refs #8025 Vault added, core hosts splitted, tasks parametized, auth enabled
This commit is contained in:
parent
ca9b87b8f8
commit
1e565544fe
|
|
@ -1 +1,2 @@
|
|||
.vscode/
|
||||
.vaultpass
|
||||
|
|
|
|||
10
README.md
10
README.md
|
|
@ -21,12 +21,20 @@ ansible-playbook -u root -i <ip_or_hostname>, [--tags tag1,tag2] playbooks/test.
|
|||
|
||||
*Note the comma at the end of the hostname or IP.*
|
||||
|
||||
## Manage vault
|
||||
|
||||
Place vault password into *.vaultpass* file.
|
||||
|
||||
Edit vault file.
|
||||
```
|
||||
ansible-vault edit vault.yml
|
||||
```
|
||||
|
||||
## Common playbooks
|
||||
|
||||
* **facts.yml**: Collect and display facts from a host
|
||||
* **ping.yml**: Check that a host is alive and reachable
|
||||
* **awx.yml**: Create and configure AWX user
|
||||
* **test.yml**: Test an specific role. Don't forget to undo changes before pushing!
|
||||
* **debian.yml**: Setup base Debian server
|
||||
|
||||
## Documentation
|
||||
|
|
|
|||
|
|
@ -1,10 +1,11 @@
|
|||
[defaults]
|
||||
remote_user = root
|
||||
host_key_checking = False
|
||||
roles_path = ./roles
|
||||
inventory = ./inventories/production
|
||||
gathering = smart
|
||||
interpreter_python = auto_silent
|
||||
remote_user = awx
|
||||
host_key_checking = False
|
||||
vault_password_file = .vaultpass
|
||||
|
||||
[privilege_escalation]
|
||||
become = True
|
||||
|
|
|
|||
|
|
@ -0,0 +1,32 @@
|
|||
[ceph]
|
||||
ceph1 ansible_host=ceph1.core.dc.verdnatura.es
|
||||
ceph2 ansible_host=ceph2.core.dc.verdnatura.es
|
||||
ceph3 ansible_host=ceph3.core.dc.verdnatura.es
|
||||
|
||||
[ceph_gw]
|
||||
ceph-gw1 ansible_host=ceph-gw1.core.dc.verdnatura.es
|
||||
ceph-gw2 ansible_host=ceph-gw2.core.dc.verdnatura.es
|
||||
|
||||
[pve]
|
||||
pve01 ansible_host=pve01.core.dc.verdnatura.es
|
||||
pve02 ansible_host=pve02.core.dc.verdnatura.es
|
||||
pve03 ansible_host=pve03.core.dc.verdnatura.es
|
||||
pve04 ansible_host=pve04.core.dc.verdnatura.es
|
||||
pve05 ansible_host=pve04.core.dc.verdnatura.es
|
||||
|
||||
[infra:children]
|
||||
ceph
|
||||
ceph_gw
|
||||
pve
|
||||
|
||||
[core]
|
||||
core-agent ansible_host=core-agent.core.dc.verdnatura.es
|
||||
core-proxy ansible_host=core-proxy.core.dc.verdnatura.es
|
||||
|
||||
[backup]
|
||||
bacula-dir ansible_host=bacula-dir.backup.dc.verdnatura.es
|
||||
bacula-db ansible_host=bacula-db.backup.dc.verdnatura.es
|
||||
bacularis ansible_host=bacularis.backup.dc.verdnatura.es
|
||||
backup-nas ansible_host=backup-nas.backup.dc.verdnatura.es
|
||||
tftp ansible_host=tftp.backup.dc.verdnatura.es
|
||||
kube-backup ansible_host=kube-backup.backup.dc.verdnatura.es
|
||||
|
|
@ -1,5 +1,12 @@
|
|||
sysadmin_mail: sysadmin@verdnatura.es
|
||||
sysadmin_group: sysadmin
|
||||
smtp_server: smtp.verdnatura.es
|
||||
homes_server: homes.servers.dc.verdnatura.es
|
||||
nagios_server: nagios.verdnatura.es
|
||||
time_server: time1.verdnatura.es time2.verdnatura.es
|
||||
main_dns_server: ns1.verdnatura.es
|
||||
ldap_uri: ldap://ldap.verdnatura.es
|
||||
ldap_base: dc=verdnatura,dc=es
|
||||
dc_net: "10.0.0.0/16"
|
||||
resolv:
|
||||
domain: verdnatura.es
|
||||
|
|
@ -12,43 +19,3 @@ awx_pub_key: >
