diff options
author | Emil Renner Berthing <esmil@labitat.dk> | 2018-09-26 12:55:55 +0200 |
---|---|---|
committer | Emil Renner Berthing <esmil@labitat.dk> | 2018-09-26 13:00:05 +0200 |
commit | 72e69659fe0a51bf2e61cebdb0b3c66ee9e564ba (patch) | |
tree | 75e17b22d32d3cce3149498ad1555800b12edd47 /roles/space_server | |
parent | ae254b596f6e12601e0f6b206d09b87e5a9b480d (diff) | |
download | labitat-ansible-72e69659fe0a51bf2e61cebdb0b3c66ee9e564ba.tar.gz labitat-ansible-72e69659fe0a51bf2e61cebdb0b3c66ee9e564ba.tar.xz labitat-ansible-72e69659fe0a51bf2e61cebdb0b3c66ee9e564ba.zip |
Format yaml lists like yaml.org
Diffstat (limited to 'roles/space_server')
-rw-r--r-- | roles/space_server/defaults/main.yml | 138 | ||||
-rw-r--r-- | roles/space_server/handlers/main.yml | 4 | ||||
-rw-r--r-- | roles/space_server/meta/main.yml | 4 | ||||
-rw-r--r-- | roles/space_server/tasks/ansible.yml | 30 | ||||
-rw-r--r-- | roles/space_server/tasks/avahi.yml | 114 | ||||
-rw-r--r-- | roles/space_server/tasks/bird.yml | 23 | ||||
-rw-r--r-- | roles/space_server/tasks/blackhole.yml | 2 | ||||
-rw-r--r-- | roles/space_server/tasks/dhcpd.yml | 4 | ||||
-rw-r--r-- | roles/space_server/tasks/kernel.yml | 6 | ||||
-rw-r--r-- | roles/space_server/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/space_server/tasks/networkd.yml | 5 | ||||
-rw-r--r-- | roles/space_server/tasks/nftables.yml | 6 | ||||
-rw-r--r-- | roles/space_server/tasks/radius.yml | 41 | ||||
-rw-r--r-- | roles/space_server/tasks/radvd.yml | 4 | ||||
-rw-r--r-- | roles/space_server/tasks/sshd.yml | 12 | ||||
-rw-r--r-- | roles/space_server/tasks/sudo.yml | 2 | ||||
-rw-r--r-- | roles/space_server/tasks/unbound.yml | 4 |
17 files changed, 199 insertions, 202 deletions
diff --git a/roles/space_server/defaults/main.yml b/roles/space_server/defaults/main.yml index 121a927..2acf33d 100644 --- a/roles/space_server/defaults/main.yml +++ b/roles/space_server/defaults/main.yml @@ -33,74 +33,74 @@ root: device: 'LABEL=BTRFS' options: 'noatime,ssd,compress=lzo' local_hosts: - - name: ap - mac: 00:0f:23:94:43:0b - mdns: false - ips: - - 10.42.0.2 - - name: doorputer - mac: 00:b3:f6:00:36:be - mdns: false - ips: - - 10.42.0.3 - - name: foodputer - mac: 00:d0:59:37:5e:37 - mdns: false - ips: - - 10.42.0.4 - - name: ap1 - mdns: false - ips: - - 10.42.0.5 - - name: ap2 - mdns: false - ips: - - 10.42.0.6 - - 10.42.0.7 - - name: switch - mac: 00:1b:11:6f:42:f8 - mdns: false - ips: - - 10.42.0.9 - - name: lathe - mdns: false - ips: - - 10.42.0.12 - - name: anna - mac: 00:e0:c5:6e:d6:8d - ips: - - 10.42.1.9 - - name: printbrother - mac: 00:80:77:06:9f:26 - ips: - - 10.42.1.32 - - name: infotron - description: Infoscreen Raspberry Pi - mac: b8:27:eb:2c:5d:3a - ips: - - 10.42.1.34 - - name: spacemon - mac: b8:27:eb:24:f8:50 - ips: - - 10.42.1.35 - - name: jumbotron - description: Jumbotron Raspberry Pi - mac: b8:27:eb:d3:c1:62 - mdns: false - ips: - - 10.42.1.36 - - name: hplaserjet - mac: 94:57:a5:ce:e2:6c - mdns: false - ips: - - 10.42.1.37 - - 2a01:4260:1ab:b:9657:a5ff:fece:e26c - - name: labisound - mac: 00:16:e6:f7:43:b0 - ips: - - 10.42.1.40 - - name: sound - ips: - - 10.42.1.80 +- name: ap + mac: 00:0f:23:94:43:0b + mdns: false + ips: + - 10.42.0.2 +- name: doorputer + mac: 00:b3:f6:00:36:be + mdns: false + ips: + - 10.42.0.3 +- name: foodputer + mac: 