etc/portage/package.use/gentoostrap state=absent
|
||||
ansible.builtin.file: path=/etc/portage/package.use/gentoostrap state=absent
|
||||
when: ansible_os_family == "Gentoo"
|
||||
- name: configure pip3 packages
|
||||
pip: executable=/usr/bin/pip3 state=latest name="{{ desktop_pip3_packages + desktop_pip3_packages_extra }}"
|
||||
ansible.builtin.pip: executable=/usr/bin/pip3 state=latest name="{{ desktop_pip3_packages + desktop_pip3_packages_extra }}"
|
||||
when: ansible_os_family != "Gentoo"
|
||||
- name: configure flatpak
|
||||
block:
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: assure tmodloader {{ tmodloader_name }} directory structure
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
owner: "{{ tmodloader_uid }}"
|
||||
group: "{{ tmodloader_gid }}"
|
||||
@ -18,30 +18,31 @@
|
||||
- "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
|
||||
- "{{ tmodloader_data_prefix }}/data/ModLoader/Worlds"
|
||||
- name: assure mods
|
||||
shell:
|
||||
ansible.builtin.shell:
|
||||
cmd: "curl -L \"{{ tmodloader_mod_server }}\" -o \"{{ item }}.tmod\" && chown \"{{ tmodloader_uid }}:{{ tmodloader_gid }}\" \"{{ item }}.tmod\""
|
||||
chdir: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods"
|
||||
creates: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/{{ item }}.tmod"
|
||||
with_list: "{{ tmodloader_mods }}"
|
||||
notify: "restart tmodloader {{ tmodloader_name }}"
|
||||
- name: enable mods
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: enabled.json
|
||||
dest: "{{ tmodloader_data_prefix }}/data/ModLoader/Mods/enabled.json"
|
||||
owner: "{{ tmodloader_uid }}"
|
||||
group: "{{ tmodloader_gid }}"
|
||||
mode: "0750"
|
||||
notify: "restart tmodloader {{ tmodloader_name }}"
|
||||
- name: assure tmodloader {{ tmodloader_name }} files
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
state: touch
|
||||
owner: "{{ tmodloader_uid }}"
|
||||
group: "{{ tmodloader_gid }}"
|
||||
mode: "0640"
|
||||
mode: "0750"
|
||||
path: "{{ item }}"
|
||||
with_items:
|
||||
- "{{ tmodloader_data_prefix }}/config.txt"
|
||||
- name: assure {{ tmodloader_name }} configs
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
state: present
|
||||
regexp: "^{{ item.key }}"
|
||||
line: "{{ item.key }}={{ item.value }}"
|
||||
@ -49,7 +50,7 @@
|
||||
with_dict: "{{ tmodloader_config | combine(tmodloader_config_extra) | combine(tmodloader_config_internal) }}"
|
||||
notify: "restart tmodloader {{ tmodloader_name }}"
|
||||
- name: assure {{ tmodloader_name }} backup cronjob
|
||||
cron:
|
||||
ansible.builtin.cron:
|
||||
user: root
|
||||
name: "terraria-{{ tmodloader_name }}"
|
||||
minute: "*/30"
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: clone git repos
|
||||
git:
|
||||
ansible.builtin.git:
|
||||
accept_hostkey: yes
|
||||
depth: "{{ item.depth | default(1, true) }}"
|
||||
dest: "{{ item.dest }}"
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: grub mkconfig
|
||||
command: "grub-mkconfig -o /boot/grub/grub.cfg"
|
||||
ansible.builtin.command: "grub-mkconfig -o /boot/grub/grub.cfg"
|
||||
become: yes
|
||||
|
||||
@ -4,5 +4,5 @@
|
||||
- name: configure grub
|
||||
block:
|
||||
- name: template out grub config
|
||||
template: src=grub.conf dest=/etc/default/grub mode=0644
|
||||
ansible.builtin.template: src=grub.conf dest=/etc/default/grub mode=0644
|
||||
notify: grub mkconfig
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: assure ingress container persist directories
|
||||
file: path="{{ ingress_container_persist_dir }}/{{ item }}" state=directory owner=root mode=0755
|
||||
ansible.builtin.file: path="{{ ingress_container_persist_dir }}/{{ item }}" state=directory owner=root mode=0755
|
||||
with_items:
|
||||
- letsencrypt
|
||||
- user_conf.d
|
||||
- name: template out ingress configuration file
|
||||
template: src=vhosts.conf.j2 dest="{{ ingress_container_persist_dir }}/user_conf.d/vhosts.conf" mode="0640"
|
||||
ansible.builtin.template: src=vhosts.conf.j2 dest="{{ ingress_container_persist_dir }}/user_conf.d/vhosts.conf" mode="0640"
|
||||
notify: restart ingress container
|
||||
- name: assure ingress container
|
||||
docker_container:
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: remove default motd items
|
||||
file: state=absent path=/etc/update-motd.d/{{ item }}
|
||||
ansible.builtin.file: state=absent path=/etc/update-motd.d/{{ item }}
|
||||
loop: "{{ motd_remove + motd_remove_extra }}"
|
||||
- name: disable motd-news
|
||||
systemd: name="{{ item }}" state=stopped enabled=no
|
||||
ansible.builtin.systemd: name="{{ item }}" state=stopped enabled=no
|
||||
with_items:
|
||||
- motd-news.timer
|
||||
- name: template out motd script
|
||||
template: src=motd.sh dest=/etc/update-motd.d/50-ansible mode=0755
|
||||
ansible.builtin.template: src=motd.sh dest=/etc/update-motd.d/50-ansible mode=0755
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# vim:ft=ansible:
|
||||
- name: assure data directory for nagios
|
||||
file: path="{{ nagios_data_dir }}" state=directory mode=0755
|
||||
ansible.builtin.file: path="{{ nagios_data_dir }}" state=directory mode=0755
|
||||
tags: [ nagios ]
|
||||
- name: docker deploy nagios
|
||||
docker_container:
|
||||
@ -27,15 +27,15 @@
|
||||
- /dev/null:/opt/nagios/bin/send_nsca
|
||||
tags: [ docker, nagios ]
|
||||
- name: template out scripts for nagios
|
||||
template: src="{{ item }}" dest="{{ nagios_data_dir }}/plugins/{{ item }}" owner=root group=root mode=0755
|
||||
ansible.builtin.template: src="{{ item }}" dest="{{ nagios_data_dir }}/plugins/{{ item }}" owner=root group=root mode=0755
|
||||
with_items:
|
||||
- notify-by-matrix
|
||||
tags: [ nagios, template, plugins ]
|
||||
- name: template out config for nagios
|
||||
template: src=nagios-ansible-inventory.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=101 group=100 mode=0644
|
||||
ansible.builtin.template: src=nagios-ansible-inventory.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=101 group=100 mode=0644
|
||||
tags: [ nagios, template ]
|
||||
notify: restart nagios
|
||||
- name: assure config file is loaded
|
||||
lineinfile: path="{{ nagios_data_dir }}/etc/nagios.cfg" line='cfg_file=/opt/nagios/etc/objects/ansible.cfg'
|
||||
ansible.builtin.lineinfile: path="{{ nagios_data_dir }}/etc/nagios.cfg" line='cfg_file=/opt/nagios/etc/objects/ansible.cfg'
|
||||
tags: [ nagios, template ]
|
||||
notify: restart nagios
|
||||
|
||||
@ -1,21 +1,21 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: assure pulse package
|
||||
apt: name=pulseaudio
|
||||
ansible.builtin.apt: name=pulseaudio
|
||||
when: ansible_os_family == 'Debian'
|
||||
- name: remove user pulseaudio services
|
||||
file: state=absent path={{ item }}
|
||||
ansible.builtin.file: state=absent path={{ item }}
|
||||
loop:
|
||||
- /etc/systemd/user/default.target.wants/pulseaudio.service
|
||||
- /etc/systemd/user/sockets.target.wants/pulseaudio.socket
|
||||
- name: template out configs
|
||||
template: src={{ item.src }} dest={{ item.dest }} mode=0644
|
||||
ansible.builtin.template: src={{ item.src }} dest={{ item.dest }} mode=0644
|
||||
loop:
|
||||
- { src: "pulse-client.conf", dest: "/etc/pulse/client.conf" }
|
||||
- { src: "pulse-daemon.conf", dest: "/etc/pulse/daemon.conf" }
|
||||
- { src: "pulse-default.pa", dest: "/etc/pulse/default.pa" }
|
||||
- { src: "pulseaudio.service", dest: "/etc/systemd/system/pulseaudio.service" }
|
||||
- name: assure pulse user
|
||||
user: name=pulseaudio password="!" system=yes home=/var/lib/pulse groups=audio
|
||||
ansible.builtin.user: name=pulseaudio password="!" system=yes home=/var/lib/pulse groups=audio
|
||||
- name: enable pulse service
|
||||
systemd: name=pulseaudio enabled=yes state=started daemon_reload=yes
|
||||
ansible.builtin.systemd: name=pulseaudio enabled=yes state=started daemon_reload=yes
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
#!/usr/bin/env ansible-playbook
|
||||
# vim:ft=ansible:
|
||||
- name: reload udev
|
||||
command: udevadm trigger
|
||||
ansible.builtin.command: udevadm trigger
|
||||
become: yes
|
||||
|
||||
@ -2,6 +2,6 @@
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: configure udev rules
|
||||
lineinfile: path=/etc/udev/rules.d/50-ansible.rules line={{ item }} create=yes mode=0644
|
||||
ansible.builtin.lineinfile: path=/etc/udev/rules.d/50-ansible.rules line={{ item }} create=yes mode=0644
|
||||
loop: "{{ udev_rules }}"
|
||||
notify: reload udev
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
# vim:ft=ansible:
|
||||
---
|
||||
- name: restart zerotier
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
daemon_reload: yes
|
||||
name: zerotier-one.service
|
||||
state: restarted
|
||||
|
||||
@ -4,24 +4,24 @@
|
||||
- name: configure zerotier for apt
|
||||
block:
|
||||
- name: ensure zerotier repo key
|
||||
apt_key: url="{{ zerotier_repo_deb_key }}"
|
||||
ansible.builtin.apt_key: url="{{ zerotier_repo_deb_key }}"
|
||||
- name: ensure zerotier repo
|
||||
apt_repository: repo="{{ zerotier_repo_deb }}"
|
||||
ansible.builtin.apt_repository: repo="{{ zerotier_repo_deb }}"
|
||||
- name: update apt cache
|
||||
apt: update_cache=yes cache_valid_time=86400
|
||||
ansible.builtin.apt: update_cache=yes cache_valid_time=86400
|
||||
- name: ensure packages
|
||||
apt: name=zerotier-one
|
||||
ansible.builtin.apt: name=zerotier-one
|
||||
when: ansible_pkg_mgr == "apt"
|
||||
- name: template unit file
|
||||
template: src=zerotier-one.service dest=/etc/systemd/system/zerotier-one.service mode=0644
|
||||
ansible.builtin.template: src=zerotier-one.service dest=/etc/systemd/system/zerotier-one.service mode=0644
|
||||
notify: restart zerotier
|
||||
- name: join networks
|
||||
command:
|
||||
ansible.builtin.command:
|
||||
argv: [ zerotier-cli, join, "{{ item }}" ]
|
||||
with_items: "{{ zerotier_networks_join }}"
|
||||
changed_when: no
|
||||
- name: leave networks
|
||||
command:
|
||||
ansible.builtin.command:
|
||||
argv: [ zerotier-cli, leave, "{{ item }}" ]
|
||||
register: zerotierleave
|
||||
with_items: "{{ zerotier_networks_leave }}"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user