Move some specific-OS group_vars into role vars (ex: Debian.yml in the role vars folder)

group_vars/all/all.yml

@@ -23,3 +23,5 @@ main_domain: wirebrass.fr
 # Certbot admin Email address
 certbot_admin_email: contact@wirebrass.fr
 
+# Munin server SSH pubkey
+public_key_munin_user_host: "{{ vault_public_key_munin_user_host }}"

group_vars/os_centos.yml

@@ -1,17 +1,3 @@
-# Service and package's name of NTP client on Debian
-ntp_service_name: chronyd
-ntp_package: chrony
-
-# Package's name of sudo package on Debian
-sudo_package: sudo
-
-# Service and package's name of CRON on Debian
-cron_service_name: crond
-cron_package: cronie
-
-# Sudoers' group name on Debian
-sudo_group: wheel
-
 # Command to run to execute a Debian update
 cron_upgrade_job: /bin/yum -y upgrade ; /bin/yum -y autoremove
 
@@ -22,7 +8,3 @@ tools_package:
   - sed
   - grep
   - net-tools
-
-# Define iptables save files for CentOS
-iptables_save_file: /etc/sysconfig/iptables
-ip6tables_save_file: /etc/sysconfig/ip6tables

group_vars/os_debian.yml

@@ -1,17 +1,3 @@
-# Service and package's name of NTP client on Debian
-ntp_service_name: ntp
-ntp_package: ntp
-
-# Package's name of sudo package on Debian
-sudo_package: sudo
-
-# Service and package's name of CRON on Debian
-cron_service_name: cron
-cron_package: cron
-
-# Sudoers' group name on Debian
-sudo_group: sudo
-
 # Command to run to execute a Debian update
 cron_upgrade_job: export PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin; export TERM=rxvt-unicode-256color; apt-get -q update && apt-get -q -y upgrade && apt-get -q -y dist-upgrade && apt-get -q -y autoremove
 

group_vars/os_gentoo.yml

@@ -1,24 +1,6 @@
-# Service and package's name of NTP client on Gentoo
-ntp_service_name: ntpd
-ntp_package: ntp
-
-# Package's name of sudo package on Gentoo
-sudo_package: sudo
-
-# Service and package's name of CRON on Gentoo
-cron_service_name: cronie
-cron_package: cronie
-
-# Sudoers' group name on Gentoo
-sudo_group: wheel
-
 # Command to run to execute a Gentoo update
 cron_upgrade_job: emerge --sync --quiet && emerge --quiet-build -uvDN @world && emerge --quiet-build @preserved-rebuild && emerge --depclean && eselect news read
 
-# Define iptables save files for Gentoo
-iptables_save_file: /var/lib/iptables/rules-save
-ip6tables_save_file: /var/lib/ip6tables/rules-save
-
 # Tools to install on Gentoo hosts
 tools_package:
   - bind-tools

playbook_general_deploy.yml

@@ -1,12 +1,13 @@
 ---
 - hosts: all
   roles:
-#    - auto_reboot
+    - auto_reboot
-#    - auto_upgrade
+    - auto_upgrade
 #    - client_ntp
 #    - client_resolvers
 #    - client_tools
 #    - users_sudo
-#    - client_iptables
+    - client_iptables
-    - munin-node
+#    - munin-node
+#    - munin-async
 

roles/auto_reboot/tasks/main.yml

@@ -1,5 +1,9 @@
 ---
 # Main tasks file for auto_reboot
 
+- name: Include OS-specific variables.
+  include_vars: "{{ ansible_os_family }}.yml"
+  when: auto_reboot
+
 - import_tasks: package.yml
 - import_tasks: crontask.yml

roles/auto_reboot/vars/Debian.yml

@@ -0,0 +1,3 @@
+---
+cron_service_name: cron
+cron_package: cron

roles/auto_reboot/vars/Gentoo.yml

@@ -0,0 +1,3 @@
+---
+cron_service_name: cronie
+cron_package: cronie

roles/auto_reboot/vars/RedHat.yml

@@ -0,0 +1,3 @@
+---
+cron_service_name: crond
+cron_package: cronie

roles/auto_upgrade/tasks/main.yml

@@ -1,5 +1,9 @@
 ---
 # Main tasks file for auto_upgrade
 
+- name: Include OS-specific variables.
+  include_vars: "{{ ansible_os_family }}.yml"
+  when: auto_upgrade
+
 - import_tasks: package.yml
 - import_tasks: crontask.yml

roles/auto_upgrade/vars/Debian.yml

@@ -0,0 +1,3 @@
+---
+cron_service_name: cron
+cron_package: cron

roles/auto_upgrade/vars/Gentoo.yml

@@ -0,0 +1,3 @@
+---
+cron_service_name: cronie
+cron_package: cronie

roles/auto_upgrade/vars/RedHat.yml

@@ -0,0 +1,3 @@
+---
+cron_service_name: crond
+cron_package: cronie

roles/client_iptables/tasks/main.yml

@@ -1,6 +1,10 @@
 ---
 # Main tasks file for client_iptables
 
+- name: Include OS-specific variables.
+  include_vars: "{{ ansible_os_family }}.yml"
+  when: configure_iptables
+
 - import_tasks: package.yml
   when: configure_iptables
 - import_tasks: iptables.yml

roles/client_iptables/vars/Debian.yml

@@ -0,0 +1,3 @@
+---
+iptables_save_file: /etc/iptables/rules.v4
+ip6tables_save_file: /etc/iptables/rules.v6

roles/client_iptables/vars/Gentoo.yml

@@ -0,0 +1,3 @@
+---
+iptables_save_file: /var/lib/iptables/rules-save
+ip6tables_save_file: /var/lib/ip6tables/rules-save

roles/client_iptables/vars/RedHat.yml

@@ -0,0 +1,3 @@
+---
+iptables_save_file: /etc/sysconfig/iptables
+ip6tables_save_file: /etc/sysconfig/ip6tables

roles/client_ntp/tasks/main.yml

@@ -1,5 +1,8 @@
 ---
 # Main tasks file for client_ntp
 
+- name: Include OS-specific variables.
+  include_vars: "{{ ansible_os_family }}.yml"
+
 - import_tasks: package.yml
 - import_tasks: service.yml

roles/client_ntp/vars/Debian.yml

@@ -0,0 +1,3 @@
+---
+ntp_service_name: ntp
+ntp_package: ntp

roles/client_ntp/vars/Gentoo.yml

@@ -0,0 +1,3 @@
+---
+ntp_service_name: ntpd
+ntp_package: ntp

roles/client_ntp/vars/RedHat.yml

@@ -0,0 +1,3 @@
+---
+ntp_service_name: chronyd
+ntp_package: chrony

roles/munin-async/README.md

@@ -0,0 +1,46 @@
+Ansible Role: mnin-async
+=========
+
+This role set up munin-async service for a GNU/Linux server.
+
+Requirements
+------------
+
+Munin node installed on nodes.
+
+Role Variables
+--------------
+
+All variables and default values are defined in `defaults/main.yml` :
+
+    # Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...)
+    munin-async_service_name: munin-asyncd
+    munin-async_package: munin-async
+    
+    # SSH pubkey of Munin server
+    munin_async_authorized_keys: []
+    
+    # Munin async user
+    munin_async_user: munin-async
+
+Dependencies
+------------
+
+None.
+
+Example Playbook
+----------------
+
+    - hosts: all
+      roles:
+        - munin-async
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+This role was created in 2020 by Nemo.

roles/munin-async/defaults/main.yml

@@ -0,0 +1,12 @@
+---
+# defaults file for munin-async
+
+# Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...)
+munin_async_service_name: munin-asyncd
+munin_async_package: munin-async
+
+# SSH pubkey of Munin server
+munin_async_authorized_key: "{{ public_key_munin_user_host }}"
+
+# Munin async user
+munin_async_user: munin-async

roles/munin-async/meta/main.yml

@@ -0,0 +1,26 @@
+galaxy_info:
+  author: nemo
+  description: Set up Munin async service for GNU/Linux.
+  company: Wirebrass
+
+  license: license (BSD)
+
+  min_ansible_version: 2.4
+
+  platforms:
+    - name: Debian
+      versions:
+        - stretch
+        - buster
+    - name: Gentoo
+      versions:
+        - all
+
+  galaxy_tags:
+    - munin-async
+    - munin
+    - system
+    - server
+    - auto
+
+dependencies: []

roles/munin-async/tasks/main.yml

@@ -0,0 +1,13 @@
+---
+# Main tasks file for munin-async
+
+- name: Include OS-specific variables.
+  include_vars: "{{ ansible_os_family }}.yml"
+  when: "'munin_server' not in group_names"
+
+- import_tasks: package.yml
+  when: "'munin_server' not in group_names"
+- import_tasks: service.yml
+  when: "'munin_server' not in group_names"
+- import_tasks: user.yml
+  when: "'munin_server' not in group_names"

roles/munin-async/tasks/package.yml

@@ -0,0 +1,5 @@
+---
+- name: Munin async installed
+  package:
+    name: "{{ munin_async_package }}"
+    state: present

roles/munin-async/tasks/service.yml

@@ -0,0 +1,6 @@
+---
+- name: Munin async enabled
+  service:
+    name: "{{ munin_async_service_name }}"
+    state: started
+    enabled: yes

roles/munin-async/tasks/user.yml

@@ -0,0 +1,8 @@
+---
+- name: Set up authorized key for Munin async user
+  authorized_key:
+    user: "{{ munin_async_user }}"
+    state: present
+    key: "{{ munin_async_authorized_key }}"
+  when: munin_async_authorized_key is defined
+

roles/munin-async/vars/Debian.yml

@@ -0,0 +1,4 @@
+---
+munin_async_service_name: munin-async
+munin_async_package: munin-async
+munin_async_user: munin-async

roles/munin-async/vars/Gentoo.yml

@@ -0,0 +1,4 @@
+---
+munin_async_service_name: munin-asyncd
+munin_async_package: munin-async
+munin_async_user: munin-async

roles/munin-async/vars/RedHat.yml

@@ -0,0 +1,4 @@
+---
+munin_async_service_name: munin-asyncd
+munin_async_package: munin-node
+munin_async_user: munin

roles/users_sudo/tasks/main.yml

@@ -1,6 +1,9 @@
 ---
 # Main tasks file for users_sudo
 
+- name: Include OS-specific variables.
+  include_vars: "{{ ansible_os_family }}.yml"
+
 - import_tasks: package.yml
 - import_tasks: group.yml
 - import_tasks: users.yml

roles/users_sudo/vars/Debian.yml

@@ -0,0 +1,3 @@
+---
+sudo_package: sudo
+sudo_group: sudo

roles/users_sudo/vars/Gentoo.yml

@@ -0,0 +1,3 @@
+---
+sudo_package: sudo
+sudo_group: wheel

roles/users_sudo/vars/RedHat.yml

@@ -0,0 +1,3 @@
+---
+sudo_package: sudo
+sudo_group: wheel