|
|||
ssh-ed25519
|
||||
AAAAC3NzaC1lZDI1NTE5AAAAIKzAwWm+IsqZCgMzjdZ7Do3xWtVtoUCpWJpH7KSi2a/H
|
||||
awx@verdnatura.es
|
||||
nslcd_password: !vault >
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
30343461633538323832316231383362626636653864353535346461353937313131336135396162
|
||||
3866623238353638323961363239373236393339333134380a313561363030306165393965396234
|
||||
65316535626434333331633438613639633163643765633064363833303461363834653864646464
|
||||
3133313233353730620a343536316266393637623563313563613332646630643632366439343764
|
||||
30383935303161646339393361393130613266663337373364626635646430326465
|
||||
rndc_key: !vault >
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
36386562613235363931396632656535383336313537636431643338353438313231623839313031
|
||||
3830616135393732353265666664353963393366343461630a633365396165653761353762383739
|
||||
66303862376465626435633964313237643230653463353662343831646464633639383336323863
|
||||
6139333234386565620a653438613165626131653834633931343766343162653932373161653362
|
||||
38303139333536656263656163623333313234393666353766363565633732366165
|
||||
radius_ldap_password: !vault >
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31643037313539376337363739616361363339616235623433656131306539373030373731643934
|
||||
3432656465343430366366646237326137656134346562360a306538303762313261616632643135
|
||||
39316439653932396134646432633262326631363765643564306565636363356335653539656531
|
||||
6234636463376364620a636133346337306437643939376531633564633737333133363065633031
|
||||
61643731646163323636343837373761303930323961653663343135303731623133
|
||||
radius_client_password: !vault >
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
62313333666335316231396365653635356639626563613738363137383434343437393833393934
|
||||
6439646632303536393438306234323862363532393733630a356136393539363161346631623161
|
||||
37636365653331333735353166646164613732303035613231353237343139623137396364643637
|
||||
3261656465336435630a666466643734373830633933613266663631343730386530633839386239
|
||||
62623434663130363637303035363434313566376661356362663238666166343534
|
||||
awx_smtp_password: !vault >
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
62393936623766653737356136353765336265636136616330306537393638646663326663346138
|
||||
3631616362363163393036613564623864383365633634660a366563363836363061623566393361
|
||||
37633364633631333130346332613235303762316435313535613664323830656363353237373561
|
||||
3866653365636431630a303262666662376662623862663461633361333037643863353135343836
|
||||
61383730366664353730616331666139376234313562383163613736353231666533
|
||||
grub_code: >
|
||||
grub.pbkdf2.sha512.10000.C91C8756466E7DB535C77DB7FBDBF3D33A39A0712DE3A9AFD38BE22
|
||||
29139E86F23C4E007E6B76DDFDBBE4B2B32764B4EFFECF208C70BA9FECC6BB3FF68A6BA05.8EA385
|
||||
7B795AF29FF5C6E003E31EC4D79B84813175C7A56A8A12F3F30A19B501D7127C0307277FB37073EE
|
||||
0246BCFDA9BD4EDDC3A1EE8176D25CD37B7FB07AF7
|
||||
|
|
|
|||
|
|
@ -1,24 +1,3 @@
|
|||
[ceph]
|
||||
ceph1 ansible_host=ceph1.core.dc.verdnatura.es
|
||||
ceph2 ansible_host=ceph2.core.dc.verdnatura.es
|
||||
