Some minor fixes and new scripts

files/rsyslog.conf

@@ -0,0 +1,18 @@
+
+#
+# Computer Science Club
+# Logging
+#
+
+# Configure TLS
+$DefaultNetstreamDriver                gtls
+$DefaultNetstreamDriverCAFile          /etc/rsyslog.d/ca.pem
+$DefaultNetstreamDriverCertFile        /etc/rsyslog.d/cert.pem
+$DefaultNetstreamDriverKeyFile         /etc/rsyslog.d/key.pem
+
+$ActionSendStreamDriverAuthMode        x509/name
+$ActionSendStreamDriverPermittedPeer   hydrazine.csclub.uwaterloo.ca
+$ActionSendStreamDriverMode            1 # TLS-only
+
+# All logs are sent to the log server(s)
+*.*                                    @@hydrazine.csclub.uwaterloo.ca:10514

fix-ssh-perms.yml

@@ -0,0 +1,7 @@
+---
+- hosts: all
+  gather_facts: no
+  become: yes
+  tasks:
+     - name: fix ssh_known_hosts permissions
+       file: path=/etc/ssh/ssh_known_hosts mode=0644

hosts

@@ -1,3 +1,7 @@
+[new-office]
+natural-flavours
+#.csclub.uwaterloo.ca
+
 [general-use]
 caffeine.csclub.uwaterloo.ca
 corn-syrup.csclub.uwaterloo.ca
@@ -38,4 +42,4 @@ netbox.csclub.uwaterloo.ca
 caffeine.csclub.uwaterloo.ca
 
 [mirror]
-potassium-benzoate.csclub.uwaterloo.ca
+potassium-benzoate.csclub.uwaterloo.ca

roles/core/tasks/main.yml

@@ -46,6 +46,7 @@
         - attr
         - tree
         - parted
+        - mosh
 
 -   name: Install compression
     apt: name={{ item }} state=latest
@@ -87,7 +88,7 @@
 
 -   name: Install ntp
     apt: name=ntp state=latest
-    
+
 -   name: Install debian package management
     apt: name={{ item }} state=latest
     with_items:
@@ -114,10 +115,10 @@
 
 -   name: Install ssmtp
     apt: name=ssmtp state=latest
-    
+
 -   name: Configure ssmtp
     lineinfile: dest=/etc/ssmtp/ssmtp.conf
                 state=present
                 backrefs=yes
                 regexp='^#(FromLineOverride=YES)$'
-                line='\\1'
+                line='\\1'

roles/general-use-gui/tasks/main.yml

@@ -6,6 +6,7 @@
         - xorg
         - xsel
         - gksu
+        - arandr
 
 -   name: Install Terminal emulators
     apt: name={{ item }} state=latest
@@ -119,8 +120,10 @@
     apt: name={{ item }} state=latest
     with_items:
         - xmobar
+        - i3status
         - i3blocks
         - dzen2
+        - dunst
 
 -   name: Install lockers
     apt: name={{ item }} state=latest

roles/general-use/tasks/main.yml

@@ -218,4 +218,5 @@
         - fdupes
         - cowsay
         - 9base
-        - libjpeg-progs
+        - libjpeg-progs
+        - jq

rs.yml

@@ -0,0 +1,16 @@
+---
+- hosts: new-office
+  become: yes
+  tasks:
+     - name: install rsyslog-gnutls
+       package: name=rsyslog-gnutls state=latest
+     - name: copy tls keys
+       copy: src={{ item.src }} dest={{ item.dest }} mode=0640 owner=root group=syslog
+       with_items:
+         - { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/ca.pem', dest: '/etc/rsyslog.d/ca.pem' }
+         - { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/cert.pem', dest: '/etc/rsyslog.d/cert.pem' }
+         - { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/key.pem', dest: '/etc/rsyslog.d/key.pem' }
+     - name: copy rsyslog config
+       copy: src='files/rsyslog.conf' dest='/etc/rsyslog.d/csclub.conf' mode=0644
+     - name: restart rsyslog
+       service: name=rsyslog state=restarted

update-hosts.yml

@@ -0,0 +1,12 @@
+---
+- hosts: all
+  remote_user: root
+  tasks:
+     - name: update hosts
+       connection: local
+       git: repo=~git/public/hosts.git dest=generate-hosts-{{ ansible_hostname }}
+     - name: generate hosts file
+       connection: local
+       shell: generate-hosts-{{ ansible_hostname }}/generate-hosts.py < generate-hosts-{{ ansible_hostname }}/hosts.in > generate-hosts-{{ ansible_hostname }}/hosts
+     - name: copy hosts file
+       copy: src=generate-hosts-{{ ansible_hostname }}/hosts dest=/etc/hosts backup=yes