Some variable cleanup
This commit is contained in:
parent
64fc6d748f
commit
534e3435e3
@ -2,24 +2,6 @@
|
|||||||
- name: "Deploy services"
|
- name: "Deploy services"
|
||||||
hosts: asgard
|
hosts: asgard
|
||||||
|
|
||||||
vars:
|
|
||||||
volumes:
|
|
||||||
rproxy:
|
|
||||||
- "etc-letsencrypt"
|
|
||||||
www: []
|
|
||||||
lrproxy:
|
|
||||||
- "etc-letsencrypt"
|
|
||||||
database:
|
|
||||||
- "wal"
|
|
||||||
- "data"
|
|
||||||
cloud:
|
|
||||||
- "nextcloud"
|
|
||||||
- "data"
|
|
||||||
git:
|
|
||||||
- "data"
|
|
||||||
notes:
|
|
||||||
- "data"
|
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- include_tasks: tasks/services/b-user/service-user.yml
|
- include_tasks: tasks/services/b-user/service-user.yml
|
||||||
with_items: "{{ host_services }}"
|
with_items: "{{ host_services }}"
|
||||||
|
@ -8,6 +8,6 @@ argument_specs:
|
|||||||
type: "list"
|
type: "list"
|
||||||
elem: "str"
|
elem: "str"
|
||||||
required: true
|
required: true
|
||||||
services_bridge_gateway:
|
services_base_bridge_gateway:
|
||||||
type: "str"
|
type: "str"
|
||||||
required: true
|
required: true
|
||||||
|
@ -7,9 +7,9 @@ iface {{ services_service_iface_name }} inet manual
|
|||||||
|
|
||||||
post-up ip -n {{ services_service_user_name }} link set veth0 up
|
post-up ip -n {{ services_service_user_name }} link set veth0 up
|
||||||
post-up ip -n {{ services_service_user_name }} address add {{ services_service_iface_address }}/24 dev veth0
|
post-up ip -n {{ services_service_user_name }} address add {{ services_service_iface_address }}/24 dev veth0
|
||||||
post-up ip -n {{ services_service_user_name }} route add default via {{ services_bridge_gateway }} dev veth0
|
post-up ip -n {{ services_service_user_name }} route add default via {{ services_base_bridge_gateway }} dev veth0
|
||||||
|
|
||||||
pre-down ip -n {{ services_service_user_name }} route del default via {{ services_bridge_gateway }} dev veth0
|
pre-down ip -n {{ services_service_user_name }} route del default via {{ services_base_bridge_gateway }} dev veth0
|
||||||
pre-down ip -n {{ services_service_user_name }} address del {{ services_service_iface_address }}/24 dev veth0
|
pre-down ip -n {{ services_service_user_name }} address del {{ services_service_iface_address }}/24 dev veth0
|
||||||
pre-down ip -n {{ services_service_user_name }} link set veth0 down
|
pre-down ip -n {{ services_service_user_name }} link set veth0 down
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@ argument_specs:
|
|||||||
ansible_port:
|
ansible_port:
|
||||||
type: "int"
|
type: "int"
|
||||||
required: true
|
required: true
|
||||||
ssh_user:
|
system_base_ssh_user:
|
||||||
type: "str"
|
type: "str"
|
||||||
required: true
|
required: true
|
||||||
system_base_additional_ssh_users:
|
system_base_additional_ssh_users:
|
||||||
|
@ -7,7 +7,7 @@ Port {{ ansible_port }}
|
|||||||
PermitRootLogin no
|
PermitRootLogin no
|
||||||
|
|
||||||
# Explicitly set the list of allowed ssh users.
|
# Explicitly set the list of allowed ssh users.
|
||||||
AllowUsers {{ [ssh_user] | union(system_base_additional_ssh_users) | join(" ") }}
|
AllowUsers {{ [system_base_ssh_user] | union(system_base_additional_ssh_users) | join(" ") }}
|
||||||
|
|
||||||
# SSH enabled only via ssh-key.
|
# SSH enabled only via ssh-key.
|
||||||
PasswordAuthentication no
|
PasswordAuthentication no
|
||||||
|
Loading…
Reference in New Issue
Block a user