ceph3 ansible_host=ceph3.core.dc.verdnatura.es
|
||||
|
||||
[ceph_gw]
|
||||
ceph-gw1 ansible_host=ceph-gw1.core.dc.verdnatura.es
|
||||
ceph-gw2 ansible_host=ceph-gw2.core.dc.verdnatura.es
|
||||
|
||||
[pve]
|
||||
pve01 ansible_host=pve01.core.dc.verdnatura.es
|
||||
pve02 ansible_host=pve02.core.dc.verdnatura.es
|
||||
pve03 ansible_host=pve03.core.dc.verdnatura.es
|
||||
pve04 ansible_host=pve04.core.dc.verdnatura.es
|
||||
pve05 ansible_host=pve04.core.dc.verdnatura.es
|
||||
|
||||
[infra:children]
|
||||
ceph
|
||||
ceph_gw
|
||||
pve
|
||||
|
||||
[kube_master]
|
||||
kube-master1 ansible_host=kube-master1.servers.dc.verdnatura.es
|
||||
kube-master2 ansible_host=kube-master2.servers.dc.verdnatura.es
|
||||
|
|
@ -51,18 +30,6 @@ dc1 ansible_host=dc1.servers.dc.verdnatura.es
|
|||
dc2 ansible_host=dc2.servers.dc.verdnatura.es
|
||||
server ansible_host=server.servers.dc.verdnatura.es
|
||||
|
||||
[backup]
|
||||
bacula-dir ansible_host=bacula-dir.backup.dc.verdnatura.es
|
||||
bacula-db ansible_host=bacula-db.backup.dc.verdnatura.es
|
||||
bacularis ansible_host=bacularis.backup.dc.verdnatura.es
|
||||
backup-nas ansible_host=backup-nas.backup.dc.verdnatura.es
|
||||
tftp ansible_host=tftp.backup.dc.verdnatura.es
|
||||
kube-backup ansible_host=kube-backup.backup.dc.verdnatura.es
|
||||
|
||||
[core]
|
||||
core-agent ansible_host=core-agent.core.dc.verdnatura.es
|
||||
core-proxy ansible_host=core-proxy.core.dc.verdnatura.es
|
||||
|
||||
[db]
|
||||
db-proxy1 ansible_host=db-proxy1.servers.dc.verdnatura.es
|
||||
db-proxy2 ansible_host=db-proxy2.servers.dc.verdnatura.es
|
||||
|
|
@ -121,8 +88,6 @@ dev-db ansible_host=dev-db.servers.dc.verdnatura.es
|
|||
|
||||
[guest:children]
|
||||
ad
|
||||
backup
|
||||
core
|
||||
db
|
||||
kubernetes
|
||||
ldap
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
- name: Configure base Debian host
|
||||
hosts: all
|
||||
vars_files: ../vault.yml
|
||||
tasks:
|
||||
- name: Configure base system
|
||||
import_role:
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
gather_facts: yes
|
||||
tasks:
|
||||
- name: Print all available facts
|
||||
ansible.builtin.debug:
|
||||
debug:
|
||||
var: ansible_facts
|
||||
- name: Print variable value
|
||||
debug:
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
- name: Test role
|
||||
hosts: all
|
||||
tasks:
|
||||
- import_role:
|
||||
name: debian-base
|
||||
|
|
@ -1,3 +1,10 @@
|
|||
default_user: user
|
||||
root_password: Pa$$w0rd
|
||||
fail2ban:
|
||||
email: "{{ sysadmin_mail }}"
|
||||
bantime: 600
|
||||
maxretry: 4
|
||||
ignore: "127.0.0.0/8 {{ dc_net }}"
|
||||
exim_dc_eximconfig_configtype: satellite
|
||||
dc_other_hostnames: "{{ ansible_fqdn }}"
|
||||
dc_local_interfaces: 127.0.0.1
|
||||
|
|
|
|||
|
|
@ -37,3 +37,11 @@ HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
|
|||
# Security
|
||||
|
||||
TMOUT=3600
|
||||
|
||||
# Aliases
|
||||
|
||||
#export LS_OPTIONS='--color=auto'
|
||||
#eval "$(dircolors)"
|
||||
#alias ls='ls $LS_OPTIONS'
|
||||
#alias ll='ls $LS_OPTIONS -l'
|
||||
#alias la='ls $LS_OPTIONS -la'
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
test -x /usr/sbin/ntpdate || exit 0
