criecm.common

Common - Base System Role

CA x509
OpenLDAP Client + Configuration
Mail Relay Configuration (only if is_mailrelay == False and mailrelay != '')
- Debian: postfix
- FreeBSD: sendmail
- OpenBSD: smtpd
SSHD Configuration Lines (in variables, see defaults/main.yml)
Centralized Syslog:
- Except if is_syslogd=True
- Only if syslog_server exists
Deployment of SSH keys from files/cles_ssh/*.pub
Fetch /usr/local/admin/sysutils/common from GIT (and more, depending on variables)
Daily/Weekly Cron Jobs for ecm (and remove old ones from CVS)
SNMPD (TODO: Debian and OpenBSD)
Preferred Shell for root + its configuration + aliases
Additional Packages (variable pkgs)

Files matching {{ playbook_dir }}/files/ssh/{{ inventory_hostname }}/ssh_host.*_key(.pub)? will be installed on the host's SSH daemon.

host_timezone (Europe/Paris)
is_resolver (False) If True, will use 127.0.0.1 in resolv.conf first
resolvers ([{ network='0.0.0.0/0', ip='8.8.8.8' }]) List of IPs used for resolution based on the host's network.
dns64_resolvers ([]) For IP6-only hosts, overrides resolvers with DNS64-enabled resolvers
rootmailto () Mail address to forward root's emails
gits_root ('/root') Path for relative paths in gits
gits_group ('') Group that owns gits_root
gits_mode ('0750') Directory mode for gits_root
gits, host_gits, group_gits, and role_gits ([]) Lists of dictionaries: each MUST include
- repo: Git URL to clone
- dest: Destination path (absolute or relative to gits_root) And MAY include:
- umask ('0022')
- update (False)
- version (master)
crons, host_crons, role_crons: Lists of dictionaries for the cron module
ocsinventory_server ('') If present, installs and configures openinventory-agent
root_shell (zsh) Set your preferred shell here :) (or leave blank to skip this) Place your rc file in {{ playbook_dir }}/files/{{ root_shell }}rc
do_smart (True if not in jail/VM) Configures smartd for disk alerts
smart_mailto ('') Your email address to receive alerts
backup_dir (files/backups/{{ inventory_hostname }}) Copy SSH host keys and restore /root/ files from here if there are any
monitoring_from ([]) List of networks allowed for SNMP
http_proxy ('') To set global http_proxy and https_proxy values (FreeBSD only)

pkg_repo_conf (pkgecm.conf) Name of the pkg repo config file to be installed first
is_jail (False) If True, will skip hardware monitoring tools
freebsd_base_pkgs ([git, rsync, vim-console, root_shell]) List of packages to install

openbsd_base_pkgs ([git, rsync, vim--no_x11, root_shell]) List of packages to install
openbsd_pkg_mirror ("http://ftp.openbsd.org") Mirror to use

pkgs ([]) Additional packages to install using the distribution's package system
host_pkgs role_pkgs ([]) Other packages defined in inventory or roles

x509_ca_file ('') Source file for x509 CA certificates
x509_ca_path (/etc/ssl/ca.crt) Destination path for the above certificate file

If either ntp_servers or ntp_pools is not empty, the role will manage ntp(d).conf and the NTP service:

ntp_servers ([]) List of NTP servers
ntp_pools ([]) List of NTP pools
ntp_listen_addrs ([]) IPs to listen to (OpenBSD won't listen anywhere without this; can be '*')

Informazioni sul progetto

Installa

ansible-galaxy install criecm.common

GitHub repository

Licenza

Unknown

Download

62.2k

Proprietario

Direction des Systèmes d'Information