101 lines
1.7 KiB
YAML
Executable File
101 lines
1.7 KiB
YAML
Executable File
- name: server
|
||
hosts: servers
|
||
become: no
|
||
gather_facts: no
|
||
roles:
|
||
# Ansible prerequisites
|
||
- schuerg.prerequisites
|
||
|
||
- name: server
|
||
hosts: servers
|
||
#become: yes
|
||
#gather_facts: no
|
||
roles:
|
||
# Ansible prerequisites
|
||
#- robertdebock.bootstrap
|
||
|
||
# EPEL for centos
|
||
#- geerlingguy.repo-epel
|
||
|
||
#NTP is important for curl and apt
|
||
# - ericsysmin.system.ntp
|
||
|
||
|
||
|
||
# Users
|
||
#- sysadmins
|
||
|
||
# Locales
|
||
# TODO set locales date and currency
|
||
#- alvistack.locales
|
||
- oefenweb.locales
|
||
|
||
# Sys update. Playbook bien fait.
|
||
- robertdebock.update
|
||
|
||
# Manage sudoers
|
||
#- GROG.sudo
|
||
|
||
# Unattended upgrades
|
||
#- jnv.unattended-upgrades
|
||
#- thorian93.unattended_upgrade
|
||
#- racqspace.unattended_upgrades
|
||
|
||
# ssh security
|
||
# using geerlingguy security
|
||
#- dev-sec.ssh-hardening
|
||
- geerlingguy.security
|
||
|
||
# fail2ban
|
||
#- oefenweb.fail2ban
|
||
#- robertdebock.fail2ban
|
||
|
||
# firewall conf
|
||
# TODO it destroy the DOCKER rules…
|
||
#- geerlingguy.firewall
|
||
|
||
# Rootkit protection
|
||
#- mablanco.antirootkits
|
||
|
||
|
||
# antivirus
|
||
#- geerlingguy.clamav
|
||
|
||
# docker
|
||
- geerlingguy.docker
|
||
|
||
# timezone
|
||
- oefenweb.timezone
|
||
|
||
# ntp
|
||
#- geerlingguy.ntp
|
||
|
||
# docker metrics proxy
|
||
#- docker-metrics-proxy
|
||
|
||
# logrotate
|
||
# - ontic/logrotate
|
||
|
||
# apparmor ?
|
||
# - manala.apparmor
|
||
|
||
# autofs
|
||
# - cmprescott.autofs_ng
|
||
|
||
# smart TODO
|
||
#- stuvusit/smartd
|
||
|
||
# graylog Nope, too heavy…
|
||
# TODO lininfile for prometheus
|
||
# 127.0.1.1 docker-host
|
||
- jean-cloud-common
|
||
|
||
##- deploy_all
|
||
|
||
- name: shlago
|
||
hosts: shlago
|
||
become: yes
|
||
gather_facts: no
|
||
roles:
|
||
- ordiportables
|