Some minor fixes and new scripts
This commit is contained in:
parent
79efa07285
commit
3e050b45b3
|
@ -0,0 +1,18 @@
|
|||
|
||||
#
|
||||
# Computer Science Club
|
||||
# Logging
|
||||
#
|
||||
|
||||
# Configure TLS
|
||||
$DefaultNetstreamDriver gtls
|
||||
$DefaultNetstreamDriverCAFile /etc/rsyslog.d/ca.pem
|
||||
$DefaultNetstreamDriverCertFile /etc/rsyslog.d/cert.pem
|
||||
$DefaultNetstreamDriverKeyFile /etc/rsyslog.d/key.pem
|
||||
|
||||
$ActionSendStreamDriverAuthMode x509/name
|
||||
$ActionSendStreamDriverPermittedPeer hydrazine.csclub.uwaterloo.ca
|
||||
$ActionSendStreamDriverMode 1 # TLS-only
|
||||
|
||||
# All logs are sent to the log server(s)
|
||||
*.* @@hydrazine.csclub.uwaterloo.ca:10514
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
- hosts: all
|
||||
gather_facts: no
|
||||
become: yes
|
||||
tasks:
|
||||
- name: fix ssh_known_hosts permissions
|
||||
file: path=/etc/ssh/ssh_known_hosts mode=0644
|
6
hosts
6
hosts
|
@ -1,3 +1,7 @@
|
|||
[new-office]
|
||||
natural-flavours
|
||||
#.csclub.uwaterloo.ca
|
||||
|
||||
[general-use]
|
||||
caffeine.csclub.uwaterloo.ca
|
||||
corn-syrup.csclub.uwaterloo.ca
|
||||
|
@ -38,4 +42,4 @@ netbox.csclub.uwaterloo.ca
|
|||
caffeine.csclub.uwaterloo.ca
|
||||
|
||||
[mirror]
|
||||
potassium-benzoate.csclub.uwaterloo.ca
|
||||
potassium-benzoate.csclub.uwaterloo.ca
|
||||
|
|
|
@ -46,6 +46,7 @@
|
|||
- attr
|
||||
- tree
|
||||
- parted
|
||||
- mosh
|
||||
|
||||
- name: Install compression
|
||||
apt: name={{ item }} state=latest
|
||||
|
@ -87,7 +88,7 @@
|
|||
|
||||
- name: Install ntp
|
||||
apt: name=ntp state=latest
|
||||
|
||||
|
||||
- name: Install debian package management
|
||||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
|
@ -114,10 +115,10 @@
|
|||
|
||||
- name: Install ssmtp
|
||||
apt: name=ssmtp state=latest
|
||||
|
||||
|
||||
- name: Configure ssmtp
|
||||
lineinfile: dest=/etc/ssmtp/ssmtp.conf
|
||||
state=present
|
||||
backrefs=yes
|
||||
regexp='^#(FromLineOverride=YES)$'
|
||||
line='\\1'
|
||||
line='\\1'
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
- xorg
|
||||
- xsel
|
||||
- gksu
|
||||
- arandr
|
||||
|
||||
- name: Install Terminal emulators
|
||||
apt: name={{ item }} state=latest
|
||||
|
@ -119,8 +120,10 @@
|
|||
apt: name={{ item }} state=latest
|
||||
with_items:
|
||||
- xmobar
|
||||
- i3status
|
||||
- i3blocks
|
||||
- dzen2
|
||||
- dunst
|
||||
|
||||
- name: Install lockers
|
||||
apt: name={{ item }} state=latest
|
||||
|
|
|
@ -218,4 +218,5 @@
|
|||
- fdupes
|
||||
- cowsay
|
||||
- 9base
|
||||
- libjpeg-progs
|
||||
- libjpeg-progs
|
||||
- jq
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
- hosts: new-office
|
||||
become: yes
|
||||
tasks:
|
||||
- name: install rsyslog-gnutls
|
||||
package: name=rsyslog-gnutls state=latest
|
||||
- name: copy tls keys
|
||||
copy: src={{ item.src }} dest={{ item.dest }} mode=0640 owner=root group=syslog
|
||||
with_items:
|
||||
- { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/ca.pem', dest: '/etc/rsyslog.d/ca.pem' }
|
||||
- { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/cert.pem', dest: '/etc/rsyslog.d/cert.pem' }
|
||||
- { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/key.pem', dest: '/etc/rsyslog.d/key.pem' }
|
||||
- name: copy rsyslog config
|
||||
copy: src='files/rsyslog.conf' dest='/etc/rsyslog.d/csclub.conf' mode=0644
|
||||
- name: restart rsyslog
|
||||
service: name=rsyslog state=restarted
|
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
tasks:
|
||||
- name: update hosts
|
||||
connection: local
|
||||
git: repo=~git/public/hosts.git dest=generate-hosts-{{ ansible_hostname }}
|
||||
- name: generate hosts file
|
||||
connection: local
|
||||
shell: generate-hosts-{{ ansible_hostname }}/generate-hosts.py < generate-hosts-{{ ansible_hostname }}/hosts.in > generate-hosts-{{ ansible_hostname }}/hosts
|
||||
- name: copy hosts file
|
||||
copy: src=generate-hosts-{{ ansible_hostname }}/hosts dest=/etc/hosts backup=yes
|
Loading…
Reference in New Issue