|
||||
/usr/sbin/ntpdate time1.verdnatura.es
|
||||
/usr/sbin/ntpdate time2.verdnatura.es
|
||||
|
|
@ -8,7 +8,7 @@
|
|||
register: bacula_passwords
|
||||
- name: Configure Bacula FD
|
||||
template:
|
||||
src: bacula-fd.conf.j2
|
||||
src: bacula-fd.conf
|
||||
dest: /etc/bacula/bacula-fd.conf
|
||||
owner: root
|
||||
group: bacula
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
- rsyslog
|
||||
- name: Configure fail2ban service
|
||||
template:
|
||||
src: jail.local.j2
|
||||
src: jail.local
|
||||
dest: /etc/fail2ban/jail.local
|
||||
owner: root
|
||||
group: root
|
||||
|
|
|
|||
|
|
@ -12,4 +12,4 @@
|
|||
- name: Generate locale
|
||||
command: locale-gen
|
||||
- name: Update locale
|
||||
command: update-locale LANG=en_US.UTF-8
|
||||
command: update-locale LANG=en_US.UTF-8
|
||||
|
|
|
|||
|
|
@ -6,12 +6,12 @@
|
|||
- nagios-nrpe-server
|
||||
- nagios-plugins-contrib
|
||||
- name: Set NRPE generic configuration
|
||||
copy:
|
||||
template:
|
||||
src: nrpe.cfg
|
||||
dest: /etc/nagios/nrpe.d/90-vn.cfg
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
mode: u=rw,g=r,o=r
|
||||
notify: restart-nrpe
|
||||
- name: Create NRPE local configuration file
|
||||
file:
|
||||
|
|
@ -19,4 +19,6 @@
|
|||
state: touch
|
||||
owner: nagios
|
||||
group: nagios
|
||||
mode: '0640'
|
||||
mode: u=rw,g=r,o=
|
||||
modification_time: preserve
|
||||
access_time: preserve
|
||||
|
|
|
|||
|
|
@ -6,21 +6,4 @@
|
|||
- name: Change root password
|
||||
user:
|
||||
name: root
|
||||
password: "{{ ssh_password | password_hash('sha512') }}"
|
||||
- name: Configure bashrc
|
||||
lineinfile:
|
||||
dest: /root/.bashrc
|
||||
regexp: "{{item.regexp}}"
|
||||
line: "{{item.line}}"
|
||||
state: present
|
||||
with_items:
|
||||
- regexp: "^# export LS_OPTIONS"
|
||||
line: "export LS_OPTIONS='--color=auto"
|
||||
- regexp: "^# eval"
|
||||
line: 'eval "$(dircolors)"'
|
||||
- regexp: "^# alias ls='ls $LS_OPTIONS'"
|
||||
line: "alias ls='ls $LS_OPTIONS'"
|
||||
- regexp: "^# alias ll='ls $LS_OPTIONS -l'"
|
||||
line: "alias ll='ls $LS_OPTIONS -l'"
|
||||
- regexp: "# alias la='ls $LS_OPTIONS -la'"
|
||||
line: "alias la='ls $LS_OPTIONS -la'"
|
||||
password: "{{ root_password | password_hash('sha512') }}"
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
lineinfile:
|
||||
path: /etc/systemd/timesyncd.conf
|
||||
regexp: '^#NTP'
|
||||
line: "NTP=time1.verdnatura.es time2.verdnatura.es"
|
||||
line: "NTP={{ time_server }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: restart systemd-timesyncd
|
||||
notify: restart systemd-timesyncd
|
||||
- name: Service should start on boot
|
||||
service:
|
||||
name: systemd-timesyncd
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
allowed_hosts=nagios.verdnatura.es
|
||||
allowed_hosts={{ nagios_server }}
|
||||
|
||||
command[check_disk_root]=/usr/lib/nagios/plugins/check_disk -w 10% -c 5% -p /
|
||||
command[check_disk_var]=/usr/lib/nagios/plugins/check_disk -w 10% -c 5% -p /var
|
||||
|
|
@ -1,8 +1,3 @@
|
|||
fail2ban:
|
||||
email: "{{ sysadmin_mail }}"
|
||||
bantime: 600
|
||||
maxretry: 4
|
||||
ignore: "127.0.0.0/8 {{ dc_net }}"
|
||||
vn_host:
