diff options
Diffstat (limited to 'roles/space_server/tasks')
-rw-r--r-- | roles/space_server/tasks/ansible.yml | 4 | ||||
-rw-r--r-- | roles/space_server/tasks/avahi.yml | 6 | ||||
-rw-r--r-- | roles/space_server/tasks/bird.yml | 6 | ||||
-rw-r--r-- | roles/space_server/tasks/blackhole.yml | 6 | ||||
-rw-r--r-- | roles/space_server/tasks/dhcpd.yml | 2 | ||||
-rw-r--r-- | roles/space_server/tasks/kernel.yml | 6 | ||||
-rw-r--r-- | roles/space_server/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/space_server/tasks/networkd.yml | 4 | ||||
-rw-r--r-- | roles/space_server/tasks/nftables.yml | 6 | ||||
-rw-r--r-- | roles/space_server/tasks/radius.yml | 12 | ||||
-rw-r--r-- | roles/space_server/tasks/radvd.yml | 4 | ||||
-rw-r--r-- | roles/space_server/tasks/resolved.yml | 2 | ||||
-rw-r--r-- | roles/space_server/tasks/sshd.yml | 4 | ||||
-rw-r--r-- | roles/space_server/tasks/sudo.yml | 2 | ||||
-rw-r--r-- | roles/space_server/tasks/unbound.yml | 4 |
15 files changed, 35 insertions, 35 deletions
diff --git a/roles/space_server/tasks/ansible.yml b/roles/space_server/tasks/ansible.yml index 15831c7..b37b1ca 100644 --- a/roles/space_server/tasks/ansible.yml +++ b/roles/space_server/tasks/ansible.yml @@ -1,15 +1,15 @@ --- - name: Create /etc/ansible/hosts copy: - src: ansible/hosts dest: '/etc/ansible/hosts' + src: ansible/hosts owner: root group: root mode: 0644 - name: Configure ansible ini_file: - path: /etc/ansible/ansible.cfg + path: '/etc/ansible/ansible.cfg' section: '{{ item.section }}' option: '{{ item.option }}' value: '{{ item.value }}' diff --git a/roles/space_server/tasks/avahi.yml b/roles/space_server/tasks/avahi.yml index 25b52ea..ca93893 100644 --- a/roles/space_server/tasks/avahi.yml +++ b/roles/space_server/tasks/avahi.yml @@ -15,7 +15,7 @@ - name: Configure avahi-daemon ini_file: - path: /etc/avahi/avahi-daemon.conf + path: '/etc/avahi/avahi-daemon.conf' no_extra_spaces: yes section: '{{ item.section }}' option: '{{ item.option }}' @@ -80,8 +80,8 @@ - name: Configure hosts template: - src: avahi/hosts.j2 dest: '/etc/avahi/hosts' + src: avahi/hosts.j2 owner: root group: root mode: 0644 @@ -103,7 +103,7 @@ - name: Use nss-mdns lineinfile: - path: /etc/nsswitch.conf + path: '/etc/nsswitch.conf' regexp: '^hosts:' line: 'hosts: files mdns_minimal [NOTFOUND=return] dns myhostname' diff --git a/roles/space_server/tasks/bird.yml b/roles/space_server/tasks/bird.yml index 4dc4a7d..340bfc2 100644 --- a/roles/space_server/tasks/bird.yml +++ b/roles/space_server/tasks/bird.yml @@ -18,8 +18,8 @@ mode: 0755 - name: Create bird configuration copy: - src: '{{ item }}' dest: '/etc/bird/' + src: '{{ item }}' owner: root group: root mode: 0644 @@ -31,8 +31,8 @@ - name: Create bird.conf and bird6.conf symlinks file: path: '/etc/{{ item }}.conf' - state: link src: 'bird/{{ item }}.conf' + state: link force: yes with_items: - bird @@ -49,8 +49,8 @@ mode: 0755 - name: Start bird6 after networks are configured copy: - src: wait-online.conf dest: '/etc/systemd/system/bird6.service.d/wait-online.conf' + src: wait-online.conf owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/blackhole.yml b/roles/space_server/tasks/blackhole.yml index dc41649..bd79f37 100644 --- a/roles/space_server/tasks/blackhole.yml +++ b/roles/space_server/tasks/blackhole.yml @@ -1,15 +1,15 @@ --- - name: Create /etc/systemd/scripts file: - dest: /etc/systemd/scripts + dest: '/etc/systemd/scripts' state: directory owner: root group: root mode: 0755 - name: Install blackhole script copy: - src: blackhole/blackhole.sh dest: '/etc/systemd/scripts/blackhole.sh' + src: blackhole/blackhole.sh owner: root group: root mode: 0755 @@ -18,8 +18,8 @@ - name: Install blackhole service copy: - src: blackhole/blackhole.service dest: '/etc/systemd/system/blackhole.service' + src: blackhole/blackhole.service owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/dhcpd.yml b/roles/space_server/tasks/dhcpd.yml index 23a725b..9c5c2ad 100644 --- a/roles/space_server/tasks/dhcpd.yml +++ b/roles/space_server/tasks/dhcpd.yml @@ -8,8 +8,8 @@ - name: Configure dhcpd template: - src: dhcpd/dhcpd.conf.j2 dest: '/etc/dhcp/dhcpd.conf' + src: dhcpd/dhcpd.conf.j2 owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/kernel.yml b/roles/space_server/tasks/kernel.yml index ca80476..1725541 100644 --- a/roles/space_server/tasks/kernel.yml +++ b/roles/space_server/tasks/kernel.yml @@ -13,13 +13,13 @@ - name: Mask grubby file: path: '/etc/kernel/install.d/20-grubby.install' - state: link src: '/dev/null' + state: link - name: Create syslinux loader entry and menu copy: - src: '{{ item }}' dest: '/etc/kernel/install.d/' + src: '{{ item }}' owner: root group: root mode: 0755 @@ -27,8 +27,8 @@ - name: Set kernel command line template: - src: cmdline.j2 dest: '/etc/kernel/cmdline' + src: cmdline.j2 owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/main.yml b/roles/space_server/tasks/main.yml index ff7acb3..bbec9f6 100644 --- a/roles/space_server/tasks/main.yml +++ b/roles/space_server/tasks/main.yml @@ -1,8 +1,8 @@ --- - name: fstab template: + dest: '/etc/fstab' src: fstab.j2 - dest: /etc/fstab owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/networkd.yml b/roles/space_server/tasks/networkd.yml index 6bc3055..bd44638 100644 --- a/roles/space_server/tasks/networkd.yml +++ b/roles/space_server/tasks/networkd.yml @@ -8,8 +8,8 @@ mode: 0755 - name: Configure network copy: - src: '{{ item }}' dest: '/etc/systemd/network/' + src: '{{ item }}' owner: root group: root mode: 0644 @@ -27,8 +27,8 @@ mode: 0755 - name: Don't wait for lan and mgt interfaces to come online copy: - src: networkd/no-lan-mgt.conf dest: '/etc/systemd/system/systemd-networkd-wait-online.service.d/no-lan-mgt.conf' + src: networkd/no-lan-mgt.conf owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/nftables.yml b/roles/space_server/tasks/nftables.yml index 0bc468f..726143c 100644 --- a/roles/space_server/tasks/nftables.yml +++ b/roles/space_server/tasks/nftables.yml @@ -1,8 +1,8 @@ --- - name: Install our nftables service copy: - src: nftables/nftables.service dest: '/etc/systemd/system/nftables.service' + src: nftables/nftables.service owner: root group: root mode: 0644 @@ -17,15 +17,15 @@ - name: Symlink to /etc/nftables.conf file: path: '/etc/sysconfig/nftables.conf' - state: link src: '../nftables.conf' + state: link force: yes notify: - reload nftables - name: Configure nftables copy: - src: nftables/nftables.conf dest: '/etc/nftables.conf' + src: nftables/nftables.conf owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/radius.yml b/roles/space_server/tasks/radius.yml index 88ece03..021a9bc 100644 --- a/roles/space_server/tasks/radius.yml +++ b/roles/space_server/tasks/radius.yml @@ -29,8 +29,8 @@ - restart radiusd - name: Configure radiusd copy: - src: 'radius/{{ item }}' dest: '/etc/raddb/{{ item }}' + src: 'radius/{{ item }}' owner: root group: radiusd mode: 0640 @@ -43,8 +43,8 @@ - restart radiusd - name: Configure radius clients template: - src: 'radius/clients.conf.j2' dest: '/etc/raddb/clients.conf' + src: radius/clients.conf.j2 owner: root group: radiusd mode: 0640 @@ -53,8 +53,8 @@ - name: Enable labitat site file: path: '/etc/raddb/sites-enabled/{{ item }}' - state: link src: '../sites-available/{{ item }}' + state: link owner: root group: radiusd force: yes @@ -66,15 +66,15 @@ - name: Create getusers script template: - src: 'radius/getusers.sh.j2' dest: '/etc/raddb/getusers.sh' + src: radius/getusers.sh.j2 owner: root group: radiusd mode: 0750 - name: Create getusers service and timer copy: - src: 'radius/{{ item }}' dest: '/etc/systemd/system/{{ item }}' + src: 'radius/{{ item }}' owner: root group: root mode: 0644 @@ -106,8 +106,8 @@ mode: 0755 - name: Start radiusd after networks are configured copy: - src: wait-online.conf dest: '/etc/systemd/system/radiusd.service.d/wait-online.conf' + src: wait-online.conf owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/radvd.yml b/roles/space_server/tasks/radvd.yml index eef6e2a..668750e 100644 --- a/roles/space_server/tasks/radvd.yml +++ b/roles/space_server/tasks/radvd.yml @@ -8,8 +8,8 @@ - name: Configure radvd copy: - src: radvd/radvd.conf dest: '/etc/radvd.conf' + src: radvd/radvd.conf owner: root group: root mode: 0644 @@ -25,8 +25,8 @@ mode: 0755 - name: Start radvd after networks are configured copy: - src: wait-online.conf dest: '/etc/systemd/system/radvd.service.d/wait-online.conf' + src: wait-online.conf owner: root group: root mode: 0644 diff --git a/roles/space_server/tasks/resolved.yml b/roles/space_server/tasks/resolved.yml index 9196e1c..1bbae10 100644 --- a/roles/space_server/tasks/resolved.yml +++ b/roles/space_server/tasks/resolved.yml @@ -14,7 +14,7 @@ # #- name: Use systemd-resolved # lineinfile: -# path: /etc/nsswitch.conf +# path: '/etc/nsswitch.conf' # regexp: '^hosts:' # line: 'hosts: files resolve [!UNAVAIL=return] dns myhostname' diff --git a/roles/space_server/tasks/sshd.yml b/roles/space_server/tasks/sshd.yml index 75f865c..efbfa97 100644 --- a/roles/space_server/tasks/sshd.yml +++ b/roles/space_server/tasks/sshd.yml @@ -11,13 +11,13 @@ path: '/etc/ssh/sshd_config' regexp: '{{ item.regexp }}' line: '{{ item.line }}' - notify: - - restart sshd with_items: - regexp: '^PasswordAuthentication' line: 'PasswordAuthentication no' - regexp: '^#*GSSAPIAuthentication' line: 'GSSAPIAuthentication no' + notify: + - restart sshd - name: Enable sshd service systemd: diff --git a/roles/space_server/tasks/sudo.yml b/roles/space_server/tasks/sudo.yml index 5d0bf80..e8801a6 100644 --- a/roles/space_server/tasks/sudo.yml +++ b/roles/space_server/tasks/sudo.yml @@ -8,8 +8,8 @@ - name: Install sudoers file copy: - src: sudo/sudoers dest: '/etc/sudoers' + src: sudo/sudoers owner: root group: root mode: 0440 diff --git a/roles/space_server/tasks/unbound.yml b/roles/space_server/tasks/unbound.yml index 1007327..e4f575a 100644 --- a/roles/space_server/tasks/unbound.yml +++ b/roles/space_server/tasks/unbound.yml @@ -8,8 +8,8 @@ - name: Configure unbound template: - src: unbound/unbound.conf.j2 dest: '/etc/unbound/unbound.conf' + src: unbound/unbound.conf.j2 owner: root group: root mode: 0644 @@ -31,7 +31,7 @@ - name: Use our own resolver copy: - dest: /etc/resolv.conf + dest: '/etc/resolv.conf' content: "nameserver 127.0.0.1\nnameserver ::1\n" owner: root group: root |