00:d0:59:37:5e:37 + mdns: false + ips: + - 10.42.0.4 +- name: ap1 + mdns: false + ips: + - 10.42.0.5 +- name: ap2 + mdns: false + ips: + - 10.42.0.6 + - 10.42.0.7 +- name: switch + mac: 00:1b:11:6f:42:f8 + mdns: false + ips: + - 10.42.0.9 +- name: lathe + mdns: false + ips: + - 10.42.0.12 +- name: anna + mac: 00:e0:c5:6e:d6:8d + ips: + - 10.42.1.9 +- name: printbrother + mac: 00:80:77:06:9f:26 + ips: + - 10.42.1.32 +- name: infotron + description: Infoscreen Raspberry Pi + mac: b8:27:eb:2c:5d:3a + ips: + - 10.42.1.34 +- name: spacemon + mac: b8:27:eb:24:f8:50 + ips: + - 10.42.1.35 +- name: jumbotron + description: Jumbotron Raspberry Pi + mac: b8:27:eb:d3:c1:62 + mdns: false + ips: + - 10.42.1.36 +- name: hplaserjet + mac: 94:57:a5:ce:e2:6c + mdns: false + ips: + - 10.42.1.37 + - 2a01:4260:1ab:b:9657:a5ff:fece:e26c +- name: labisound + mac: 00:16:e6:f7:43:b0 + ips: + - 10.42.1.40 +- name: sound + ips: + - 10.42.1.80 # vim: set ts=2 sw=2 et: diff --git a/roles/space_server/handlers/main.yml b/roles/space_server/handlers/main.yml index 5ecb341..54c8f76 100644 --- a/roles/space_server/handlers/main.yml +++ b/roles/space_server/handlers/main.yml @@ -28,8 +28,8 @@ name: '{{ item }}.service' state: restarted with_items: - - bird - - bird6 + - bird + - bird6 when: not chroot - name: restart dhcpd diff --git a/roles/space_server/meta/main.yml b/roles/space_server/meta/main.yml index 2739dff..dd1ff51 100644 --- a/roles/space_server/meta/main.yml +++ b/roles/space_server/meta/main.yml @@ -1,6 +1,6 @@ --- dependencies: - - role: fedora - - role: users +- role: fedora +- role: users # vim: set ts=2 sw=2 et: diff --git a/roles/space_server/tasks/ansible.yml b/roles/space_server/tasks/ansible.yml index b37b1ca..209cb5b 100644 --- a/roles/space_server/tasks/ansible.yml +++ b/roles/space_server/tasks/ansible.yml @@ -14,20 +14,20 @@ option: '{{ item.option }}' value: '{{ item.value }}' with_items: - - section: defaults - option: 'gathering' - value: 'smart' - - section: defaults - option: 'fact_caching' - value: 'jsonfile' - - section: defaults - option: 'fact_caching_connection' - value: '/tmp/ansible' - - section: defaults - option: 'fact_caching_timeout' - value: '600' - - section: defaults - option: 'error_on_missing_handler' - value: 'True' + - section: defaults + option: 'gathering' + value: 'smart' + - section: defaults + option: 'fact_caching' + value: 'jsonfile' + - section: defaults + option: 'fact_caching_connection' + value: '/tmp/ansible' + - section: defaults + option: 'fact_caching_timeout' + value: '600' + - section: defaults + option: 'error_on_missing_handler' + value: 'True' # vim: set ts=2 sw=2 et: diff --git a/roles/space_server/tasks/avahi.yml b/roles/space_server/tasks/avahi.yml index c8baa77..59a8836 100644 --- a/roles/space_server/tasks/avahi.yml +++ b/roles/space_server/tasks/avahi.yml @@ -7,7 +7,7 @@ - avahi-tools # pulls in avahi package - nss-mdns tags: - - packages + - packages - name: Configure avahi-daemon ini_file: @@ -17,62 +17,62 @@ option: '{{ item.option }}' value: '{{ item.value }}' with_items: - - section: server - option: 'host-name' - value: '{{ hostname }}' - - section: server - option: 'domain-name' - value: 'local' - - section: server - option: 'browse-domains' - value: '' - - section: server - option: 'use-ipv4' - value: 'yes' - - section: server - option: 'use-ipv6' - value: 'yes' - - section: server - option: 'allow-interfaces' - value: 'lan11,lan12,lan14' - - section: server - option: 'enable-dbus' - value: 'yes' - - section: server - option: 'disallow-other-stacks' - value: 'yes' - - section: wide-area - option: 'enable-wide-area' - value: 'yes' - - section: publish - option: 'disable-publishing' - value: 'no' - - section: publish - option: 'disable-user-service-publishing' - value: 'no' - - section: publish - option: 'publish-addresses' - value: 'yes' - - section: publish - option: 'publish-hinfo' - value: 'yes' - - section: publish - option: 'publish-workstation' - value: 'no' - - section: publish - option: 'publish-domain' - value: 'yes' - - section: publish - option: 'publish-dns-servers' - value: '185.38.175.0,2a01:4260:1ab::' - - section: publish - option: 'publish-resolv-conf-dns-servers' - value: 'no' - - section: reflector - option: 'enable-reflector' - value: 'yes' + - section: server + option: 'host-name' + value: '{{ hostname }}' + - section: server + option: 'domain-name' + value: 'local' + - section: server + option: 'browse-domains' + value: '' + - section: server + option: 'use-ipv4' + value: 'yes' + - section: server + option: 'use-ipv6' + value: 'yes' + - section: server + option: 'allow-interfaces' + value: 'lan11,lan12,lan14' + - section: server + option: 'enable-dbus' + value: 'yes' + - section: server + option: 'disallow-other-stacks' + value: 'yes' + - section: wide-area + option: 'enable-wide-area' + value: 'yes' + - section: publish + option: 'disable-publishing' + value: 'no' + - section: publish + option: 'disable-user-service-publishing' + value: 'no' + - section: publish + option: 'publish-addresses' + value: 'yes' + - section: publish + option: 'publish-hinfo' + value: 'yes' + - section: publish + option: 'publish-workstation' + value: 'no' + - section: publish + option: 'publish-domain' + value: 'yes' + - section: publish + option: 'publish-dns-servers' + value: '185.38.175.0,2a01:4260:1ab::' + - section: publish + option: 'publish-resolv-conf-dns-servers' + value: 'no' + - section: reflector + option: 'enable-reflector' + value: 'yes' notify: - - restart avahi-daemon + - restart avahi-daemon - name: Configure hosts template: @@ -82,7 +82,7 @@ group: root mode: 0644 notify: - - restart avahi-daemon + - restart avahi-daemon - name: Enable avahi-daemon service systemd: diff --git a/roles/space_server/tasks/bird.yml b/roles/space_server/tasks/bird.yml index 340bfc2..cdf402b 100644 --- a/roles/space_server/tasks/bird.yml +++ b/roles/space_server/tasks/bird.yml @@ -4,10 +4,10 @@ name: '{{ item }}' state: present with_items: - - bird - - bird6 + - bird + - bird6 tags: - - packages + - packages - name: Make sure /etc/bird exists file: @@ -23,10 +23,9 @@ owner: root group: root mode: 0644 - with_fileglob: - - 'bird/*' + with_fileglob: 'bird/*' notify: - - restart bird + - restart bird - name: Create bird.conf and bird6.conf symlinks file: @@ -35,8 +34,8 @@ state: link force: yes with_items: - - bird - - bird6 + - bird + - bird6 # bird6 wants the link to have a link-local address # when starting, so wait for it @@ -62,16 +61,16 @@ masked: no state: started with_items: - - bird - - bird6 + - bird + - bird6 when: not chroot - name: '- when in chroot' command: 'systemctl enable {{ item }}.service' args: creates: '/etc/systemd/system/multi-user.target.wants/{{ item }}.service' with_items: - - bird - - bird6 + - bird + - bird6 when: chroot # vim: set ts=2 sw=2 et: diff --git a/roles/space_server/tasks/blackhole.yml b/roles/space_server/tasks/blackhole.yml index bd79f37..7c3b510 100644 --- a/roles/space_server/tasks/blackhole.yml +++ b/roles/space_server/tasks/blackhole.yml @@ -14,7 +14,7 @@ group: root mode: 0755 notify: - - restart blackhole + - restart blackhole - name: Install blackhole service copy: diff --git a/roles/space_server/tasks/dhcpd.yml b/roles/space_server/tasks/dhcpd.yml index 9c5c2ad..cd09a04 100644 --- a/roles/space_server/tasks/dhcpd.yml +++ b/roles/space_server/tasks/dhcpd.yml @@ -4,7 +4,7 @@ name: dhcp-server state: present tags: - - packages + - packages - name: Configure dhcpd template: @@ -14,7 +14,7 @@ group: root mode: 0644 notify: - - restart dhcpd + - restart dhcpd - name: Enable dhcpd service systemd: diff --git a/roles/space_server/tasks/kernel.yml b/roles/space_server/tasks/kernel.yml index 1725541..b87bccc 100644 --- a/roles/space_server/tasks/kernel.yml +++ b/roles/space_server/tasks/kernel.yml @@ -7,8 +7,8 @@ group: root mode: 0755 with_items: - - '/etc/kernel' - - '/etc/kernel/install.d' + - '/etc/kernel' + - '/etc/kernel/install.d' - name: Mask grubby file: @@ -38,6 +38,6 @@ name: kernel state: present tags: - - packages + - packages # vim: set ts=2 sw=2 et: diff --git a/roles/space_server/tasks/main.yml b/roles/space_server/tasks/main.yml index bbec9f6..0a0aed0 100644 --- a/roles/space_server/tasks/main.yml +++ b/roles/space_server/tasks/main.yml @@ -7,7 +7,7 @@ group: root mode: 0644 tags: - - fstab + - fstab - import_tasks: ansible.yml tags: ansible diff --git a/roles/space_server/tasks/networkd.yml b/roles/space_server/tasks/networkd.yml index bd44638..fcca317 100644 --- a/roles/space_server/tasks/networkd.yml +++ b/roles/space_server/tasks/networkd.yml @@ -13,10 +13,9 @@ owner: root group: root mode: 0644 - with_fileglob: - - 'networkd/network/*' + with_fileglob: 'networkd/network/*' notify: - - restart networkd + - restart networkd - name: Create systemd-networkd-wait-online drop-in directory file: diff --git a/roles/space_server/tasks/nftables.yml b/roles/space_server/tasks/nftables.yml index 726143c..73e9251 100644 --- a/roles/space_server/tasks/nftables.yml +++ b/roles/space_server/tasks/nftables.yml @@ -12,7 +12,7 @@ name: nftables state: present tags: - - packages + - packages - name: Symlink to /etc/nftables.conf file: @@ -21,7 +21,7 @@ state: link force: yes notify: - - reload nftables + - reload nftables - name: Configure nftables copy: dest: '/etc/nftables.conf' @@ -30,7 +30,7 @@ group: root mode: 0644 notify: - - reload nftables + - reload nftables - name: Enable nftables service systemd: diff --git a/roles/space_server/tasks/radius.yml b/roles/space_server/tasks/radius.yml index 021a9bc..521f6ae 100644 --- a/roles/space_server/tasks/radius.yml +++ b/roles/space_server/tasks/radius.yml @@ -3,30 +3,29 @@ dnf: name: '{{ item }}' state: present - with_fileglob: - - 'radius/freeradius-assha-*.fc{{ ansible_distribution_major_version }}.*.rpm' + with_fileglob: 'radius/freeradius-assha-*.fc{{ ansible_distribution_major_version }}.