|
||||
url: http://apt.verdnatura.es/pool/main/v/vn-host
|
||||
package: vn-host_2.0.2_all.deb
|
||||
|
|
|
|||
|
|
@ -1,16 +0,0 @@
|
|||
# See nslcd.conf(5) for details.
|
||||
|
||||
uid nslcd
|
||||
gid nslcd
|
||||
|
||||
uri ldap://ldap.verdnatura.es
|
||||
idle_timelimit 60
|
||||
|
||||
base dc=verdnatura,dc=es
|
||||
binddn cn=nss,ou=admins,dc=verdnatura,dc=es
|
||||
bindpw password
|
||||
pagesize 500
|
||||
|
||||
filter group (&(objectClass=posixGroup)(cn=sysadmin))
|
||||
filter passwd (&(objectClass=posixAccount)(memberOf=cn=sysadmin,ou=dnGroups,dc=verdnatura,dc=es))
|
||||
pam_authz_search (&(objectClass=posixGroup)(cn=sysadmin)(memberuid=$username))
|
||||
|
|
@ -1 +0,0 @@
|
|||
%sysadmin ALL=(ALL) NOPASSWD: ALL
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
- name: restart-nslcd
|
||||
service:
|
||||
name: nslcd
|
||||
state: restarted
|
||||
- name: pam-update-ldap
|
||||
shell: pam-auth-update --enable ldap
|
||||
|
|
@ -3,22 +3,15 @@
|
|||
name: nslcd
|
||||
state: present
|
||||
- name: Configure NSLCD
|
||||
copy:
|
||||
template:
|
||||
src: nslcd.conf
|
||||
dest: /etc/nslcd.conf
|
||||
owner: root
|
||||
group: nslcd
|
||||
mode: '0640'
|
||||
backup: yes
|
||||
- name: Add LDAP password to NSLCD configuration
|
||||
lineinfile:
|
||||
dest: /etc/nslcd.conf
|
||||
regexp: "{{item.regexp}}"
|
||||
line: "{{item.line}}"
|
||||
state: present
|
||||
with_items:
|
||||
- regexp: "^bindpw"
|
||||
line: "bindpw {{ nslcd_password }}"
|
||||
notify:
|
||||
- restart-nslcd
|
||||
- pam-update-ldap
|
||||
- name: Configure nsswitch to use NSLCD
|
||||
lineinfile:
|
||||
dest: /etc/nsswitch.conf
|
||||
|
|
@ -30,9 +23,3 @@
|
|||
line: "passwd: files systemd ldap"
|
||||
- regexp: "^group:"
|
||||
line: "group: files systemd ldap"
|
||||
- name: Reconfigure PAM to use LDAP
|
||||
shell: pam-auth-update --enable ldap
|
||||
- name: Restart NSLCD service
|
||||
service:
|
||||
name: nslcd
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
- include_tasks: auth.yml
|
||||
when: false
|
||||
- import_tasks: auth.yml
|
||||
tags: auth
|
||||
- import_tasks: sudoers.yml
|
||||
tags: sudoers
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
name: sudo
|
||||
state: present
|
||||
- name: Add sysadmin to sudoers
|
||||
copy:
|
||||
template:
|
||||
src: sudoers
|
||||
dest: /etc/sudoers.d/vn
|
||||
mode: u=rw,g=r,o=
|
||||
|
|
|
|||
|
|
@ -0,0 +1,16 @@
|
|||
# See nslcd.conf(5) for details.
|
||||
|
||||
uid nslcd
|
||||
gid nslcd
|
||||
|
||||
uri {{ ldap_uri }}
|
||||
idle_timelimit 60
|
||||
|
||||
base {{ ldap_base }}
|
||||
binddn cn=nss,ou=admins,{{ ldap_base }}
|
||||
bindpw {{ nslcd_password }}
|
||||
pagesize 500
|
||||
|
||||
filter group (&(objectClass=posixGroup)(cn={{ sysadmin_group }}))
|
||||
filter passwd (&(objectClass=posixAccount)(memberOf=cn={{ sysadmin_group }},ou=dnGroups,{{ ldap_base }}))
|
||||
pam_authz_search (&(objectClass=posixGroup)(cn={{ sysadmin_group }})(memberuid=$username))
|
||||
|
|
@ -0,0 +1 @@
|
|||
%{{ sysadmin_group }} ALL=(ALL) NOPASSWD: ALL
|
||||
|
|
@ -1 +0,0 @@
|
|||
* -fstype=nfs4,rw homes.servers.dc.verdnatura.es:/mnt/homes/&
|
||||
|
|
@ -1 +0,0 @@
|
|||
/mnt/homes /etc/auto.homes --timeout=30
|
||||
|
|
@ -8,7 +8,7 @@
|
|||
- libnfs-utils
|
||||
- autofs-ldap
|
||||
- name: Create homes directory
|
||||
ansible.builtin.file:
|
||||
file:
|
||||
path: "{{ homes_path }}"
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
|
@ -18,14 +18,14 @@
|
|||
line: "automount: files"
|
||||
notify: restart-nslcd
|
||||
- name: Add file homes.autofs configured to autofs
|
||||
copy:
|
||||
template:
|
||||
src: homes.autofs
|
||||
dest: /etc/auto.master.d/homes.autofs
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
- name: Add file /etc/auto.homes configured to the systemd
|
||||
copy:
|
||||
template:
|
