Compare commits
155 Commits
251294774e
...
b8ed9b7745
Author | SHA1 | Date |
---|---|---|
Juan Ferrer | b8ed9b7745 | |
Juan Ferrer | 2fa6db793c | |
Juan Ferrer | 8c56ffd03b | |
Juan Ferrer | 2cdc90dd05 | |
Xavi Lleó | 0864b8a2f5 | |
Xavi Lleó | 39c493c306 | |
Juan Ferrer | 93b51f522e | |
Xavi Lleó | ddfa6cdef9 | |
Xavi Lleó | 921e3538cd | |
Juan Ferrer | 4ac86abe43 | |
Xavi Lleó | fa8a788a94 | |
Xavi Lleó | 72e30fa606 | |
Xavi Lleó | ce7f8503f1 | |
Juan Ferrer | 070c526ce2 | |
Xavi Lleó | 944e91071a | |
Xavi Lleó | 6e0d940cc0 | |
Xavi Lleó | d141bc8a75 | |
Xavi Lleó | 684a298e03 | |
Xavi Lleó | 49c42b4127 | |
Xavi Lleó | 43019754c4 | |
Xavi Lleó | 588db894a1 | |
Xavi Lleó | 3e7771ba4c | |
Xavi Lleó | 94ca22734d | |
Xavi Lleó | e195130241 | |
Xavi Lleó | 06cc6fa26b | |
Xavi Lleó | 33586c7f96 | |
Xavi Lleó | d14b123219 | |
Xavi Lleó | 616beda4b7 | |
Xavi Lleó | 3ad39e03a8 | |
Xavi Lleó | 88c47d3c3a | |
Juan Ferrer | 09ed8be828 | |
Juan Ferrer | 7235b8ab37 | |
Juan Ferrer | 557a4a0905 | |
Juan Ferrer | 69d8ff371a | |
Juan Ferrer | 0260125e66 | |
Xavi Lleó | f6bef9c98a | |
Juan Ferrer | d4c21376cd | |
Juan Ferrer | fed934b5db | |
Juan Ferrer | 153493a875 | |
Juan Ferrer | a0c48b9aad | |
Juan Ferrer | bd310a73df | |
Xavi Lleó | 32fa5102ce | |
Xavi Lleó | 7ec58a2f89 | |
Xavi Lleó | 4139e78a9d | |
Xavi Lleó | 24864f694f | |
Xavi Lleó | 606548db7e | |
Xavi Lleó | d6c51141bf | |
Juan Ferrer | 0936c97025 | |
Xavi Lleó | 757d3dfe29 | |
Juan Ferrer | c30bfd3ee5 | |
Xavi Lleó | 9dfbe294bc | |
Juan Ferrer | 6d68f76434 | |
Juan Ferrer | 67ae879edf | |
Xavi Lleó | 9464d6d8a3 | |
Xavi Lleó | ed9e69b96b | |
Juan Ferrer | 069d072643 | |
Juan Ferrer | ba4e5fd635 | |
Juan Ferrer | 1b7506d647 | |
Xavi Lleó | c16fe4755e | |
Juan Ferrer | 6bce31ab19 | |
Juan Ferrer | 5f7041dfbf | |
Xavi Lleó | 896ba27da5 | |
Juan Ferrer | 8184838a8d | |
Juan Ferrer | 1adc5db4df | |
Juan Ferrer | 0a73bc63b3 | |
David Lopez | 26556cf5b3 | |
David Lopez | e50986db64 | |
Juan Ferrer | 71dfa53a8c | |
Juan Ferrer | 210edd5b79 | |
Juan Ferrer | 5bf05ebb29 | |
Juan Ferrer | 7b90daa253 | |
Juan Ferrer | a6bb9da5c4 | |
Juan Ferrer | 1553e27281 | |
Juan Ferrer | 18ac55d1c8 | |
Juan Ferrer | 1e565544fe | |
Juan Ferrer | ca9b87b8f8 | |
Juan Ferrer | 5480687b33 | |
Juan Ferrer | 39144527bb | |
Juan Ferrer | bd9059f3c5 | |
Juan Ferrer | ae9dbd78ac | |
Juan Ferrer | 4f264468a2 | |
Juan Ferrer | 3f647cfd5c | |
Juan Ferrer | 77616531ab | |
Juan Ferrer | ae8ff99fc9 | |
Juan Ferrer | 77da5cd525 | |
Juan Ferrer | dff36cc46f | |
Juan Ferrer | fc7a5e6d7d | |
Juan Ferrer | cddc0b4444 | |
Juan Ferrer | 0307c105b2 | |
Juan Ferrer | e3344b7ef2 | |
Juan Ferrer | 4845d08548 | |
Juan Ferrer | 06986ae2bd | |
Juan Ferrer | 74c03400eb | |
Juan Ferrer | f8a765e47c | |
Juan Ferrer | c8b0d9fb1c | |
Juan Ferrer | 4f20789f61 | |
Juan Ferrer | e43c32fdf0 | |
Juan Ferrer | 876dc60606 | |
Juan Ferrer | f033c92278 | |
Juan Ferrer | 29bfaf6b33 | |
Juan Ferrer | fffa279650 | |
Juan Ferrer | 46b9c9d6be | |
Juan Ferrer | 9868439750 | |
Juan Ferrer | c7299d8499 | |
Juan Ferrer | 9b358d0262 | |
Juan Ferrer | 0b7ab9a834 | |
Juan Ferrer | cdeb3098dc | |
Juan Ferrer | ea6a8bed79 | |
Juan Ferrer | 1fa424975a | |
Juan Ferrer | b6d7ca1590 | |
David Lopez | eb08a7f164 | |
David Lopez | 9b1180816f | |
David Lopez | e589f73dcf | |
David Lopez | ba2ac1562a | |
David Lopez | 96260ba51a | |
David Lopez | 0d5998da18 | |
David Lopez | af1c0522f0 | |
David Lopez | 721d9136ab | |
David Lopez | ca6d0623c7 | |
David Lopez | 05e294deec | |
David Lopez | ce78324462 | |
David Lopez | 022304c9f8 | |
David Lopez | 3080f9f7b5 | |
David Lopez | 1cfb9e1443 | |
David Lopez | 5486ed7f9a | |
David Lopez | 721014704f | |
David Lopez | 864db55e11 | |
David Lopez | 4029140e0c | |
David Lopez | 767a5d5595 | |
David Lopez | 001c7d00a3 | |
David Lopez | e6137447f6 | |
David Lopez | 75b08e8556 | |
David Lopez | d786c12628 | |
David Lopez | 163ad42636 | |
David Lopez | 679739ce0a | |
David Lopez | f4c4266510 | |
David Lopez | 9b7b6f6476 | |
David Lopez | b27f23261a | |
Ruben Blanco | 5a7a807531 | |
Ruben Blanco | 1393795a8d | |
Ruben Blanco | b5e29f522c | |
Ruben Blanco | 8ab5a49339 | |
Ruben Blanco | ba91f3e521 | |
Juan Ferrer | f0196ff78a | |
Ruben Blanco | 601a0fb32a | |
Javier Lopez | e0915c6582 | |
Javier Lopez | 627ef87a7e | |
Juan Ferrer | e4743e333c | |
Juan Ferrer | f2e3cf3f0a | |
Ruben Blanco | 61f6e6bd33 | |
Ruben Blanco | a9913cbd43 | |
Ruben Blanco | 2c71068f50 | |
Javier Lopez | 406b5b633b | |
Javier Lopez | 323fabf4db | |
Javier Lopez | 1552906509 |
|
@ -1 +1,6 @@
|
||||||
.vscode/
|
.vscode/
|
||||||
|
.vault-pass
|
||||||
|
.vault.yml
|
||||||
|
.passbolt.yml
|
||||||
|
inventories/local
|
||||||
|
venv
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
PASSBOLT_BASE_URL: https://passbolt.domain.local/
|
||||||
|
PASSBOLT_PASSPHRASE: "S3cr3tP4$$w0rd"
|
||||||
|
PASSBOLT_PRIVATE_KEY: |
|
||||||
|
-----BEGIN PGP PRIVATE KEY BLOCK-----
|
||||||
|
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||||
|
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||||
|
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||||
|
-----END PGP PRIVATE KEY BLOCK-----
|
|
@ -0,0 +1,17 @@
|
||||||
|
Copyright (C) 2024 - Verdnatura Levante S.L.
|
||||||
|
|
||||||
|
This package is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
On Debian systems, the complete text of the GNU General Public
|
||||||
|
License can be found in "/usr/share/common-licenses/GPL-3".
|
|
@ -0,0 +1,111 @@
|
||||||
|
# Verdnatura Ansible playbooks
|
||||||
|
|
||||||
|
Collection of Ansible playbooks used in the Verdnatura server farm.
|
||||||
|
|
||||||
|
## Setup Ansible
|
||||||
|
|
||||||
|
### Debian
|
||||||
|
|
||||||
|
Install Ansible package.
|
||||||
|
```
|
||||||
|
apt install ansible
|
||||||
|
```
|
||||||
|
|
||||||
|
### Python
|
||||||
|
|
||||||
|
Create a Python virtual environment.
|
||||||
|
```
|
||||||
|
python3 -m venv venv
|
||||||
|
source venv/bin/activate
|
||||||
|
pip install --upgrade pip ansible==10.1.0 ansible-builder==3.1.0
|
||||||
|
```
|
||||||
|
|
||||||
|
Before running any Python dependent command, activate the virtual environment.
|
||||||
|
```
|
||||||
|
source venv/bin/activate
|
||||||
|
```
|
||||||
|
|
||||||
|
Once you are done, deactivate the virtual environment.
|
||||||
|
```
|
||||||
|
deactivate
|
||||||
|
```
|
||||||
|
|
||||||
|
### All platforms
|
||||||
|
|
||||||
|
Install dependencies.
|
||||||
|
```
|
||||||
|
pip install -r requirements.txt
|
||||||
|
ansible-galaxy collection install -r collections/requirements.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
## Run playbook
|
||||||
|
|
||||||
|
Before merging changes into protected branches, playbooks should be tested
|
||||||
|
locally to ensure they work properly. The *inventories/local* inventory is not
|
||||||
|
uploaded to the repository and can be used for local testing. In any case, it
|
||||||
|
is advisable to use a different repository to store inventories.
|
||||||
|
|
||||||
|
Run playbook on inventory host.
|
||||||
|
```
|
||||||
|
ansible-playbook -i inventories/local -l <host> [-t tag1,tag2...] playbooks/ping.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
Run playbook on the fly on a host not declared in the inventory.
|
||||||
|
```
|
||||||
|
ansible-playbook -i <ip_or_hostname>, playbooks/ping.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
*Note the comma at the end of the hostname or IP.*
|
||||||
|
|
||||||
|
## Manage secrets
|
||||||
|
|
||||||
|
Secrets can be managed by using Ansible vault or an external keystore, Passbolt
|
||||||
|
is used in this case. It is recommended to use an external keystore to avoid
|
||||||
|
publicly exposing the secrets, even if they are encrypted.
