salt/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Configure our new roles

Browse Source
This commit is contained in:
Salt 2020-10-28 21:56:12 -05:00
parent 538164a83d
commit e169fb873b
2 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
inventory/group_vars/all.yml
View File

@ -1,4 +1,15 @@
# vim:ft=ansible:
# For homebrew roles and such, mostly Ansible-related setup
ansible_pull_repo: "https://git.9iron.club/salt/ansible"
ansible_pull_commit: rewrite
common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible"
# For geerlingguy.apache
apache_remove_default_vhost: yes
apache_ssl_cipher_suite: AES256+EECDH:AES256+EDH
apache_ssl_protocol: all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
# For geerlingguy.php
## There is no circumstance in which I need PHP but DON'T need mod_php
php_packages_extra: [ libapache2-mod-php ]

14
site.yml
View File

@ -11,12 +11,20 @@
# Database servers
- hosts: db1.test.desu.ltd
roles:
- role: postgresql
- role: geerlingguy.postgresql
vars:
postgresql_hba_entries:
# Just allow all access on this block.
# When rolling out to our new env, I'll allow by particular IP alone
- { type: host, database: all, user: all, address: '192.168.0.0/16', auth_method: md5 }
become: yes
tags: [ db, psql ]
# Webservers
- hosts: web1.test.desu.ltd
roles:
- role: apache
- role: geerlingguy.apache
become: yes
tags: [ web, apache ]
- role: php
- role: geerlingguy.php
become: yes
tags: [ web, php ]