forked from Netz39_Admin/netz39-infra-ansible
Merge pull request 'yamllint config and fixes' (#1) from dkdent/netz39-infra-ansible:yamllint into master
This commit is contained in:
commit
cbbf5b723b
8 changed files with 40 additions and 28 deletions
10
.yamllint
Normal file
10
.yamllint
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
extends: default
|
||||||
|
|
||||||
|
rules:
|
||||||
|
truthy:
|
||||||
|
allowed-values:
|
||||||
|
- 'true'
|
||||||
|
- 'false'
|
||||||
|
- 'yes'
|
||||||
|
- 'no'
|
||||||
8
main.yml
8
main.yml
|
|
@ -6,7 +6,7 @@
|
||||||
ansible_python_interpreter: /usr/bin/python3
|
ansible_python_interpreter: /usr/bin/python3
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- role: ansible.timezone
|
- role: ansible.timezone
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Update and clean package cache
|
- name: Update and clean package cache
|
||||||
|
|
@ -25,10 +25,10 @@
|
||||||
name: ansible-role-unattended-upgrades
|
name: ansible-role-unattended-upgrades
|
||||||
vars:
|
vars:
|
||||||
unattended_origins_patterns:
|
unattended_origins_patterns:
|
||||||
- 'origin=Debian,archive=buster-security'
|
- "origin=Debian,archive=buster-security"
|
||||||
- 'o=Debian,a=buster-updates'
|
- "o=Debian,a=buster-updates"
|
||||||
unattended_package_blacklist: [cowsay]
|
unattended_package_blacklist: [cowsay]
|
||||||
unattended_mail: 'root'
|
unattended_mail: "root"
|
||||||
|
|
||||||
- name: Setup users
|
- name: Setup users
|
||||||
include_role:
|
include_role:
|
||||||
|
|
|
||||||
12
pottwal.yml
12
pottwal.yml
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
- hosts: pottwal.n39.eu
|
- hosts: pottwal.n39.eu
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
|
|
@ -16,10 +17,10 @@
|
||||||
uritools_host_port: 8080
|
uritools_host_port: 8080
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- role: docker_setup
|
- role: docker_setup
|
||||||
vars:
|
vars:
|
||||||
docker_data_root: "/srv/docker"
|
docker_data_root: "/srv/docker"
|
||||||
- role: apache
|
- role: apache
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Ensure apt-cacher container is running
|
- name: Ensure apt-cacher container is running
|
||||||
|
|
@ -101,8 +102,7 @@
|
||||||
- "{{ openhab_data }}/userdata:/openhab/userdata:rw"
|
- "{{ openhab_data }}/userdata:/openhab/userdata:rw"
|
||||||
keep_volumes: yes
|
keep_volumes: yes
|
||||||
restart_policy: unless-stopped
|
restart_policy: unless-stopped
|
||||||
env:
|
env: EXTRA_JAVA_OPTS="-Duser.timezone=Europe/Berlin"
|
||||||
EXTRA_JAVA_OPTS="-Duser.timezone=Europe/Berlin"
|
|
||||||
|
|
||||||
- name: Setup proxy site openhab.n39.eu
|
- name: Setup proxy site openhab.n39.eu
|
||||||
include_role:
|
include_role:
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
- src: git+https://github.com/jnv/ansible-role-unattended-upgrades.git
|
- src: git+https://github.com/jnv/ansible-role-unattended-upgrades.git
|
||||||
version: v1.9.0
|
version: v1.9.0
|
||||||
- src: git+https://github.com/adriagalin/ansible.timezone.git
|
- src: git+https://github.com/adriagalin/ansible.timezone.git
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
docker_compose_version: "1.25.4"
|
docker_compose_version: "1.25.4"
|
||||||
docker_compose_path: /usr/local/bin/docker-compose
|
docker_compose_path: /usr/local/bin/docker-compose
|
||||||
docker_data_root: "/var/lib/docker"
|
docker_data_root: "/var/lib/docker"
|
||||||
|
|
|
||||||
|
|
@ -18,10 +18,10 @@
|
||||||
state: present
|
state: present
|
||||||
vars:
|
vars:
|
||||||
packages:
|
packages:
|
||||||
