crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'base_playbook' into 'master' 

Base playbook

See merge request nounous/ansible!7
certbot_on_virtu
Alexandre (erdnaxe) 2019-04-22 11:22:03 +00:00
parent 1b970a4c00 fbfa8c7204
commit 8697aa0306
6 changed files with 130 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
backup.yml 100644
View File

@ -0,0 +1,7 @@
---
# Playbook to deploy backup client
- hosts: all
vars:
backuppc_rsyncd_passwd: "{{ vault_backuppc_rsyncd_passwd }}"
roles:
- rsync-client

3
base.yml
View File

@ -1,4 +1,5 @@
--- ---
# Playbook to deploy common Crans configuration and tools # Playbook to deploy common Crans configuration and tools
- hosts: all - hosts: all
roles: [] # TODO roles:
- common-tools

63
group_vars/all/vault.yml
View File

@ -1,31 +1,34 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
31333537633064326436386262343965626135306366386437666635613839333364336366356535 63636535353833663737346463323366633264356662383235363231613431363038646435343830
3862663966643462663662616166656366366266326539380a303932616262336461653832363163 3836363934663864356666366161353231343033353665610a636230343963386538336635376361
31393964376632623462333964666533333639393631393865343062393135653937663063616135 38333931393362353463383939666230393361613466666236666532613161323839633838383132
3763666336383136300a636662616534323639623663303730653230323330343366616235393239 3638356236663536300a373833303062653534346161613634393661363638363963316463626539
37666335393532623732336135633331306136323766323866313138643830386461303839623234 30393564633462363831623234313961656661646635303435316338336566623962353539656631
37623031346638323061346666396632663036643964666130633131393632306165646438633030 35623465313036653832613565656161303633376531346337316436366435633461383733316530
62383064643963643539353039373131336333343230663863653433653466643734313566383566 61333262353935323732646239366161346634616233613166306430386537346632333030626335
66653664303031626562366430623336613363343130373063313463386631616235316663613664 34326239666461613530663466303239373466373631643962313731653136393361633963383566
63353836626231376230356237313036373934663563326131613866323932663464633133316565 32363532323437333862623466373734663561383637326537323464383334303337323861333862
64376261313435306265336666326264663933333138346437343063313932626633306533303135 63366631346461393732633038383438383039353763306365313666393730633836653965643537
64336531313864656234396232373437626132333932336337643562313730323865343433326138 65373362303631646630366439633464356635616533366563633764356564333538373638363964
39376438363132396439656532616161376639363663636264646366646530663139666334343637 31613230643138313738383661376363313739336463353838653162306336343534343464396330
66313161363661623636336165356139333966396138336465643264323261363236353631316562 39353336633430373361356366323330393739303234383935616530326264393464336433363865
36343135393062336633626439666332653462343438656566323236616131653463333738396530 39306666636137343764333466343063373263326239303139666362373332393934303235613366
61633439663661386635373437343564303231363862356439343839393037393961643866666130 32373331333232376332613931333133363536313163366536633539306464616137666561313863
37646435373966373662666263333561326365333530373333373633653539643334323762393533 35656430663461353464376335396465303634393835303935393062373366303664663838373734
63393537643138376465623230613530393235616566663534333033643430643263323464616133 36623435636535393561323735366564306464646532323139616237656530353436356635373366
38626333306263313139396635323732646561366334313639366162656435393230333664646330 61396464626432653731323138643462306432353932313263346561663336313066396162323230
33333137373538666136643363636366333730313033356561366564383563393837396266306264 30623561393665336634353364376138666533666235316137353238383235313261303235663534
33383966663132376235333037653861353265346338396633376363393062633033653065343539 64623963653633306339643866646638633465663433336239383264393463373739393235636337
36663561393365623336653036633039316235396134303137353565653365613831333364663961 61313838666466373561363065636635623835623239316132623565613532333364313863363234
33336134666662336162386635393432346138313137386561373731393033323733663663373639 63616465633966336164306566646265613563643631363038343231373861643737323533646432
32656636646361303833313835323032356633333861636533333061646461366632633037333863 62316631333763393463353963383761356333326231616131353063653064306264623235616534
64353638613236363063363136393338646361303066333837356664333834336465343565633461 34626266313737363161653039663832613336626465333566616266366536613532623935323933
30316164333133306166366534643962303766626663326366376234376138353837353263646437 66396437326561663564633261646538613733623632336234656663633935376562346237373732
32643734343530643035393938643663633537323134316263666362333564303234316535383936 32643764313966333130316137346566396636343836623266333231383336393564326663343530
39633237643061656230633837356230323263343265643162323536633432633936633330323830 39333961333639346437623030313930333062646265363737613632333537636632396164613132
32663932313431353837356139306631376466633861313663376237336438366637333862366134 36623039313663643962663963643231396235656536373835386264336161633738633863656132
61303136643536363535376262346639346361366161323934336230633861376433366138343937 38386538336439316230646531653064366535616536643264316634616265346638666333633661
3366396137633132316239623437633131323765383239653031 65303531643133323464616661656134346337643135313833623763363466653965356664363332
30316563613739363834306236363162623562343237303737333964353632653062343634643234
61306336343832393866353136303837613766636335663033616437636531393363636261323566
6562