|
||||||
|
|
||||||
|
When running playbooks that use any of the keystores mentioned above, the
|
||||||
|
*run-playbook.sh* script can be used, it is an ovelay over the original
|
||||||
|
*ansible-playbook* command which injects the necessary parameters.
|
||||||
|
|
||||||
|
### Passbolt
|
||||||
|
|
||||||
|
Add the necessary environment variables to the *.passbolt.yml* file, the
|
||||||
|
template file *.passbolt.tpl.yml* is included as a reference:
|
||||||
|
|
||||||
|
* https://galaxy.ansible.com/ui/repo/published/anatomicjc/passbolt/docs/
|
||||||
|
|
||||||
|
### Ansible vault
|
||||||
|
|
||||||
|
To manage Ansible vault place the encryption password into *.vault-pass* file.
|
||||||
|
|
||||||
|
Manage the vault.
|
||||||
|
```
|
||||||
|
ansible-vault {view,edit,create} --vault-pass-file .vault-pass .vault.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
> The files used for the vault must only be used locally and
|
||||||
|
> under **no** circumstances can they be uploaded to the repository.
|
||||||
|
|
||||||
|
## Build execution environment for AWX
|
||||||
|
|
||||||
|
Create an image with *ansible-builder* and upload it to registry.
|
||||||
|
```
|
||||||
|
ansible-builder build --tag awx-ee:vn1
|
||||||
|
```
|
||||||
|
|
||||||
|
## Common playbooks
|
||||||
|
|
||||||
|
* **facts.yml**: Collect and display facts from a host
|
||||||
|
* **ping.yml**: Check that a host is alive and reachable
|
||||||
|
* **awx.yml**: Create and configure AWX user
|
||||||
|
* **debian.yml**: Setup base Debian server
|
||||||
|
|
||||||
|
## Documentation
|
||||||
|
|
||||||
|
* https://docs.ansible.com/ansible/latest/reference_appendices/config.html
|
||||||
|
* https://docs.ansible.com/ansible/latest/collections/ansible/builtin/gather_facts_module.html
|
||||||
|
* https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_vars_facts.html
|
||||||
|
* https://ansible.readthedocs.io/projects/builder/en/latest/
|
||||||
|
* https://www.ansible.com/blog/introduction-to-ansible-builder/
|
||||||
|
* https://github.com/ansible/awx-ee/
|
||||||
|
* https://www.passbolt.com/blog/managing-secrets-in-ansible-using-passbolt
|
|
@ -0,0 +1,11 @@
|
||||||
|
[defaults]
|
||||||
|
remote_user = root
|
||||||
|
host_key_checking = False
|
||||||
|
roles_path = ./roles
|
||||||
|
inventory = ./inventories/lab
|
||||||
|
gathering = smart
|
||||||
|
interpreter_python = auto_silent
|
||||||
|
deprecation_warnings = False
|
||||||
|
|
||||||
|
[privilege_escalation]
|
||||||
|
become = True
|
|
@ -1,31 +1,34 @@
|
||||||
# Collections
|
## Collections
|
||||||
|
|
||||||
The porpouse of collections is get more modules and plugins to use in ansible.
|
The purpose of collections is get more modules and plugins to use in ansible.
|
||||||
|
Place your collection dependencies here in *requirements.yml* and AWX will
|
||||||
Collections are supported by Ansible community.
|
install them automtatically.
|
||||||
|
|
||||||
# Install collections
|
# Install collections
|
||||||
|
|
||||||
In AWX-operator container , execute:
|
In *awx-operator* container, execute:
|
||||||
```
|
```
|
||||||
ansible-galaxy collection install -r requirements.yml
|
ansible-galaxy collection install -r requirements.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
Where `requirements.yml` we need to specify the list of collections that we want to install:
|
Where `requirements.yml` we need to specify the list of collections that we
|
||||||
|
want to install:
|
||||||
```
|
```
|
||||||
collections:
|
collections:
|
||||||
- name: community.general
|
- name: community.general
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
# Collection index:
|
# Collection index
|
||||||
[Index-Ansible-collections](https://docs.ansible.com/ansible/latest/collections/index.html)
|
|
||||||
|
* https://docs.ansible.com/ansible/latest/collections/index.html
|
||||||
|
|
||||||
# List collections
|
# List collections
|
||||||
[Listing-collections](https://docs.ansible.com/ansible/latest/collections_guide/collections_listing.html)
|
|
||||||
|
|
||||||
To list installed collections, run `ansible-galaxy collection list` (inside awx operator container)
|
To list installed collections, run `ansible-galaxy collection list` (inside awx
|
||||||
|
operator container)
|
||||||
|
|
||||||
# Install multiple collections with a requirements file
|
* https://docs.ansible.com/ansible/latest/collections_guide/collections_listing.html
|
||||||
[Install-multiple](https://docs.ansible.com/ansible/devel/collections_guide/collections_installing.html#install-multiple-collections-with-a-requirements-file)
|
|
||||||
|
# Install multiple collections
|
||||||
|
|
||||||
|
* https://docs.ansible.com/ansible/devel/collections_guide/collections_installing.html#install-multiple-collections-with-a-requirements-file
|
||||||
|
|
|
@ -1,14 +1,10 @@
|
||||||
---
|
|
||||||
collections:
|
collections:
|
||||||
- name: community.general
|
|
||||||
version: '>=9.0.0'
|
|
||||||
type: galaxy
|
|
||||||
- name: ansible.posix
|
|
||||||
version: '>=1.5.4'
|
|
||||||
type: galaxy
|
|
||||||
- name: ansible.utils
|
- name: ansible.utils
|
||||||
version: '>=4.1.0'
|
version: '>=4.1.0'
|
||||||
type: galaxy
|
type: galaxy
|
||||||
- name: ansible.windows
|
- name: ansible.windows
|
||||||
version: '>=2.3.0'
|
version: '>=2.3.0'
|
||||||
type: galaxy
|
type: galaxy
|
||||||
|
- name: anatomicjc.passbolt
|
||||||
|
version: '>=0.0.14'
|
||||||
|
type: galaxy
|
||||||
|
|
|
@ -0,0 +1,96 @@
|
||||||
|
ARG EE_BASE_IMAGE="quay.io/centos/centos:stream9"
|
||||||
|
ARG PYCMD="/usr/bin/python3.12"
|
||||||
|
ARG PYPKG="python3.12"
|
||||||
|
ARG PKGMGR_PRESERVE_CACHE=""
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=""
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS=""
|
||||||
|
ARG ANSIBLE_INSTALL_REFS="ansible-core>=2.17.0 ansible-runner==2.4.0"
|
||||||
|
ARG PKGMGR="/usr/bin/dnf"
|
||||||
|
|
||||||
|
# Base build stage
|
||||||
|
FROM $EE_BASE_IMAGE as base
|
||||||
|
USER root
|
||||||
|
ENV PIP_BREAK_SYSTEM_PACKAGES=1
|
||||||
|
ARG EE_BASE_IMAGE
|
||||||
|
ARG PYCMD
|
||||||
|
ARG PYPKG
|
||||||
|
ARG PKGMGR_PRESERVE_CACHE
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||||||
|
ARG ANSIBLE_INSTALL_REFS
|
||||||
|
ARG PKGMGR
|
||||||
|
|
||||||
|
COPY _build/scripts/ /output/scripts/
|
||||||
|
COPY _build/scripts/entrypoint /opt/builder/bin/entrypoint
|
||||||
|
RUN $PKGMGR install $PYPKG -y ; if [ -z $PKGMGR_PRESERVE_CACHE ]; then $PKGMGR clean all; fi
|
||||||
|
RUN /output/scripts/pip_install $PYCMD
|
||||||
|
RUN $PYCMD -m pip install --no-cache-dir $ANSIBLE_INSTALL_REFS
|
||||||
|
|
||||||
|
# Galaxy build stage
|
||||||
|
FROM base as galaxy
|
||||||
|
ARG EE_BASE_IMAGE
|
||||||
|
ARG PYCMD
|
||||||
|
ARG PYPKG
|
||||||
|
ARG PKGMGR_PRESERVE_CACHE
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||||||
|
ARG ANSIBLE_INSTALL_REFS
|
||||||
|
ARG PKGMGR
|
||||||
|
|
||||||
|
RUN /output/scripts/check_galaxy
|
||||||
|
COPY _build /build
|
||||||
|
WORKDIR /build
|
||||||
|
|
||||||
|
RUN mkdir -p /usr/share/ansible
|
||||||
|
RUN ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path "/usr/share/ansible/roles"
|
||||||
|
RUN ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "/usr/share/ansible/collections"
|
||||||
|
|
||||||
|
# Builder build stage
|
||||||
|
FROM base as builder
|
||||||
|
ENV PIP_BREAK_SYSTEM_PACKAGES=1
|
||||||
|
WORKDIR /build
|
||||||
|
ARG EE_BASE_IMAGE
|
||||||
|
ARG PYCMD
|
||||||
|
ARG PYPKG
|
||||||
|
ARG PKGMGR_PRESERVE_CACHE
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||||||
|
ARG ANSIBLE_INSTALL_REFS
|
||||||
|
ARG PKGMGR
|
||||||
|
|
||||||
|
RUN $PYCMD -m pip install --no-cache-dir bindep pyyaml packaging
|
||||||
|
|
||||||
|
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
|
||||||
|
|
||||||
|
COPY _build/requirements.txt requirements.txt
|
||||||
|
COPY _build/bindep.txt bindep.txt
|
||||||
|
RUN $PYCMD /output/scripts/introspect.py introspect --user-pip=requirements.txt --user-bindep=bindep.txt --write-bindep=/tmp/src/bindep.txt --write-pip=/tmp/src/requirements.txt
|
||||||
|
RUN /output/scripts/assemble
|
||||||
|
|
||||||
|
# Final build stage
|
||||||
|
FROM base as final
|
||||||
|
ENV PIP_BREAK_SYSTEM_PACKAGES=1
|
||||||
|
ARG EE_BASE_IMAGE
|
||||||
|
ARG PYCMD
|
||||||
|
ARG PYPKG
|
||||||
|
ARG PKGMGR_PRESERVE_CACHE
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||||||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||||||
|
ARG ANSIBLE_INSTALL_REFS
|
||||||
|
ARG PKGMGR
|
||||||
|
|
||||||
|
RUN /output/scripts/check_ansible $PYCMD
|
||||||
|
|
||||||
|
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
|
||||||
|
|
||||||
|
COPY --from=builder /output/ /output/
|
||||||
|
RUN /output/scripts/install-from-bindep && rm -rf /output/wheels
|
||||||
|
RUN chmod ug+rw /etc/passwd
|
||||||
|
RUN mkdir -p /runner && chgrp 0 /runner && chmod -R ug+rwx /runner
|
||||||
|
WORKDIR /runner
|
||||||
|
RUN $PYCMD -m pip install --no-cache-dir 'dumb-init==1.2.5'
|
||||||
|
RUN rm -rf /output
|
||||||
|
LABEL ansible-execution-environment=true
|
||||||
|
USER 1000
|
||||||
|
ENTRYPOINT ["/opt/builder/bin/entrypoint", "dumb-init"]
|
||||||
|
CMD ["bash"]
|
|
@ -0,0 +1,18 @@
|
||||||
|
git-core [platform:rpm]
|
||||||
|
python3.11-devel [platform:rpm compile]
|
||||||
|
libcurl-devel [platform:rpm compile]
|
||||||
|
krb5-devel [platform:rpm compile]
|
||||||
|
krb5-workstation [platform:rpm]
|
||||||
|
subversion [platform:rpm]
|
||||||
|
subversion [platform:dpkg]
|
||||||
|
git-lfs [platform:rpm]
|
||||||
|
sshpass [platform:rpm]
|
||||||
|
rsync [platform:rpm]
|
||||||
|
epel-release [platform:rpm]
|
||||||
|
unzip [platform:rpm]
|
||||||
|
podman-remote [platform:rpm]
|
||||||
|
cmake [platform:rpm compile]
|
||||||
|
gcc [platform:rpm compile]
|
||||||
|
gcc-c++ [platform:rpm compile]
|
||||||
|
make [platform:rpm compile]
|
||||||
|
openssl-devel [platform:rpm compile]
|
|
@ -0,0 +1,3 @@
|
||||||
|
py-passbolt==0.0.18
|
||||||
|
cryptography==3.3.2
|
||||||
|
PGPy==0.6.0
|
|
@ -0,0 +1,10 @@
|
||||||
|
collections:
|
||||||
|
- name: ansible.utils
|
||||||
|
version: '>=4.1.0'
|
||||||
|
type: galaxy
|
||||||
|
- name: ansible.windows
|
||||||
|
version: '>=2.3.0'
|
||||||
|
type: galaxy
|
||||||
|
- name: anatomicjc.passbolt
|
||||||
|
version: '>=0.0.14'
|
||||||
|
type: galaxy
|
|
@ -0,0 +1,169 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Copyright (c) 2019 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
# implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Make a list of bindep dependencies and a collection of built binary
|
||||||
|
# wheels for the repo in question as well as its python dependencies.
|
||||||
|
# Install javascript tools as well to support python that needs javascript
|
||||||
|
# at build time.
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
RELEASE=$(source /etc/os-release; echo $ID)
|
||||||
|
|
||||||
|
# NOTE(pabelanger): Allow users to force either microdnf or dnf as a package
|
||||||
|
# manager.
|
||||||
|
PKGMGR="${PKGMGR:-}"
|
||||||
|
PKGMGR_OPTS="${PKGMGR_OPTS:-}"
|
||||||
|
PKGMGR_PRESERVE_CACHE="${PKGMGR_PRESERVE_CACHE:-}"
|
||||||
|
|
||||||
|
PYCMD="${PYCMD:=/usr/bin/python3}"
|
||||||
|
PIPCMD="${PIPCMD:=$PYCMD -m pip}"
|
||||||
|
|
||||||
|
if [ -z $PKGMGR ]; then
|
||||||
|
# Expect dnf to be installed, however if we find microdnf default to it.
|
||||||
|
PKGMGR=/usr/bin/dnf
|
||||||
|
if [ -f "/usr/bin/microdnf" ]; then
|
||||||
|
PKGMGR=/usr/bin/microdnf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$PKGMGR" = "/usr/bin/microdnf" ]
|
||||||
|
then
|
||||||
|
if [ -z "${PKGMGR_OPTS}" ]; then
|
||||||
|
# NOTE(pabelanger): skip install docs and weak dependencies to
|
||||||
|
# make smaller images. Sadly, setting these in dnf.conf don't
|
||||||
|
# appear to work.
|
||||||
|
PKGMGR_OPTS="--nodocs --setopt install_weak_deps=0"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# NOTE(pabelanger): Ensure all the directory we use exists regardless
|
||||||
|
# of the user first creating them or not.
|
||||||
|
mkdir -p /output/bindep
|
||||||
|
mkdir -p /output/wheels
|
||||||
|
mkdir -p /tmp/src
|
||||||
|
|
||||||
|
cd /tmp/src
|
||||||
|
|
||||||
|
function install_bindep {
|
||||||
|
# Protect from the bindep builder image use of the assemble script
|
||||||
|
# to produce a wheel. Note we append because we want all
|
||||||
|
# sibling packages in here too
|
||||||
|
if [ -f bindep.txt ] ; then
|
||||||
|
bindep -l newline | sort >> /output/bindep/run.txt || true
|
||||||
|
if [ "$RELEASE" == "centos" ] ; then
|
||||||
|
bindep -l newline -b epel | sort >> /output/bindep/stage.txt || true
|
||||||
|
grep -Fxvf /output/bindep/run.txt /output/bindep/stage.txt >> /output/bindep/epel.txt || true
|
||||||
|
rm -rf /output/bindep/stage.txt
|
||||||
|
fi
|
||||||
|
compile_packages=$(bindep -b compile || true)
|
||||||
|
if [ ! -z "$compile_packages" ] ; then
|
||||||
|
$PKGMGR install -y $PKGMGR_OPTS ${compile_packages}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function install_wheels {
|
||||||
|
# NOTE(pabelanger): If there are build requirements to install, do so.
|
||||||
|
# However do not cache them as we do not want them in the final image.
|
||||||
|
if [ -f /tmp/src/build-requirements.txt ] && [ ! -f /tmp/src/.build-requirements.txt ] ; then
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --no-cache -r /tmp/src/build-requirements.txt
|
||||||
|
touch /tmp/src/.build-requirements.txt
|
||||||
|
fi
|
||||||
|
# Build a wheel so that we have an install target.
|
||||||
|
# pip install . in the container context with the mounted
|
||||||
|
# source dir gets ... exciting, if setup.py exists.
|
||||||
|
# We run sdist first to trigger code generation steps such
|
||||||
|
# as are found in zuul, since the sequencing otherwise
|
||||||
|
# happens in a way that makes wheel content copying unhappy.
|
||||||
|
# pip wheel isn't used here because it puts all of the output
|
||||||
|
# in the output dir and not the wheel cache, so it's not
|
||||||
|
# possible to tell what is the wheel for the project and
|
||||||
|
# what is the wheel cache.
|
||||||
|
if [ -f setup.py ] ; then
|
||||||
|
$PYCMD setup.py sdist bdist_wheel -d /output/wheels
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Install everything so that the wheel cache is populated with
|
||||||
|
# transitive depends. If a requirements.txt file exists, install
|
||||||
|
# it directly so that people can use git url syntax to do things
|
||||||
|
# like pick up patched but unreleased versions of dependencies.
|
||||||
|
# Only do this for the main package (i.e. only write requirements
|
||||||
|
# once).
|
||||||
|
if [ -f /tmp/src/requirements.txt ] && [ ! -f /output/requirements.txt ] ; then
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --cache-dir=/output/wheels -r /tmp/src/requirements.txt
|
||||||
|
cp /tmp/src/requirements.txt /output/requirements.txt
|
||||||
|
fi
|
||||||
|
# If we didn't build wheels, we can skip trying to install it.
|
||||||
|
if [ $(ls -1 /output/wheels/*whl 2>/dev/null | wc -l) -gt 0 ]; then
|
||||||
|
$PIPCMD uninstall -y /output/wheels/*.whl
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --cache-dir=/output/wheels /output/wheels/*whl
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
PACKAGES=$*
|
||||||
|
PIP_OPTS="${PIP_OPTS-}"
|
||||||
|
|
||||||
|
# bindep the main package
|
||||||
|
install_bindep
|
||||||
|
|
||||||
|
# go through ZUUL_SIBLINGS, if any, and build those wheels too
|
||||||
|
for sibling in ${ZUUL_SIBLINGS:-}; do
|
||||||
|
pushd .zuul-siblings/${sibling}
|
||||||
|
install_bindep
|
||||||
|
popd
|
||||||
|
done
|
||||||
|
|
||||||
|
# Use a clean virtualenv for install steps to prevent things from the
|
||||||
|
# current environment making us not build a wheel.
|
||||||
|
# NOTE(pabelanger): We allow users to install distro python packages of
|
||||||
|
# libraries. This is important for projects that eventually want to produce
|
||||||
|
# an RPM or offline install.
|
||||||
|
$PYCMD -m venv /tmp/venv --system-site-packages --without-pip
|
||||||
|
source /tmp/venv/bin/activate
|
||||||
|
|
||||||
|
# If there is an upper-constraints.txt file in the source tree,
|
||||||
|
# use it in the pip commands.
|
||||||
|
if [ -f /tmp/src/upper-constraints.txt ] ; then
|
||||||
|
cp /tmp/src/upper-constraints.txt /output/upper-constraints.txt
|
||||||
|
CONSTRAINTS="-c /tmp/src/upper-constraints.txt"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If we got a list of packages, install them, otherwise install the
|
||||||
|
# main package.
|
||||||
|
if [[ $PACKAGES ]] ; then
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --cache-dir=/output/wheels $PACKAGES
|
||||||
|
for package in $PACKAGES ; do
|
||||||
|
echo "$package" >> /output/packages.txt
|
||||||
|
done
|
||||||
|
else
|
||||||
|
install_wheels
|
||||||
|
fi
|
||||||
|
|
||||||
|
# go through ZUUL_SIBLINGS, if any, and build those wheels too
|
||||||
|
for sibling in ${ZUUL_SIBLINGS:-}; do
|
||||||
|
pushd .zuul-siblings/${sibling}
|
||||||
|
install_wheels
|
||||||
|
popd
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -z $PKGMGR_PRESERVE_CACHE ]; then
|
||||||
|
$PKGMGR clean all
|
||||||
|
rm -rf /var/cache/{dnf,yum}
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -rf /var/lib/dnf/history.*
|
||||||
|
rm -rf /var/log/{dnf.*,hawkey.log}
|
||||||
|
rm -rf /tmp/venv
|
|
@ -0,0 +1,110 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Copyright (c) 2023 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
# implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
#####################################################################
|
||||||
|
# Script to validate that Ansible and Ansible Runner are installed.
|
||||||
|
#
|
||||||
|
# Usage: check_ansible <PYCMD>
|
||||||
|
#
|
||||||
|
# Options:
|
||||||
|
# PYCMD - The path to the python executable to use.
|
||||||
|
#####################################################################
|
||||||
|
|
||||||
|
set -x
|
||||||
|
|
||||||
|
PYCMD=$1
|
||||||
|
|
||||||
|
if [ -z "$PYCMD" ]
|
||||||
|
then
|
||||||
|
echo "Usage: check_ansible <PYCMD>"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -x "$PYCMD" ]
|
||||||
|
then
|
||||||
|
echo "$PYCMD is not an executable"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ansible --version
|
||||||
|
|
||||||
|
if [ $? -ne 0 ]
|
||||||
|
then
|
||||||
|
cat<<EOF
|
||||||
|
**********************************************************************
|
||||||
|
ERROR - Missing Ansible installation
|
||||||
|
|
||||||
|
An Ansible installation cannot be found in the final builder image.
|
||||||
|
|
||||||
|
Ansible must be installed in the final image. If you are using a
|
||||||
|
recent enough version of the execution environment file, you may
|
||||||
|
use the 'dependencies.ansible_core' configuration option to install
|
||||||
|
Ansible for you, or use 'additional_build_steps' to manually do
|
||||||
|
this yourself. Alternatively, use a base image with Ansible already
|
||||||
|
installed.
|
||||||
|
**********************************************************************
|
||||||
|
EOF
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ansible-runner --version
|
||||||
|
|
||||||
|
if [ $? -ne 0 ]
|
||||||
|
then
|
||||||
|
cat<<EOF
|
||||||
|
**********************************************************************
|
||||||
|
ERROR - Missing Ansible Runner installation
|
||||||
|
|
||||||
|
An Ansible Runner installation cannot be found in the final builder
|
||||||
|
image.
|
||||||
|
|
||||||
|
Ansible Runner must be installed in the final image. If you are
|
||||||
|
using a recent enough version of the execution environment file, you
|
||||||
|
may use the 'dependencies.ansible_runner' configuration option to
|
||||||
|
install Ansible Runner for you, or use 'additional_build_steps' to
|
||||||
|
manually do this yourself. Alternatively, use a base image with
|
||||||
|
Ansible Runner already installed.
|
||||||
|
**********************************************************************
|
||||||
|
EOF
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
$PYCMD -c 'import ansible ; import ansible_runner'
|
||||||
|
|
||||||
|
if [ $? -ne 0 ]
|
||||||
|
then
|
||||||
|
cat<<EOF
|
||||||
|
**********************************************************************
|
||||||
|
ERROR - Missing Ansible or Ansible Runner for selected Python
|
||||||
|
|
||||||
|
An Ansible and/or Ansible Runner installation cannot be found in
|
||||||
|
the final builder image using the following Python interpreter:
|
||||||
|
|
||||||
|
$PYCMD
|
||||||
|
|
||||||
|
Ansible and Ansible Runner must be installed in the final image and
|
||||||
|
available to the selected Python interpreter. If you are using a
|
||||||
|
recent enough version of the execution environment file, you may use
|
||||||
|
the 'dependencies.ansible_core' configuration option to install
|
||||||
|
Ansible and the 'dependencies.ansible_runner' configuration option
|
||||||
|
to install Ansible Runner. You can also use 'additional_build_steps'
|
||||||
|
to manually do this yourself. Alternatively, use a base image with
|
||||||
|
Ansible and Ansible Runner already installed.
|
||||||
|
**********************************************************************
|
||||||
|
EOF
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
exit 0
|
|
@ -0,0 +1,46 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Copyright (c) 2023 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
# implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
#####################################################################
|
||||||
|
# Script to validate that Ansible Galaxy is installed on the system.
|
||||||
|
#####################################################################
|
||||||
|
|
||||||
|
set -x
|
||||||
|
|
||||||
|
ansible-galaxy --version
|
||||||
|
|
||||||
|
if [ $? -ne 0 ]
|
||||||
|
then
|
||||||
|
cat<<EOF
|
||||||
|
**********************************************************************
|
||||||
|
ERROR - Missing Ansible installation
|
||||||
|
|
||||||
|
The 'ansible-galaxy' command is not found in the base image. This
|
||||||
|
image is used to create the intermediary image that performs the
|
||||||
|
Galaxy collection and role installation process.
|
||||||
|
|
||||||
|
Ansible must be installed in the base image. If you are using a
|
||||||
|
recent enough version of the execution environment file, you may
|
||||||
|
use the 'dependencies.ansible_core' configuration option to install
|
||||||
|
Ansible for you, or use 'additional_build_steps' to manually do
|
||||||
|
this yourself. Alternatively, use a base image with Ansible already
|
||||||
|
installed.
|
||||||
|
**********************************************************************
|
||||||
|
EOF
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
|
@ -0,0 +1,152 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# Copyright: (c) 2023, Ansible Project
|
||||||
|
# Apache License, Version 2.0 (see LICENSE.md or https://www.apache.org/licenses/LICENSE-2.0)
|
||||||
|
|
||||||
|
# This entrypoint script papers over a number of problems that manifest under different container runtimes when
|
||||||
|
# using ephemeral UIDs, then chain-execs to the requested init system and/or command. It is an implementation
|
||||||
|
# detail for the convenience of Ansible execution environments built by ansible-builder.
|
||||||
|
#
|
||||||
|
# If we're running as a legit user that has an entry in /etc/passwd and a valid and writeable homedir, we're all good.
|
||||||
|
#
|
||||||
|
# If the current uid is not in /etc/passwd, we'll attempt to add it, but /etc/passwd is often not writable by GID 0.
|
||||||
|
# `ansible-builder` defaults to making /etc/passwd writable by GID0 by default for maximum compatibility, but this is
|
||||||
|
# not guaranteed. Some runtimes/wrappers (eg podman, cri-o) already create an /etc/passwd entry on the fly as-needed,
|
||||||
|
# but they may set the homedir to something inaccessible (eg, `/`, WORKDIR).
|
||||||
|
#
|
||||||
|
# There are numerous cases where a missing or incorrect homedir in /etc/passwd are fatal. It breaks
|
||||||
|
# `async` in ansible-core, things like `echo ~someuid`, and numerous other software packages that assume a valid POSIX
|
||||||
|
# user configuration.
|
||||||
|
#
|
||||||
|
# If the homedir listed in /etc/passwd is not writeable by the current user (supposed to be primary GID0), we'll try
|
||||||
|
# to make it writeable (except `/`), or select another writeable home directory from `$HOME`, `/runner`, or `/tmp` and
|
||||||
|
# update $HOME (and /etc/passwd if possible) accordingly for the current process chain.
|
||||||
|
#
|
||||||
|
# This script is generally silent by default, but some likely-fatal cases will issue a brief warning to stderr. The
|
||||||
|
# envvars described below can be set before container init to cause faster failures and/or get tracing output.
|
||||||
|
|
||||||
|
# options:
|
||||||
|
# EP_BASH_DEBUG=1 (enable set -x)
|
||||||
|
# EP_DEBUG_TRACE=1 (enable debug trace to stderr)
|
||||||
|
# EP_ON_ERROR=ignore/warn/fail (default ignore)
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
if (( "${EP_BASH_DEBUG:=0}" == 1 )); then
|
||||||
|
set -x
|
||||||
|
fi
|
||||||
|
|
||||||
|
: "${EP_DEBUG_TRACE:=0}"
|
||||||
|
: "${EP_ON_ERROR:=warn}"
|
||||||
|
: "${HOME:=}"
|
||||||
|
CUR_UID=$(id -u)
|
||||||
|
CUR_USERNAME=$(id -u -n 2> /dev/null || true) # whoami-free way to get current username, falls back to current uid
|
||||||
|
|
||||||
|
DEFAULT_HOME="/runner"
|
||||||
|
DEFAULT_SHELL="/bin/bash"
|
||||||
|
|
||||||
|
if (( "$EP_DEBUG_TRACE" == 1 )); then
|
||||||
|
function log_debug() { echo "EP_DEBUG: $1" 1>&2; }
|
||||||
|
else
|
||||||
|
function log_debug() { :; }
|
||||||
|
fi
|
||||||
|
|
||||||
|
log_debug "entrypoint.sh started"
|
||||||
|
|
||||||
|
case "$EP_ON_ERROR" in
|
||||||
|
"fail")
|
||||||
|
function maybe_fail() { echo "EP_FAIL: $1" 1>&2; exit 1; }
|
||||||
|
;;
|
||||||
|
"warn")
|
||||||
|
function maybe_fail() { echo "EP_WARN: $1" 1>&2; }
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
function maybe_fail() { log_debug "EP_FAIL (ignored): $1"; }
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
function is_dir_writable() {
|
||||||
|
[ -d "$1" ] && [ -w "$1" ] && [ -x "$1" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
function ensure_current_uid_in_passwd() {
|
||||||
|
log_debug "is current uid ${CUR_UID} in /etc/passwd?"
|
||||||
|
|
||||||
|
if ! getent passwd "${CUR_USERNAME}" &> /dev/null ; then
|
||||||
|
if [ -w "/etc/passwd" ]; then
|
||||||
|
log_debug "appending missing uid ${CUR_UID} into /etc/passwd"
|
||||||
|
# use the default homedir; we may have to rewrite it to another value later if it's inaccessible
|
||||||
|
echo "${CUR_UID}:x:${CUR_UID}:0:container user ${CUR_UID}:${DEFAULT_HOME}:${DEFAULT_SHELL}" >> /etc/passwd
|
||||||
|
else
|
||||||
|
maybe_fail "uid ${CUR_UID} is missing from /etc/passwd, which is not writable; this error is likely fatal"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
log_debug "current uid is already in /etc/passwd"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function ensure_writeable_homedir() {
|
||||||
|
if (is_dir_writable "${CANDIDATE_HOME}") ; then
|
||||||
|
log_debug "candidate homedir ${CANDIDATE_HOME} is valid and writeable"
|
||||||
|
else
|
||||||
|
if [ "${CANDIDATE_HOME}" == "/" ]; then
|
||||||
|
log_debug "skipping attempt to fix permissions on / as homedir"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
log_debug "candidate homedir ${CANDIDATE_HOME} is missing or not writeable; attempt to fix"
|
||||||
|
if ! (mkdir -p "${CANDIDATE_HOME}" >& /dev/null && chmod -R ug+rwx "${CANDIDATE_HOME}" >& /dev/null) ; then
|
||||||
|
log_debug "candidate homedir ${CANDIDATE_HOME} cannot be made writeable"
|
||||||
|
return 1
|
||||||
|
else
|
||||||
|
log_debug "candidate homedir ${CANDIDATE_HOME} was successfully made writeable"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# this might work; export it even if we end up not being able to update /etc/passwd
|
||||||
|
# this ensures the envvar matches current reality for this session; future sessions should set automatically if /etc/passwd is accurate
|
||||||
|
export HOME=${CANDIDATE_HOME}
|
||||||
|
|
||||||
|
if [ "${CANDIDATE_HOME}" == "${PASSWD_HOME}" ] ; then
|
||||||
|
log_debug "candidate homedir ${CANDIDATE_HOME} matches /etc/passwd"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! [ -w /etc/passwd ]; then
|
||||||
|
log_debug "candidate homedir ${CANDIDATE_HOME} is valid for ${CUR_USERNAME}, but /etc/passwd is not writable to update it"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
log_debug "resetting homedir for user ${CUR_USERNAME} to ${CANDIDATE_HOME} in /etc/passwd"
|
||||||
|
|
||||||
|
# sed -i wants to create a tempfile next to the original, which won't work with /etc permissions in many cases,
|
||||||
|
# so just do it in memory and overwrite the existing file if we succeeded
|
||||||
|
NEWPW=$(sed -r "s;(^${CUR_USERNAME}:(.*:){4})(.*:);\1${CANDIDATE_HOME}:;g" /etc/passwd)
|
||||||
|
echo "${NEWPW}" > /etc/passwd
|
||||||
|
}
|
||||||
|
|
||||||
|
ensure_current_uid_in_passwd
|
||||||
|
|
||||||
|
log_debug "current value of HOME is ${HOME}"
|
||||||
|
|
||||||
|
PASSWD_HOME=$(getent passwd "${CUR_USERNAME}" | cut -d: -f6)
|
||||||
|
log_debug "user ${CUR_USERNAME} homedir from /etc/passwd is ${PASSWD_HOME}"
|
||||||
|
|
||||||
|
CANDIDATE_HOMES=("${PASSWD_HOME}" "${HOME}" "${DEFAULT_HOME}" "/tmp")
|
||||||
|
|
||||||
|
# we'll set this in the loop as soon as we find a writeable dir
|
||||||
|
unset HOME
|
||||||
|
|
||||||
|
for CANDIDATE_HOME in "${CANDIDATE_HOMES[@]}"; do
|
||||||
|
if ensure_writeable_homedir ; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
if ! [ -v HOME ] ; then
|
||||||
|
maybe_fail "a valid homedir could not be set for ${CUR_USERNAME}; this is likely fatal"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# chain exec whatever we were asked to run (ideally an init system) to keep any envvar state we've set
|
||||||
|
log_debug "chain exec-ing requested command $*"
|
||||||
|
exec "${@}"
|
|
@ -0,0 +1,105 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Copyright (c) 2019 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
# implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
# NOTE(pabelanger): Allow users to force either microdnf or dnf as a package
|
||||||
|
# manager.
|
||||||
|
PKGMGR="${PKGMGR:-}"
|
||||||
|
PKGMGR_OPTS="${PKGMGR_OPTS:-}"
|
||||||
|
PKGMGR_PRESERVE_CACHE="${PKGMGR_PRESERVE_CACHE:-}"
|
||||||
|
|
||||||
|
PYCMD="${PYCMD:=/usr/bin/python3}"
|
||||||
|
PIPCMD="${PIPCMD:=$PYCMD -m pip}"
|
||||||
|
PIP_OPTS="${PIP_OPTS-}"
|
||||||
|
|
||||||
|
if [ -z $PKGMGR ]; then
|
||||||
|
# Expect dnf to be installed, however if we find microdnf default to it.
|
||||||
|
PKGMGR=/usr/bin/dnf
|
||||||
|
if [ -f "/usr/bin/microdnf" ]; then
|
||||||
|
PKGMGR=/usr/bin/microdnf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$PKGMGR" = "/usr/bin/microdnf" ]
|
||||||
|
then
|
||||||
|
if [ -z "${PKGMGR_OPTS}" ]; then
|
||||||
|
# NOTE(pabelanger): skip install docs and weak dependencies to
|
||||||
|
# make smaller images. Sadly, setting these in dnf.conf don't
|
||||||
|
# appear to work.
|
||||||
|
PKGMGR_OPTS="--nodocs --setopt install_weak_deps=0"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f /output/bindep/run.txt ] ; then
|
||||||
|
PACKAGES=$(cat /output/bindep/run.txt)
|
||||||
|
if [ ! -z "$PACKAGES" ]; then
|
||||||
|
$PKGMGR install -y $PKGMGR_OPTS $PACKAGES
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f /output/bindep/epel.txt ] ; then
|
||||||
|
EPEL_PACKAGES=$(cat /output/bindep/epel.txt)
|
||||||
|
if [ ! -z "$EPEL_PACKAGES" ]; then
|
||||||
|
$PKGMGR install -y $PKGMGR_OPTS --enablerepo epel $EPEL_PACKAGES
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If there's a constraints file, use it.
|
||||||
|
if [ -f /output/upper-constraints.txt ] ; then
|
||||||
|
CONSTRAINTS="-c /output/upper-constraints.txt"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If a requirements.txt file exists,
|
||||||
|
# install it directly so that people can use git url syntax
|
||||||
|
# to do things like pick up patched but unreleased versions
|
||||||
|
# of dependencies.
|
||||||
|
if [ -f /output/requirements.txt ] ; then
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --cache-dir=/output/wheels -r /output/requirements.txt
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Add any requested extras to the list of things to install
|
||||||
|
EXTRAS=""
|
||||||
|
for extra in $* ; do
|
||||||
|
EXTRAS="${EXTRAS} -r /output/$extra/requirements.txt"
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -f /output/packages.txt ] ; then
|
||||||
|
# If a package list was passed to assemble, install that in the final
|
||||||
|
# image.
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --cache-dir=/output/wheels -r /output/packages.txt $EXTRAS
|
||||||
|
else
|
||||||
|
# Install the wheels. Uninstall any existing version as siblings maybe
|
||||||
|
# be built with the same version number as the latest release, but we
|
||||||
|
# really want the speculatively built wheels installed over any
|
||||||
|
# automatic dependencies.
|
||||||
|
# NOTE(pabelanger): It is possible a project may not have a wheel, but does have requirements.txt
|
||||||
|
if [ $(ls -1 /output/wheels/*whl 2>/dev/null | wc -l) -gt 0 ]; then
|
||||||
|
$PIPCMD uninstall -y /output/wheels/*.whl
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --cache-dir=/output/wheels /output/wheels/*.whl $EXTRAS
|
||||||
|
elif [ ! -z "$EXTRAS" ] ; then
|
||||||
|
$PIPCMD uninstall -y $EXTRAS
|
||||||
|
$PIPCMD install $CONSTRAINTS $PIP_OPTS --cache-dir=/output/wheels $EXTRAS
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# clean up after ourselves, unless requested to keep the cache
|
||||||
|
if [[ "$PKGMGR_PRESERVE_CACHE" != always ]]; then
|
||||||
|
$PKGMGR clean all
|
||||||
|
rm -rf /var/cache/{dnf,yum}
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -rf /var/lib/dnf/history.*
|
||||||
|
rm -rf /var/log/{dnf.*,hawkey.log}
|
|
@ -0,0 +1,507 @@
|
||||||
|
from __future__ import annotations
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import logging
|
||||||
|
import os
|
||||||
|
import re
|
||||||
|
import sys
|
||||||
|
import yaml
|
||||||
|
|
||||||
|
from packaging.requirements import InvalidRequirement, Requirement
|
||||||
|
|
||||||
|
|
||||||
|
BASE_COLLECTIONS_PATH = '/usr/share/ansible/collections'
|
||||||
|
|
||||||
|
|
||||||
|
# regex for a comment at the start of a line, or embedded with leading space(s)
|
||||||
|
COMMENT_RE = re.compile(r'(?:^|\s+)#.*$')
|
||||||
|
|
||||||
|
|
||||||
|
EXCLUDE_REQUIREMENTS = frozenset((
|
||||||
|
# obviously already satisfied or unwanted
|
||||||
|
'ansible', 'ansible-base', 'python', 'ansible-core',
|
||||||
|
# general python test requirements
|
||||||
|
'tox', 'pycodestyle', 'yamllint', 'pylint',
|
||||||
|
'flake8', 'pytest', 'pytest-xdist', 'coverage', 'mock', 'testinfra',
|
||||||
|
# test requirements highly specific to Ansible testing
|
||||||
|
'ansible-lint', 'molecule', 'galaxy-importer', 'voluptuous',
|
||||||
|
# already present in image for py3 environments
|
||||||
|
'yaml', 'pyyaml', 'json',
|
||||||
|
))
|
||||||
|
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class CollectionDefinition:
|
||||||
|
"""
|
||||||
|
This class represents the dependency metadata for a collection
|
||||||
|
should be replaced by logic to hit the Galaxy API if made available
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self, collection_path):
|
||||||
|
self.reference_path = collection_path
|
||||||
|
|
||||||
|
# NOTE: Filenames should match constants.DEAFULT_EE_BASENAME and constants.YAML_FILENAME_EXTENSIONS.
|
||||||
|
meta_file_base = os.path.join(collection_path, 'meta', 'execution-environment')
|
||||||
|
ee_exists = False
|
||||||
|
for ext in ('yml', 'yaml'):
|
||||||
|
meta_file = f"{meta_file_base}.{ext}"
|
||||||
|
if os.path.exists(meta_file):
|
||||||
|
with open(meta_file, 'r') as f:
|
||||||
|
self.raw = yaml.safe_load(f)
|
||||||
|
ee_exists = True
|
||||||
|
break
|
||||||
|
|
||||||
|
if not ee_exists:
|
||||||
|
self.raw = {'version': 1, 'dependencies': {}}
|
||||||
|
# Automatically infer requirements for collection
|
||||||
|
for entry, filename in [('python', 'requirements.txt'), ('system', 'bindep.txt')]:
|
||||||
|
candidate_file = os.path.join(collection_path, filename)
|
||||||
|
if has_content(candidate_file):
|
||||||
|
self.raw['dependencies'][entry] = filename
|
||||||
|
|
||||||
|
def target_dir(self):
|
||||||
|
namespace, name = self.namespace_name()
|
||||||
|
return os.path.join(
|
||||||
|
BASE_COLLECTIONS_PATH, 'ansible_collections',
|
||||||
|
namespace, name
|
||||||
|
)
|
||||||
|
|
||||||
|
def namespace_name(self):
|
||||||
|
"Returns 2-tuple of namespace and name"
|
||||||
|
path_parts = [p for p in self.reference_path.split(os.path.sep) if p]
|
||||||
|
return tuple(path_parts[-2:])
|
||||||
|
|
||||||
|
def get_dependency(self, entry):
|
||||||
|
"""A collection is only allowed to reference a file by a relative path
|
||||||
|
which is relative to the collection root
|
||||||
|
"""
|
||||||
|
req_file = self.raw.get('dependencies', {}).get(entry)
|
||||||
|
if req_file is None:
|
||||||
|
return None
|
||||||
|
if os.path.isabs(req_file):
|
||||||
|
raise RuntimeError(
|
||||||
|
'Collections must specify relative paths for requirements files. '
|
||||||
|
f'The file {req_file} specified by {self.reference_path} violates this.'
|
||||||
|
)
|
||||||
|
|
||||||
|
return req_file
|
||||||
|
|
||||||
|
|
||||||
|
def line_is_empty(line):
|
||||||
|
return bool((not line.strip()) or line.startswith('#'))
|
||||||
|
|
||||||
|
|
||||||
|
def read_req_file(path):
|
||||||
|
"""Provide some minimal error and display handling for file reading"""
|
||||||
|
if not os.path.exists(path):
|
||||||
|
print(f'Expected requirements file not present at: {os.path.abspath(path)}')
|
||||||
|
with open(path, 'r') as f:
|
||||||
|
return f.read()
|
||||||
|
|
||||||
|
|
||||||
|
def pip_file_data(path):
|
||||||
|
pip_content = read_req_file(path)
|
||||||
|
|
||||||
|
pip_lines = []
|
||||||
|
for line in pip_content.split('\n'):
|
||||||
|
if line_is_empty(line):
|
||||||
|
continue
|
||||||
|
if line.startswith('-r') or line.startswith('--requirement'):
|
||||||
|
_, new_filename = line.split(None, 1)
|
||||||
|
new_path = os.path.join(os.path.dirname(path or '.'), new_filename)
|
||||||
|
pip_lines.extend(pip_file_data(new_path))
|
||||||
|
else:
|
||||||
|
pip_lines.append(line)
|
||||||
|
|
||||||
|
return pip_lines
|
||||||
|
|
||||||
|
|
||||||
|
def bindep_file_data(path):
|
||||||
|
sys_content = read_req_file(path)
|
||||||
|
|
||||||
|
sys_lines = []
|
||||||
|
for line in sys_content.split('\n'):
|
||||||
|
if line_is_empty(line):
|
||||||
|
continue
|
||||||
|
sys_lines.append(line)
|
||||||
|
|
||||||
|
return sys_lines
|
||||||
|
|
||||||
|
|
||||||
|
def process_collection(path):
|
||||||
|
"""Return a tuple of (python_dependencies, system_dependencies) for the
|
||||||
|
collection install path given.
|
||||||
|
Both items returned are a list of dependencies.
|
||||||
|
|
||||||
|
:param str path: root directory of collection (this would contain galaxy.yml file)
|
||||||
|
"""
|
||||||
|
col_def = CollectionDefinition(path)
|
||||||
|
|
||||||
|
py_file = col_def.get_dependency('python')
|
||||||
|
pip_lines = []
|
||||||
|
if py_file:
|
||||||
|
pip_lines = pip_file_data(os.path.join(path, py_file))
|
||||||
|
|
||||||
|
sys_file = col_def.get_dependency('system')
|
||||||
|
bindep_lines = []
|
||||||
|
if sys_file:
|
||||||
|
bindep_lines = bindep_file_data(os.path.join(path, sys_file))
|
||||||
|
|
||||||
|
return (pip_lines, bindep_lines)
|
||||||
|
|
||||||
|
|
||||||
|
def process(data_dir=BASE_COLLECTIONS_PATH,
|
||||||
|
user_pip=None,
|
||||||
|
user_bindep=None,
|
||||||
|
exclude_pip=None,
|
||||||
|
exclude_bindep=None,
|
||||||
|
exclude_collections=None):
|
||||||
|
"""
|
||||||
|
Build a dictionary of Python and system requirements from any collections
|
||||||
|
installed in data_dir, and any user specified requirements.
|
||||||
|
|
||||||
|
Excluded requirements, if any, will be inserted into the return dict.
|
||||||
|
|
||||||
|
Example return dict:
|
||||||
|
{
|
||||||
|
'python': {
|
||||||
|
'collection.a': ['abc', 'def'],
|
||||||
|
'collection.b': ['ghi'],
|
||||||
|
'user': ['jkl'],
|
||||||
|
'exclude: ['abc'],
|
||||||
|
},
|
||||||
|
'system': {
|
||||||
|
'collection.a': ['ZYX'],
|
||||||
|
'user': ['WVU'],
|
||||||
|
'exclude': ['ZYX'],
|
||||||
|
},
|
||||||
|
'excluded_collections': [
|
||||||
|
'a.b',
|
||||||
|
]
|
||||||
|
}
|
||||||
|
"""
|
||||||
|
paths = []
|
||||||
|
path_root = os.path.join(data_dir, 'ansible_collections')
|
||||||
|
|
||||||
|
# build a list of all the valid collection paths
|
||||||
|
if os.path.exists(path_root):
|
||||||
|
for namespace in sorted(os.listdir(path_root)):
|
||||||
|
if not os.path.isdir(os.path.join(path_root, namespace)):
|
||||||
|
continue
|
||||||
|
for name in sorted(os.listdir(os.path.join(path_root, namespace))):
|
||||||
|
collection_dir = os.path.join(path_root, namespace, name)
|
||||||
|
if not os.path.isdir(collection_dir):
|
||||||
|
continue
|
||||||
|
files_list = os.listdir(collection_dir)
|
||||||
|
if 'galaxy.yml' in files_list or 'MANIFEST.json' in files_list:
|
||||||
|
paths.append(collection_dir)
|
||||||
|
|
||||||
|
# populate the requirements content
|
||||||
|
py_req = {}
|
||||||
|
sys_req = {}
|
||||||
|
for path in paths:
|
||||||
|
col_pip_lines, col_sys_lines = process_collection(path)
|
||||||
|
col_def = CollectionDefinition(path)
|
||||||
|
namespace, name = col_def.namespace_name()
|
||||||
|
key = f'{namespace}.{name}'
|
||||||
|
|
||||||
|
if col_pip_lines:
|
||||||
|
py_req[key] = col_pip_lines
|
||||||
|
|
||||||
|
if col_sys_lines:
|
||||||
|
sys_req[key] = col_sys_lines
|
||||||
|
|
||||||
|
# add on entries from user files, if they are given
|
||||||
|
if user_pip:
|
||||||
|
col_pip_lines = pip_file_data(user_pip)
|
||||||
|
if col_pip_lines:
|
||||||
|
py_req['user'] = col_pip_lines
|
||||||
|
if exclude_pip:
|
||||||
|
col_pip_exclude_lines = pip_file_data(exclude_pip)
|
||||||
|
if col_pip_exclude_lines:
|
||||||
|
py_req['exclude'] = col_pip_exclude_lines
|
||||||
|
if user_bindep:
|
||||||
|
col_sys_lines = bindep_file_data(user_bindep)
|
||||||
|
if col_sys_lines:
|
||||||
|
sys_req['user'] = col_sys_lines
|
||||||
|
if exclude_bindep:
|
||||||
|
col_sys_exclude_lines = bindep_file_data(exclude_bindep)
|
||||||
|
if col_sys_exclude_lines:
|
||||||
|
sys_req['exclude'] = col_sys_exclude_lines
|
||||||
|
|
||||||
|
retval = {
|
||||||
|
'python': py_req,
|
||||||
|
'system': sys_req,
|
||||||
|
}
|
||||||
|
|
||||||
|
if exclude_collections:
|
||||||
|
# This file should just be a newline separated list of collection names,
|
||||||
|
# so reusing bindep_file_data() to read it should work fine.
|
||||||
|
excluded_collection_list = bindep_file_data(exclude_collections)
|
||||||
|
if excluded_collection_list:
|
||||||
|
retval['excluded_collections'] = excluded_collection_list
|
||||||
|
|
||||||
|
return retval
|
||||||
|
|
||||||
|
|
||||||
|
def has_content(candidate_file):
|
||||||
|
"""Beyond checking that the candidate exists, this also assures
|
||||||
|
that the file has something other than whitespace,
|
||||||
|
which can cause errors when given to pip.
|
||||||
|
"""
|
||||||
|
if not os.path.exists(candidate_file):
|
||||||
|
return False
|
||||||
|
with open(candidate_file, 'r') as f:
|
||||||
|
content = f.read()
|
||||||
|
return bool(content.strip().strip('\n'))
|
||||||
|
|
||||||
|
|
||||||
|
def strip_comments(reqs: dict[str, list]) -> dict[str, list]:
|
||||||
|
"""
|
||||||
|
Filter any comments out of the Python collection requirements input.
|
||||||
|
|
||||||
|
:param dict reqs: A dict of Python requirements, keyed by collection name.
|
||||||
|
|
||||||
|
:return: Same as the input parameter, except with no comment lines.
|
||||||
|
"""
|
||||||
|
result: dict[str, list] = {}
|
||||||
|
for collection, lines in reqs.items():
|
||||||
|
for line in lines:
|
||||||
|
# strip comments
|
||||||
|
if (base_line := COMMENT_RE.sub('', line.strip())):
|
||||||
|
result.setdefault(collection, []).append(base_line)
|
||||||
|
|
||||||
|
return result
|
||||||
|
|
||||||
|
|
||||||
|
def should_be_excluded(value: str, exclusion_list: list[str]) -> bool:
|
||||||
|
"""
|
||||||
|
Test if `value` matches against any value in `exclusion_list`.
|
||||||
|
|
||||||
|
The exclusion_list values are either strings to be compared in a case-insensitive
|
||||||
|
manner against value, OR, they are regular expressions to be tested against the
|
||||||
|
value. A regular expression will contain '~' as the first character.
|
||||||
|
|
||||||
|
:return: True if the value should be excluded, False otherwise.
|
||||||
|
"""
|
||||||
|
for exclude_value in exclusion_list:
|
||||||
|
if exclude_value[0] == "~":
|
||||||
|
pattern = exclude_value[1:]
|
||||||
|
if re.fullmatch(pattern.lower(), value.lower()):
|
||||||
|
return True
|
||||||
|
elif exclude_value.lower() == value.lower():
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def filter_requirements(reqs: dict[str, list],
|
||||||
|
exclude: list[str] | None = None,
|
||||||
|
exclude_collections: list[str] | None = None,
|
||||||
|
is_python: bool = True) -> list[str]:
|
||||||
|
"""
|
||||||
|
Given a dictionary of Python requirement lines keyed off collections,
|
||||||
|
return a list of cleaned up (no source comments) requirements
|
||||||
|
annotated with comments indicating the sources based off the collection keys.
|
||||||
|
|
||||||
|
Currently, non-pep508 compliant Python entries are passed through. We also no
|
||||||
|
longer attempt to normalize names (replace '_' with '-', etc), other than
|
||||||
|
lowercasing it for exclusion matching, since we no longer are attempting
|
||||||
|
to combine similar entries.
|
||||||
|
|
||||||
|
:param dict reqs: A dict of either Python or system requirements, keyed by collection name.
|
||||||
|
:param list exclude: A list of requirements to be excluded from the output.
|
||||||
|
:param list exclude_collections: A list of collection names from which to exclude all requirements.
|
||||||
|
:param bool is_python: This should be set to True for Python requirements, as each
|
||||||
|
will be tested for PEP508 compliance. This should be set to False for system requirements.
|
||||||
|
|
||||||
|
:return: A list of filtered and annotated requirements.
|
||||||
|
"""
|
||||||
|
exclusions: list[str] = []
|
||||||
|
collection_ignore_list: list[str] = []
|
||||||
|
|
||||||
|
if exclude:
|
||||||
|
exclusions = exclude.copy()
|
||||||
|
if exclude_collections:
|
||||||
|
collection_ignore_list = exclude_collections.copy()
|
||||||
|
|
||||||
|
annotated_lines: list[str] = []
|
||||||
|
uncommented_reqs = strip_comments(reqs)
|
||||||
|
|
||||||
|
for collection, lines in uncommented_reqs.items():
|
||||||
|
# Bypass this collection if we've been told to ignore all requirements from it.
|
||||||
|
if should_be_excluded(collection, collection_ignore_list):
|
||||||
|
logger.debug("# Excluding all requirements from collection '%s'", collection)
|
||||||
|
continue
|
||||||
|
|
||||||
|
for line in lines:
|
||||||
|
# Determine the simple name based on type of requirement
|
||||||
|
if is_python:
|
||||||
|
try:
|
||||||
|
parsed_req = Requirement(line)
|
||||||
|
name = parsed_req.name
|
||||||
|
except InvalidRequirement:
|
||||||
|
logger.warning(
|
||||||
|
"Passing through non-PEP508 compliant line '%s' from collection '%s'",
|
||||||
|
line, collection
|
||||||
|
)
|
||||||
|
annotated_lines.append(line) # We intentionally won't annotate these lines (multi-line?)
|
||||||
|
continue
|
||||||
|
else:
|
||||||
|
# bindep system requirements have the package name as the first "word" on the line
|
||||||
|
name = line.split(maxsplit=1)[0]
|
||||||
|
|
||||||
|
if collection.lower() not in {'user', 'exclude'}:
|
||||||
|
lower_name = name.lower()
|
||||||
|
|
||||||
|
if lower_name in EXCLUDE_REQUIREMENTS:
|
||||||
|
logger.debug("# Excluding requirement '%s' from '%s'", name, collection)
|
||||||
|
continue
|
||||||
|
|
||||||
|
if should_be_excluded(lower_name, exclusions):
|
||||||
|
logger.debug("# Explicitly excluding requirement '%s' from '%s'", name, collection)
|
||||||
|
continue
|
||||||
|
|
||||||
|
annotated_lines.append(f'{line} # from collection {collection}')
|
||||||
|
|
||||||
|
return annotated_lines
|
||||||
|
|
||||||
|
|
||||||
|
def parse_args(args=None):
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser(
|
||||||
|
prog='introspect',
|
||||||
|
description=(
|
||||||
|
'ansible-builder introspection; injected and used during execution environment build'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
subparsers = parser.add_subparsers(
|
||||||
|
help='The command to invoke.',
|
||||||
|
dest='action',
|
||||||
|
required=True,
|
||||||
|
)
|
||||||
|
|
||||||
|
create_introspect_parser(subparsers)
|
||||||
|
|
||||||
|
return parser.parse_args(args)
|
||||||
|
|
||||||
|
|
||||||
|
def run_introspect(args, log):
|
||||||
|
data = process(args.folder,
|
||||||
|
user_pip=args.user_pip,
|
||||||
|
user_bindep=args.user_bindep,
|
||||||
|
exclude_pip=args.exclude_pip,
|
||||||
|
exclude_bindep=args.exclude_bindep,
|
||||||
|
exclude_collections=args.exclude_collections)
|
||||||
|
log.info('# Dependency data for %s', args.folder)
|
||||||
|
|
||||||
|
excluded_collections = data.pop('excluded_collections', None)
|
||||||
|
|
||||||
|
data['python'] = filter_requirements(
|
||||||
|
data['python'],
|
||||||
|
exclude=data['python'].pop('exclude', []),
|
||||||
|
exclude_collections=excluded_collections,
|
||||||
|
)
|
||||||
|
|
||||||
|
data['system'] = filter_requirements(
|
||||||
|
data['system'],
|
||||||
|
exclude=data['system'].pop('exclude', []),
|
||||||
|
exclude_collections=excluded_collections,
|
||||||
|
is_python=False
|
||||||
|
)
|
||||||
|
|
||||||
|
print('---')
|
||||||
|
print(yaml.dump(data, default_flow_style=False))
|
||||||
|
|
||||||
|
if args.write_pip and data.get('python'):
|
||||||
|
write_file(args.write_pip, data.get('python') + [''])
|
||||||
|
if args.write_bindep and data.get('system'):
|
||||||
|
write_file(args.write_bindep, data.get('system') + [''])
|
||||||
|
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
|
||||||
|
def create_introspect_parser(parser):
|
||||||
|
introspect_parser = parser.add_parser(
|
||||||
|
'introspect',
|
||||||
|
help='Introspects collections in folder.',
|
||||||
|
description=(
|
||||||
|
'Loops over collections in folder and returns data about dependencies. '
|
||||||
|
'This is used internally and exposed here for verification. '
|
||||||
|
'This is targeted toward collection authors and maintainers.'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
introspect_parser.add_argument('--sanitize', action='store_true',
|
||||||
|
help=argparse.SUPPRESS)
|
||||||
|
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'folder', default=BASE_COLLECTIONS_PATH, nargs='?',
|
||||||
|
help=(
|
||||||
|
'Ansible collections path(s) to introspect. '
|
||||||
|
'This should have a folder named ansible_collections inside of it.'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'--user-pip', dest='user_pip',
|
||||||
|
help='An additional file to combine with collection pip requirements.'
|
||||||
|
)
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'--user-bindep', dest='user_bindep',
|
||||||
|
help='An additional file to combine with collection bindep requirements.'
|
||||||
|
)
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'--exclude-bindep-reqs', dest='exclude_bindep',
|
||||||
|
help='An additional file to exclude specific bindep requirements from collections.'
|
||||||
|
)
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'--exclude-pip-reqs', dest='exclude_pip',
|
||||||
|
help='An additional file to exclude specific pip requirements from collections.'
|
||||||
|
)
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'--exclude-collection-reqs', dest='exclude_collections',
|
||||||
|
help='An additional file to exclude all requirements from the listed collections.'
|
||||||
|
)
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'--write-pip', dest='write_pip',
|
||||||
|
help='Write the combined pip requirements file to this location.'
|
||||||
|
)
|
||||||
|
introspect_parser.add_argument(
|
||||||
|
'--write-bindep', dest='write_bindep',
|
||||||
|
help='Write the combined bindep requirements file to this location.'
|
||||||
|
)
|
||||||
|
|
||||||
|
return introspect_parser
|
||||||
|
|
||||||
|
|
||||||
|
def write_file(filename: str, lines: list) -> bool:
|
||||||
|
parent_dir = os.path.dirname(filename)
|
||||||
|
if parent_dir and not os.path.exists(parent_dir):
|
||||||
|
logger.warning('Creating parent directory for %s', filename)
|
||||||
|
os.makedirs(parent_dir)
|
||||||
|
new_text = '\n'.join(lines)
|
||||||
|
if os.path.exists(filename):
|
||||||
|
with open(filename, 'r') as f:
|
||||||
|
if f.read() == new_text:
|
||||||
|
logger.debug("File %s is already up-to-date.", filename)
|
||||||
|
return False
|
||||||
|
logger.warning('File %s had modifications and will be rewritten', filename)
|
||||||
|
with open(filename, 'w') as f:
|
||||||
|
f.write(new_text)
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
args = parse_args()
|
||||||
|
|
||||||
|
if args.action == 'introspect':
|
||||||
|
run_introspect(args, logger)
|
||||||
|
|
||||||
|
logger.error("An error has occurred.")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
|
@ -0,0 +1,56 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Copyright (c) 2024 Red Hat, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
# implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
#####################################################################
|
||||||
|
# Script to encapsulate pip installation.
|
||||||
|
#
|
||||||
|
# Usage: pip_install <PYCMD>
|
||||||
|
#
|
||||||
|
# Options:
|
||||||
|
# PYCMD - The path to the python executable to use.
|
||||||
|
#####################################################################
|
||||||
|
|
||||||
|
set -x
|
||||||
|
|
||||||
|
PYCMD=$1
|
||||||
|
|
||||||
|
if [ -z "$PYCMD" ]
|
||||||
|
then
|
||||||
|
echo "Usage: pip_install <PYCMD>"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -x "$PYCMD" ]
|
||||||
|
then
|
||||||
|
echo "$PYCMD is not an executable"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# This is going to be our default functionality for now. This will likely
