the-nine-worlds/ansible-edda
the-nine-worlds/ansible-edda
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Combine playbooks

Browse Source
This commit is contained in:
Wojciech Kozlowski 2022-09-22 22:51:43 +02:00
parent 12cb7842e7
commit 0686e1fc9a
12 changed files with 24 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -1,3 +1,2 @@
secrets/common.yml group_vars/**
secrets/valkyrie.yml host_vars/**
secrets/yggdrasil.yml

2
filesystem/common/etc/mailname.j2
View File

@ -1 +1 @@
{{ hostname }}.{{ domain }} {{ ansible_hostname }}.{{ domain }}

2
filesystem/common/etc/mailutils.conf.j2
View File

@ -1,3 +1,3 @@
address { address {
email-domain {{ hostname }}.{{ domain }}; email-domain {{ ansible_hostname }}.{{ domain }};
}; };

4
filesystem/common/etc/postfix/main.cf.j2
View File

@ -35,10 +35,10 @@ smtp_tls_wrappermode = yes
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = {{ hostname }}.{{ domain }} myhostname = {{ ansible_hostname }}.{{ domain }}
alias_maps = hash:/etc/aliases alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases alias_database = hash:/etc/aliases
mydestination = $myhostname, {{ hostname }}, localhost mydestination = $myhostname, {{ ansible_hostname }}, localhost
relayhost = [{{ postfix_smtp_server }}]:{{ postfix_smtp_port }} relayhost = [{{ postfix_smtp_server }}]:{{ postfix_smtp_port }}
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0 mailbox_size_limit = 0

2
filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2
View File

@ -3,7 +3,7 @@
/usr/sbin/sendmail -t <<SYSTEMDMAIL /usr/sbin/sendmail -t <<SYSTEMDMAIL
To: root To: root
From: systemd <systemd> From: systemd <systemd>
Subject: systemctl status $1 on {{ hostname }} Subject: systemctl status $1 on {{ ansible_hostname }}
Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8 Content-Type: text/plain; charset=UTF-8

2
filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2
View File

@ -3,7 +3,7 @@
/usr/sbin/sendmail -t <<SYSTEMDMAIL /usr/sbin/sendmail -t <<SYSTEMDMAIL
To: root To: root
From: systemd <systemd> From: systemd <systemd>
Subject: zpool status $1 on {{ hostname }} Subject: zpool status $1 on {{ ansible_hostname }}
Content-Transfer-Encoding: 8bit Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8 Content-Type: text/plain; charset=UTF-8

1
hosts
View File

@ -1,2 +1,3 @@
[the_nine_worlds]
valkyrie valkyrie
yggdrasil yggdrasil

22
yggdrasil.yml → hosts.yml
View File

@ -1,9 +1,5 @@
--- ---
- hosts: yggdrasil - hosts: the_nine_worlds
vars_files:
- secrets/common.yml
- secrets/yggdrasil.yml
tasks: tasks:
- import_tasks: tasks/sshd.yml - import_tasks: tasks/sshd.yml
@ -12,15 +8,19 @@
- import_tasks: tasks/mail.yml - import_tasks: tasks/mail.yml
- import_tasks: tasks/unattended-upgrades.yml - import_tasks: tasks/unattended-upgrades.yml
- import_tasks: tasks/fail2ban.yml - import_tasks: tasks/fail2ban.yml
- import_tasks: tasks/systemd-mail.yml
- import_tasks: tasks/zfs-scrub.yml
- import_tasks: tasks/zfs-trim.yml
- import_tasks: tasks/fstrim.yml - import_tasks: tasks/fstrim.yml
- import_tasks: tasks/zfsutils-cron.yml
- import_tasks: tasks/ups.yml
- import_tasks: tasks/smart.yml
- import_tasks: tasks/logs.yml - import_tasks: tasks/logs.yml
- import_tasks: tasks/motd.yml - import_tasks: tasks/motd.yml
- import_tasks: tasks/utils.yml - import_tasks: tasks/utils.yml
- import_tasks: tasks/user.yml - import_tasks: tasks/user.yml
- import_tasks: tasks/root-shell.yml - import_tasks: tasks/root-shell.yml
- hosts: yggdrasil
tasks:
- import_tasks: tasks/systemd-mail.yml
- import_tasks: tasks/zfs-scrub.yml
- import_tasks: tasks/zfs-trim.yml
- import_tasks: tasks/zfsutils-cron.yml
- import_tasks: tasks/ups.yml
- import_tasks: tasks/smart.yml

2
tasks/logs.yml
View File

@ -13,6 +13,6 @@
- name: Configure logcheck ignores - name: Configure logcheck ignores
template: template:
src: ./filesystem/common/etc/logcheck/ignore.d.server/hostname.j2 src: ./filesystem/common/etc/logcheck/ignore.d.server/hostname.j2
dest: /etc/logcheck/ignore.d.server/{{ hostname }} dest: /etc/logcheck/ignore.d.server/{{ ansible_hostname }}
group: logcheck group: logcheck
mode: 0644 mode: 0644

2
tasks/motd.yml
View File

@ -1,5 +1,5 @@
- name: Set MotD - name: Set MotD
copy: copy:
src: ./filesystem/{{ hostname }}/etc/motd src: ./filesystem/{{ ansible_hostname }}/etc/motd
dest: /etc/motd dest: /etc/motd
mode: 0644 mode: 0644

20
valkyrie.yml
View File

@ -1,20 +0,0 @@
---
- hosts: valkyrie
vars_files:
- secrets/common.yml
- secrets/valkyrie.yml
tasks:
- import_tasks: tasks/sshd.yml
- import_tasks: tasks/firewall.yml
- import_tasks: tasks/ntp.yml
- import_tasks: tasks/mail.yml
- import_tasks: tasks/unattended-upgrades.yml
- import_tasks: tasks/fail2ban.yml
- import_tasks: tasks/fstrim.yml
- import_tasks: tasks/logs.yml
- import_tasks: tasks/motd.yml
- import_tasks: tasks/utils.yml
- import_tasks: tasks/user.yml
- import_tasks: tasks/root-shell.yml

3
secrets/template.yml → vars
View File

@ -1,3 +1,5 @@
# Set the variables and move to group_vars/<group> and host_vars/<host> as required and encrypt.
# Ansible variables # Ansible variables
ansible_port: ansible_port:
ansible_become_password: ansible_become_password:
@ -6,7 +8,6 @@ ansible_become_password:
ssh_user: ssh_user:
# Machine variables # Machine variables
hostname:
domain: domain:
subnet_address: subnet_address:
subnet_masklen: subnet_masklen: