slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: standardize tasks’ name

Browse Source
This commit is contained in:
VC
2024-07-05 11:53:35 +02:00
parent 788dfae081
commit 85f0f91887
36 changed files with 114 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/dovecot/tasks/main.yml
View File

@@ -8,7 +8,7 @@
- dovecot-sieve
- dovecot-lmtpd
- name: Main configuration file
- name: Put main configuration file
ansible.builtin.copy:
src: ./files/dovecot.conf
dest: /etc/dovecot/dovecot.conf
@@ -16,7 +16,7 @@
notify:
- Restart dovecot
- name: Sieve configuration file
- name: Put sieve configuration file
ansible.builtin.copy:
src: ./files/before.sieve
dest: /etc/dovecot/before.sieve

2
roles/firewall/tasks/main.yml
View File

@@ -1,6 +1,6 @@
---
- name: Generate firewall file
- name: Put firewall file
ansible.builtin.template:
src: firewall.j2
dest: /etc/config/firewall

2
roles/ftp/tasks/main.yml
View File

@@ -27,7 +27,7 @@
state: directory
mode: 0755
- name: Config vsftpd
- name: Put vsftpd config file
ansible.builtin.copy:
src: files/vsftpd.conf
dest: /etc/vsftpd.conf

2
roles/haproxy/tasks/main.yml
View File

@@ -5,7 +5,7 @@
name: haproxy
state: present
- name: Haproxy config
- name: Put haproxy config file
ansible.builtin.template:
src: haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg

2
roles/icecast2/tasks/main.yml
View File

@@ -5,7 +5,7 @@
name: icecast2
state: present
- name: Configuration file
- name: Put icecast2 configuration file
ansible.builtin.template:
src: icecast.xml.j2
dest: /etc/icecast2/icecast.xml

10
roles/mariadb/tasks/main.yml
View File

@@ -19,14 +19,14 @@
creates: /srv/mysql/ibdata1
notify: Restart mariadb
- name: Replace conffile
- name: Put mariadb configuration file
ansible.builtin.template:
src: 50-server.cnf.j2
dest: /etc/mysql/mariadb.conf.d/50-server.cnf
mode: 0644
notify: Restart mariadb
- name: Debian upgrade file conf
- name: Upgrade debian configuration file
ansible.builtin.template:
src: debian.cnf.j2
dest: /etc/mysql/debian.cnf
@@ -48,7 +48,7 @@
path: /root/.my.cnf
register: dot_my_cnf
- name: Root password
- name: Set root password
community.mysql.mysql_user:
login_unix_socket: "/var/run/mysqld/mysqld.sock"
host: localhost
@@ -62,7 +62,7 @@
dest: ~/.my.cnf
mode: '0600'
- name: Root password (follow-up)
- name: Set root password (follow-up)
community.mysql.mysql_user:
login_user: root
host: "{{ item }}"
@@ -73,7 +73,7 @@
- "127.0.0.1"
- "::1"
- name: Scripted version of mysql_secure_installation
- name: Exec scripted version of mysql_secure_installation
ansible.builtin.command:
cmd: "{{ item }}"
creates: ~/mysql_secure_installation

6
roles/mastodon/tasks/main.yml
View File

@@ -9,7 +9,7 @@
- name: Install redis
ansible.builtin.include_tasks: redis.yml
- name: Mastodon user
- name: Create mastodon user
ansible.builtin.user:
name: mastodon
comment: "John Mastodon"
@@ -17,7 +17,7 @@
shell: /bin/bash
home: "{{ mastodon_home }}"
- name: Mastodon .ssh dir
- name: Create mastodon .ssh dir
ansible.builtin.file:
state: directory
path: "{{ mastodon_home }}/.ssh"
@@ -25,7 +25,7 @@
owner: mastodon
group: mastodon
- name: Ssh for mastodon user
- name: Set ssh for mastodon user
ansible.builtin.copy:
remote_src: true
src: /root/.ssh/authorized_keys

10
roles/mastodon/tasks/mastodon.yml
View File

@@ -1,13 +1,13 @@
---
- name: Git mastodon
- name: Get mastodon git
remote_user: mastodon
ansible.builtin.git:
repo: "https://github.com/mastodon/mastodon.git"
dest: "{{ mastodon_home }}/live"
version: "v{{ mastodon_version }}"
- name: Bundle config command
- name: Exec bundle
remote_user: mastodon
ansible.builtin.command:
cmd: |
@@ -15,7 +15,7 @@
creates: "{{ mastodon_home }}/.bundle/config"
chdir: "{{ mastodon_home }}/live"
- name: Bundle install
- name: Install bundle
remote_user: mastodon
ansible.builtin.command:
cmd: |
@@ -23,7 +23,7 @@
chdir: "{{ mastodon_home }}/live"
changed_when: true
- name: Yarn install
- name: Install yarn
remote_user: mastodon
ansible.builtin.command:
cmd: |
@@ -38,7 +38,7 @@
state: directory
mode: '0750'
- name: Template scripts
- name: Put template scripts
remote_user: mastodon
ansible.builtin.template:
src: "{{ item }}.j2"

4
roles/mastodon/tasks/nodejs.yml
View File

@@ -7,12 +7,12 @@
force: true
mode: 0644
- name: Gpg dearmor key
- name: Dearmor gpg key
ansible.builtin.command:
cmd: "gpg --dearmor --yes -o {{ mastodon_nodejs_key_path }} /tmp/nodesource.gpg.key"
changed_when: true
- name: Node source repo
- name: Set node source repo
ansible.builtin.copy:
content: "deb [signed-by={{ mastodon_nodejs_key_path }}] https://deb.nodesource.com/node_16.x {{ ansible_facts['distribution_release'] }} main"
dest: /etc/apt/sources.list.d/nodesource.list

4
roles/mastodon/tasks/rbenv.yml
View File

@@ -1,6 +1,6 @@
---
- name: Git rbenv
- name: Get rbenv git
remote_user: mastodon
ansible.builtin.git:
repo: "https://github.com/rbenv/rbenv.git"
@@ -8,7 +8,7 @@
single_branch: true
version: master
- name: Git ruby-build
- name: Get ruby-build git
remote_user: mastodon
ansible.builtin.git:
repo: https://github.com/rbenv/ruby-build.git

4
roles/mastodon/tasks/yarn.yml
View File

@@ -7,12 +7,12 @@
mode: 0644
force: true
- name: Gpg dearmor key
- name: Dearmor gpg key
ansible.builtin.command:
cmd: "gpg --dearmor --yes -o {{ mastodon_yarn_key_path }} /tmp/yarn.gpg.key"
changed_when: true
- name: Yarn source repo
- name: Set yarn source repo
ansible.builtin.copy:
content: "deb [signed-by={{ mastodon_yarn_key_path }}] https://dl.yarnpkg.com/debian stable main"
dest: /etc/apt/sources.list.d/yarn.list

2
roles/mumble/tasks/main.yml
View File

@@ -5,7 +5,7 @@
name: mumble-server
state: present
- name: Configuration files
- name: Put configuration file
ansible.builtin.copy:
src: ./files/mumble-server.ini
dest: /etc/mumble-server.ini

6
roles/munin_client/tasks/main.yml
View File

@@ -22,7 +22,7 @@
state: present
loop: "{{ muninpkgs }}"
- name: Munin-node conf file
- name: Put munin-node configuration file
ansible.builtin.template:
src: munin-node.conf.j2
dest: /etc/munin/munin-node.conf
@@ -42,7 +42,7 @@
when: "'webservers' in group_names or 'loadbalancers' in group_names"
# for HAProxy servers
- name: Add HAProxy backend module
- name: Add haproxy backend module
ansible.builtin.file:
src: /usr/share/munin/plugins/haproxy_
dest: /etc/munin/plugins/haproxy_current
@@ -110,7 +110,7 @@
- users
## Useless junks for LXC
- name: "Delete junks from LXC machines"
- name: Delete junks for LXC containers
ansible.builtin.file:
path: "/etc/munin/plugins/{{ item }}"
state: absent

2
roles/munin_server/tasks/main.yml
View File

@@ -5,7 +5,7 @@
name: munin
state: present
- name: Munin conf file
- name: Put munin configuration file
ansible.builtin.template:
src: munin.conf.j2
dest: /etc/munin/munin.conf

2
roles/nginx/tasks/main.yml
View File

@@ -10,7 +10,7 @@
cmd: /usr/bin/openssl dhparam -out /etc/nginx/dhparam.pem 2048
creates: /etc/nginx/dhparam.pem
- name: Put configuration files
- name: Put nginx configuration files
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"

6
roles/nut_client/tasks/main.yml
View File

@@ -1,18 +1,18 @@
---
- name: Rnstall nut client
- name: Install nut client
ansible.builtin.package:
name: nut-client
state: present
- name: Upsmon.conf file
- name: Put upsmon configuration file
ansible.builtin.template:
src: upsmon.conf.j2
dest: /etc/nut/upsmon.conf
mode: '0640'
notify: Restart nut-client
- name: Nut.conf file
- name: Put nut configuration file
ansible.builtin.copy:
src: files/nut.conf
dest: /etc/nut/nut.conf

11
roles/nut_server/handlers/main.yml
View File

@@ -5,10 +5,13 @@
name: nut-server
state: restarted
- name: Udev
ansible.builtin.shell:
cmd: "udevadm control --reload-rules && udevadm trigger"
changed_when: false
- name: Reload udev
ansible.builtin.command:
cmd: "{{ item }}"
changed_when: true
loop:
- udevadm control --reload-rules
- udevadm trigger
- name: Restart nut-driver
ansible.builtin.service:

32
roles/nut_server/tasks/main.yml
View File

@@ -5,37 +5,27 @@
name: nut-server
state: present
- name: Udev conf file for nut
- name: Put udev configuration file
ansible.builtin.copy:
src: files/90-nut-ups.rules
dest: /etc/udev/rules.d/90-nut-ups.rules
mode: 0644
notify:
- Udev
- Reload udev
- Restart nut-driver
- name: Nut.conf file
- name: Put nut configuration files
ansible.builtin.copy:
src: files/nut.conf
dest: /etc/nut/nut.conf
mode: '0640'
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0640
loop:
- {src: "files/nut.conf", dest: "/etc/nut/nut.conf"}
- {src: "files/ups.conf", dest: "/etc/nut/ups.conf"}
- {src: "files/upsd.conf", dest: "/etc/nut/upsd.conf"}
notify: Restart nut-server
- name: Ups.conf file
ansible.builtin.copy:
src: files/ups.conf
dest: /etc/nut/ups.conf
mode: '0640'
notify: Restart nut-server
- name: Upsd.conf file
ansible.builtin.copy:
src: files/upsd.conf
dest: /etc/nut/upsd.conf
mode: '0640'
notify: Restart nut-server
- name: Upsd.users file
- name: Put upsd users file
ansible.builtin.template:
src: upsd.users.j2
dest: /etc/nut/upsd.users

6
roles/opendkim/tasks/main.yml
View File

@@ -8,7 +8,7 @@
- opendkim
- opendkim-tools
- name: Main configuration files
- name: Put main configuration file
ansible.builtin.template:
src: opendkim.conf
dest: /etc/opendkim.conf
@@ -16,13 +16,13 @@
notify:
- Restart opendkim
- name: Dkim directory
- name: Create dkim directory
ansible.builtin.file:
path: /etc/dkim
state: directory
mode: 0755
- name: Secondary configuration files
- name: Put secondary configuration files
ansible.builtin.copy:
src: "./files/dkim/{{ item }}"
dest: "/etc/dkim/{{ item }}"

6
roles/opendmarc/tasks/main.yml
View File

@@ -5,7 +5,7 @@
name: opendmarc
state: present
- name: Opendmarc config file
- name: Put opendmarc configuration file
ansible.builtin.copy:
src: ./files/opendmarc.conf
dest: /etc/opendmarc.conf
@@ -13,13 +13,13 @@
notify:
- restart opendmarc
- name: Dmarc directory
- name: Create dmarc directory
ansible.builtin.file:
path: /etc/dmarc
state: directory
mode: 0755
- name: Secondary configuration files
- name: Put secondary configuration files
ansible.builtin.copy:
src: "./files/dmarc/{{ item }}"
dest: "/etc/dmarc/{{ item }}"

19
roles/php/tasks/main.yml
View File

@@ -5,23 +5,18 @@
name: php-fpm
state: present
- name: Configure php-fpm
- name: Put php-fpm configuration files
ansible.builtin.template:
src: www.conf.j2
dest: /etc/php/{{ php_version }}/fpm/pool.d/www.conf
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
loop:
- {src: "www.conf.j2", dest: "/etc/php/{{ php_version }}/fpm/pool.d/www.conf"}
- {src: "php.ini.j2", dest: "/etc/php/{{ php_version }}/fpm/php.ini"}
notify:
- Restart php-fpm
- name: Configure php
ansible.builtin.template:
src: php.ini.j2
dest: /etc/php/{{ php_version }}/fpm/php.ini
mode: 0644
notify:
- Restart php-fpm
- name: Install lib for php
- name: Install lib for php-fpm
ansible.builtin.package:
name: "php-{{ item }}"
state: present

6
roles/postfix/tasks/main.yml
View File

@@ -10,7 +10,7 @@
name: mailutils
state: present
- name: Main configuration files
- name: Put main configuration files
ansible.builtin.copy:
src: "./files/{{ item }}"
dest: "/etc/postfix/{{ item }}"
@@ -21,7 +21,7 @@
notify:
- Restart postfix
- name: Map files
- name: Put map files
ansible.builtin.copy:
src: "./files/{{ item }}"
dest: "/etc/postfix/{{ item }}"
@@ -33,7 +33,7 @@
- Postmap files
- Restart postfix
- name: Mail generation script
- name: Put mail generation script
ansible.builtin.copy:
src: ./files/generate_email.sh
dest: /usr/local/bin/generate_email.sh

20
roles/postgres/tasks/main.yml
View File

@@ -21,18 +21,14 @@
become_user: postgres
notify: Restart postgres
- name: Replace main conffile
- name: Put main configuration files
ansible.builtin.copy:
src: files/postgresql.conf
dest: "/etc/postgresql/{{ pg_version }}/main/postgresql.conf"
mode: 0644
notify: Restart postgres
- name: Replace pg_hba file
ansible.builtin.copy:
src: files/pg_hba.conf
dest: "/etc/postgresql/{{ pg_version }}/main/pg_hba.conf"
mode: 0640
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- {src: "files/postgresql.conf", dest: "/etc/postgresql/{{ pg_version }}/main/postgresql.conf", mode: "0644"}
- {src: "files/pg_hba.conf", dest: "/etc/postgresql/{{ pg_version }}/main/pg_hba.conf", mode: "0640"}
notify: Restart postgres
- name: Create backup dir
@@ -43,7 +39,7 @@
state: directory
mode: 0755
- name: Backup pg databases
- name: Cron backup script
ansible.builtin.cron:
user: postgres
minute: "0"

2
roles/restic/tasks/main.yml
View File

@@ -15,7 +15,7 @@
group: root
mode: '0750'
- name: Cron the backup script
- name: Cron backup script
ansible.builtin.cron:
name: "restic backup script"
hour: "{{ restic_backup_hour }}"

4
roles/rsyslog/tasks/main.yml
View File

@@ -5,7 +5,7 @@
name: rsyslog
state: present
- name: Put log concentration file
- name: Put log configuration file
ansible.builtin.copy:
src: files/sys.conf
dest: /etc/rsyslog.d/sys.conf
@@ -13,7 +13,7 @@
notify: Restart rsyslog
when: "'rsyslogservers' in group_names"
- name: Put rsyslog config file
- name: Put rsyslog configuration file
ansible.builtin.copy:
src: files/remote.conf
dest: /etc/rsyslog.d/remote.conf

15
roles/smtprelay/tasks/main.yml
View File

@@ -9,17 +9,14 @@
file: smtp_remap.yml
when: smtprelay_origin not in ["mateu.be"]
- name: Install postfix smtp server
- name: Install packages
ansible.builtin.package:
name: postfix
name:
- postfix
- libsasl2-modules
state: present
- name: Install libsasl2
ansible.builtin.package:
name: libsasl2-modules
state: present
- name: Install sasl_passwd file
- name: Put sasl_passwd configuration file
ansible.builtin.template:
src: sasl_passwd.j2
dest: /etc/postfix/sasl_passwd
@@ -28,7 +25,7 @@
- Postmap sasl_passwd
- Restart postfix
- name: Install default postfix main.cf
- name: Put postfix configuration file
ansible.builtin.template:
src: main.cf.j2
dest: /etc/postfix/main.cf

17
roles/spamassassin/tasks/main.yml
View File

@@ -9,18 +9,13 @@
- libmail-dkim-perl
- libmail-spf-perl
- name: Main configuration files
- name: Put configuration files
ansible.builtin.copy:
src: ./files/local.cf
dest: /etc/spamassassin/local.cf
mode: 0644
notify:
- Restart spamassassin
- name: Default configuration files
ansible.builtin.copy:
src: ./files/spamassassin
dest: /etc/default/spamassassin
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
loop:
- {src: "./files/local.cf", dest: "/etc/spamassassin/local.cf"}
- {src: "./files/spamassassin", dest: "/etc/default/spamassassin"}
notify:
- Restart spamassassin

