]> git.phdru.name Git - ansible.git/commitdiff
projects / ansible.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9e362f7)
Feat: Move common playbooks and roles
authorOleg Broytman <phd@phdru.name>
Sat, 31 Aug 2019 18:59:34 +0000 (21:59 +0300)
committerOleg Broytman <phd@phdru.name>
Sat, 31 Aug 2019 19:01:39 +0000 (22:01 +0300)
Some playbooks and roles are distribution-independent.

17 files changed:
playbooks/debian/add-apache-vhost patch | blob | history
playbooks/debian/add-dns-domain patch | blob | history
playbooks/debian/init-system.sh patch | blob | history
playbooks/debian/roles/phd/tasks/main.yml patch | blob | history
playbooks/debian/roles/root/README.txt [deleted file] patch | blob | history
playbooks/debian/roles/sshd/README.txt [deleted file] patch | blob | history
playbooks/init-system.yml [moved from playbooks/debian/init-system.yml with 76% similarity] patch | blob | history
playbooks/roles/README.txt [new file with mode: 0644] patch | blob
playbooks/roles/root/README.txt [new file with mode: 0644] patch | blob
playbooks/roles/root/meta/main.yml [moved from playbooks/debian/roles/root/meta/main.yml with 100% similarity] patch | blob | history
playbooks/roles/root/tasks/main.yml [moved from playbooks/debian/roles/root/tasks/main.yml with 100% similarity] patch | blob | history
playbooks/roles/root/tasks/mc.yml [moved from playbooks/debian/roles/root/tasks/mc.yml with 100% similarity] patch | blob | history
playbooks/roles/root/tasks/root.yml [moved from playbooks/debian/roles/root/tasks/root.yml with 100% similarity] patch | blob | history
playbooks/roles/sshd/README.txt [new file with mode: 0644] patch | blob
playbooks/roles/sshd/handlers/main.yml [moved from playbooks/debian/roles/sshd/handlers/main.yml with 100% similarity] patch | blob | history
playbooks/roles/sshd/tasks/main.yml [moved from playbooks/debian/roles/sshd/tasks/main.yml with 65% similarity] patch | blob | history
playbooks/update-root.yml [moved from playbooks/debian/update-root.yml with 100% similarity] patch | blob | history

diff --git a/playbooks/debian/add-apache-vhost b/playbooks/debian/add-apache-vhost
index 514c86b8159341db18cd5a767ad4ac66b5f0fbe8..0d2c502c1cbb522962699aa535e99395a2c99db1 100755 (executable)
--- a/playbooks/debian/add-apache-vhost
+++ b/playbooks/debian/add-apache-vhost
@@ -9,6 +9,6 @@ vhost="$1"
 shift
 
 cd "`dirname \"$0\"`" &&
-ANSIBLE_ROLES_PATH=debian/roles \
+ANSIBLE_ROLES_PATH=debian/roles:roles \
    exec ../run-role add-apache-vhost "$@" \
       -e virtual_host="$vhost" -e gather_facts=true
diff --git a/playbooks/debian/add-dns-domain b/playbooks/debian/add-dns-domain
index 38c14b5c4e8c9047afad88f3497de5fcea834af0..30a1c137fbf6ebb04d65dc3912afd64fe04748cc 100755 (executable)
--- a/playbooks/debian/add-dns-domain
+++ b/playbooks/debian/add-dns-domain
@@ -9,6 +9,6 @@ domain="$1"
 shift
 
 cd "`dirname \"$0\"`" &&
-ANSIBLE_ROLES_PATH=debian/roles \
+ANSIBLE_ROLES_PATH=debian/roles:roles \
    exec ../run-role add-dns-domain "$@" \
       -e domain="$domain" -e gather_facts=true
diff --git a/playbooks/debian/init-system.sh b/playbooks/debian/init-system.sh
index 2363c803ea412f30c6e0669ab37363b1eff5b5f6..c44eb832ea86036bfd22778fb1c458634db122b4 100755 (executable)
--- a/playbooks/debian/init-system.sh
+++ b/playbooks/debian/init-system.sh
@@ -9,9 +9,11 @@ host="$1"
 shift
 
 cd "`dirname \"$0\"`" &&
+ANSIBLE_ROLES_PATH=roles:../roles &&
+export ANSIBLE_ROLES_PATH &&
 
 # Passwordless access isn't configured yet; use `ssh` connection sharing.
 # `sudo` isn't configured yet too; use `su` and ask for root password.
-ansible-playbook init-system.yml "$@" -e hosts="$host" \
+ansible-playbook ../init-system.yml "$@" -e hosts="$host" \
    --become-method=su -K &&
 exec ansible-playbook init-system2.yml "$@" -e hosts="$host"
diff --git a/playbooks/debian/roles/phd/tasks/main.yml b/playbooks/debian/roles/phd/tasks/main.yml
index a8ea36ee63e6470f0268b39f44761ab65d0ee1ff..a26a738cf7af22bece6f41f84bdfbfd51312f2a9 100644 (file)
--- a/playbooks/debian/roles/phd/tasks/main.yml
+++ b/playbooks/debian/roles/phd/tasks/main.yml
@@ -30,6 +30,12 @@
         group: phd
         groups: "{{ system_groups }}"
 
+    - name: Remove mc directories
+      file:
+        path: "{{ item }}"
+        state: absent
+      loop: ['~/.cache/mc', '~/.config/mc', '~/.local/share/mc']
+
     - name: Upload and extract home archive
       unarchive:
         src: ~/archive/STORE/phd/Home/phd.tar.bz2
diff --git a/playbooks/debian/roles/root/README.txt b/playbooks/debian/roles/root/README.txt
deleted file mode 100644 (file)
index e970e2a..0000000
--- a/playbooks/debian/roles/root/README.txt
+++ /dev/null
@@ -1 +0,0 @@
-Init new Debian system: setup ~root by copying files from ~phd.
diff --git a/playbooks/debian/roles/sshd/README.txt b/playbooks/debian/roles/sshd/README.txt
deleted file mode 100644 (file)
index f1ea9db..0000000
--- a/playbooks/debian/roles/sshd/README.txt
+++ /dev/null
@@ -1 +0,0 @@
-Init new Debian system: configure sshd.
diff --git a/playbooks/debian/init-system.yml b/playbooks/init-system.yml
similarity index 76%
rename from playbooks/debian/init-system.yml
rename to playbooks/init-system.yml
index b1dbd6848976c0fa2fc34b03b8902fa2f55ac11e..e5722c8f369edc964c4502ac64e25d5763df3881 100644 (file)
--- a/playbooks/debian/init-system.yml
+++ b/playbooks/init-system.yml
@@ -1,4 +1,4 @@
-- name: Setup Debain system
+- name: Setup Linux system
   hosts: "{{ hosts | default('all') }}"
   gather_facts: false
   roles:
diff --git a/playbooks/roles/README.txt b/playbooks/roles/README.txt
new file mode 100644 (file)
index 0000000..46b2b6a
--- /dev/null
+++ b/playbooks/roles/README.txt
@@ -0,0 +1 @@
+Common roles.
diff --git a/playbooks/roles/root/README.txt b/playbooks/roles/root/README.txt
new file mode 100644 (file)
index 0000000..7fb362b
--- /dev/null
+++ b/playbooks/roles/root/README.txt
@@ -0,0 +1 @@
+Setup new Linux system: setup ~root by copying files from ~phd.
diff --git a/playbooks/roles/sshd/README.txt b/playbooks/roles/sshd/README.txt
new file mode 100644 (file)
index 0000000..4b0149d
--- /dev/null
+++ b/playbooks/roles/sshd/README.txt
@@ -0,0 +1 @@
+Setup new Linux system: configure sshd.
diff --git a/playbooks/debian/roles/sshd/tasks/main.yml b/playbooks/roles/sshd/tasks/main.yml
similarity index 65%
rename from playbooks/debian/roles/sshd/tasks/main.yml
rename to playbooks/roles/sshd/tasks/main.yml
index 9f76108e4ec34d9646688ec2ccfc45fcdefa6b2d..d1c96ab54f53780c4088118020a6d3358207f7a2 100644 (file)
--- a/playbooks/debian/roles/sshd/tasks/main.yml
+++ b/playbooks/roles/sshd/tasks/main.yml
@@ -1,5 +1,6 @@
 - name: Check sshd
-  shell: "grep -c '^PermitRootLogin' /etc/ssh/sshd_config || :"
+  become: true
+  shell: "grep -c '^PermitRootLogin prohibit-password' /etc/ssh/sshd_config || :"
   register: sshd
   changed_when: sshd.stdout == "0"
 
@@ -7,6 +8,14 @@
     msg: "sshd has already been configured"
   when: sshd.stdout != "0"
 
+- name: "Setup sshd: disable root login"
+  become: true
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "^PermitRootLogin yes"
+    state: absent
+  when: sshd.stdout == "0"
+
 - name: Configure sshd
   become: true
   lineinfile:
My ansible: inventory, playbooks, roles