Some variable cleanup

This commit is contained in:
Wojciech Kozlowski 2022-12-11 01:11:44 +01:00
parent 64fc6d748f
commit 534e3435e3
5 changed files with 5 additions and 23 deletions

View File

@ -2,24 +2,6 @@
- name: "Deploy services"
hosts: asgard
vars:
volumes:
rproxy:
- "etc-letsencrypt"
www: []
lrproxy:
- "etc-letsencrypt"
database:
- "wal"
- "data"
cloud:
- "nextcloud"
- "data"
git:
- "data"
notes:
- "data"
tasks:
- include_tasks: tasks/services/b-user/service-user.yml
with_items: "{{ host_services }}"

View File

@ -8,6 +8,6 @@ argument_specs:
type: "list"
elem: "str"
required: true
services_bridge_gateway:
services_base_bridge_gateway:
type: "str"
required: true

View File

@ -7,9 +7,9 @@ iface {{ services_service_iface_name }} inet manual
post-up ip -n {{ services_service_user_name }} link set veth0 up
post-up ip -n {{ services_service_user_name }} address add {{ services_service_iface_address }}/24 dev veth0
post-up ip -n {{ services_service_user_name }} route add default via {{ services_bridge_gateway }} dev veth0
post-up ip -n {{ services_service_user_name }} route add default via {{ services_base_bridge_gateway }} dev veth0
pre-down ip -n {{ services_service_user_name }} route del default via {{ services_bridge_gateway }} dev veth0
pre-down ip -n {{ services_service_user_name }} route del default via {{ services_base_bridge_gateway }} dev veth0
pre-down ip -n {{ services_service_user_name }} address del {{ services_service_iface_address }}/24 dev veth0
pre-down ip -n {{ services_service_user_name }} link set veth0 down

View File

@ -7,7 +7,7 @@ argument_specs:
ansible_port:
type: "int"
required: true
ssh_user:
system_base_ssh_user:
type: "str"
required: true
system_base_additional_ssh_users:

View File

@ -7,7 +7,7 @@ Port {{ ansible_port }}
PermitRootLogin no
# Explicitly set the list of allowed ssh users.
AllowUsers {{ [ssh_user] | union(system_base_additional_ssh_users) | join(" ") }}
AllowUsers {{ [system_base_ssh_user] | union(system_base_additional_ssh_users) | join(" ") }}
# SSH enabled only via ssh-key.
PasswordAuthentication no