Move some specific-OS group_vars into role vars (ex: Debian.yml in the role vars folder)

This commit is contained in:
Nemo 2020-07-12 12:04:23 +02:00
parent feaa54986d
commit 383799879a
35 changed files with 198 additions and 54 deletions

View file

@ -23,3 +23,5 @@ main_domain: wirebrass.fr
# Certbot admin Email address # Certbot admin Email address
certbot_admin_email: contact@wirebrass.fr certbot_admin_email: contact@wirebrass.fr
# Munin server SSH pubkey
public_key_munin_user_host: "{{ vault_public_key_munin_user_host }}"

View file

@ -1,17 +1,3 @@
# Service and package's name of NTP client on Debian
ntp_service_name: chronyd
ntp_package: chrony
# Package's name of sudo package on Debian
sudo_package: sudo
# Service and package's name of CRON on Debian
cron_service_name: crond
cron_package: cronie
# Sudoers' group name on Debian
sudo_group: wheel
# Command to run to execute a Debian update # Command to run to execute a Debian update
cron_upgrade_job: /bin/yum -y upgrade ; /bin/yum -y autoremove cron_upgrade_job: /bin/yum -y upgrade ; /bin/yum -y autoremove
@ -22,7 +8,3 @@ tools_package:
- sed - sed
- grep - grep
- net-tools - net-tools
# Define iptables save files for CentOS
iptables_save_file: /etc/sysconfig/iptables
ip6tables_save_file: /etc/sysconfig/ip6tables

View file

@ -1,17 +1,3 @@
# Service and package's name of NTP client on Debian
ntp_service_name: ntp
ntp_package: ntp
# Package's name of sudo package on Debian
sudo_package: sudo
# Service and package's name of CRON on Debian
cron_service_name: cron
cron_package: cron
# Sudoers' group name on Debian
sudo_group: sudo
# Command to run to execute a Debian update # Command to run to execute a Debian update
cron_upgrade_job: export PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin; export TERM=rxvt-unicode-256color; apt-get -q update && apt-get -q -y upgrade && apt-get -q -y dist-upgrade && apt-get -q -y autoremove cron_upgrade_job: export PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin; export TERM=rxvt-unicode-256color; apt-get -q update && apt-get -q -y upgrade && apt-get -q -y dist-upgrade && apt-get -q -y autoremove

View file

@ -1,24 +1,6 @@
# Service and package's name of NTP client on Gentoo
ntp_service_name: ntpd
ntp_package: ntp
# Package's name of sudo package on Gentoo
sudo_package: sudo
# Service and package's name of CRON on Gentoo
cron_service_name: cronie
cron_package: cronie
# Sudoers' group name on Gentoo
sudo_group: wheel
# Command to run to execute a Gentoo update # Command to run to execute a Gentoo update
cron_upgrade_job: emerge --sync --quiet && emerge --quiet-build -uvDN @world && emerge --quiet-build @preserved-rebuild && emerge --depclean && eselect news read cron_upgrade_job: emerge --sync --quiet && emerge --quiet-build -uvDN @world && emerge --quiet-build @preserved-rebuild && emerge --depclean && eselect news read
# Define iptables save files for Gentoo
iptables_save_file: /var/lib/iptables/rules-save
ip6tables_save_file: /var/lib/ip6tables/rules-save
# Tools to install on Gentoo hosts # Tools to install on Gentoo hosts
tools_package: tools_package:
- bind-tools - bind-tools

View file

@ -1,12 +1,13 @@
--- ---
- hosts: all - hosts: all
roles: roles:
# - auto_reboot - auto_reboot
# - auto_upgrade - auto_upgrade
# - client_ntp # - client_ntp
# - client_resolvers # - client_resolvers
# - client_tools # - client_tools
# - users_sudo # - users_sudo
# - client_iptables - client_iptables
- munin-node # - munin-node
# - munin-async

View file

@ -1,5 +1,9 @@
--- ---
# Main tasks file for auto_reboot # Main tasks file for auto_reboot
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: auto_reboot
- import_tasks: package.yml - import_tasks: package.yml
- import_tasks: crontask.yml - import_tasks: crontask.yml

View file

@ -0,0 +1,3 @@
---
cron_service_name: cron
cron_package: cron

View file

@ -0,0 +1,3 @@
---
cron_service_name: cronie
cron_package: cronie

View file

@ -0,0 +1,3 @@
---
cron_service_name: crond
cron_package: cronie

View file

@ -1,5 +1,9 @@
--- ---
# Main tasks file for auto_upgrade # Main tasks file for auto_upgrade
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: auto_upgrade
- import_tasks: package.yml - import_tasks: package.yml
- import_tasks: crontask.yml - import_tasks: crontask.yml

