rene/ansible-pull
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into dev

Browse Source
This commit is contained in:
rene
2022-02-25 12:01:33 +01:00
parent 32e8520e7b 03e72aad7b
commit c8895cc8fa
11 changed files with 54 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
host_vars/debian-test.universe.local.yml
View File

@@ -1,2 +1,3 @@
--- ---
netdata: true netdata: true
set_hosts: true

2
host_vars/mewimeet.de.yml
View File

@@ -11,8 +11,10 @@ microcode_amd_install: false
microcode_intel_install: false microcode_intel_install: false
proxmox_instance: false proxmox_instance: false
raspberry_pi: false raspberry_pi: false
preinstalled: true
# server # server
set_hosts: false
unattended_upgrades: true unattended_upgrades: true
web_server: true web_server: true
netdata: true netdata: true

3
host_vars/ubuntu-test.universe.local.yml
View File

@@ -2,4 +2,5 @@
copy_ssh_priv_keys: true copy_ssh_priv_keys: true
netdata: true netdata: true
webserver: true webserver: true
nginx: true nginx: true
set_hosts: true

2
hosts
View File

@@ -27,8 +27,6 @@ coruscant.universe.local
[jitsimeet] [jitsimeet]
#ubuntu-test jitsi_fqdn=mewimeet.de #ubuntu-test jitsi_fqdn=mewimeet.de
mewimeet.de jitsi_fqdn=mewimeet.de mewimeet.de jitsi_fqdn=mewimeet.de
jitsi-meet-eu jitsi_fqdn=mewimeet.de
[mailserver] [mailserver]
coruscant.universe.local coruscant.universe.local

2
roles/base/files/system_setup/sshd_custom.conf
View File

@@ -15,7 +15,7 @@ PrintLastLog no
AllowUsers rene AllowUsers rene
Match Address 192.168.1.240 Match Address 192.168.1.240
AllowUsers root,rene AllowUsers root rene
Match User root Match User root
PasswordAuthentication no PasswordAuthentication no

5
roles/base/tasks/system_setup/hosts.yml
View File

@@ -6,4 +6,7 @@
owner: 'root' owner: 'root'
group: 'root' group: 'root'
loop: loop:
- { ip: '192.168.1.240', fqdn: 'gitlab.social.my-wan.de'} - { ip: '192.168.1.240', fqdn: 'gitlab.social.my-wan.de'}
when:
- set_hosts is defined
- set_hosts == true

2
roles/base/tasks/system_setup/openssh.yml
View File

@@ -12,7 +12,7 @@
enabled: yes enabled: yes
state: started state: started
- name: system setup | openssh | generate sshd_config file from template - name: system setup | openssh | copy sshd custom config
tags: openssh,ssh,system,settings tags: openssh,ssh,system,settings
copy: copy:
src: system_setup/sshd_custom.conf src: system_setup/sshd_custom.conf

2
roles/base/tasks/users/rene.yml
View File

@@ -2,6 +2,8 @@
user: user:
name: rene name: rene
shell: "/usr/bin/zsh" shell: "/usr/bin/zsh"
groups: "sudo"
append: True
# - name: users | rene | install public ssh keys # - name: users | rene | install public ssh keys
# authorized_key: # authorized_key:

8
roles/base/tasks/users/root.yml
View File

@@ -1,7 +1,7 @@
- name: users | root | ensure account is locked # - name: users | root | ensure account is locked
user: # user:
name: root # name: root
password_lock: yes # password_lock: yes
# - name: users | root | install public ssh keys # - name: users | root | install public ssh keys
# authorized_key: # authorized_key:

29
roles/jitsimeet/tasks/install_jitsimeet.yml
View File

@@ -16,20 +16,21 @@
# - jitsi-meet-web-config # - jitsi-meet-web-config
# - jitsi-videobridge2 # - jitsi-videobridge2
- name: jitsimeet | set debconf vars - block:
shell: - name: jitsimeet | set debconf vars
cmd: "{{ playbook_dir }}/roles/jitsimeet/files/set_debconf.sh {{ jitsi_fqdn }}" shell:
cmd: "{{ playbook_dir }}/roles/jitsimeet/files/set_debconf.sh {{ jitsi_fqdn }}"
- name: jitsimeet | install packages - name: jitsimeet | install packages
package: package:
name: name:
- prosody - prosody
- jicofo - jicofo
- jitsi-meet-web - jitsi-meet-web
- jitsi-meet-prosody - jitsi-meet-prosody
- jitsi-meet-web-config - jitsi-meet-web-config
- jitsi-videobridge2 - jitsi-videobridge2
notify: restart_nginx notify: restart_nginx
when: preinstalled == false or preinstalled is not defined
- name: jitsimeet | copy custom settings - name: jitsimeet | copy custom settings
copy: copy:

42
roles/jitsimeet/tasks/prepare_system.yml
View File

@@ -6,27 +6,29 @@
DefaultLimitNPROC=65000 DefaultLimitNPROC=65000
DefaultTasksMax=65000 DefaultTasksMax=65000
- name: jitsimeet | reload systemd - block:
systemd: - name: jitsimeet | reload systemd
daemon_reload: true systemd:
daemon_reload: true
- name: jitsimeet | import GPG key - name: jitsimeet | import GPG key
apt_key: apt_key:
url: "https://download.jitsi.org/jitsi-key.gpg.key" url: "https://download.jitsi.org/jitsi-key.gpg.key"
state: present # not required. choices: absent;present. Ensures that the key is present (added) or absent (revoked). state: present # not required. choices: absent;present. Ensures that the key is present (added) or absent (revoked).
- name: jitsimeet | add repository - name: jitsimeet | add repository
lineinfile: lineinfile:
path: "/etc/apt/sources.list.d/jitsi-stable.list" path: "/etc/apt/sources.list.d/jitsi-stable.list"
line: "deb https://download.jitsi.org stable/" line: "deb https://download.jitsi.org stable/"
create: True create: True
backup: True backup: True
notify: apt_update notify: apt_update
- name: jitsimeet | flush handlers - name: jitsimeet | flush handlers
meta: flush_handlers meta: flush_handlers
- name: jitsimeet | add debconf-utils package - name: jitsimeet | add debconf-utils package
package: package:
name: debconf-utils name: debconf-utils
state: latest state: latest
when: preinstalled == false or preinstalled is not defined