Merge branch 'master' into dev

2022-02-25 12:01:33 +01:00
parent 32e8520e7b 03e72aad7b
commit c8895cc8fa
11 changed files with 54 additions and 44 deletions
--- a/host_vars/debian-test.universe.local.yml
+++ b/host_vars/debian-test.universe.local.yml
@@ -1,2 +1,3 @@
 ---
 netdata: true
 set_hosts: true
--- a/host_vars/mewimeet.de.yml
+++ b/host_vars/mewimeet.de.yml
@@ -11,8 +11,10 @@ microcode_amd_install: false
 microcode_intel_install: false
 proxmox_instance: false
 raspberry_pi: false
 preinstalled: true
 # server
 set_hosts: false
 unattended_upgrades: true
 web_server: true
 netdata: true
--- a/host_vars/ubuntu-test.universe.local.yml
+++ b/host_vars/ubuntu-test.universe.local.yml
@@ -3,3 +3,4 @@ copy_ssh_priv_keys: true
 netdata: true
 webserver: true
 nginx: true
 set_hosts: true
--- a/2
+++ b/2
@@ -27,8 +27,6 @@ coruscant.universe.local
 [jitsimeet]
 #ubuntu-test jitsi_fqdn=mewimeet.de
 mewimeet.de jitsi_fqdn=mewimeet.de
 jitsi-meet-eu jitsi_fqdn=mewimeet.de
 [mailserver]
 coruscant.universe.local
--- a/roles/base/files/system_setup/sshd_custom.conf
+++ b/roles/base/files/system_setup/sshd_custom.conf
@@ -15,7 +15,7 @@ PrintLastLog no
 AllowUsers rene
 Match Address 192.168.1.240
-        AllowUsers root,rene
+        AllowUsers root rene
 Match User root
        PasswordAuthentication no
--- a/roles/base/tasks/system_setup/hosts.yml
+++ b/roles/base/tasks/system_setup/hosts.yml
@@ -7,3 +7,6 @@
    group: 'root'
  loop:
    - { ip: '192.168.1.240', fqdn: 'gitlab.social.my-wan.de'}
  when:
    - set_hosts is defined
    - set_hosts == true
--- a/roles/base/tasks/system_setup/openssh.yml
+++ b/roles/base/tasks/system_setup/openssh.yml
@@ -12,7 +12,7 @@
    enabled: yes
    state: started
- name: system setup | openssh | generate sshd_config file from template
+- name: system setup | openssh | copy sshd custom config
  tags: openssh,ssh,system,settings
  copy:
    src: system_setup/sshd_custom.conf
--- a/roles/base/tasks/users/rene.yml
+++ b/roles/base/tasks/users/rene.yml
@@ -2,6 +2,8 @@
  user:
    name: rene
    shell: "/usr/bin/zsh"
    groups: "sudo"
    append: True
 # - name: users | rene | install public ssh keys
 #   authorized_key:
--- a/roles/base/tasks/users/root.yml
+++ b/roles/base/tasks/users/root.yml
@@ -1,7 +1,7 @@
- name: users | root | ensure account is locked
+# - name: users | root | ensure account is locked
-  user:
+#   user:
-    name: root
+#     name: root
-    password_lock: yes
+#     password_lock: yes
 # - name: users | root | install public ssh keys
 #   authorized_key:
--- a/roles/jitsimeet/tasks/install_jitsimeet.yml
+++ b/roles/jitsimeet/tasks/install_jitsimeet.yml
@@ -16,10 +16,10 @@
 # - jitsi-meet-web-config
 # - jitsi-videobridge2
 - block:
  - name: jitsimeet | set debconf vars
    shell:
      cmd: "{{ playbook_dir }}/roles/jitsimeet/files/set_debconf.sh {{ jitsi_fqdn }}"
  - name: jitsimeet | install packages
    package:
      name: 
@@ -30,6 +30,7 @@
        - jitsi-meet-web-config
        - jitsi-videobridge2
    notify: restart_nginx
  when: preinstalled == false or preinstalled is not defined
 - name: jitsimeet | copy custom settings
  copy:
--- a/roles/jitsimeet/tasks/prepare_system.yml
+++ b/roles/jitsimeet/tasks/prepare_system.yml
@@ -6,6 +6,7 @@
      DefaultLimitNPROC=65000
      DefaultTasksMax=65000
 - block:
  - name: jitsimeet | reload systemd
    systemd:
      daemon_reload: true
@@ -30,3 +31,4 @@
    package:
      name: debconf-utils
      state: latest
  when: preinstalled == false or preinstalled is not defined