From 3e050b45b3d41bb705dedb07b176061e82a6f019 Mon Sep 17 00:00:00 2001
From: Zachary Seguin <ztseguin@csclub.uwaterloo.ca>
Date: Sat, 6 Aug 2016 14:54:14 -0400
Subject: [PATCH] Some minor fixes and new scripts

---
 files/rsyslog.conf                   | 18 ++++++++++++++++++
 fix-ssh-perms.yml                    |  7 +++++++
 hosts                                |  6 +++++-
 roles/core/tasks/main.yml            |  7 ++++---
 roles/general-use-gui/tasks/main.yml |  3 +++
 roles/general-use/tasks/main.yml     |  3 ++-
 rs.yml                               | 16 ++++++++++++++++
 update-hosts.yml                     | 12 ++++++++++++
 8 files changed, 67 insertions(+), 5 deletions(-)
 create mode 100644 files/rsyslog.conf
 create mode 100644 fix-ssh-perms.yml
 create mode 100644 rs.yml
 create mode 100644 update-hosts.yml

diff --git a/files/rsyslog.conf b/files/rsyslog.conf
new file mode 100644
index 0000000..6382821
--- /dev/null
+++ b/files/rsyslog.conf
@@ -0,0 +1,18 @@
+
+#
+# Computer Science Club
+# Logging
+#
+
+# Configure TLS
+$DefaultNetstreamDriver                gtls
+$DefaultNetstreamDriverCAFile          /etc/rsyslog.d/ca.pem
+$DefaultNetstreamDriverCertFile        /etc/rsyslog.d/cert.pem
+$DefaultNetstreamDriverKeyFile         /etc/rsyslog.d/key.pem
+
+$ActionSendStreamDriverAuthMode        x509/name
+$ActionSendStreamDriverPermittedPeer   hydrazine.csclub.uwaterloo.ca
+$ActionSendStreamDriverMode            1 # TLS-only
+
+# All logs are sent to the log server(s)
+*.*                                    @@hydrazine.csclub.uwaterloo.ca:10514
diff --git a/fix-ssh-perms.yml b/fix-ssh-perms.yml
new file mode 100644
index 0000000..39d5be7
--- /dev/null
+++ b/fix-ssh-perms.yml
@@ -0,0 +1,7 @@
+---
+- hosts: all
+  gather_facts: no
+  become: yes
+  tasks:
+     - name: fix ssh_known_hosts permissions
+       file: path=/etc/ssh/ssh_known_hosts mode=0644
diff --git a/hosts b/hosts
index 6047870..21832c7 100644
--- a/hosts
+++ b/hosts
@@ -1,3 +1,7 @@
+[new-office]
+natural-flavours
+#.csclub.uwaterloo.ca
+
 [general-use]
 caffeine.csclub.uwaterloo.ca
 corn-syrup.csclub.uwaterloo.ca
@@ -38,4 +42,4 @@ netbox.csclub.uwaterloo.ca
 caffeine.csclub.uwaterloo.ca
 
 [mirror]
-potassium-benzoate.csclub.uwaterloo.ca
\ No newline at end of file
+potassium-benzoate.csclub.uwaterloo.ca
diff --git a/roles/core/tasks/main.yml b/roles/core/tasks/main.yml
index 97d1ab9..065408e 100644
--- a/roles/core/tasks/main.yml
+++ b/roles/core/tasks/main.yml
@@ -46,6 +46,7 @@
         - attr
         - tree
         - parted
+        - mosh
 
 -   name: Install compression
     apt: name={{ item }} state=latest
@@ -87,7 +88,7 @@
 
 -   name: Install ntp
     apt: name=ntp state=latest
-    
+
 -   name: Install debian package management
     apt: name={{ item }} state=latest
     with_items:
@@ -114,10 +115,10 @@
 
 -   name: Install ssmtp
     apt: name=ssmtp state=latest
-    
+
 -   name: Configure ssmtp
     lineinfile: dest=/etc/ssmtp/ssmtp.conf
                 state=present
                 backrefs=yes
                 regexp='^#(FromLineOverride=YES)$'
-                line='\\1'
\ No newline at end of file
+                line='\\1'
diff --git a/roles/general-use-gui/tasks/main.yml b/roles/general-use-gui/tasks/main.yml
index 23fcf3e..8e2a45a 100644
--- a/roles/general-use-gui/tasks/main.yml
+++ b/roles/general-use-gui/tasks/main.yml
@@ -6,6 +6,7 @@
         - xorg
         - xsel
         - gksu
+        - arandr
 
 -   name: Install Terminal emulators
     apt: name={{ item }} state=latest
@@ -119,8 +120,10 @@
     apt: name={{ item }} state=latest
     with_items:
         - xmobar
+        - i3status
         - i3blocks
         - dzen2
+        - dunst
 
 -   name: Install lockers
     apt: name={{ item }} state=latest
diff --git a/roles/general-use/tasks/main.yml b/roles/general-use/tasks/main.yml
index 9beb8fd..4bbf687 100644
--- a/roles/general-use/tasks/main.yml
+++ b/roles/general-use/tasks/main.yml
@@ -218,4 +218,5 @@
         - fdupes
         - cowsay
         - 9base
-        - libjpeg-progs
\ No newline at end of file
+        - libjpeg-progs
+        - jq
diff --git a/rs.yml b/rs.yml
new file mode 100644
index 0000000..1a337b3
--- /dev/null
+++ b/rs.yml
@@ -0,0 +1,16 @@
+---
+- hosts: new-office
+  become: yes
+  tasks:
+     - name: install rsyslog-gnutls
+       package: name=rsyslog-gnutls state=latest
+     - name: copy tls keys
+       copy: src={{ item.src }} dest={{ item.dest }} mode=0640 owner=root group=syslog
+       with_items:
+         - { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/ca.pem', dest: '/etc/rsyslog.d/ca.pem' }
+         - { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/cert.pem', dest: '/etc/rsyslog.d/cert.pem' }
+         - { src: '/scratch/syscom/{{ ansible_hostname }}/rsyslog.d/key.pem', dest: '/etc/rsyslog.d/key.pem' }
+     - name: copy rsyslog config
+       copy: src='files/rsyslog.conf' dest='/etc/rsyslog.d/csclub.conf' mode=0644
+     - name: restart rsyslog
+       service: name=rsyslog state=restarted
diff --git a/update-hosts.yml b/update-hosts.yml
new file mode 100644
index 0000000..7e3ca69
--- /dev/null
+++ b/update-hosts.yml
@@ -0,0 +1,12 @@
+---
+- hosts: all
+  remote_user: root
+  tasks:
+     - name: update hosts
+       connection: local
+       git: repo=~git/public/hosts.git dest=generate-hosts-{{ ansible_hostname }}
+     - name: generate hosts file
+       connection: local
+       shell: generate-hosts-{{ ansible_hostname }}/generate-hosts.py < generate-hosts-{{ ansible_hostname }}/hosts.in > generate-hosts-{{ ansible_hostname }}/hosts
+     - name: copy hosts file
+       copy: src=generate-hosts-{{ ansible_hostname }}/hosts dest=/etc/hosts backup=yes