import readability

master
Andrew Wang 1 year ago
parent 1c3cb51b21
commit 81e2def541
  1. 16
      roles/ftp/tasks/main.yml
  2. 14
      roles/mirror/tasks/main.yml
  3. 8
      roles/nginx/tasks/main.yml
  4. 4
      roles/rsync/tasks/main.yml
  5. 33
      roles/system/tasks/main.yml

@ -18,13 +18,13 @@
group: root
mode: "{{ item.mode }}"
loop:
- { src: blacklist.dat, dest: blacklist.dat, mode: "644" }
- { src: ldap.conf, dest: ldap.conf, mode: "600" }
- { src: modules.conf, dest: modules.conf, mode: "644" }
- { src: proftpd.conf, dest: proftpd.conf, mode: "644" }
- { src: sql.conf, dest: sql.conf, mode: "600" }
- { src: tls.conf, dest: tls.conf, mode: "644" }
- { src: virtuals.conf, dest: virtuals.conf, mode: "644" }
- { src: blacklist.dat, dest: blacklist.dat, mode: "644" }
- { src: ldap.conf, dest: ldap.conf, mode: "600" }
- { src: modules.conf, dest: modules.conf, mode: "644" }
- { src: proftpd.conf, dest: proftpd.conf, mode: "644" }
- { src: sql.conf, dest: sql.conf, mode: "600" }
- { src: tls.conf, dest: tls.conf, mode: "644" }
- { src: virtuals.conf, dest: virtuals.conf, mode: "644" }
- name: create dhparams.pem
# will not regenerated every playbook run
@ -33,7 +33,7 @@
openssl dhparam
-outform PEM -2|-5
1024|1536|2048|3072|4096|6144|7680|8192
>> /etc/proftpd/dhparams.pem
> /etc/proftpd/dhparams.pem
creates: /etc/proftpd/dhparams.pem
- name: restart and enable proftpd

@ -60,13 +60,13 @@
chdir: "/mirror/merlin/bin"
creates: "/mirror/merlin/bin/{{ item.dest }}"
loop:
- { src: busybox, dest: cd }
- { src: busybox, dest: cp }
- { src: busybox, dest: ln }
- { src: busybox, dest: ls }
- { src: busybox, dest: rm }
- { src: busybox, dest: sh }
- { src: busybox, dest: sleep }
- { src: busybox, dest: cd }
- { src: busybox, dest: cp }
- { src: busybox, dest: ln }
- { src: busybox, dest: ls }
- { src: busybox, dest: rm }
- { src: busybox, dest: sh }
- { src: busybox, dest: sleep }
- { src: ../arthur, dest: arthur }
# https://tldp.org/LDP/lfs/LFS-BOOK-6.1.1-HTML/chapter06/devices.html

@ -26,10 +26,10 @@
group: root
mode: "{{ item.mode }}"
loop:
- { src: nginx.conf, dest: nginx.conf, mode: "0644" }
- { src: mime.types, dest: mime.types, mode: "0644" }
- { src: includes/, dest: includes, mode: "0755" }
- { src: sites-available/, dest: sites-available, mode: "0755" }
- { src: nginx.conf, dest: nginx.conf, mode: "0644" }
- { src: mime.types, dest: mime.types, mode: "0644" }
- { src: includes/, dest: includes, mode: "0755" }
- { src: sites-available/, dest: sites-available, mode: "0755" }
- name: Make new sites-enabled
file:

@ -17,8 +17,8 @@
group: root
mode: "0644"
loop:
- { src: "rsyncd.conf", dest: "rsyncd.conf" }
- { src: "rsyncd-filter.conf", dest: "rsyncd-filter.conf" }
- { src: "rsyncd.conf", dest: "rsyncd.conf" }
- { src: "rsyncd-filter.conf", dest: "rsyncd-filter.conf" }
- name: restart and enable rsync
systemd:

@ -3,24 +3,33 @@
name: "{{ item.group }}"
gid: "{{ item.gid }}"
loop:
- { group: local, gid: 1000 }
- { group: mirror, gid: 1001 }
- { group: push, gid: 1002 }
- { group: syscom, gid: 10001 }
- { group: csc-mirror, gid: 10014 }
- { group: local, gid: 1000 }
- { group: mirror, gid: 1001 }
- { group: push, gid: 1002 }
- { group: syscom, gid: 10001 }
- { group: csc-mirror, gid: 10014 }
- name: create users
- name: create push user
# push home should be /
user:
uid: 1002
name: push
group: push
shell: /bin/sh
create_home: no
- name: create other users
# syscom and csc-mirror homes are on /users
user:
name: "{{ item.user }}"
shell: "{{ item.shell }}"
uid: "{{ item.uid }}"
name: "{{ item.user }}"
group: "{{ item.user }}"
shell: /bin/bash
create_home: "{{ item.home }}"
loop:
- { user: local, uid: 1000 }
- { user: mirror, uid: 1001 }
- { user: push, uid: 1002, shell: /bin/sh }
- { user: syscom, uid: 10001, home: no }
- { user: local, uid: 1000, home: yes }
- { user: mirror, uid: 1001, home: yes }
- { user: syscom, uid: 10001, home: no }
- { user: csc-mirror, uid: 10014, home: no }
- name: add mirror to push group

Loading…
Cancel
Save