fuck yaml and indentation
This commit is contained in:
parent
404021807b
commit
e0aeabddf3
|
|
@ -6,3 +6,4 @@
|
||||||
- common
|
- common
|
||||||
- internalsmtp
|
- internalsmtp
|
||||||
- backupscript
|
- backupscript
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -7,3 +7,4 @@
|
||||||
- customfirewall
|
- customfirewall
|
||||||
- backupscript
|
- backupscript
|
||||||
- customfirewall
|
- customfirewall
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -6,3 +6,4 @@
|
||||||
- common
|
- common
|
||||||
- docker
|
- docker
|
||||||
- internalsmtp
|
- internalsmtp
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -9,3 +9,4 @@
|
||||||
- internalsmtp
|
- internalsmtp
|
||||||
- backupscript
|
- backupscript
|
||||||
- customfirewall
|
- customfirewall
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
---
|
---
|
||||||
netplan:
|
netplan:
|
||||||
default_gateway: "192.168.69.254"
|
default_gateway: "192.168.69.254"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
---
|
---
|
||||||
netplan:
|
netplan:
|
||||||
default_gateway: "192.168.69.1"
|
default_gateway: "192.168.69.1"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -3,3 +3,4 @@ servicename: mckay
|
||||||
backup:
|
backup:
|
||||||
host: oniel.tormakristof.eu
|
host: oniel.tormakristof.eu
|
||||||
internal: false
|
internal: false
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -7,3 +7,4 @@ firewall:
|
||||||
- port: "2222"
|
- port: "2222"
|
||||||
proto: tcp
|
proto: tcp
|
||||||
interface: "eth0"
|
interface: "eth0"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -3,3 +3,4 @@ firewall:
|
||||||
- port: "3306"
|
- port: "3306"
|
||||||
proto: tcp
|
proto: tcp
|
||||||
interface: "eth0"
|
interface: "eth0"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -22,3 +22,4 @@ netplan:
|
||||||
dhcp4: true
|
dhcp4: true
|
||||||
dhcp6: true
|
dhcp6: true
|
||||||
denydns: true
|
denydns: true
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -4,3 +4,4 @@ webserver:
|
||||||
port: 8080
|
port: 8080
|
||||||
- domain: "registry.kmlabz.com"
|
- domain: "registry.kmlabz.com"
|
||||||
port: 4269
|
port: 4269
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -20,3 +20,4 @@ netplan:
|
||||||
dhcp4: true
|
dhcp4: true
|
||||||
dhcp6: false
|
dhcp6: false
|
||||||
denydns: true
|
denydns: true
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -3,3 +3,4 @@ firewall:
|
||||||
- port: "5432"
|
- port: "5432"
|
||||||
proto: tcp
|
proto: tcp
|
||||||
interface: "eth0"
|
interface: "eth0"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -42,3 +42,4 @@ all:
|
||||||
ansible_host: mariadb.stargate.internal
|
ansible_host: mariadb.stargate.internal
|
||||||
backup:
|
backup:
|
||||||
ansible_host: backup.stargate.internal
|
ansible_host: backup.stargate.internal
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -7,3 +7,4 @@
|
||||||
- neko
|
- neko
|
||||||
- customfirewall
|
- customfirewall
|
||||||
- internalsmtp
|
- internalsmtp
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
---
|
---
|
||||||
collections:
|
collections:
|
||||||
- ansible.posix
|
- ansible.posix
|
||||||
- community.general
|
- community.general
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -4,3 +4,4 @@ backup:
|
||||||
internal: true
|
internal: true
|
||||||
prearecommand: ""
|
prearecommand: ""
|
||||||
basedir: /mnt/backupstore
|
basedir: /mnt/backupstore
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -57,3 +57,4 @@
|
||||||
mode: 0600
|
mode: 0600
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -5,3 +5,4 @@ timedatectl_timeservers: ['noc-a.sch.bme.hu', 'noc-b.sch.bme.hu']
|
||||||
timedatectl_timeservers_fallback: ['time.bme.hu']
|
timedatectl_timeservers_fallback: ['time.bme.hu']
|
||||||
|
|
||||||
timedatectl_timezone: 'Europe/Budapest'
|
timedatectl_timezone: 'Europe/Budapest'
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
---
|
---
|
||||||
- name: run Timedatectl
|
- name: run Timedatectl
|
||||||
command: timedatectl set-ntp true
|
command: timedatectl set-ntp true
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -35,3 +35,4 @@
|
||||||
- tcpdump
|
- tcpdump
|
||||||
- xxd
|
- xxd
|
||||||
- git
|
- git
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -5,4 +5,5 @@
|
||||||
owner: tormakris
|
owner: tormakris
|
||||||
group: tormakris
|
group: tormakris
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
path: /home/tormakris/.hushlogin
|
path: /home/tormakris/.hushlogin
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -10,4 +10,4 @@
|
||||||
content: "network: {config: disabled}"
|
content: "network: {config: disabled}"
|
||||||
dest: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
|
dest: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
|
||||||
force: no
|
force: no
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -6,4 +6,5 @@
|
||||||
- include_tasks: ufw.yaml
|
- include_tasks: ufw.yaml
|
||||||
- include_tasks: user-ops.yaml
|
- include_tasks: user-ops.yaml
|
||||||
- include_tasks: ssh-security-settings.yaml
|
- include_tasks: ssh-security-settings.yaml
|
||||||
- include_tasks: timesync.yaml
|
- include_tasks: timesync.yaml
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -15,4 +15,5 @@
|
||||||
- /var/snap
|
- /var/snap
|
||||||
- /var/lib/snapd
|
- /var/lib/snapd
|
||||||
- "/home/{{ ansible_user }}/snap"
|
- "/home/{{ ansible_user }}/snap"
|
||||||
when: ansible_distribution == "Ubuntu"
|
when: ansible_distribution == "Ubuntu"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -38,3 +38,4 @@
|
||||||
path: /etc/ssh/sshd_config
|
path: /etc/ssh/sshd_config
|
||||||
line: "AllowUsers tormakris ansible service-user"
|
line: "AllowUsers tormakris ansible service-user"
|
||||||
when: checkallowusers.found == 0
|
when: checkallowusers.found == 0
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -16,3 +16,4 @@
|
||||||
state: restarted
|
state: restarted
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
name: systemd-timesyncd
|
name: systemd-timesyncd
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -18,3 +18,4 @@
|
||||||
community.general.ufw:
|
community.general.ufw:
|
||||||
rule: allow
|
rule: allow
|
||||||
port: ssh
|
port: ssh
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -10,3 +10,4 @@
|
||||||
user: tormakris
|
user: tormakris
|
||||||
state: present
|
state: present
|
||||||
key: https://static.tormakristof.eu/ssh.keys
|
key: https://static.tormakristof.eu/ssh.keys
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -7,3 +7,4 @@
|
||||||
proto: "{{item.proto}}"
|
proto: "{{item.proto}}"
|
||||||
interface: "{{item.interface}}"
|
interface: "{{item.interface}}"
|
||||||
with_items: "{{ firewall }}"
|
with_items: "{{ firewall }}"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -26,3 +26,4 @@
|
||||||
comment: Service user
|
comment: Service user
|
||||||
groups: docker
|
groups: docker
|
||||||
append: yes
|
append: yes
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -2,3 +2,4 @@
|
||||||
postfix_relayhost: 'smtp.stargate.internal'
|
postfix_relayhost: 'smtp.stargate.internal'
|
||||||
|
|
||||||
external_domain: 'tormakris.dev'
|
external_domain: 'tormakris.dev'
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -16,3 +16,4 @@
|
||||||
name: postfix
|
name: postfix
|
||||||
state: restarted
|
state: restarted
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -26,3 +26,4 @@
|
||||||
- name: Enable ufw
|
- name: Enable ufw
|
||||||
community.general.ufw:
|
community.general.ufw:
|
||||||
state: enabled
|
state: enabled
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
---
|
---
|
||||||
netplan:
|
netplan:
|
||||||
additionalinterfaces: []
|
additionalinterfaces: []
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -2,4 +2,5 @@
|
||||||
- name: "netplanapply"
|
- name: "netplanapply"
|
||||||
command: netplan apply
|
command: netplan apply
|
||||||
async: 45
|
async: 45
|
||||||
poll: 0
|
poll: 0
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -14,3 +14,4 @@
|
||||||
src: templates/netplan.yaml
|
src: templates/netplan.yaml
|
||||||
dest: /etc/netplan/00-static.yaml
|
dest: /etc/netplan/00-static.yaml
|
||||||
notify: netplanapply
|
notify: netplanapply
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -8,33 +8,34 @@ network:
|
||||||
dhcp-identifier: mac
|
dhcp-identifier: mac
|
||||||
dhcp4-overrides:
|
dhcp4-overrides:
|
||||||
use-routes: false
|
use-routes: false
|
||||||
{%- if netplan.default_gateway is defined and netplan.default_gateway|length > 0 %}
|
{% if netplan.default_gateway is defined and netplan.default_gateway|length > 0 %}
|
||||||
gateway4: {{netplan.default_gateway}}
|
gateway4: {{netplan.default_gateway}}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{%- if netplan.additionalinterfaces is defined and netplan.additionalinterfaces|length > 0 %}
|
{% if netplan.additionalinterfaces is defined and netplan.additionalinterfaces|length > 0 %}
|
||||||
{%- for interface in netplan.additionalinterfaces %}
|
{% for interface in netplan.additionalinterfaces %}
|
||||||
{{ interface.name }}:
|
{{ interface.name }}:
|
||||||
dhcp4: {{ interface.dhcp4 }}
|
dhcp4: {{ interface.dhcp4 }}
|
||||||
dhcp6: {{ interface.dhcp6 }}
|
dhcp6: {{ interface.dhcp6 }}
|
||||||
dhcp-identifier: mac
|
dhcp-identifier: mac
|
||||||
dhcp4-overrides:
|
dhcp4-overrides:
|
||||||
use-routes: false
|
use-routes: false
|
||||||
{%- if interface.addresses is defined and interface.addresses|length > 0 %}
|
{% if interface.addresses is defined and interface.addresses|length > 0 %}
|
||||||
addresses:
|
addresses:
|
||||||
{%- for address in interface.addresses %}
|
{% for address in interface.addresses %}
|
||||||
- {{address}}
|
- {{address}}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{%- if interface.gateway4 is defined and interface.gateway4|length > 0 %}
|
{% if interface.gateway4 is defined and interface.gateway4|length > 0 %}
|
||||||
gateway4: {{interface.gateway4}}
|
gateway4: {{interface.gateway4}}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{%- if interface.gateway6 is defined and interface.gateway6|length > 0 %}
|
{% if interface.gateway6 is defined and interface.gateway6|length > 0 %}
|
||||||
gateway4: {{interface.gateway6}}
|
gateway4: {{interface.gateway6}}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{%- if interface.denydns %}
|
{% if interface.denydns %}
|
||||||
nameservers:
|
nameservers:
|
||||||
addresses: []
|
addresses: []
|
||||||
search: []
|
search: []
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -24,9 +24,4 @@
|
||||||
name: openvpn
|
name: openvpn
|
||||||
state: restarted
|
state: restarted
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
...
|
||||||
- name: Allow openvpn port via ufw
|
|
||||||
community.general.ufw:
|
|
||||||
rule: allow
|
|
||||||
port: "1194"
|
|
||||||
proto: udp
|
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
---
|
---
|
||||||
postfix_relayhost: 'smtp-relay.gmail.com'
|
postfix_relayhost: 'smtp-relay.gmail.com'
|
||||||
external_domain: 'tormakris.dev'
|
external_domain: 'tormakris.dev'
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -24,3 +24,4 @@
|
||||||
community.general.ufw:
|
community.general.ufw:
|
||||||
rule: allow
|
rule: allow
|
||||||
port: smtp
|
port: smtp
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -124,3 +124,4 @@
|
||||||
path: "{{ item.directory }}/.git"
|
path: "{{ item.directory }}/.git"
|
||||||
state: absent
|
state: absent
|
||||||
with_items: "{{ static }}"
|
with_items: "{{ static }}"
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -14,3 +14,4 @@ static:
|
||||||
- {domain: tormakris.dev, directory: /var/www/tormakristof.eu, repo: "https://git.kmlabz.com/kmlabz/homepage.git"}
|
- {domain: tormakris.dev, directory: /var/www/tormakristof.eu, repo: "https://git.kmlabz.com/kmlabz/homepage.git"}
|
||||||
- {domain: torma.xyz, directory: /var/www/tormakristof.eu, repo: "https://git.kmlabz.com/kmlabz/homepage.git"}
|
- {domain: torma.xyz, directory: /var/www/tormakristof.eu, repo: "https://git.kmlabz.com/kmlabz/homepage.git"}
|
||||||
- {domain: kmlabz.com, directory: /var/www/kmlabz.com, repo: "https://git.kmlabz.com/kmlabz/homepage.git"}
|
- {domain: kmlabz.com, directory: /var/www/kmlabz.com, repo: "https://git.kmlabz.com/kmlabz/homepage.git"}
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,4 @@
|
||||||
webserver:
|
webserver:
|
||||||
- domain: "_"
|
- domain: "_"
|
||||||
port: 8080
|
port: 8080
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -29,3 +29,4 @@
|
||||||
community.general.ufw:
|
community.general.ufw:
|
||||||
rule: allow
|
rule: allow
|
||||||
port: https
|
port: https
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -5,3 +5,4 @@
|
||||||
- netplan
|
- netplan
|
||||||
- common
|
- common
|
||||||
- smtpgateway
|
- smtpgateway
|
||||||
|
...
|
||||||
|
|
|
||||||
|
|
@ -5,3 +5,4 @@
|
||||||
- common
|
- common
|
||||||
- webgateway
|
- webgateway
|
||||||
- internalsmtp
|
- internalsmtp
|
||||||
|
...
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue