From 0c78a4f72dc90cabf84475c44879811980d1efb4 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Tue, 24 Nov 2020 18:30:59 +0100 Subject: [PATCH 1/5] Add requirements --- requirements.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 requirements.yml diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..36978db --- /dev/null +++ b/requirements.yml @@ -0,0 +1,4 @@ +- src: git+https://github.com/jnv/ansible-role-unattended-upgrades.git + version: v1.9.0 +- src: git+https://github.com/adriagalin/ansible.timezone.git + version: 3.0.0 From 8d19bc3fa35e8b766e68ebb47b5df225e8ff59df Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Tue, 24 Nov 2020 18:30:46 +0100 Subject: [PATCH 2/5] Move httpd stuff to tasks --- httpd.yml | 33 --------------------------------- tasks/httpd.yml | 19 +++++++++++++++++++ 2 files changed, 19 insertions(+), 33 deletions(-) delete mode 100644 httpd.yml create mode 100644 tasks/httpd.yml diff --git a/httpd.yml b/httpd.yml deleted file mode 100644 index 73dcebf..0000000 --- a/httpd.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -- hosts: tau - become: true - - vars: - - server_admin: "admin@netz39.de" - - - tasks: - - name: Update and clean package cache - apt: - update_cache: true - cache_valid_time: 3600 - autoclean: true - - - name: Ensure Apache2 and modules are installed and up to date - apt: - name: - - apache2 - state: latest - - - name: Ensure mod_rewrite is enabled - apache2_module: - name: rewrite - state: present - - - - name: Setup proxy site testredmine.netz39.de - include_role: - name: setup-http-site-proxy - vars: - site_name: testredmine.netz39.de - proxy_port: 9004 diff --git a/tasks/httpd.yml b/tasks/httpd.yml new file mode 100644 index 0000000..8b3f71d --- /dev/null +++ b/tasks/httpd.yml @@ -0,0 +1,19 @@ +--- +- name: Ensure Apache2 and modules are installed and up to date + apt: + name: + - apache2 + state: latest + +- name: Ensure mod_rewrite is enabled + apache2_module: + name: rewrite + state: present + + +- name: Setup proxy site testredmine.netz39.de + include_role: + name: setup-http-site-proxy + vars: + site_name: testredmine.netz39.de + proxy_port: 9004 From 7ae7d10c04418f27f8c3500c34730eeb272d3fc9 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Tue, 24 Nov 2020 18:31:09 +0100 Subject: [PATCH 3/5] Add main playbook as entry point --- main.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 main.yml diff --git a/main.yml b/main.yml new file mode 100644 index 0000000..80b1516 --- /dev/null +++ b/main.yml @@ -0,0 +1,17 @@ +--- +- hosts: tau + become: true + + vars: + - server_admin: "admin@netz39.de" + + + tasks: + - name: Update and clean package cache + apt: + update_cache: true + cache_valid_time: 3600 + autoclean: true + + - name: Setup httpd + include_tasks: tasks/httpd.yml From 08166097ab6a20ae50cd8d1e32441e4e14a5e09a Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Tue, 24 Nov 2020 18:47:03 +0100 Subject: [PATCH 4/5] Set timezone --- main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/main.yml b/main.yml index 80b1516..db233a9 100644 --- a/main.yml +++ b/main.yml @@ -4,7 +4,10 @@ vars: - server_admin: "admin@netz39.de" + - ag_timezone: Europe/Berlin + roles: + - role: ansible.timezone tasks: - name: Update and clean package cache From f10e60941be721d4f1871b636be5996c6a5043c9 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Tue, 24 Nov 2020 18:47:16 +0100 Subject: [PATCH 5/5] Setup unattended-upgrades --- main.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/main.yml b/main.yml index db233a9..fa26049 100644 --- a/main.yml +++ b/main.yml @@ -16,5 +16,20 @@ cache_valid_time: 3600 autoclean: true + - name: Ensure unattended-upgrades is installed and up to date + apt: + name: unattended-upgrades + state: latest + + - name: Setup unattended-upgrades + include_role: + name: ansible-role-unattended-upgrades + vars: + unattended_origins_patterns: + - 'origin=Debian,archive=buster-security' + - 'o=Debian,a=buster-updates' + unattended_package_blacklist: [cowsay] + unattended_mail: 'root' + - name: Setup httpd include_tasks: tasks/httpd.yml