nemo
/
ansible-base
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move some specific-OS group_vars into role vars (ex: Debian.yml in the role vars folder)

This commit is contained in:
Nemo 2020-07-12 12:04:23 +02:00
parent feaa54986d
commit 383799879a
35 changed files with 198 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
group_vars/all/all.yml
View File

@ -23,3 +23,5 @@ main_domain: wirebrass.fr
# Certbot admin Email address
certbot_admin_email: contact@wirebrass.fr
# Munin server SSH pubkey
public_key_munin_user_host: "{{ vault_public_key_munin_user_host }}"

18
group_vars/os_centos.yml
View File

@ -1,17 +1,3 @@
# Service and package's name of NTP client on Debian
ntp_service_name: chronyd
ntp_package: chrony
# Package's name of sudo package on Debian
sudo_package: sudo
# Service and package's name of CRON on Debian
cron_service_name: crond
cron_package: cronie
# Sudoers' group name on Debian
sudo_group: wheel
# Command to run to execute a Debian update
cron_upgrade_job: /bin/yum -y upgrade ; /bin/yum -y autoremove
@ -22,7 +8,3 @@ tools_package:
- sed
- grep
- net-tools
# Define iptables save files for CentOS
iptables_save_file: /etc/sysconfig/iptables
ip6tables_save_file: /etc/sysconfig/ip6tables

14
group_vars/os_debian.yml
View File

@ -1,17 +1,3 @@
# Service and package's name of NTP client on Debian
ntp_service_name: ntp
ntp_package: ntp
# Package's name of sudo package on Debian
sudo_package: sudo
# Service and package's name of CRON on Debian
cron_service_name: cron
cron_package: cron
# Sudoers' group name on Debian
sudo_group: sudo
# Command to run to execute a Debian update
cron_upgrade_job: export PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin; export TERM=rxvt-unicode-256color; apt-get -q update && apt-get -q -y upgrade && apt-get -q -y dist-upgrade && apt-get -q -y autoremove

18
group_vars/os_gentoo.yml
View File

@ -1,24 +1,6 @@
# Service and package's name of NTP client on Gentoo
ntp_service_name: ntpd
ntp_package: ntp
# Package's name of sudo package on Gentoo
sudo_package: sudo
# Service and package's name of CRON on Gentoo
cron_service_name: cronie
cron_package: cronie
# Sudoers' group name on Gentoo
sudo_group: wheel
# Command to run to execute a Gentoo update
cron_upgrade_job: emerge --sync --quiet && emerge --quiet-build -uvDN @world && emerge --quiet-build @preserved-rebuild && emerge --depclean && eselect news read
# Define iptables save files for Gentoo
iptables_save_file: /var/lib/iptables/rules-save
ip6tables_save_file: /var/lib/ip6tables/rules-save
# Tools to install on Gentoo hosts
tools_package:
- bind-tools

9
playbook_general_deploy.yml
View File

@ -1,12 +1,13 @@
---
- hosts: all
roles:
# - auto_reboot
# - auto_upgrade
- auto_reboot
- auto_upgrade
# - client_ntp
# - client_resolvers
# - client_tools
# - users_sudo
# - client_iptables
- munin-node
- client_iptables
# - munin-node
# - munin-async

4
roles/auto_reboot/tasks/main.yml
View File

@ -1,5 +1,9 @@
---
# Main tasks file for auto_reboot
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: auto_reboot
- import_tasks: package.yml
- import_tasks: crontask.yml

3
roles/auto_reboot/vars/Debian.yml Normal file
View File

@ -0,0 +1,3 @@
---
cron_service_name: cron
cron_package: cron

3
roles/auto_reboot/vars/Gentoo.yml Normal file
View File

@ -0,0 +1,3 @@
---
cron_service_name: cronie
cron_package: cronie

3
roles/auto_reboot/vars/RedHat.yml Normal file
View File

@ -0,0 +1,3 @@
---
cron_service_name: crond
cron_package: cronie

4
roles/auto_upgrade/tasks/main.yml
View File

@ -1,5 +1,9 @@
---
# Main tasks file for auto_upgrade
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: auto_upgrade
- import_tasks: package.yml
- import_tasks: crontask.yml

3
roles/auto_upgrade/vars/Debian.yml Normal file
View File

@ -0,0 +1,3 @@
---
cron_service_name: cron
cron_package: cron

3
roles/auto_upgrade/vars/Gentoo.yml Normal file
View File

@ -0,0 +1,3 @@
---
cron_service_name: cronie
cron_package: cronie

3
roles/auto_upgrade/vars/RedHat.yml Normal file
View File

@ -0,0 +1,3 @@
---
cron_service_name: crond
cron_package: cronie

4
roles/client_iptables/tasks/main.yml
View File

@ -1,6 +1,10 @@
---
# Main tasks file for client_iptables
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: configure_iptables
- import_tasks: package.yml
when: configure_iptables
- import_tasks: iptables.yml

3
roles/client_iptables/vars/Debian.yml Normal file
View File

@ -0,0 +1,3 @@
---
iptables_save_file: /etc/iptables/rules.v4
ip6tables_save_file: /etc/iptables/rules.v6