*.rpm' tags: - - packages + - packages - name: Make sure curl and diffutils are installed dnf: name: '{{ item }}' state: present with_items: - - curl - - diffutils + - curl + - diffutils tags: - - packages + - packages - name: Disable default site file: path: '/etc/raddb/sites-enabled/{{ item }}' state: absent with_items: - - default - - inner-tunnel + - default + - inner-tunnel notify: - - restart radiusd + - restart radiusd - name: Configure radiusd copy: dest: '/etc/raddb/{{ item }}' @@ -35,12 +34,12 @@ group: radiusd mode: 0640 with_items: - - radiusd.conf - - mods-available/eap - - sites-available/labitat - - sites-available/labitat-inner + - radiusd.conf + - mods-available/eap + - sites-available/labitat + - sites-available/labitat-inner notify: - - restart radiusd + - restart radiusd - name: Configure radius clients template: dest: '/etc/raddb/clients.conf' @@ -49,7 +48,7 @@ group: radiusd mode: 0640 notify: - - restart radiusd + - restart radiusd - name: Enable labitat site file: path: '/etc/raddb/sites-enabled/{{ item }}' @@ -59,10 +58,10 @@ group: radiusd force: yes with_items: - - labitat - - labitat-inner + - labitat + - labitat-inner notify: - - restart radiusd + - restart radiusd - name: Create getusers script template: @@ -79,10 +78,10 @@ group: root mode: 0644 with_items: - - getusers.service - - getusers.timer + - getusers.service + - getusers.timer notify: - - restart getusers + - restart getusers - name: Enable getusers timer systemd: diff --git a/roles/space_server/tasks/radvd.yml b/roles/space_server/tasks/radvd.yml index 668750e..a3346eb 100644 --- a/roles/space_server/tasks/radvd.yml +++ b/roles/space_server/tasks/radvd.yml @@ -4,7 +4,7 @@ name: radvd state: present tags: - - packages + - packages - name: Configure radvd copy: @@ -14,7 +14,7 @@ group: root mode: 0644 notify: - - restart radvd + - restart radvd - name: Create service drop-in directory file: diff --git a/roles/space_server/tasks/sshd.yml b/roles/space_server/tasks/sshd.yml index efbfa97..aaf6452 100644 --- a/roles/space_server/tasks/sshd.yml +++ b/roles/space_server/tasks/sshd.yml @@ -4,7 +4,7 @@ name: openssh-server state: present tags: - - packages + - packages - name: Configure sshd lineinfile: @@ -12,12 +12,12 @@ regexp: '{{ item.regexp }}' line: '{{ item.line }}' with_items: - - regexp: '^PasswordAuthentication' - line: 'PasswordAuthentication no' - - regexp: '^#*GSSAPIAuthentication' - line: 'GSSAPIAuthentication no' + - regexp: '^PasswordAuthentication' + line: 'PasswordAuthentication no' + - regexp: '^#*GSSAPIAuthentication' + line: 'GSSAPIAuthentication no' notify: - - restart sshd + - restart sshd - name: Enable sshd service systemd: diff --git a/roles/space_server/tasks/sudo.yml b/roles/space_server/tasks/sudo.yml index e8801a6..f5f0444 100644 --- a/roles/space_server/tasks/sudo.yml +++ b/roles/space_server/tasks/sudo.yml @@ -4,7 +4,7 @@ name: sudo state: present tags: - - packages + - packages - name: Install sudoers file copy: diff --git a/roles/space_server/tasks/unbound.yml b/roles/space_server/tasks/unbound.yml index e4f575a..c384635 100644 --- a/roles/space_server/tasks/unbound.yml +++ b/roles/space_server/tasks/unbound.yml @@ -4,7 +4,7 @@ name: unbound state: present tags: - - packages + - packages - name: Configure unbound template: @@ -14,7 +14,7 @@ group: root mode: 0644 notify: - - restart unbound + - restart unbound - name: Enable unbound service systemd: |