[apt] MàJ

2021-06-18 22:39:04 +02:00 · 2021-06-18 22:39:04 +02:00 · d0ff9cc204
parent cf5b232af8
commit d0ff9cc204
20 changed files with 33 additions and 111 deletions
--- a/group_vars/all/ansible-header.yml
+++ b/group_vars/all/ansible-header.yml
@ -1,5 +1,4 @@
 ---
 # Custom header
 dirty: "{% if template_fullpath is defined %}{{ lookup('pipe', 'git diff --quiet -- ' + template_fullpath | quote + ' || echo dirty') }}{% else %}{{ lookup('pipe', 'git diff --quiet || echo dirty') }}{% endif %}"
 ansible_header: |
@ -17,45 +16,3 @@ ansible_header: |
       {% endif %}
    +++++++++++++++++++++++++++++++++++++++++++++++++++
 # Crans subnets
 adm_subnet: 10.231.136.0/24
 # # Role rsync-client
 # to_backup:
 #   - {
 #   name: "var",
 #   path: "/var",
 #   auth_users: "backupcrans",
 #   secrets_file: "/etc/rsyncd.secrets",
 #   hosts_allow: ["zephir.adm.crans.org", "10.231.136.6"],
 #   }
 #   - {
 #   name: "slash",
 #   path: "/",
 #   auth_users: "backupcrans",
 #   secrets_file: "/etc/rsyncd.secrets",
 #   hosts_allow: ["zephir.adm.crans.org", "10.231.136.6"],
 #   }
 #
 # re2o:
 #   server: re2o.adm.crans.org
 #   service_user: "{{ vault.re2o_service_user }}"
 #   service_password: "{{ vault.re2o_service_password }}"
 #
 #
 # # global server definitions
 glob_smtp: smtp.adm.crans.org
 glob_mirror:
  name: mirror.adm.crans.org
  ip: 172.16.10.30
 glob_ldap:
  uri: 'ldap://re2o-ldap.adm.crans.org/'
  users_base: 'cn=Utilisateurs,dc=crans,dc=org'
  servers:
    - 172.16.10.1
    - 172.16.10.11
    - 172.16.10.12
    - 172.16.10.13
  base: 'dc=crans,dc=org'
--- a/group_vars/all/ldap.yml
+++ b/group_vars/all/ldap.yml
@ -0,0 +1,10 @@
 ---
 glob_ldap:
  uri: 'ldap://re2o-ldap.adm.crans.org/'
  users_base: 'cn=Utilisateurs,dc=crans,dc=org'
  servers:
    - 172.16.10.1
    - 172.16.10.11
    - 172.16.10.12
    - 172.16.10.13
  base: 'dc=crans,dc=org'
--- a/group_vars/all/mirror.yml
+++ b/group_vars/all/mirror.yml
@ -0,0 +1,7 @@
 ---
 glob_mirror:
  hostname: mirror.adm.crans.org
  ip: 172.16.10.30
 debian_mirror: http://mirror.adm.crans.org/debian
 debian_components: main contrib non-free
--- a/group_vars/ovh/vars.yml
+++ b/group_vars/ovh/vars.yml
@ -1,5 +0,0 @@
 # Parameters for debian and ubuntu mirror
 debian_mirror: http://deb.debian.org/debian
 ubuntu_mirror: http://deb.debian.org/ubuntu
 debian_components: main contrib non-free
 ubuntu_components: main restricted universe multiverse
--- a/group_vars/re2o.yml
+++ b/group_vars/re2o.yml
@ -11,6 +11,7 @@ glob_re2o:
    - 'intranet.crans.org'
    - '172.16.10.156'
  from_email: "root@crans.org"
  smtp_server: smtp.adm.crans.org
  ldap:
    master_password: "{{ vault.ldap_master_password }}"
    uri: "ldap://re2o-ldap.adm.crans.org/"
--- a/host_vars/airbus.cachan-adm.crans.org.yml
+++ b/host_vars/airbus.cachan-adm.crans.org.yml
@ -12,7 +12,7 @@ glob_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_borg:
  remote:
--- a/host_vars/fyre.cachan-adm.crans.org.yml
+++ b/host_vars/fyre.cachan-adm.crans.org.yml
@ -15,11 +15,7 @@ loc_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_mirror:
  name: mirror.cachan-adm.crans.org
  ip: "{{ query('ldap','ip','terenez','cachan-adm') | ipv4 | first }}"
 loc_borg:
  remote:
--- a/host_vars/gulp.cachan-adm.crans.org.yml
+++ b/host_vars/gulp.cachan-adm.crans.org.yml
@ -8,7 +8,7 @@ glob_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_postgres:
  subnets:
--- a/host_vars/omnomnom.cachan-adm.crans.org.yml
+++ b/host_vars/omnomnom.cachan-adm.crans.org.yml
@ -15,11 +15,7 @@ loc_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_mirror:
  name: mirror.cachan-adm.crans.org
  ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
 loc_borg:
  remote:
--- a/host_vars/re2o-ldap.cachan-adm.crans.org.yml
+++ b/host_vars/re2o-ldap.cachan-adm.crans.org.yml
@ -12,7 +12,7 @@ glob_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_borg:
  remote:
--- a/host_vars/re2o.cachan-adm.crans.org.yml
+++ b/host_vars/re2o.cachan-adm.crans.org.yml
@ -12,7 +12,7 @@ glob_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 glob_prometheus_node_exporter:
  listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'cachan-adm') | ipv4 | first }}"
--- a/host_vars/rodauh.cachan-adm.crans.org.yml
+++ b/host_vars/rodauh.cachan-adm.crans.org.yml
@ -16,7 +16,7 @@ glob_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_certbot:
  - dns_rfc2136_server: '185.230.79.9'
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
@ -12,11 +12,7 @@ loc_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_mirror:
  name: mirror.cachan-adm.crans.org
  ip: "{{ query('ldap','ip','terenez','cachan-adm') | ipv4 | first }}"
 loc_borg:
  remote:
--- a/host_vars/sputnik.adm.crans.org.yml
+++ b/host_vars/sputnik.adm.crans.org.yml
@ -1,4 +1,6 @@
 ---
 debian_mirror: http://deb.debian.org/debian
 postfix:
  primary: false
  secondary: true
--- a/host_vars/terenez.cachan-adm.crans.org.yml
+++ b/host_vars/terenez.cachan-adm.crans.org.yml
@ -12,7 +12,7 @@ glob_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_borg:
  remote:
--- a/host_vars/unifi.cachan-adm.crans.org.yml
+++ b/host_vars/unifi.cachan-adm.crans.org.yml
@ -17,7 +17,7 @@ glob_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_borg:
  remote:
--- a/host_vars/zephir.cachan-adm.crans.org.yml
+++ b/host_vars/zephir.cachan-adm.crans.org.yml
@ -15,11 +15,7 @@ loc_ntp_client:
  servers:
    - terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
 loc_mirror:
  name: mirror.cachan-adm.crans.org
  ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
 loc_borg:
  remote:
--- a/plays/root.yml
+++ b/plays/root.yml
@ -2,24 +2,6 @@
 ---
 # root is the first playbook to launch (as root) whe initiation a new server
 - hosts: server
  tasks:
    - name: Check if mirror.adm is defined in /etc/hosts
      lineinfile:
        state: absent
        path: /etc/hosts
        regexp: '^{{ glob_mirror.ip }}'
      check_mode: True
      changed_when: False
      register: check_mirror
    - name: Define mirror.adm.crans.org if it doesn't exist.
      lineinfile:
        path: /etc/hosts
        line: '{{ glob_mirror.ip }} {{ glob_mirror.name }}'
        insertafter: '127.0.0.1 localhost'
      when: check_mirror.found == 0
 - hosts: virtu
  roles:
    - proxmox-apt-sources
--- a/roles/debian-apt-sources/templates/apt/sources.list.j2
+++ b/roles/debian-apt-sources/templates/apt/sources.list.j2
@ -1,4 +1,4 @@
-{{ ansible_header | comment }}
+{{ ansible_header }}
 {% if ansible_distribution == "Debian" %}
 # Mises à jour de sécurité
@ -14,19 +14,3 @@ deb     {{ debian_mirror }} {{ ansible_distribution_release }} {{ debian_compone
 # Dépôt pour mises à jour fréquentes (volatile)
 deb     {{ debian_mirror }} {{ ansible_distribution_release }}-updates {{ debian_components }}
 {% if backports | default(false) %}
 # Backports
 deb     {{ debian_mirror }} {{ ansible_distribution_release }}-backports {{ debian_components }}
 {% endif %}
 {% elif ansible_distribution == "Ubuntu" %}
 # Mises à jour de sécurité
 deb     {{ ubuntu_mirror }} {{ ansible_distribution_release }}-security {{ ubuntu_components }}
 # Dépôt classique
 deb     {{ ubuntu_mirror }} {{ ansible_distribution_release }} {{ ubuntu_components }}
 # Dépôt pour mises à jour fréquentes (volatile)
 deb     {{ ubuntu_mirror }} {{ ansible_distribution_release }}-updates {{ ubuntu_components }}
 {% endif %}
--- a/roles/re2o/templates/re2o/settings_local.py.j2
+++ b/roles/re2o/templates/re2o/settings_local.py.j2
@ -63,7 +63,7 @@ LOGO_PATH = "static_files/logo.png"
 # The mail configuration for Re2o to send mails
 SERVER_EMAIL = '{{ re2o.from_email }}'  # The mail address to use
-EMAIL_HOST = '{{ glob_smtp }}'           # The host to use
+EMAIL_HOST = '{{ re2o.smtp_server }}'           # The host to use
 EMAIL_PORT = 25             # The port to use
 # Settings of the LDAP structure