View file

@ -0,0 +1,3 @@
---
cron_service_name: cron
cron_package: cron

View file

@ -0,0 +1,3 @@
---
cron_service_name: cronie
cron_package: cronie

View file

@ -0,0 +1,3 @@
---
cron_service_name: crond
cron_package: cronie

View file

@ -1,6 +1,10 @@
--- ---
# Main tasks file for client_iptables # Main tasks file for client_iptables
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: configure_iptables
- import_tasks: package.yml - import_tasks: package.yml
when: configure_iptables when: configure_iptables
- import_tasks: iptables.yml - import_tasks: iptables.yml

View file

@ -0,0 +1,3 @@
---
iptables_save_file: /etc/iptables/rules.v4
ip6tables_save_file: /etc/iptables/rules.v6

View file

@ -0,0 +1,3 @@
---
iptables_save_file: /var/lib/iptables/rules-save
ip6tables_save_file: /var/lib/ip6tables/rules-save

View file

@ -0,0 +1,3 @@
---
iptables_save_file: /etc/sysconfig/iptables
ip6tables_save_file: /etc/sysconfig/ip6tables

View file

@ -1,5 +1,8 @@
--- ---
# Main tasks file for client_ntp # Main tasks file for client_ntp
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- import_tasks: package.yml - import_tasks: package.yml
- import_tasks: service.yml - import_tasks: service.yml

View file

@ -0,0 +1,3 @@
---
ntp_service_name: ntp
ntp_package: ntp

View file

@ -0,0 +1,3 @@
---
ntp_service_name: ntpd
ntp_package: ntp

View file

@ -0,0 +1,3 @@
---
ntp_service_name: chronyd
ntp_package: chrony

View file

@ -0,0 +1,46 @@
Ansible Role: mnin-async
=========
This role set up munin-async service for a GNU/Linux server.
Requirements
------------
Munin node installed on nodes.
Role Variables
--------------
All variables and default values are defined in `defaults/main.yml` :
# Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...)
munin-async_service_name: munin-asyncd
munin-async_package: munin-async
# SSH pubkey of Munin server
munin_async_authorized_keys: []
# Munin async user
munin_async_user: munin-async
Dependencies
------------
None.
Example Playbook
----------------
- hosts: all
roles:
- munin-async
License
-------
BSD
Author Information
------------------
This role was created in 2020 by Nemo.

View file

@ -0,0 +1,12 @@
---
# defaults file for munin-async
# Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...)
munin_async_service_name: munin-asyncd
munin_async_package: munin-async
# SSH pubkey of Munin server
munin_async_authorized_key: "{{ public_key_munin_user_host }}"
# Munin async user
munin_async_user: munin-async

View file

@ -0,0 +1,26 @@
galaxy_info:
author: nemo
description: Set up Munin async service for GNU/Linux.
company: Wirebrass
license: license (BSD)
min_ansible_version: 2.4
platforms:
- name: Debian
versions:
- stretch
- buster
- name: Gentoo
versions:
- all
galaxy_tags:
- munin-async
- munin
- system
- server
- auto
dependencies: []

View file

@ -0,0 +1,13 @@
---
# Main tasks file for munin-async
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
when: "'munin_server' not in group_names"
- import_tasks: package.yml
when: "'munin_server' not in group_names"
- import_tasks: service.yml
when: "'munin_server' not in group_names"
- import_tasks: user.yml
when: "'munin_server' not in group_names"

View file

@ -0,0 +1,5 @@
---
- name: Munin async installed
package:
name: "{{ munin_async_package }}"
state: present

View file

@ -0,0 +1,6 @@
---
- name: Munin async enabled
service:
name: "{{ munin_async_service_name }}"
state: started
enabled: yes

View file

@ -0,0 +1,8 @@
---
- name: Set up authorized key for Munin async user
authorized_key:
user: "{{ munin_async_user }}"
state: present
key: "{{ munin_async_authorized_key }}"
when: munin_async_authorized_key is defined

View file

@ -0,0 +1,4 @@
---
munin_async_service_name: munin-async
munin_async_package: munin-async
munin_async_user: munin-async

View file

@ -0,0 +1,4 @@
---
munin_async_service_name: munin-asyncd
munin_async_package: munin-async
munin_async_user: munin-async

View file

@ -0,0 +1,4 @@
---
munin_async_service_name: munin-asyncd
munin_async_package: munin-node
munin_async_user: munin

View file

@ -1,6 +1,9 @@
--- ---
# Main tasks file for users_sudo # Main tasks file for users_sudo
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- import_tasks: package.yml - import_tasks: package.yml
- import_tasks: group.yml - import_tasks: group.yml
- import_tasks: users.yml - import_tasks: users.yml

View file

@ -0,0 +1,3 @@
---
sudo_package: sudo
sudo_group: sudo

View file

@ -0,0 +1,3 @@
---
sudo_package: sudo
sudo_group: wheel

View file

@ -0,0 +1,3 @@
---
sudo_package: sudo
sudo_group: wheel