Refs #8025 Role debian-base: Refactor vn-repo to ensure idempotency and enhance major Bacula task.

This commit is contained in:
Xavi Lleó 2024-10-15 12:24:26 +02:00
parent 684a298e03
commit d141bc8a75
7 changed files with 42 additions and 30 deletions

View File

@ -20,18 +20,4 @@ awx_pub_key: >
ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIKzAwWm+IsqZCgMzjdZ7Do3xWtVtoUCpWJpH7KSi2a/H
awx@verdnatura.es
base_packages:
- htop
- psmisc
- bash-completion
- screen
- aptitude
- tree
- btop
- ncdu
- debconf-utils
- net-tools
locales_present:
- en_US.UTF-8
- es_ES.UTF-8
passbolt_folder: e0d517be-6783-4b97-9742-acaa9b09742f

View File

@ -12,8 +12,24 @@ fail2ban_base_packages:
vn_host:
url: http://apt.verdnatura.es/pool/main/v/vn-host
package: vn-host_2.0.2_all.deb
name: vn-host
time_server_spain: ntp.roa.es
nagios_packages:
- nagios-nrpe-server
- nagios-plugins-contrib
- monitoring-plugins-basic
base_packages:
- htop
- psmisc
- bash-completion
- screen
- aptitude
- tree
- btop
- ncdu
- debconf-utils
- net-tools
locales_present:
- en_US.UTF-8
- es_ES.UTF-8

View File

@ -2,17 +2,31 @@
apt:
name: bacula-fd
state: present
- name: Load Bacula default passwords
- name: Read content file in base64
slurp:
src: /etc/bacula/common_default_passwords
register: bacula_passwords
register: file_content
- name: Going to text plane
set_fact:
file_content_decoded: "{{ file_content.content | b64decode }}"
- name: Extracting passwords
set_fact:
passwords: "{{ file_content_decoded.splitlines() | select('match', '^[^#]') | map('regex_replace', '^([^=]+)=(.+)$', '\\1:\\2') | list }}"
- name: Initialize password dictionary
set_fact:
bacula_passwords: {}
- name: Convert lines to individual variables generating a new dict
set_fact:
bacula_passwords: "{{ bacula_passwords | combine({item.split(':')[0].lower(): item.split(':')[1] | regex_replace('\\n$', '') }) }}"
loop: "{{ passwords }}"
when: "'FDPASSWD' in item or 'FDMPASSWD' in item"
- name: Configure Bacula FD
template:
src: bacula-fd.conf
dest: /etc/bacula/bacula-fd.conf
owner: root
group: bacula
mode: u=rw,g=r,o=
mode: '0640'
backup: true
- name: Restart Bacula FD service
service:

View File

@ -24,3 +24,7 @@
tags: nrpe
- import_tasks: fail2ban.yml
tags: fail2ban
- import_tasks: bacula.yml
tags: bacula
- import_tasks: vn-repo.yml
tags: vn-repo

View File

@ -1,12 +1,3 @@
- name: Download vn-host Debian package
get_url:
url: "{{ vn_host.url }}/{{ vn_host.package }}"
dest: "/tmp/{{ vn_host.package }}"
mode: u=rw,g=r,o=r
- name: Install package
apt:
deb: "/tmp/{{ vn_host.package }}"
- name: Delete package
file:
path: "/tmp/{{ vn_host.package }}"
state: absent
deb: "{{ vn_host.url }}/{{ vn_host.package }}"

View File

@ -1,10 +1,10 @@
Director {
Name = bacula-dir
Password = "{{ FDPASSWD }}"
Password = "{{ bacula_passwords.fdpasswd }}"
}
Director {
Name = bacula-mon
Password = "{{ FDMPASSWD }}"
Password = "{{ bacula_passwords.fdmpasswd }}"
Monitor = yes
}
FileDaemon {

View File

@ -14,6 +14,7 @@ action = %(action_)s
#+++++++++++++++ Jails
[sshd]
ignoreip = 127.0.0.1/8
enabled = true
port = 0:65535
filter = sshd