ansible-edda/playbooks/system.yml

98 lines
2.4 KiB
YAML
Raw Normal View History

2022-12-07 21:36:08 +01:00
---
2022-12-20 16:53:32 +01:00
- name: "system : all"
hosts: "all"
tasks:
- name: "block domains"
ansible.builtin.lineinfile:
path: "/etc/hosts"
line: "127.0.0.1 {{ item }}"
2022-12-20 18:56:02 +01:00
loop: "{{ [system_mail_smtp_server | default([])] |
union( [vpn_wireguard_server_address | default([])] ) |
union( [services_backups_restic_aws_bucket_endpoint | default([])] ) |
flatten }}"
2022-12-20 16:53:32 +01:00
when: not (the_nine_worlds_production | bool)
tags: "always"
2022-12-08 23:27:25 +01:00
- name: "system : ups"
2022-12-07 21:36:08 +01:00
hosts: "ups"
roles:
2022-12-18 19:36:21 +01:00
- role: "system/ups"
2022-12-07 21:36:08 +01:00
tags: "system:ups"
2022-12-08 23:27:25 +01:00
- name: "system : smart"
2022-12-07 21:36:08 +01:00
hosts: "smart"
roles:
2022-12-18 19:36:21 +01:00
- role: "system/smart"
2022-12-07 21:36:08 +01:00
vars:
2022-12-18 19:36:21 +01:00
system_base_smartd_conf_file: "files/system/smart/smartd.conf"
2022-12-07 21:36:08 +01:00
tags: "system:smart"
2022-12-08 23:27:25 +01:00
- name: "system : zfs"
2022-12-07 21:36:08 +01:00
hosts: "zfs"
roles:
2022-12-18 19:36:21 +01:00
- role: "system/zfs"
2022-12-07 21:36:08 +01:00
tags: "system:zfs"
2022-12-08 23:27:25 +01:00
- name: "system : all"
2022-12-07 21:36:08 +01:00
hosts: "all"
roles:
2022-12-20 17:31:37 +01:00
- role: "system/base/nftables"
tags:
- "system:base"
- "system:base:nftables"
- role: "system/base/mail"
2022-12-20 18:26:18 +01:00
vars:
system_base_mail_disable_dns: "{{ not (the_nine_worlds_production | bool) }}"
2022-12-20 17:31:37 +01:00
tags:
- "system:base"
- "system:base:mail"
- role: "system/base/sshd"
tags:
- "system:base"
- "system:base:sshd"
- role: "system/base/ntp"
tags:
- "system:base"
- "system:base:ntp"
- role: "system/base/fail2ban"
tags:
- "system:base"
- "system:base:fail2ban"
- role: "system/base/fstrim"
tags:
- "system:base"
- "system:base:fstrim"
- role: "system/base/unattended_upgrades"
tags:
- "system:base"
- "system:base:unattended_upgrades"
- role: "system/base/logs"
2022-12-21 11:37:56 +01:00
vars:
system_base_logs_ignore_dir: "files/system/base/logs"
2022-12-20 17:31:37 +01:00
tags:
- "system:base"
- "system:base:logs"
- role: "system/base/systemd_mail"
tags:
- "system:base"
- "system:base:systemd_mail"
- role: "system/base/utils"
tags:
- "system:base"
- "system:base:utils"
- role: "system/base/motd"
2022-12-07 21:36:08 +01:00
vars:
2022-12-18 19:36:21 +01:00
system_base_motd_dir: "files/system/base/motd"
2022-12-20 17:31:37 +01:00
tags:
- "system:base"
- "system:base:motd"
- role: "system/base/root"
tags:
- "system:base"
- "system:base:root"
- role: "system/base/user"
tags:
- "system:base"
- "system:base:user"