aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--inventory1
-rw-r--r--mail1.yml11
-rw-r--r--roles/mail1/files/ens3.network10
-rw-r--r--roles/mail1/meta/main.yml6
-rw-r--r--roles/mail1/tasks/haveged.yml12
-rw-r--r--roles/mail1/tasks/main.yml24
-rw-r--r--roles/mail1/vars/main.yml32
7 files changed, 96 insertions, 0 deletions
diff --git a/inventory b/inventory
index e5b8fd3..4395cd5 100644
--- a/inventory
+++ b/inventory
@@ -1,4 +1,5 @@
space.labitat.dk
+mail1.labitat.dk
[rpis]
jumbotron.s
diff --git a/mail1.yml b/mail1.yml
new file mode 100644
index 0000000..5b5f535
--- /dev/null
+++ b/mail1.yml
@@ -0,0 +1,11 @@
+---
+- hosts: mail1.labitat.dk
+ pre_tasks:
+ - name: Detect chroot
+ set_fact:
+ chroot: "{{ ansible_connection == 'chroot' or 'container' in ansible_env }}"
+ tags: always
+ roles:
+ - mail1
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/mail1/files/ens3.network b/roles/mail1/files/ens3.network
new file mode 100644
index 0000000..e4c3f7b
--- /dev/null
+++ b/roles/mail1/files/ens3.network
@@ -0,0 +1,10 @@
+[Match]
+Name=ens3
+
+[Network]
+DHCP=no
+IPv6AcceptRA=yes
+Address=10.72.40.20/24
+Gateway=10.72.40.1
+DNS=10.72.40.1
+Domains=labitat.dk
diff --git a/roles/mail1/meta/main.yml b/roles/mail1/meta/main.yml
new file mode 100644
index 0000000..1e8f40f
--- /dev/null
+++ b/roles/mail1/meta/main.yml
@@ -0,0 +1,6 @@
+---
+dependencies:
+- role: debian
+- role: users
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/mail1/tasks/haveged.yml b/roles/mail1/tasks/haveged.yml
new file mode 100644
index 0000000..2b2cb65
--- /dev/null
+++ b/roles/mail1/tasks/haveged.yml
@@ -0,0 +1,12 @@
+---
+- name: Enable haveged service
+ systemd:
+ name: 'haveged.service'
+ enabled: yes
+ masked: no
+ state: started
+ when: not chroot
+- name: '- when in chroot'
+ command: 'systemctl enable haveged.service'
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/mail1/tasks/main.yml b/roles/mail1/tasks/main.yml
new file mode 100644
index 0000000..c66a6f8
--- /dev/null
+++ b/roles/mail1/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+- name: Install network configuration
+ copy:
+ dest: '/etc/systemd/network/10-ens3.network'
+ src: ens3.network
+ owner: root
+ group: root
+ mode: 0644
+ tags:
+ - networkd-config
+
+- name: Disable unused services
+ systemd:
+ name: '{{ item }}'
+ enabled: no
+ with_items:
+ - remote-fs.target
+ tags:
+ - systemd
+
+- import_tasks: haveged.yml
+ tags: haveged
+
+# vim: set ts=2 sw=2 et:
diff --git a/roles/mail1/vars/main.yml b/roles/mail1/vars/main.yml
new file mode 100644
index 0000000..7bda909
--- /dev/null
+++ b/roles/mail1/vars/main.yml
@@ -0,0 +1,32 @@
+---
+hostname: 'mail1'
+
+apt_sources:
+ base:
+ components:
+ - main
+ - contrib
+ - non-free
+ security:
+ components:
+ - main
+ - contrib
+ - non-free
+ updates:
+ components:
+ - main
+ - contrib
+ - non-free
+
+apt_packages:
+ 'haveged': present
+
+journald_conf:
+ 'Journal.Storage': 'persistent'
+
+users:
+ 'esmil': sudo
+ 'ast': sudo
+ 'flummer': sudo
+
+# vim: set ts=2 sw=2 et:
generated by cgit v1.2.1 (git 2.18.0) at 2025-11-04 09:22:31 +0000