||||
src: auto.homes
|
||||
dest: /etc/auto.homes
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -1,3 +1,6 @@
|
|||
- import_tasks: agent.yml
|
||||
tags: agent
|
||||
- import_tasks: hotplug.yml
|
||||
tags: hotplug
|
||||
- import_tasks: autofs.yml
|
||||
tags: autofs
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
* -fstype=nfs4,rw {{ homes_server }}:{{ homes_path }}/&
|
||||
|
|
@ -0,0 +1 @@
|
|||
{{ homes_path }} /etc/auto.homes --timeout=30
|
||||
|
|
@ -1,6 +1,5 @@
|
|||
# restart freeradius service to apply changes
|
||||
- name: restart freeradius
|
||||
- name: restart-freeradius
|
||||
service:
|
||||
name: "{{ freeradius_daemon }}"
|
||||
name: freeradius
|
||||
state: restarted
|
||||
enabled: yes
|
||||
|
|
@ -8,6 +8,5 @@ freeradius_dictionary_config: "{{ freeradius_base_folder }}dictionary"
|
|||
freeradius_clients_config: "{{ freeradius_base_folder }}clients.conf"
|
||||
freeradius_mod_ldap: "{{ freeradius_mods_available_folder }}ldap"
|
||||
freeradius_filter_config: "{{ freeradius_base_folder }}policy.d/filter"
|
||||
freeradius_daemon: freeradius
|
||||
freeradius_pam_config: /etc/pam.d/radiusd
|
||||
freeradius_service_config: /lib/systemd/system/freeradius.service
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
key_name: "rndc-key"
|
||||
key_secret: "{{ rndc_key }}"
|
||||
key_algorithm: "hmac-md5"
|
||||
server: "ns1.verdnatura.es"
|
||||
server: "{{ main_dns_server }}"
|
||||
zone: "{{ zone_record }}"
|
||||
record: "{{ name_record }}"
|
||||
ttl: "{{ ttl_record }}"
|
||||
|
|
|
|||
|
|
@ -0,0 +1,26 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
37396535616365346266643936343463336564303066356131363064633436353763343735666563
|
||||
3234623639383039393735346632636163623435313965660a363363386637666261626661336333
|
||||
39643436663965383239323435613339323766623630633430343465313038643235636666343938
|
||||
3531636532613661650a336631666138306166346363333534613436396565343161623838363132
|
||||
30643532636332356630306563336165663266663237326262336533363665653230393332623134
|
||||
63626333303134346435666231386361643137636132383236373937636235326132666230306362
|
||||
36363136653963366235626239656339663736393636663136656164393031323663623463393438
|
||||
63646635343462363332636531323634623930643737333430613666366335303362323764363533
|
||||
39336533366466633132383438633063616564623862366263376638323138623363656164343635
|
||||
64346437646435383137313162656237303436343839366261633935613735316166376466616635
|
||||
61616132626539656633353032663932653730633365633331313330323932653465656634383334
|
||||
64633634326462316164316130373334666365643936646634333032326465373131656161646234
|
||||
30376135613534303533326133383661353235343034356466333961396237373937353137373735
|
||||
32373633396438313133663839373663656139346163386336373265356265613038646633386334
|
||||
37353331373332373636346166333639343936633464663335653762386431376632613430363666
|
||||
66636139663662633861643733306238646335353664636265623464393163343462326239613662
|
||||
63633236326161643838353931646566323236326636376331663463333664636566666462303063
|
||||
31303436356164623234346362386633633633623230366366393839376239636533636564666663
|
||||
39663034373664663063656561306132383734646263656464626432633963396638363362396664
|
||||
37303038373038346536613235333237613435663632656334643334326232396336653035326162
|
||||
63663637306531373030643962386339393263653262363037626538386132353363663761363138
|
||||
62663532313862396339653364306533326639333139336636343762373038333838313762393431
|
||||
34386239303765653930306334393339383234303137346461633231353637326137353964613832
|
||||
61353035353539633334333337346665383937346566396438306465336337366661323435616133
|
||||
37643932306265633465643430636662653865313661663331316662303861356466
|
||||
Loading…
Reference in New Issue