3
roles/client_iptables/vars/Gentoo.yml Normal file
View File

@ -0,0 +1,3 @@
---
iptables_save_file: /var/lib/iptables/rules-save
ip6tables_save_file: /var/lib/ip6tables/rules-save

3
roles/client_iptables/vars/RedHat.yml Normal file
View File

@ -0,0 +1,3 @@
---
iptables_save_file: /etc/sysconfig/iptables
ip6tables_save_file: /etc/sysconfig/ip6tables

3
roles/client_ntp/tasks/main.yml
View File

@ -1,5 +1,8 @@
---
# Main tasks file for client_ntp
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- import_tasks: package.yml
- import_tasks: service.yml

3
roles/client_ntp/vars/Debian.yml Normal file
View File

@ -0,0 +1,3 @@
---
ntp_service_name: ntp
ntp_package: ntp

3
roles/client_ntp/vars/Gentoo.yml Normal file
View File

@ -0,0 +1,3 @@
---
ntp_service_name: ntpd
ntp_package: ntp

3
roles/client_ntp/vars/RedHat.yml Normal file
View File

@ -0,0 +1,3 @@
---
ntp_service_name: chronyd
ntp_package: chrony

46
roles/munin-async/README.md Normal file
View File

@ -0,0 +1,46 @@
Ansible Role: mnin-async
=========
This role set up munin-async service for a GNU/Linux server.
Requirements
------------
Munin node installed on nodes.
Role Variables
--------------
All variables and default values are defined in `defaults/main.yml` :
# Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...)
munin-async_service_name: munin-asyncd
munin-async_package: munin-async
# SSH pubkey of Munin server
munin_async_authorized_keys: []
# Munin async user
munin_async_user: munin-async
Dependencies
------------
None.
Example Playbook
----------------
- hosts: all
roles:
- munin-async
License
-------
BSD
Author Information
------------------
This role was created in 2020 by Nemo.

12
roles/munin-async/defaults/main.yml Normal file
View File

@ -0,0 +1,12 @@
---
# defaults file for munin-async
# Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...)
munin_async_service_name: munin-asyncd
munin_async_package: munin-async
# SSH pubkey of Munin server
munin_async_authorized_key: "{{ public_key_munin_user_host }}"
# Munin async user
munin_async_user: munin-async

26
roles/munin-async/meta/main.yml Normal file
View File

@ -0,0 +1,26 @@
galaxy_info:
author: nemo
description: Set up Munin async service for GNU/Linux.
company: Wirebrass
license: license (BSD)
min_ansible_version: 2.4
platforms:
- name: Debian
versions:
- stretch
- buster
- name: Gentoo
versions:
- all
galaxy_tags:
- munin-async
- munin
- system
- server
- auto
dependencies: []

13
roles/munin-async/tasks/main.yml Normal file
View File

@ -0,0 +1,13 @@
---
# Main tasks file for munin-async
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: "'munin_server' not in group_names"
- import_tasks: package.yml
when: "'munin_server' not in group_names"
- import_tasks: service.yml
when: "'munin_server' not in group_names"
- import_tasks: user.yml
when: "'munin_server' not in group_names"

5
roles/munin-async/tasks/package.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Munin async installed
package:
name: "{{ munin_async_package }}"
state: present

6
roles/munin-async/tasks/service.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Munin async enabled
service:
name: "{{ munin_async_service_name }}"
state: started
enabled: yes

8
roles/munin-async/tasks/user.yml Normal file
View File

@ -0,0 +1,8 @@
---
- name: Set up authorized key for Munin async user
authorized_key:
user: "{{ munin_async_user }}"
state: present
key: "{{ munin_async_authorized_key }}"
when: munin_async_authorized_key is defined

4
roles/munin-async/vars/Debian.yml Normal file
View File

@ -0,0 +1,4 @@
---
munin_async_service_name: munin-async
munin_async_package: munin-async
munin_async_user: munin-async

4
roles/munin-async/vars/Gentoo.yml Normal file
View File

@ -0,0 +1,4 @@
---
munin_async_service_name: munin-asyncd
munin_async_package: munin-async
munin_async_user: munin-async

4
roles/munin-async/vars/RedHat.yml Normal file
View File

@ -0,0 +1,4 @@
---
munin_async_service_name: munin-asyncd
munin_async_package: munin-node
munin_async_user: munin

3
roles/users_sudo/tasks/main.yml
View File

@ -1,6 +1,9 @@
---
# Main tasks file for users_sudo
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- import_tasks: package.yml
- import_tasks: group.yml
- import_tasks: users.yml

3
roles/users_sudo/vars/Debian.yml Normal file
View File

@ -0,0 +1,3 @@
---
sudo_package: sudo
sudo_group: sudo

3
roles/users_sudo/vars/Gentoo.yml Normal file
View File

@ -0,0 +1,3 @@
---
sudo_package: sudo
sudo_group: wheel

3
roles/users_sudo/vars/RedHat.yml Normal file
View File

@ -0,0 +1,3 @@
---
sudo_package: sudo
sudo_group: wheel