diff options
| -rw-r--r-- | inventory | 1 | ||||
| -rw-r--r-- | roles/sky/files/ens18.network | 17 | ||||
| -rw-r--r-- | roles/sky/meta/main.yml | 7 | ||||
| -rw-r--r-- | roles/sky/tasks/main.yml | 12 | ||||
| -rw-r--r-- | roles/sky/vars/main.yml | 53 | ||||
| -rw-r--r-- | sky.yml | 11 |
6 files changed, 101 insertions, 0 deletions
@@ -1,4 +1,5 @@ space.labitat.dk +sky.labitat.dk mail1.labitat.dk [rpis] diff --git a/roles/sky/files/ens18.network b/roles/sky/files/ens18.network new file mode 100644 index 0000000..9496f52 --- /dev/null +++ b/roles/sky/files/ens18.network @@ -0,0 +1,17 @@ +[Match] +Name=ens18 +#Type=ether + +[Network] +DHCP=no +IPv6AcceptRA=no +Address=85.209.118.135/28 +Gateway=85.209.118.129 +Address=2a09:94c4:55d1:7680::87/64 +Gateway=2a09:94c4:55d1:7680::1 +DNS=91.239.100.100#anycast.censurfridns.dk 89.233.43.71#unicast.censurfridns.dk +DNSOverTLS=yes +DNSSEC=yes +LLMNR=no +MulticastDNS=no +LLDP=yes diff --git a/roles/sky/meta/main.yml b/roles/sky/meta/main.yml new file mode 100644 index 0000000..e2e9636 --- /dev/null +++ b/roles/sky/meta/main.yml @@ -0,0 +1,7 @@ +--- +dependencies: +- role: debian +- role: users +- role: nginx + +# vim: set ts=2 sw=2 et: diff --git a/roles/sky/tasks/main.yml b/roles/sky/tasks/main.yml new file mode 100644 index 0000000..0e0e54e --- /dev/null +++ b/roles/sky/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: Install network configuration + copy: + dest: '/etc/systemd/network/ens18.network' + src: ens18.network + owner: root + group: root + mode: 0644 + tags: + - networkd + +# vim: set ts=2 sw=2 et: diff --git a/roles/sky/vars/main.yml b/roles/sky/vars/main.yml new file mode 100644 index 0000000..cd85db3 --- /dev/null +++ b/roles/sky/vars/main.yml @@ -0,0 +1,53 @@ +--- +hostname: 'sky' + +apt_repos_role: + base: + uri: 'https://deb.debian.org/debian' + suite: '{{ apt_release|default(ansible_distribution_release) }}' + security: + uri: 'https://security.debian.org/debian-security' + suite: '{{ apt_release|default(ansible_distribution_release) }}-security' + updates: + uri: 'https://deb.debian.org/debian' + suite: '{{ apt_release|default(ansible_distribution_release) }}-updates' + backports: + uri: 'https://deb.debian.org/debian' + suite: '{{ apt_release|default(ansible_distribution_release) }}-backports' + +apt_sources_role: + base: + components: + - main + - contrib + - non-free + security: + components: + - main + - contrib + - non-free + updates: + components: + - main + - contrib + - non-free + +apt_packages_role: + 'nginx': present + +journald_conf_role: + 'Journal.Storage': 'persistent' + +resolved_conf_role: + 'Resolve.FallbackDNS': '1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001' + 'Resolve.DNSSEC': 'yes' + 'Resolve.DNSOverTLS': 'no' + 'Resolve.MulticastDNS': 'no' + 'Resolve.LLMNR': 'no' + +users: + 'esmil': sudo + 'ast': sudo + 'joshbuddy': sudo + +# vim: set ts=2 sw=2 et: @@ -0,0 +1,11 @@ +--- +- hosts: sky.labitat.dk + pre_tasks: + - name: Detect chroot + set_fact: + chroot: "{{ ansible_connection == 'chroot' or 'container' in ansible_env }}" + tags: always + roles: + - sky + +# vim: set ts=2 sw=2 et: |