16
roles/system/tasks/main.yml
View File

@@ -60,7 +60,7 @@
changed_when: true
when: ansible_facts['env']['LANG'] != 'fr_FR.UTF-8'
- name: Copy bashrc config file
- name: Put bashrc configuration file
ansible.builtin.copy:
src: files/dotbashrc
dest: /root/.bashrc
@@ -68,7 +68,7 @@
owner: root
group: root
- name: Copy vimrc config file
- name: Put vimrc configuration file
ansible.builtin.copy:
src: files/vim/
dest: /root/.vim
@@ -76,9 +76,9 @@
owner: root
group: root
- name: SSH configuration
- name: Config ssh
block:
- name: Put SSH configuration file
- name: Put ssh configuration file
ansible.builtin.template:
src: sshd_config.j2
dest: /etc/ssh/sshd_config
@@ -86,19 +86,19 @@
notify:
- Restart sshd
- name: SSH key home
- name: Put ssh key home
ansible.posix.authorized_key:
user: root
state: present
key: "{{ lookup('file', 'ssh/home.id_rsa.pub') }}"
- name: SSH key work
- name: Put ssh key work
ansible.posix.authorized_key:
user: root
state: present
key: "{{ lookup('file', 'ssh/work.id_rsa.pub') }}"
- name: SSH key stef
- name: Put ssh key stef
ansible.posix.authorized_key:
user: root
state: present
@@ -106,7 +106,7 @@
path: "~/.ssh/instance_keys"
when: inventory_hostname in groups['fedinupesservers']
- name: Set cron-apt configuration file
- name: Put cron-apt configuration file
ansible.builtin.copy:
src: files/5-install
dest: /etc/cron-apt/action.d/5-install

2
roles/usb/handlers/main.yml
View File

@@ -3,7 +3,7 @@
- name: Reload udev
ansible.builtin.command:
cmd: "{{ item }}"
changed_when: false
changed_when: true
loop:
- udevadm control --reload-rules
- udevadm trigger

2
roles/usb/tasks/main.yml
View File

@@ -1,6 +1,6 @@
---
- name: USB Udev rules
- name: Put usb udev rules
ansible.builtin.copy:
src: files/50-usb.rules
dest: /etc/udev/rules.d/50-usb.rules

2
roles/webapps/tasks/matomo.yml
View File

@@ -1,6 +1,6 @@
---
- name: Crontab for matomo
- name: Cron for matomo
ansible.builtin.cron:
name: Matomo reports
user: www-data

2
roles/webapps/tasks/scootaloo.yml
View File

@@ -8,7 +8,7 @@
group: www-data
mode: 0750
- name: Create scootaloo config dir
- name: Create scootaloo configuration dir
ansible.builtin.file:
path: "{{ scootaloo_db_path }}"
state: directory

2
roles/webapps/tasks/scootaloo_config.yml
View File

@@ -1,6 +1,6 @@
---
- name: Put configuration file
- name: Put scootaloo configuration file
ansible.builtin.template:
src: scootaloo.toml.j2
dest: /usr/local/etc/scootaloo.toml

12
roles/webapps/tasks/ttrss.yml
View File

@@ -1,6 +1,11 @@
---
- name: Systemd file for backend
- name: Install git
ansible.builtin.package:
name: git
state: present
- name: Put systemd file for backend
ansible.builtin.copy:
src: files/ttrss_backend.service
dest: /etc/systemd/system/ttrss_backend.service
@@ -11,8 +16,3 @@
name: ttrss_backend
enabled: true
state: started
- name: Install git
ansible.builtin.package:
name: git
state: present

4
roles/webapps/tasks/wp_dojo.yml
View File

@@ -1,6 +1,6 @@
---
- name: Nginx cache
- name: Put nginx cache configuration file
ansible.builtin.copy:
src: files/fastcgi_cache.conf
dest: /etc/nginx/conf.d/fastcgi_cache.conf
@@ -8,7 +8,7 @@
notify:
- Restart nginx
- name: Wordpress cron
- name: Cron for wordpress
ansible.builtin.cron:
name: "WP Twitter refresh"
user: www-data

4
roles/xmpp/tasks/main.yml
View File

@@ -13,14 +13,14 @@
cmd: /usr/bin/openssl dhparam -out /etc/prosody/certs/dh-2048.pem 2048
creates: /etc/prosody/certs/dh-2048.pem
- name: Right management for dh params
- name: Put rights dhparam
ansible.builtin.file:
path: /etc/prosody/certs/dh-2048.pem
owner: root
group: prosody
mode: '0640'
- name: Prosody configuration files
- name: Put prosody configuration file
ansible.builtin.copy:
src: ./files/prosody.cfg.lua
dest: /etc/prosody/prosody.cfg.lua