adrian/jean-cloud-services
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
01c3e5374d
jean-cloud-services/provisioning/roles/jean-cloud-common/tasks/main.yml

120 lines
2.9 KiB
YAML
Raw Normal View History

initial commit
2023-04-24 10:11:09 +00:00
---
# tasks file for jean-cloud-common
- name: Set hostname
ansible.builtin.hostname:
name: "{{inventory_hostname}}"
when: inventory_hostname is defined
- name: Set hostname IP
ansible.builtin.lineinfile:
path: /etc/hosts
line: "{{item}}"
with_items:
- "172.0.0.1 {{inventory_hostname}}"
- "::1 {{inventory_hostname}}"
what a piece of commit…
2023-09-07 17:50:05 +00:00
- name: Set shlago IP
ansible.builtin.lineinfile:
path: /etc/hosts
line: "{{item}}"
with_items:
- "172.0.0.1 shlago.jean-cloud.org"
- "::1 shlago.jean-cloud.org"
when: inventory_hostname in groups["shlago"]
certs and stuff
2023-09-15 08:57:47 +00:00
# Account for deploying SSL certs
- name: Add certs user
ansible.builtin.user:
name: certs
shell: /bin/bash
home: /data/letsencrypt.jean-cloud.org
- name: Set authorized key, removing all the authorized keys already set
ansible.posix.authorized_key:
user: certs
key: "{{ lookup('file', 'certs.pub') }}"
state: present
exclusive: true
#
initial commit
2023-04-24 10:11:09 +00:00
- name: Show last changed password for security
copy:
dest: /etc/profile.d/user_last_passwd.sh
owner: root
group: root
mode: '0644'
content: |
#!/bin/bash
RED='\033[0;31m'
NC='\033[0m' # No Color
echo -e "Password last changed on $RED$(passwd -S $USER | cut -d ' ' -f 3)$NC"
- name: Install some softwares
apt:
new step for jean-cloud kind
2023-08-28 18:25:32 +00:00
name: ['bind9', 'certbot', 'curl', 'dnsutils', 'git', 'gnupg2', 'htop', 'hugo', 'netcat-openbsd', 'nginx', 'podman', 'rclone', 'rsync', 'screen', 'sshfs', 'sudo', 'traceroute', 'vim', 'wget', 'zip']
initial commit
2023-04-24 10:11:09 +00:00
state: latest
mise à jours script
2023-05-02 08:59:13 +00:00
# TODO disable certbot and certbot.timer services. We are using our own
initial commit
2023-04-24 10:11:09 +00:00
- name: create needed dirs
ansible.builtin.file:
path: "{{item}}"
state: directory
with_items:
- /docker
new step for jean-cloud kind
2023-08-28 18:25:32 +00:00
- /srv/http
initial commit
2023-04-24 10:11:09 +00:00
- /data
- /etc/letsencrypt
- name: Install docker-compose bash autocompletion
get_url:
url: https://raw.githubusercontent.com/docker/compose/1.29.2/contrib/completion/bash/docker-compose
dest: /etc/bash_completion.d/docker-compose
mode: '0705'
owner: 'root'
- name: Add letsencrypt crontab
ansible.builtin.lineinfile:
path: /etc/crontab
line: '26 03 * * * root letsencrypt.sh'
update
2023-07-06 15:37:16 +00:00
- name: Docker config
ansible.builtin.copy:
dest: /etc/docker/daemon.json
content: |
{
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "3"
}
}
certs and stuff
2023-09-15 08:57:47 +00:00
initial commit
2023-04-24 10:11:09 +00:00
#TODO add this to /etc/docker/daemon.json
#{
# "iptables": false
#}
update
2023-07-06 15:37:16 +00:00
- name: Bash history
ansible.builtin.copy:
dest: /etc/profile.d/history.sh
mode : 755
content: |
HISTSIZE=
HISTFILESIZE=10000
HISTTIMEFORMAT="%Y%m%d-%T "
export HISTSIZE HISTFILESIZE HISTTIMEFORMAT
initial commit
2023-04-24 10:11:09 +00:00
new step for jean-cloud kind
2023-08-28 18:25:32 +00:00
- name : Disable docker service
service:
name: "{{ item }}"
state: stopped
enabled: false
with_items:
- docker
- docker.socket
Reference in New Issue Copy Permalink