- apt-transport-https
|
- apt-transport-https
|
||||||
- ca-certificates
|
- ca-certificates
|
||||||
- gnupg2
|
- gnupg2
|
||||||
- software-properties-common
|
- software-properties-common
|
||||||
|
|
||||||
- name: add Docker apt-key
|
- name: add Docker apt-key
|
||||||
apt_key:
|
apt_key:
|
||||||
|
|
@ -30,10 +30,10 @@
|
||||||
|
|
||||||
- name: add Docker's APT repository
|
- name: add Docker's APT repository
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: deb https://download.docker.com/linux/debian buster stable
|
repo: deb https://download.docker.com/linux/debian buster stable
|
||||||
state: present
|
state: present
|
||||||
update_cache: true
|
update_cache: true
|
||||||
filename: 'docker'
|
filename: "docker"
|
||||||
|
|
||||||
- name: install Docker
|
- name: install Docker
|
||||||
package:
|
package:
|
||||||
|
|
@ -41,8 +41,8 @@
|
||||||
state: present
|
state: present
|
||||||
vars:
|
vars:
|
||||||
packages:
|
packages:
|
||||||
- docker-ce
|
- docker-ce
|
||||||
- python3-docker
|
- python3-docker
|
||||||
|
|
||||||
- name: Set docker configuration
|
- name: Set docker configuration
|
||||||
template:
|
template:
|
||||||
|
|
@ -73,7 +73,7 @@
|
||||||
- name: Place admin users in docker group
|
- name: Place admin users in docker group
|
||||||
user:
|
user:
|
||||||
name: "{{ item.logname }}"
|
name: "{{ item.logname }}"
|
||||||
groups: docker
|
groups: [docker]
|
||||||
append: yes
|
append: yes
|
||||||
when: item.docker
|
when: item.docker
|
||||||
with_items: "{{ users }}"
|
with_items: "{{ users }}"
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Ensure sudo is installed
|
- name: Ensure sudo is installed
|
||||||
package:
|
package:
|
||||||
name:
|
name:
|
||||||
- sudo
|
- sudo
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Configure group sudo for sudoers without password
|
- name: Configure group sudo for sudoers without password
|
||||||
|
|
@ -11,7 +10,7 @@
|
||||||
path: /etc/sudoers
|
path: /etc/sudoers
|
||||||
state: present
|
state: present
|
||||||
regexp: '^%sudo\s'
|
regexp: '^%sudo\s'
|
||||||
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
|
line: "%sudo ALL=(ALL) NOPASSWD: ALL"
|
||||||
validate: /usr/sbin/visudo -cf %s
|
validate: /usr/sbin/visudo -cf %s
|
||||||
|
|
||||||
- name: Add users | create users' shell and home dir
|
- name: Add users | create users' shell and home dir
|
||||||
|
|
@ -30,12 +29,12 @@
|
||||||
with_subelements:
|
with_subelements:
|
||||||
- "{{ users }}"
|
- "{{ users }}"
|
||||||
- ssh_pub
|
- ssh_pub
|
||||||
- skip_missing: True
|
- skip_missing: true
|
||||||
|
|
||||||
- name: Place user in sudo group
|
- name: Place user in sudo group
|
||||||
user:
|
user:
|
||||||
name: "{{ item.logname }}"
|
name: "{{ item.logname }}"
|
||||||
groups: sudo
|
groups: [sudo]
|
||||||
append: yes
|
append: yes
|
||||||
when: item.sudo
|
when: item.sudo
|
||||||
with_items: "{{ users }}"
|
with_items: "{{ users }}"
|
||||||
|
|
|
||||||
5
tau.yml
5
tau.yml
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
- hosts: tau.netz39.de
|
- hosts: tau.netz39.de
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
|
|
@ -5,8 +6,8 @@
|
||||||
ansible_python_interpreter: /usr/bin/python3
|
ansible_python_interpreter: /usr/bin/python3
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- role: docker_setup
|
- role: docker_setup
|
||||||
- role: apache
|
- role: apache
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Setup docker network
|
- name: Setup docker network
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue