diff --git a/roles/firewall/handlers/main.yml b/roles/firewall/handlers/main.yml index 45a421b..7570752 100644 --- a/roles/firewall/handlers/main.yml +++ b/roles/firewall/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: reload firewall openwrt_init: - name: firewall - state: reloaded + name: firewall + state: reloaded diff --git a/roles/firewall/tasks/main.yml b/roles/firewall/tasks/main.yml index 0132c4a..7d40829 100644 --- a/roles/firewall/tasks/main.yml +++ b/roles/firewall/tasks/main.yml @@ -1,5 +1,7 @@ +--- + - name: generate firewall file template: - src: firewall.j2 - dest: /etc/config/firewall + src: firewall.j2 + dest: /etc/config/firewall notify: reload firewall diff --git a/roles/ftp/handlers/main.yml b/roles/ftp/handlers/main.yml index 1e440b1..fa8869c 100644 --- a/roles/ftp/handlers/main.yml +++ b/roles/ftp/handlers/main.yml @@ -1,3 +1,5 @@ +--- + - name: restart vsftpd service: name: vsftpd diff --git a/roles/ftp/tasks/main.yml b/roles/ftp/tasks/main.yml index cf39c1b..eae8d5f 100644 --- a/roles/ftp/tasks/main.yml +++ b/roles/ftp/tasks/main.yml @@ -1,3 +1,5 @@ +--- + - name: Install vsftpd package: name: vsftpd @@ -5,15 +7,15 @@ - name: Create ftp directory file: - path: /srv/ftp - state: directory + path: /srv/ftp + state: directory - name: Create upload directory file: - path: /srv/ftp/upload - owner: ftp - group: root - state: directory + path: /srv/ftp/upload + owner: ftp + group: root + state: directory - name: Config vsftpd copy: diff --git a/roles/haproxy/handlers/main.yml b/roles/haproxy/handlers/main.yml index 20f905d..0c5c107 100644 --- a/roles/haproxy/handlers/main.yml +++ b/roles/haproxy/handlers/main.yml @@ -1,3 +1,5 @@ +--- + - name: restart haproxy service: name: haproxy diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml index b8b0d68..9bec241 100644 --- a/roles/haproxy/tasks/main.yml +++ b/roles/haproxy/tasks/main.yml @@ -1,3 +1,5 @@ +--- + - name: install haproxy package package: name: haproxy diff --git a/roles/icecast2/defaults/main.yml b/roles/icecast2/defaults/main.yml index e1ca55a..c12f42a 100644 --- a/roles/icecast2/defaults/main.yml +++ b/roles/icecast2/defaults/main.yml @@ -1,3 +1,5 @@ +--- + source_pass: !vault | $ANSIBLE_VAULT;1.1;AES256 36383738646636353839616365316537653865666335353136666166336137636635663062626265 diff --git a/roles/icecast2/handlers/main.yml b/roles/icecast2/handlers/main.yml index 1389b56..d4695da 100644 --- a/roles/icecast2/handlers/main.yml +++ b/roles/icecast2/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart icecast2 service: - name: icecast2 - state: restarted + name: icecast2 + state: restarted diff --git a/roles/icecast2/tasks/main.yml b/roles/icecast2/tasks/main.yml index 604b6ab..10aeabd 100644 --- a/roles/icecast2/tasks/main.yml +++ b/roles/icecast2/tasks/main.yml @@ -1,12 +1,13 @@ +--- + - name: install icecast2 package: - name: icecast2 - state: present + name: icecast2 + state: present - name: configuration file template: - src: icecast.xml.j2 - dest: /etc/icecast2/icecast.xml + src: icecast.xml.j2 + dest: /etc/icecast2/icecast.xml notify: - - restart icecast2 - + - restart icecast2 diff --git a/roles/mailman/handlers/main.yml b/roles/mailman/handlers/main.yml index 172da2e..0c68eb7 100644 --- a/roles/mailman/handlers/main.yml +++ b/roles/mailman/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart mailman3 service: - name: mailman3 - state: restarted + name: mailman3 + state: restarted diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml index 93914f7..94eb11f 100644 --- a/roles/mailman/tasks/main.yml +++ b/roles/mailman/tasks/main.yml @@ -1,7 +1,9 @@ +--- + - name: install mailman3 and dependencies package: - name: "{{ item }}" - state: present + name: "{{ item }}" + state: present loop: - mailman3-full - sqlite3 diff --git a/roles/mariadb/defaults/main.yml b/roles/mariadb/defaults/main.yml index 035956b..a0577f4 100644 --- a/roles/mariadb/defaults/main.yml +++ b/roles/mariadb/defaults/main.yml @@ -1,3 +1,5 @@ +--- + mariadb_backup_hour: 5 mariadb_backup_minute: 0 mariadb_query_cache_memory: 64 diff --git a/roles/mariadb/handlers/main.yml b/roles/mariadb/handlers/main.yml index a200c48..4b62cab 100644 --- a/roles/mariadb/handlers/main.yml +++ b/roles/mariadb/handlers/main.yml @@ -1,7 +1,9 @@ +--- + - name: restart mariadb service: - name: mariadb - state: restarted + name: mariadb + state: restarted - name: daemon-reload command: systemctl daemon-reload diff --git a/roles/mariadb/tasks/main.yml b/roles/mariadb/tasks/main.yml index 54599ae..8e87678 100644 --- a/roles/mariadb/tasks/main.yml +++ b/roles/mariadb/tasks/main.yml @@ -1,34 +1,36 @@ +--- + - name: install mariadb package: - name: mariadb-server - state: present + name: mariadb-server + state: present - name: create mysql directory file: - path: /srv/mysql - owner: mysql - group: mysql - state: directory + path: /srv/mysql + owner: mysql + group: mysql + state: directory - name: populate mysql directory command: /usr/bin/mysql_install_db --datadir=/srv/mysql args: - creates: /srv/mysql/ibdata1 + creates: /srv/mysql/ibdata1 notify: restart mariadb - name: replace conffile template: - src: 50-server.cnf.j2 - dest: /etc/mysql/mariadb.conf.d/50-server.cnf + src: 50-server.cnf.j2 + dest: /etc/mysql/mariadb.conf.d/50-server.cnf notify: restart mariadb - name: debian upgrade file conf template: - src: debian.cnf.j2 - dest: /etc/mysql/debian.cnf - owner: root - group: root - mode: '0600' + src: debian.cnf.j2 + dest: /etc/mysql/debian.cnf + owner: root + group: root + mode: '0600' notify: restart mariadb - name: force handlers @@ -36,8 +38,8 @@ - name: install python-mysql package: - name: python3-pymysql - state: present + name: python3-pymysql + state: present - name: check if .my.cnf file exists stat: @@ -98,15 +100,14 @@ - name: install backup script copy: - src: files/backup_mysql.sh - dest: /usr/local/bin/backup_mysql.sh - mode: '0755' + src: files/backup_mysql.sh + dest: /usr/local/bin/backup_mysql.sh + mode: '0755' - name: cron backup script cron: - name: "MariaDB backup" - hour: "{{ mariadb_backup_hour }}" - minute: "{{ mariadb_backup_minute }}" - job: "/usr/local/bin/backup_mysql.sh" - state: present - + name: "MariaDB backup" + hour: "{{ mariadb_backup_hour }}" + minute: "{{ mariadb_backup_minute }}" + job: "/usr/local/bin/backup_mysql.sh" + state: present diff --git a/roles/mumble/handlers/main.yml b/roles/mumble/handlers/main.yml index b6ca2af..b4484db 100644 --- a/roles/mumble/handlers/main.yml +++ b/roles/mumble/handlers/main.yml @@ -1,3 +1,5 @@ +--- + - name: restart mumble service: name: mumble-server diff --git a/roles/mumble/tasks/main.yml b/roles/mumble/tasks/main.yml index cdac2c5..aa46c46 100644 --- a/roles/mumble/tasks/main.yml +++ b/roles/mumble/tasks/main.yml @@ -1,11 +1,13 @@ +--- + - name: install mumble package: - name: mumble-server - state: present + name: mumble-server + state: present - name: configuration files copy: - src: ./files/mumble-server.ini - dest: /etc/mumble-server.ini + src: ./files/mumble-server.ini + dest: /etc/mumble-server.ini notify: - - restart mumble + - restart mumble diff --git a/roles/munin-client/handlers/main.yml b/roles/munin-client/handlers/main.yml index 5d25705..6a2d23d 100644 --- a/roles/munin-client/handlers/main.yml +++ b/roles/munin-client/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart munin-node service: - name: munin-node - state: restarted + name: munin-node + state: restarted diff --git a/roles/munin-client/tasks/hypervisors.yml b/roles/munin-client/tasks/hypervisors.yml index 3424192..edb9577 100644 --- a/roles/munin-client/tasks/hypervisors.yml +++ b/roles/munin-client/tasks/hypervisors.yml @@ -1,13 +1,15 @@ +--- + - name: delete squid plugins shell: - cmd: "rm -f /etc/munin/plugins/squid_*" - warn: False + cmd: "rm -f /etc/munin/plugins/squid_*" + warn: false notify: - - restart munin-node + - restart munin-node - name: delete lxc interfaces plugins shell: - cmd: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*" - warn: False + cmd: "rm -f /etc/munin/plugins/if_*veth* /etc/munin/plugins/if_*fw* /etc/munin/plugins/if_*vmbr*" + warn: false notify: - - restart munin-node + - restart munin-node diff --git a/roles/munin-client/tasks/mikrotik.yml b/roles/munin-client/tasks/mikrotik.yml index 3f48445..237e224 100644 --- a/roles/munin-client/tasks/mikrotik.yml +++ b/roles/munin-client/tasks/mikrotik.yml @@ -1,4 +1,5 @@ -# For Munin servers +--- + - name: deploy mikrotik unitary scripts copy: src: "./files/{{ item.0 }}" diff --git a/roles/munin-client/tasks/physical_servers.yml b/roles/munin-client/tasks/physical_servers.yml index c4d6746..24aeee7 100644 --- a/roles/munin-client/tasks/physical_servers.yml +++ b/roles/munin-client/tasks/physical_servers.yml @@ -1,16 +1,16 @@ +--- # for physical servers - name: install necessary packages for hypervisors package: - name: lm-sensors - state: present + name: lm-sensors + state: present - name: configure specific munin plugin file: - path: "/etc/munin/plugins/sensors_{{ item }}" - src: /usr/share/munin/plugins/sensors_ - state: link + path: "/etc/munin/plugins/sensors_{{ item }}" + src: /usr/share/munin/plugins/sensors_ + state: link notify: - - restart munin-node + - restart munin-node loop: - - temp - + - temp diff --git a/roles/munin-server/tasks/main.yml b/roles/munin-server/tasks/main.yml index b0e0b39..ba3db94 100644 --- a/roles/munin-server/tasks/main.yml +++ b/roles/munin-server/tasks/main.yml @@ -1,10 +1,11 @@ +--- + - name: install munin packages package: - name: munin - state: present + name: munin + state: present - name: munin conf file template: - src: munin.conf.j2 - dest: /etc/munin/munin.conf - + src: munin.conf.j2 + dest: /etc/munin/munin.conf diff --git a/roles/nginx/handlers/main.yml b/roles/nginx/handlers/main.yml index 5463835..f7639fd 100644 --- a/roles/nginx/handlers/main.yml +++ b/roles/nginx/handlers/main.yml @@ -1,3 +1,5 @@ +--- + - name: restart nginx service: name: nginx diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 846422a..7a6bae7 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -1,3 +1,5 @@ +--- + - name: install nginx package package: name: nginx-full @@ -15,26 +17,26 @@ notify: - restart nginx loop: - - { src: nginx.conf.j2, dest: /etc/nginx/nginx.conf } - - { src: nginx.ssl.conf.j2, dest: /etc/nginx/nginx.ssl.conf } - - { src: fastcgi_params.j2, dest: /etc/nginx/fastcgi_params } - - { src: proxy_params.j2, dest: /etc/nginx/proxy_params } - - { src: default.j2, dest: /etc/nginx/sites-available/default } + - {src: nginx.conf.j2, dest: /etc/nginx/nginx.conf} + - {src: nginx.ssl.conf.j2, dest: /etc/nginx/nginx.ssl.conf} + - {src: fastcgi_params.j2, dest: /etc/nginx/fastcgi_params} + - {src: proxy_params.j2, dest: /etc/nginx/proxy_params} + - {src: default.j2, dest: /etc/nginx/sites-available/default} - name: create base dir file: - path: /srv/http - owner: root - group: www-data - mode: 'u+rwx,g+rs,o-rwx' - state: directory + path: /srv/http + owner: root + group: www-data + mode: 'u+rwx,g+rs,o-rwx' + state: directory - name: create letsencrypt dir file: - path: /srv/http/common/letsencrypt - owner: root - group: www-data - mode: 'u+rwx,g+rs,o-rwx' - state: directory + path: /srv/http/common/letsencrypt + owner: root + group: www-data + mode: 'u+rwx,g+rs,o-rwx' + state: directory - include_tasks: vhosts.yml diff --git a/roles/nginx/tasks/vhosts.yml b/roles/nginx/tasks/vhosts.yml index 2efaadd..47c0c1b 100644 --- a/roles/nginx/tasks/vhosts.yml +++ b/roles/nginx/tasks/vhosts.yml @@ -1,12 +1,14 @@ +--- + - name: symlink vhosts file: src: "/etc/nginx/sites-available/{{ item }}.conf" dest: "/etc/nginx/sites-enabled/{{ item }}.conf" - force: True - follow: False + force: true + follow: false state: link notify: - - restart nginx + - restart nginx loop: "{{ web_hostname }}" - name: install vhosts diff --git a/roles/nut-client/handlers/main.yml b/roles/nut-client/handlers/main.yml index 7afff8c..fec7b4c 100644 --- a/roles/nut-client/handlers/main.yml +++ b/roles/nut-client/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart nut-client service: - name: nut-client - state: restarted + name: nut-client + state: restarted diff --git a/roles/nut-client/tasks/main.yml b/roles/nut-client/tasks/main.yml index 75ae6f0..7a41096 100644 --- a/roles/nut-client/tasks/main.yml +++ b/roles/nut-client/tasks/main.yml @@ -1,19 +1,21 @@ +--- + - name: install nut client package: - name: nut-client - state: present + name: nut-client + state: present - name: upsmon.conf file template: - src: upsmon.conf.j2 - dest: /etc/nut/upsmon.conf - mode: '0640' + src: upsmon.conf.j2 + dest: /etc/nut/upsmon.conf + mode: '0640' notify: restart nut-client - name: nut.conf file copy: - src: files/nut.conf - dest: /etc/nut/nut.conf - mode: '0640' + src: files/nut.conf + dest: /etc/nut/nut.conf + mode: '0640' when: inventory_hostname not in groups['nut_server'] notify: restart nut-client diff --git a/roles/nut-server/handlers/main.yml b/roles/nut-server/handlers/main.yml index c3aab9c..9c62cf9 100644 --- a/roles/nut-server/handlers/main.yml +++ b/roles/nut-server/handlers/main.yml @@ -1,12 +1,14 @@ +--- + - name: restart nut-server service: - name: nut-server - state: restarted + name: nut-server + state: restarted - name: udev command: "udevadm control --reload-rules && udevadm trigger" - name: restart nut-driver service: - name: nut-driver - state: restarted + name: nut-driver + state: restarted diff --git a/roles/nut-server/tasks/main.yml b/roles/nut-server/tasks/main.yml index 44d4315..5c55105 100644 --- a/roles/nut-server/tasks/main.yml +++ b/roles/nut-server/tasks/main.yml @@ -1,40 +1,42 @@ +--- + - name: install nut server package: - name: nut-server - state: present + name: nut-server + state: present - name: udev conf file for nut copy: - src: files/90-nut-ups.rules - dest: /etc/udev/rules.d/90-nut-ups.rules + src: files/90-nut-ups.rules + dest: /etc/udev/rules.d/90-nut-ups.rules notify: - - udev - - restart nut-driver + - udev + - restart nut-driver - name: nut.conf file copy: - src: files/nut.conf - dest: /etc/nut/nut.conf - mode: '0640' + src: files/nut.conf + dest: /etc/nut/nut.conf + mode: '0640' notify: restart nut-server - name: ups.conf file copy: - src: files/ups.conf - dest: /etc/nut/ups.conf - mode: '0640' + src: files/ups.conf + dest: /etc/nut/ups.conf + mode: '0640' notify: restart nut-server - name: upsd.conf file copy: - src: files/upsd.conf - dest: /etc/nut/upsd.conf - mode: '0640' + src: files/upsd.conf + dest: /etc/nut/upsd.conf + mode: '0640' notify: restart nut-server - name: upsd.users file template: - src: upsd.users.j2 - dest: /etc/nut/upsd.users - mode: '0640' + src: upsd.users.j2 + dest: /etc/nut/upsd.users + mode: '0640' notify: restart nut-server diff --git a/roles/opendkim/handlers/main.yml b/roles/opendkim/handlers/main.yml index e872e8b..c6d6c34 100644 --- a/roles/opendkim/handlers/main.yml +++ b/roles/opendkim/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart opendkim service: - name: opendkim - state: restarted + name: opendkim + state: restarted diff --git a/roles/opendkim/tasks/main.yml b/roles/opendkim/tasks/main.yml index ed9c6f0..38cb08a 100644 --- a/roles/opendkim/tasks/main.yml +++ b/roles/opendkim/tasks/main.yml @@ -1,32 +1,33 @@ +--- + - name: install opendkim package: - name: "{{ item }}" - state: present + name: "{{ item }}" + state: present loop: - - opendkim - - opendkim-tools + - opendkim + - opendkim-tools - name: main configuration files template: - src: opendkim.conf - dest: /etc/opendkim.conf + src: opendkim.conf + dest: /etc/opendkim.conf notify: - - restart opendkim + - restart opendkim - name: dkim directory file: - path: /etc/dkim - state: directory + path: /etc/dkim + state: directory - name: secondary configuration files copy: - src: "./files/dkim/{{ item }}" - dest: "/etc/dkim/{{ item }}" + src: "./files/dkim/{{ item }}" + dest: "/etc/dkim/{{ item }}" loop: - - KeyTable - - PeerList - - SigningTable - - TrustedHosts + - KeyTable + - PeerList + - SigningTable + - TrustedHosts notify: - - restart opendkim - + - restart opendkim diff --git a/roles/opendmarc/handlers/main.yml b/roles/opendmarc/handlers/main.yml index 0d41701..9d985d2 100644 --- a/roles/opendmarc/handlers/main.yml +++ b/roles/opendmarc/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart opendmarc service: - name: opendmarc - state: restarted + name: opendmarc + state: restarted diff --git a/roles/opendmarc/tasks/main.yml b/roles/opendmarc/tasks/main.yml index 0b54fce..3a58e4c 100644 --- a/roles/opendmarc/tasks/main.yml +++ b/roles/opendmarc/tasks/main.yml @@ -1,26 +1,27 @@ +--- + - name: install opendmarc package: - name: opendmarc - state: present + name: opendmarc + state: present - name: opendmarc config file copy: - src: ./files/opendmarc.conf - dest: /etc/opendmarc.conf + src: ./files/opendmarc.conf + dest: /etc/opendmarc.conf notify: - - restart opendmarc + - restart opendmarc - name: dmarc directory file: - path: /etc/dmarc - state: directory + path: /etc/dmarc + state: directory - name: secondary configuration files copy: - src: "./files/dmarc/{{ item }}" - dest: "/etc/dmarc/{{ item }}" + src: "./files/dmarc/{{ item }}" + dest: "/etc/dmarc/{{ item }}" loop: - - IgnoreHosts + - IgnoreHosts notify: - - restart opendmarc - + - restart opendmarc diff --git a/roles/php/defaults/main.yml b/roles/php/defaults/main.yml index 6027867..06bff16 100644 --- a/roles/php/defaults/main.yml +++ b/roles/php/defaults/main.yml @@ -1 +1,3 @@ +--- + php_modules: "['opcache', 'mysql', 'mbstring', 'gd']" diff --git a/roles/php/handlers/main.yml b/roles/php/handlers/main.yml index bf892e3..1aa3beb 100644 --- a/roles/php/handlers/main.yml +++ b/roles/php/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart php-fpm service: - name: "php{{ php_version }}-fpm" - state: restarted + name: "php{{ php_version }}-fpm" + state: restarted diff --git a/roles/php/tasks/main.yml b/roles/php/tasks/main.yml index 2383a60..849ceec 100644 --- a/roles/php/tasks/main.yml +++ b/roles/php/tasks/main.yml @@ -1,3 +1,5 @@ +--- + - name: install php-fpm package: name: php-fpm @@ -5,17 +7,17 @@ - name: configure php-fpm template: - src: www.conf.j2 - dest: /etc/php/{{ php_version }}/fpm/pool.d/www.conf + src: www.conf.j2 + dest: /etc/php/{{ php_version }}/fpm/pool.d/www.conf notify: - - restart php-fpm + - restart php-fpm - name: configure php copy: - src: ./files/php.ini - dest: /etc/php/{{ php_version }}/fpm/php.ini + src: ./files/php.ini + dest: /etc/php/{{ php_version }}/fpm/php.ini notify: - - restart php-fpm + - restart php-fpm - name: install lib for php package: @@ -23,5 +25,4 @@ state: present loop: "{{ php_modules }}" notify: - - restart php-fpm - + - restart php-fpm diff --git a/roles/postfix/handlers/main.yml b/roles/postfix/handlers/main.yml index 7ec66b0..a8d9e49 100644 --- a/roles/postfix/handlers/main.yml +++ b/roles/postfix/handlers/main.yml @@ -1,3 +1,5 @@ +--- + - name: postmap virtual-regexp command: postmap /etc/postfix/virtual-regexp listen: "postmap files" @@ -8,7 +10,5 @@ - name: restart postfix service: - name: postfix - state: restarted - - + name: postfix + state: restarted diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml index 72db050..52280b5 100644 --- a/roles/postfix/tasks/main.yml +++ b/roles/postfix/tasks/main.yml @@ -1,39 +1,40 @@ +--- + - name: install postfix package: - name: postfix - state: present + name: postfix + state: present - name: install mailutils package: - name: mailutils - state: present + name: mailutils + state: present - name: main configuration files copy: - src: "./files/{{ item }}" - dest: "/etc/postfix/{{ item }}" + src: "./files/{{ item }}" + dest: "/etc/postfix/{{ item }}" loop: - - main.cf - - master.cf + - main.cf + - master.cf notify: - - restart postfix + - restart postfix - name: map files copy: - src: "./files/{{ item }}" - dest: "/etc/postfix/{{ item }}" + src: "./files/{{ item }}" + dest: "/etc/postfix/{{ item }}" loop: - - transport - - virtual-regexp + - transport + - virtual-regexp notify: - - postmap files - - restart postfix + - postmap files + - restart postfix - name: mail generation script copy: - src: ./files/generate_email.sh - dest: /usr/local/bin/generate_email.sh - owner: root - group: root - mode: '0755' - + src: ./files/generate_email.sh + dest: /usr/local/bin/generate_email.sh + owner: root + group: root + mode: '0755' diff --git a/roles/postgres/defaults/main.yml b/roles/postgres/defaults/main.yml index 8a09f3a..c581283 100644 --- a/roles/postgres/defaults/main.yml +++ b/roles/postgres/defaults/main.yml @@ -1 +1,3 @@ +--- + pg_version: "{% if ansible_facts['os_family'] == 'Debian' and ansible_facts['distribution_major_version'] == '9' %}9.6{% elif ansible_facts['os_family'] == 'Debian' and ansible_facts['distribution_major_version'] == '10' %}11{% elif ansible_facts['os_family'] == 'Debian' and ansible_facts['distribution_major_version'] == '11' %}13{% endif %}" diff --git a/roles/postgres/handlers/main.yml b/roles/postgres/handlers/main.yml index b5ed6e7..3f82b98 100644 --- a/roles/postgres/handlers/main.yml +++ b/roles/postgres/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart postgres service: - name: "postgresql@{{ pg_version }}-main" - state: restarted + name: "postgresql@{{ pg_version }}-main" + state: restarted diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml index 8bfaa0d..dd60653 100644 --- a/roles/postgres/tasks/main.yml +++ b/roles/postgres/tasks/main.yml @@ -1,7 +1,9 @@ +--- + - name: install postgresql package: - name: postgresql - state: present + name: postgresql + state: present - name: create pgsql directory file: @@ -12,35 +14,35 @@ - name: populate postgresql directory command: "/usr/lib/postgresql/{{ pg_version }}/bin/initdb -E UTF-8 /srv/postgresql/" - become: yes + become: true become_user: postgres args: - creates: /srv/postgresql/PG_VERSION + creates: /srv/postgresql/PG_VERSION notify: restart postgres - name: replace main conffile copy: - src: files/postgresql.conf - dest: "/etc/postgresql/{{ pg_version }}/main/postgresql.conf" + src: files/postgresql.conf + dest: "/etc/postgresql/{{ pg_version }}/main/postgresql.conf" notify: restart postgres - name: replace pg_hba file copy: - src: files/pg_hba.conf - dest: "/etc/postgresql/{{ pg_version }}/main/pg_hba.conf" + src: files/pg_hba.conf + dest: "/etc/postgresql/{{ pg_version }}/main/pg_hba.conf" notify: restart postgres - name: create backup dir file: - path: /srv/backup/pgsql - owner: postgres - group: postgres - state: directory + path: /srv/backup/pgsql + owner: postgres + group: postgres + state: directory - name: backup pg databases cron: - user: postgres - minute: "0" - hour: "4" - name: PG Backup - job: "/usr/bin/pg_dumpall | gzip -c > /srv/backup/pgsql/all.dbs.gz" + user: postgres + minute: "0" + hour: "4" + name: PG Backup + job: "/usr/bin/pg_dumpall | gzip -c > /srv/backup/pgsql/all.dbs.gz" diff --git a/roles/rsyslog/handlers/main.yml b/roles/rsyslog/handlers/main.yml index ff67619..87bd91a 100644 --- a/roles/rsyslog/handlers/main.yml +++ b/roles/rsyslog/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart rsyslog service: - name: rsyslog - state: restarted + name: rsyslog + state: restarted diff --git a/roles/rsyslog/tasks/main.yml b/roles/rsyslog/tasks/main.yml index ecf354e..d50b471 100644 --- a/roles/rsyslog/tasks/main.yml +++ b/roles/rsyslog/tasks/main.yml @@ -1,19 +1,21 @@ +--- + - name: install rsyslog package: - name: rsyslog - state: present + name: rsyslog + state: present - name: put log concentration file copy: - src: files/sys.conf - dest: /etc/rsyslog.d/sys.conf + src: files/sys.conf + dest: /etc/rsyslog.d/sys.conf notify: restart rsyslog when: "'rsyslogservers' in group_names" - name: put rsyslog config file copy: - src: files/remote.conf - dest: /etc/rsyslog.d/remote.conf + src: files/remote.conf + dest: /etc/rsyslog.d/remote.conf notify: restart rsyslog - name: insert hosts into /etc/hosts diff --git a/roles/rsyslog/vars/main.yml b/roles/rsyslog/vars/main.yml index b30ef36..37c5b56 100644 --- a/roles/rsyslog/vars/main.yml +++ b/roles/rsyslog/vars/main.yml @@ -1,3 +1,5 @@ +--- + pretty_named_hosts: - name: enbarr address: 10.233.212.50 diff --git a/roles/smtprelay/handlers/main.yml b/roles/smtprelay/handlers/main.yml index e2e29dd..5725f47 100644 --- a/roles/smtprelay/handlers/main.yml +++ b/roles/smtprelay/handlers/main.yml @@ -1,8 +1,9 @@ +--- + - name: restart postfix service: - name: postfix - state: restarted + name: postfix + state: restarted - name: postmap sasl_passwd command: postmap /etc/postfix/sasl_passwd - diff --git a/roles/smtprelay/tasks/main.yml b/roles/smtprelay/tasks/main.yml index 63f623f..3e4ba20 100644 --- a/roles/smtprelay/tasks/main.yml +++ b/roles/smtprelay/tasks/main.yml @@ -1,25 +1,27 @@ +--- + - name: install postfix smtp server package: - name: postfix - state: present + name: postfix + state: present - name: install libsasl2 package: - name: libsasl2-modules - state: present + name: libsasl2-modules + state: present - name: install sasl_passwd file template: - src: sasl_passwd.j2 - dest: /etc/postfix/sasl_passwd - mode: 0640 + src: sasl_passwd.j2 + dest: /etc/postfix/sasl_passwd + mode: 0640 notify: - - postmap sasl_passwd - - restart postfix + - postmap sasl_passwd + - restart postfix - name: install default postfix main.cf template: - src: main.cf.j2 - dest: /etc/postfix/main.cf - mode: 0644 + src: main.cf.j2 + dest: /etc/postfix/main.cf + mode: 0644 notify: restart postfix diff --git a/roles/system/handlers/main.yml b/roles/system/handlers/main.yml index 0105595..1fae608 100644 --- a/roles/system/handlers/main.yml +++ b/roles/system/handlers/main.yml @@ -1,3 +1,5 @@ +--- + - name: restart sshd service: name: sshd diff --git a/roles/system/tasks/apt-transport-https.yml b/roles/system/tasks/apt-transport-https.yml index a8220c3..6a0a411 100644 --- a/roles/system/tasks/apt-transport-https.yml +++ b/roles/system/tasks/apt-transport-https.yml @@ -1,3 +1,5 @@ +--- + - name: install https transport for apt package: name: apt-transport-https diff --git a/roles/system/tasks/aptitude.yml b/roles/system/tasks/aptitude.yml index 27f4c74..5c2a18f 100644 --- a/roles/system/tasks/aptitude.yml +++ b/roles/system/tasks/aptitude.yml @@ -1,5 +1,7 @@ +--- + - name: install aptitude package: - name: aptitude - state: present + name: aptitude + state: present when: ansible_facts['os_family'] == 'Debian' diff --git a/roles/system/tasks/bashrc.yml b/roles/system/tasks/bashrc.yml index 21d153a..b918680 100644 --- a/roles/system/tasks/bashrc.yml +++ b/roles/system/tasks/bashrc.yml @@ -1,6 +1,8 @@ +--- + - name: copy basic bashrc files copy: - src: files/dotbashrc - dest: /root/.bashrc - owner: root - group: root + src: files/dotbashrc + dest: /root/.bashrc + owner: root + group: root diff --git a/roles/system/tasks/cron-apt.yml b/roles/system/tasks/cron-apt.yml index 7019eb3..4eb13fd 100644 --- a/roles/system/tasks/cron-apt.yml +++ b/roles/system/tasks/cron-apt.yml @@ -1,10 +1,11 @@ +--- + - name: install cron-apt package: - name: cron-apt - state: present + name: cron-apt + state: present - name: default configuration file copy: - src: files/5-install - dest: /etc/cron-apt/action.d/5-install - + src: files/5-install + dest: /etc/cron-apt/action.d/5-install diff --git a/roles/system/tasks/cron.yml b/roles/system/tasks/cron.yml index 7420bb6..0b64586 100644 --- a/roles/system/tasks/cron.yml +++ b/roles/system/tasks/cron.yml @@ -1,3 +1,5 @@ +--- + - name: install cron package: name: cron diff --git a/roles/system/tasks/curl.yml b/roles/system/tasks/curl.yml index e5fb8ee..163806a 100644 --- a/roles/system/tasks/curl.yml +++ b/roles/system/tasks/curl.yml @@ -1,3 +1,5 @@ +--- + - name: install curl package: name: curl diff --git a/roles/system/tasks/gpg.yml b/roles/system/tasks/gpg.yml index 73de00e..4b53830 100644 --- a/roles/system/tasks/gpg.yml +++ b/roles/system/tasks/gpg.yml @@ -1,4 +1,6 @@ +--- + - name: install gpg package package: - name: gpg - state: present + name: gpg + state: present diff --git a/roles/system/tasks/htop.yml b/roles/system/tasks/htop.yml index 82b092b..473ccbd 100644 --- a/roles/system/tasks/htop.yml +++ b/roles/system/tasks/htop.yml @@ -1,4 +1,6 @@ +--- + - name: install htop package: - name: htop - state: present + name: htop + state: present diff --git a/roles/system/tasks/locales.yml b/roles/system/tasks/locales.yml index 0b2d0a5..250144c 100644 --- a/roles/system/tasks/locales.yml +++ b/roles/system/tasks/locales.yml @@ -1,3 +1,5 @@ +--- + - name: Set default locale to fr_FR.UTF-8 debconf: name: locales @@ -13,8 +15,8 @@ vtype: multiselect - name: delete original locale.gen file: - path: /etc/locale.gen - state: absent + path: /etc/locale.gen + state: absent when: ansible_facts['env']['LANG'] != 'fr_FR.UTF-8' - name: update original locale.gen diff --git a/roles/system/tasks/localtime.yml b/roles/system/tasks/localtime.yml index e421454..3a4171b 100644 --- a/roles/system/tasks/localtime.yml +++ b/roles/system/tasks/localtime.yml @@ -1,3 +1,5 @@ +--- + - file: src: /usr/share/zoneinfo/Europe/Paris dest: /etc/localtime diff --git a/roles/system/tasks/ping.yml b/roles/system/tasks/ping.yml index a744efb..3c61502 100644 --- a/roles/system/tasks/ping.yml +++ b/roles/system/tasks/ping.yml @@ -1,3 +1,5 @@ +--- + - name: install ping utility package: name: iputils-ping diff --git a/roles/system/tasks/sshd.yml b/roles/system/tasks/sshd.yml index 42650e3..b14aa72 100644 --- a/roles/system/tasks/sshd.yml +++ b/roles/system/tasks/sshd.yml @@ -1,3 +1,5 @@ +--- + - name: ssh configuration file template: src: sshd_config.j2 @@ -7,15 +9,15 @@ - name: ssh keys home authorized_key: - user: root - state: present - key: "{{ lookup('file', 'ssh/home.id_rsa.pub') }}" + user: root + state: present + key: "{{ lookup('file', 'ssh/home.id_rsa.pub') }}" - name: ssh keys work authorized_key: - user: root - state: present - key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}" + user: root + state: present + key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}" - name: remove old work key authorized_key: diff --git a/roles/system/tasks/telnet.yml b/roles/system/tasks/telnet.yml index b3907f2..2e9ae80 100644 --- a/roles/system/tasks/telnet.yml +++ b/roles/system/tasks/telnet.yml @@ -1,3 +1,5 @@ +--- + - name: install telnet package: name: telnet diff --git a/roles/system/tasks/vimrc.yml b/roles/system/tasks/vimrc.yml index c69ef03..fbc62ee 100644 --- a/roles/system/tasks/vimrc.yml +++ b/roles/system/tasks/vimrc.yml @@ -1,7 +1,9 @@ +--- + - name: install vim package package: - name: vim - state: present + name: vim + state: present - name: copy vimrc config file copy: diff --git a/roles/system/tasks/wget.yml b/roles/system/tasks/wget.yml index 674a1ac..518ab19 100644 --- a/roles/system/tasks/wget.yml +++ b/roles/system/tasks/wget.yml @@ -1,3 +1,5 @@ +--- + - name: install wget package package: name: wget diff --git a/roles/unifi/tasks/main.yml b/roles/unifi/tasks/main.yml index aa9409b..866c95a 100644 --- a/roles/unifi/tasks/main.yml +++ b/roles/unifi/tasks/main.yml @@ -1,3 +1,5 @@ +--- + - name: Add APT Key for Unifi get_url: url: https://dl.ui.com/unifi/unifi-repo.gpg diff --git a/roles/usb/handlers/main.yml b/roles/usb/handlers/main.yml index a5a2121..074ddc6 100644 --- a/roles/usb/handlers/main.yml +++ b/roles/usb/handlers/main.yml @@ -1,3 +1,5 @@ +--- + - name: reload udev command: "{{ item }}" loop: diff --git a/roles/usb/tasks/main.yml b/roles/usb/tasks/main.yml index 23df4bf..9b15505 100644 --- a/roles/usb/tasks/main.yml +++ b/roles/usb/tasks/main.yml @@ -1,3 +1,5 @@ +--- + - name: USB Udev rules copy: src: files/50-usb.rules diff --git a/roles/webapps/handlers/main.yml b/roles/webapps/handlers/main.yml index 5dd7aca..de64657 100644 --- a/roles/webapps/handlers/main.yml +++ b/roles/webapps/handlers/main.yml @@ -1,9 +1,11 @@ +--- + - name: restart nginx service: - name: nginx - state: restarted + name: nginx + state: restarted - name: restart php-fpm service: - name: "php{{ php_version }}-fpm" - state: restarted + name: "php{{ php_version }}-fpm" + state: restarted diff --git a/roles/webapps/tasks/main.yml b/roles/webapps/tasks/main.yml index 6d1d5c5..eea565c 100644 --- a/roles/webapps/tasks/main.yml +++ b/roles/webapps/tasks/main.yml @@ -1,3 +1,5 @@ +--- + - name: include ttrss for web1 include_tasks: ttrss.yml when: inventory_hostname == 'web1.dmz.mateu.be' diff --git a/roles/webapps/tasks/matomo.yml b/roles/webapps/tasks/matomo.yml index fc138a6..db62db3 100644 --- a/roles/webapps/tasks/matomo.yml +++ b/roles/webapps/tasks/matomo.yml @@ -1,6 +1,8 @@ +--- + - name: crontab for matomo cron: - name: Matomo reports - user: www-data - minute: "5" - job: "/usr/bin/php /srv/http/analyse.nintendojo.fr/console core:archive > /dev/null" + name: Matomo reports + user: www-data + minute: "5" + job: "/usr/bin/php /srv/http/analyse.nintendojo.fr/console core:archive > /dev/null" diff --git a/roles/webapps/tasks/nextcloud.yml b/roles/webapps/tasks/nextcloud.yml index 2b02d9f..26f12d4 100644 --- a/roles/webapps/tasks/nextcloud.yml +++ b/roles/webapps/tasks/nextcloud.yml @@ -1,6 +1,8 @@ +--- + - name: php-fpm nextcloud specific configuration copy: - src: files/oc.conf - dest: "/etc/php/{{ php_version }}/fpm/pool.d/oc.conf" + src: files/oc.conf + dest: "/etc/php/{{ php_version }}/fpm/pool.d/oc.conf" notify: - - restart php-fpm + - restart php-fpm diff --git a/roles/webapps/tasks/scootaloo.yml b/roles/webapps/tasks/scootaloo.yml index b5ae9c2..3949dda 100644 --- a/roles/webapps/tasks/scootaloo.yml +++ b/roles/webapps/tasks/scootaloo.yml @@ -1,10 +1,12 @@ +--- + - name: install scootaloo copy: - src: files/bin/scootaloo - dest: "{{ scootaloo_bin_path }}" - owner: root - group: www-data - mode: 0750 + src: files/bin/scootaloo + dest: "{{ scootaloo_bin_path }}" + owner: root + group: www-data + mode: 0750 - name: put configuration file template: @@ -31,8 +33,7 @@ - name: cron for scootaloo cron: - name: Scootaloo Dojo - user: www-data - minute: "*/5" - job: "{{ scootaloo_bin_path }} > /dev/null" - + name: Scootaloo Dojo + user: www-data + minute: "*/5" + job: "{{ scootaloo_bin_path }} > /dev/null" diff --git a/roles/webapps/tasks/tootctl.yml b/roles/webapps/tasks/tootctl.yml index 073c8bd..c1a29de 100644 --- a/roles/webapps/tasks/tootctl.yml +++ b/roles/webapps/tasks/tootctl.yml @@ -1,7 +1,9 @@ +--- + - name: cron for tootctl cron: - name: Mastodon tootctl - minute: "0" - hour: "19" - weekday: "5" - job: "COMPOSE_HTTP_TIMEOUT=360 docker-compose -f /srv/docker/m.nintendojo.fr/docker-compose.yml run --rm web bin/tootctl media remove" + name: Mastodon tootctl + minute: "0" + hour: "19" + weekday: "5" + job: "COMPOSE_HTTP_TIMEOUT=360 docker-compose -f /srv/docker/m.nintendojo.fr/docker-compose.yml run --rm web bin/tootctl media remove" diff --git a/roles/webapps/tasks/ttrss.yml b/roles/webapps/tasks/ttrss.yml index 8a34898..293e0c5 100644 --- a/roles/webapps/tasks/ttrss.yml +++ b/roles/webapps/tasks/ttrss.yml @@ -1,16 +1,17 @@ +--- + - name: systemd file for backend copy: - src: files/ttrss_backend.service - dest: /etc/systemd/system/ttrss_backend.service + src: files/ttrss_backend.service + dest: /etc/systemd/system/ttrss_backend.service - name: enable and start service ttrss_backend service: - name: ttrss_backend - enabled: true - state: started + name: ttrss_backend + enabled: true + state: started - name: install git package: - name: git - state: present - + name: git + state: present diff --git a/roles/webapps/tasks/wp_dojo.yml b/roles/webapps/tasks/wp_dojo.yml index bac828f..8a05c0f 100644 --- a/roles/webapps/tasks/wp_dojo.yml +++ b/roles/webapps/tasks/wp_dojo.yml @@ -1,13 +1,15 @@ +--- + - name: nginx cache copy: - src: files/fastcgi_cache.conf - dest: /etc/nginx/conf.d/fastcgi_cache.conf + src: files/fastcgi_cache.conf + dest: /etc/nginx/conf.d/fastcgi_cache.conf notify: - - restart nginx + - restart nginx - name: wordpress cron cron: - name: "WP Twitter refresh" - user: www-data - minute: "*/2" - job: "/usr/bin/wget -q -O - https://www.nintendojo.fr/wp-cron.php &> /dev/null" + name: "WP Twitter refresh" + user: www-data + minute: "*/2" + job: "/usr/bin/wget -q -O - https://www.nintendojo.fr/wp-cron.php &> /dev/null" diff --git a/roles/webapps/tasks/z-push.yml b/roles/webapps/tasks/z-push.yml index 005e51a..bae38ea 100644 --- a/roles/webapps/tasks/z-push.yml +++ b/roles/webapps/tasks/z-push.yml @@ -1,30 +1,32 @@ +--- + - name: install z-push repokey apt_key: - url: https://download.kopano.io/zhub/z-push%3A/final/Debian_10/Release.key - state: present + url: https://download.kopano.io/zhub/z-push%3A/final/Debian_10/Release.key + state: present - name: install z-push repo apt_repository: - repo: deb https://download.kopano.io/zhub/z-push:/final/Debian_10/ / - state: present + repo: deb https://download.kopano.io/zhub/z-push:/final/Debian_10/ / + state: present - name: install z-push packages package: - name: "{{ item }}" - state: present + name: "{{ item }}" + state: present loop: - - z-push-autodiscover - - z-push-backend-caldav - - z-push-backend-carddav - - z-push-backend-combined - - z-push-backend-imap - - z-push-common - - z-push-ipc-sharedmemory - - z-push-state-sql + - z-push-autodiscover + - z-push-backend-caldav + - z-push-backend-carddav + - z-push-backend-combined + - z-push-backend-imap + - z-push-common + - z-push-ipc-sharedmemory + - z-push-state-sql - name: log directory file: - path: /var/log/z-push/ - owner: www-data - group: www-data - state: directory + path: /var/log/z-push/ + owner: www-data + group: www-data + state: directory diff --git a/roles/x509/tasks/main.yml b/roles/x509/tasks/main.yml index 93e5973..2e1f031 100644 --- a/roles/x509/tasks/main.yml +++ b/roles/x509/tasks/main.yml @@ -1,5 +1,6 @@ +--- + - name: install acme.sh shell: curl https://get.acme.sh | INSTALLONLINE=1 LE_WORKING_DIR=/etc/x509 sh args: creates: /etc/x509 - diff --git a/roles/xmpp/handlers/main.yml b/roles/xmpp/handlers/main.yml index 94d2818..4ad9f5b 100644 --- a/roles/xmpp/handlers/main.yml +++ b/roles/xmpp/handlers/main.yml @@ -1,4 +1,6 @@ +--- + - name: restart prosody service: - name: prosody - state: restarted + name: prosody + state: restarted diff --git a/roles/xmpp/tasks/main.yml b/roles/xmpp/tasks/main.yml index a823d40..fa61824 100644 --- a/roles/xmpp/tasks/main.yml +++ b/roles/xmpp/tasks/main.yml @@ -1,10 +1,12 @@ +--- + - name: install prosody package: - name: "{{ item }}" - state: present + name: "{{ item }}" + state: present loop: - - prosody - - prosody-modules + - prosody + - prosody-modules - name: create dhparam shell: /usr/bin/openssl dhparam -out /etc/prosody/certs/dh-2048.pem 2048 @@ -13,15 +15,14 @@ - name: right management for dh params file: - path: /etc/prosody/certs/dh-2048.pem - owner: root - group: prosody - mode: '0640' + path: /etc/prosody/certs/dh-2048.pem + owner: root + group: prosody + mode: '0640' - name: prosody configuration files copy: - src: ./files/prosody.cfg.lua - dest: /etc/prosody/prosody.cfg.lua + src: ./files/prosody.cfg.lua + dest: /etc/prosody/prosody.cfg.lua notify: - - restart prosody - + - restart prosody