12
roles/common-tools/tasks/main.yml 100644
View File

@ -0,0 +1,12 @@
---
- name: Install common tools
apt:
update_cache: true
name:
- sudo
- molly-guard # prevent reboot
- ntp # network time sync
- apt # better than apt-get
register: apt_result
retries: 3
until: apt_result is succeeded

32
roles/rsync-client/tasks/main.yml 100644
View File

@ -0,0 +1,32 @@
---
- name: Install rsync
apt:
update_cache: true
name: rsync
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Enable rsync daemon
lineinfile:
path: /etc/default/rsync
regexp: '^RSYNC_ENABLE'
line: RSYNC_ENABLE=true
- name: Configure rsyncd
template:
src: rsyncd.conf.j2
dest: /etc/rsyncd.conf
mode: 0644
- name: Copy rsyncd secrets
copy:
content: "backupcrans:{{ backuppc_rsyncd_passwd }}"
dest: /etc/rsyncd.secrets
mode: 0600
- name: Start rsync service
systemd:
name: rsync
enabled: true
state: started

44
roles/rsync-client/templates/rsyncd.conf.j2 100644
View File

@ -0,0 +1,44 @@
# {{ ansible_managed }}
# GLOBAL OPTIONS
log file=/var/log/rsyncd
# for pid file, dont' use /var/run/rsync.pid unless you're not going to run
# rsync out of the init.d script. The /var/run/rsyncd.pid below is OK.
pid file=/var/run/rsyncd.pid
syslog facility=daemon
uid = root
gid = root
use chroot = no
read only = yes
# On ne liste pas les modules
list = no
#max connections=2
ignore errors = no
ignore nonreadable = yes
# ne loggue pas tous les fichiers
transfer logging = no
dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz
# verifie les droits de /etc/rsyncd.secrets
strict modes = yes
# personne n'accede aux modules par defaut
hosts deny = *
# MODULE OPTIONS
{# Liste des dossiers a sauvegarder par serveur, en plus de la racine. #}
[var]
path = /var
auth users = backupcrans
secrets file = /etc/rsyncd.secrets
hosts allow = zephir.adm.crans.org 10.231.136.6
[slash]
path = /
auth users = backupcrans
secrets file = /etc/rsyncd.secrets
hosts allow = zephir.adm.crans.org 10.231.136.6
{# TODO: implémenter le vrai système comme dans BCFG2 #}
{# TODO: implémenter le cas particulier de main-ftp-server, cpasswords-main et wiki #}