|
||||||
|
# need to change if we add support for non-RHEL distros.
|
||||||
|
$PYCMD -m ensurepip --root /
|
||||||
|
|
||||||
|
if [ $? -ne 0 ]
|
||||||
|
then
|
||||||
|
cat<<EOF
|
||||||
|
**********************************************************************
|
||||||
|
ERROR - pip installation failed for Python $PYCMD
|
||||||
|
**********************************************************************
|
||||||
|
EOF
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
|
@ -0,0 +1,33 @@
|
||||||
|
version: 3
|
||||||
|
images:
|
||||||
|
base_image:
|
||||||
|
name: quay.io/centos/centos:stream9
|
||||||
|
dependencies:
|
||||||
|
python: requirements.txt
|
||||||
|
galaxy: collections/requirements.yml
|
||||||
|
python_interpreter:
|
||||||
|
package_system: python3.12
|
||||||
|
python_path: /usr/bin/python3.12
|
||||||
|
ansible_core:
|
||||||
|
package_pip: ansible-core>=2.17.0
|
||||||
|
ansible_runner:
|
||||||
|
package_pip: ansible-runner==2.4.0
|
||||||
|
system: |
|
||||||
|
git-core [platform:rpm]
|
||||||
|
python3.11-devel [platform:rpm compile]
|
||||||
|
libcurl-devel [platform:rpm compile]
|
||||||
|
krb5-devel [platform:rpm compile]
|
||||||
|
krb5-workstation [platform:rpm]
|
||||||
|
subversion [platform:rpm]
|
||||||
|
subversion [platform:dpkg]
|
||||||
|
git-lfs [platform:rpm]
|
||||||
|
sshpass [platform:rpm]
|
||||||
|
rsync [platform:rpm]
|
||||||
|
epel-release [platform:rpm]
|
||||||
|
unzip [platform:rpm]
|
||||||
|
podman-remote [platform:rpm]
|
||||||
|
cmake [platform:rpm compile]
|
||||||
|
gcc [platform:rpm compile]
|
||||||
|
gcc-c++ [platform:rpm compile]
|
||||||
|
make [platform:rpm compile]
|
||||||
|
openssl-devel [platform:rpm compile]
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'cephtest01'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: cephtest01.lab.verdnatura.es cephtest01
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.verdnatura.es
|
|
||||||
search_name: lab.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'cephtest02'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: cephtest02.lab.verdnatura.es cephtest02
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.verdnatura.es
|
|
||||||
search_name: lab.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'cephtest03'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: cephtest03.lab.verdnatura.es cephtest03
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.verdnatura.es
|
|
||||||
search_name: lab.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
|
@ -1,43 +0,0 @@
|
||||||
---
|
|
||||||
bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
||||||
# EXAMPLE
|
|
||||||
# bantime: "604800"
|
|
||||||
# maxretry: "4"
|
|
||||||
# findtime: "604800"
|
|
||||||
# jails:
|
|
||||||
#- name: NAME-FILTER(list -> /etc/fail2ban/filter.d/somefilenamefilter) - (first JAIL SSH)
|
|
||||||
# enabled: true
|
|
||||||
# filter: somefilenamefilter
|
|
||||||
# logpath: /var/log/logofserviceauths
|
|
||||||
# port: ['nameofservice', 'PORTNUMBEROFSERVICE']
|
|
||||||
# maxretry: 4 # max retry to auth
|
|
||||||
# bantime: 604800 # 1week bantime in seconds
|
|
||||||
# findtime: 604800 # 1week time finding source-host auth
|
|
||||||
# action: "%(action_mwl)s"
|
|
||||||
#- name: NAME-FILTER(list -> /etc/fail2ban/filter.d/somefilenamefilter) - (second JAIL otherService)
|
|
||||||
# enabled: true
|
|
||||||
# filter: somefilenamefilter
|
|
||||||
# logpath: /var/log/logofserviceauths
|
|
||||||
# port: ['nameofservice', 'PORTNUMBEROFSERVICE']
|
|
||||||
# maxretry: 4 # max retry to auth
|
|
||||||
# bantime: 604800 # 1week bantime in seconds
|
|
||||||
# findtime: 604800 # 1week time finding source-host auth
|
|
||||||
# banaction: NAME-ACTION(list -> /etc/fail2ban/action.d/somefilenameaction)
|
|
||||||
# action: "%(action_mwl)s"
|
|
||||||
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
||||||
# 31536000 ; year
|
|
||||||
# 18144000 ; 30days
|
|
||||||
# 604800 ; 1 week
|
|
||||||
# 86400 ; 1 day
|
|
||||||
# 3600 ; 1 hour
|
|
||||||
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'vn-debian-test'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: vn-debian-test.lab.verdnatura.es vn-debian-test
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.verdnatura.es
|
|
||||||
search_name: lab.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'ejemplo'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
#autofs_homes_enabled: True
|
|
||||||
autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'freeradius-playbook'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: freeradius-playbook.lab.verdnatura.es freeradius-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.verdnatura.es
|
|
||||||
search_name: lab.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'freeradiustotp'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: freeradiustotp.servers.dc.verdnatura.es freeradiustotp
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: verdnatura.es
|
|
||||||
search_name: verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
fail2ban_enabled: True
|
|
||||||
#fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
#autofs_homes_enabled: True
|
|
||||||
autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'iventoy-test'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: iventoy-test.lab.verdnatura.es iventoy-test
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.verdnatura.es
|
|
||||||
search_name: lab.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'iventoy'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: iventoy.servers.dc.verdnatura.es iventoy
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: dc.verdnatura.es
|
|
||||||
search_name: dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,13 +0,0 @@
|
||||||
---
|
|
||||||
bantime: "10m"
|
|
||||||
maxretry: "10"
|
|
||||||
findtime: "10m"
|
|
||||||
jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
filter: sshd
|
|
||||||
logpath: /var/log/auth.log
|
|
||||||
port: ['ssh', '22']
|
|
||||||
maxretry: 10
|
|
||||||
bantime: 10m
|
|
||||||
findtime: 10m
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'kube-master1'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'kube-master2'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'kube-master3'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'kube-worker1'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'kube-worker2'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'kube-worker3'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'kube-worker4'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'kubelab-proxy1'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: kubelab-proxy1.lab.verdnatura.es kubelab-proxy1
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.verdnatura.es
|
|
||||||
search_name: lab.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
fail2ban_times:
|
|
||||||
bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
|
@ -1,137 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'nagiosql-db'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: nagiosql-db.verdnatura.es nagiosql-db
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
# ES UN CT , NO ES NECESARIO
|
|
||||||
#secure-grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
# ES UN CT , NO ES NECESARIO
|
|
||||||
#hot-plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
fail2ban_enabled: True
|
|
||||||
#fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
nagios_nrpe_enabled: True
|
|
||||||
#nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
# ES UN CT , NO ES NECESARIO
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
# NO ESTA TESTEADO
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'pbx'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: pbx pbx.verdnatura.es pbx.static.verdnatura.es pbx.servers.dc.verdnatura.es
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: verdnatura.es
|
|
||||||
search_name: verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'swarm-mgr1'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'swarm-mgr2'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'swarm-mgr3'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'swarm-worker1'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'swarm-worker2'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'swarm-worker3'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'swarm-worker4'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root-user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'test-playbook'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay-host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized-auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure-grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim-options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot-plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo-vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios-nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server-type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
#autofs-homes_enabled: True
|
|
||||||
autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
zabbix_agent_enabled: True
|
|
||||||
#zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'time1'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 10.0.1.87
|
|
||||||
name: time1.verdnatura.es time1
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: verdnatura.es
|
|
||||||
search_name: verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
#root_user_enabled: True
|
|
||||||
root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
#hostname_enabled: True
|
|
||||||
hostname_enabled: False
|
|
||||||
hostname: 'time2'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
#hosts_enabled: True
|
|
||||||
hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: test-playbook.lab.dc.verdnatura.es test-playbook
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
#resolv_enabled: True
|
|
||||||
resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
#update_enabled: True
|
|
||||||
update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
#packages_enabled: True
|
|
||||||
packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
#relay_host_enabled: True
|
|
||||||
relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
#centralized_auth_enabled: True
|
|
||||||
centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
#sudoers_enabled: True
|
|
||||||
sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
#vim_options_enabled: True
|
|
||||||
vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
#motd_enabled: True
|
|
||||||
motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
#hot_plug_enabled: True
|
|
||||||
hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
#locales_enabled: True
|
|
||||||
locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
#tzdata_enabled: True
|
|
||||||
tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
#repo_vn_enabled: True
|
|
||||||
repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
#fail2ban_enabled: True
|
|
||||||
fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
#server_type_enabled: True
|
|
||||||
server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
#ntp_enabled: True
|
|
||||||
ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'zabbix-frontend-web'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: zabbix-frontend-web.lab.dc.verdnatura.es zabbix-frontend-web
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
fail2ban_enabled: True
|
|
||||||
#fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
|
@ -1,133 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
### ROOT-USER ###############################################################
|
|
||||||
root_user_enabled: True
|
|
||||||
#root_user_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTNAME ################################################################
|
|
||||||
hostname_enabled: True
|
|
||||||
#hostname_enabled: False
|
|
||||||
hostname: 'zabbix-server-db'
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOSTS ###################################################################
|
|
||||||
hosts_enabled: True
|
|
||||||
#hosts_enabled: False
|
|
||||||
hosts:
|
|
||||||
- ip: 127.0.0.1
|
|
||||||
name: localhost
|
|
||||||
- ip: 127.0.1.1
|
|
||||||
name: zabbix-server-db.lab.dc.verdnatura.es zabbix-server-db
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RESOLV ##################################################################
|
|
||||||
resolv_enabled: True
|
|
||||||
#resolv_enabled: False
|
|
||||||
domain_name: lab.dc.verdnatura.es
|
|
||||||
search_name: lab.dc.verdnatura.es
|
|
||||||
resolvs:
|
|
||||||
- ip: 10.0.0.4
|
|
||||||
- ip: 10.0.0.5
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### UPDATE ##################################################################
|
|
||||||
update_enabled: True
|
|
||||||
#update_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### INSTALL PACKAGES ########################################################
|
|
||||||
packages_enabled: True
|
|
||||||
#packages_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### RELAY HOST SMTP #########################################################
|
|
||||||
relay_host_enabled: True
|
|
||||||
#relay_host_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### CENTRALIZED AUTH ########################################################
|
|
||||||
centralized_auth_enabled: True
|
|
||||||
#centralized_auth_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SUDOERS #################################################################
|
|
||||||
sudoers_enabled: True
|
|
||||||
#sudoers_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SECURE GRUB #############################################################
|
|
||||||
#secure_grub_enabled: True
|
|
||||||
secure_grub_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### VIM OPTIONS #############################################################
|
|
||||||
vim_options_enabled: True
|
|
||||||
#vim_options_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### MOTD ####################################################################
|
|
||||||
motd_enabled: True
|
|
||||||
#motd_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### HOT PLUG ################################################################
|
|
||||||
hot_plug_enabled: True
|
|
||||||
#hot_plug_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### LOCALES #################################################################
|
|
||||||
locales_enabled: True
|
|
||||||
#locales_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### TZDATA ##################################################################
|
|
||||||
tzdata_enabled: True
|
|
||||||
#tzdata_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### REPO VN #################################################################
|
|
||||||
repo_vn_enabled: True
|
|
||||||
#repo_vn_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### FAIL2BAN ################################################################
|
|
||||||
fail2ban_enabled: True
|
|
||||||
#fail2ban_enabled: False
|
|
||||||
fail2ban_times:
|
|
||||||
- bantime: "604800"
|
|
||||||
maxretry: "4"
|
|
||||||
findtime: "604800"
|
|
||||||
fail2ban_jails:
|
|
||||||
- name: sshd
|
|
||||||
enabled: true
|
|
||||||
port: ['22']
|
|
||||||
filter: sshd
|
|
||||||
logpath: "%(sshd_log)s"
|
|
||||||
backend: "%(sshd_backend)s"
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NAGIOS NRPE #############################################################
|
|
||||||
#nagios_nrpe_enabled: True
|
|
||||||
nagios_nrpe_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### SERVER TYPE #############################################################
|
|
||||||
server_type_enabled: True
|
|
||||||
#server_type_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### NTP #####################################################################
|
|
||||||
ntp_enabled: True
|
|
||||||
#ntp_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### AUTOFS HOMES ############################################################
|
|
||||||
autofs_homes_enabled: True
|
|
||||||
#autofs_homes_enabled: False
|
|
||||||
#############################################################################
|
|
||||||
|
|
||||||
### ZABBIX AGENT ############################################################
|
|
||||||
#zabbix_agent_enabled: True
|
|
||||||
zabbix_agent_enabled: False
|
|
||||||
#############################################################################
|
|
168
hosts
168
hosts
|
@ -1,168 +0,0 @@
|
||||||
[servers]
|
|
||||||
|
|
||||||
dhcp1 ansible_host=dhcp1.servers.dc.verdnatura.es
|
|
||||||
dhcp2 ansible_host=dhcp2.servers.dc.verdnatura.es
|
|
||||||
ns1 ansible_host=ns1.verdnatura.es
|
|
||||||
ns2 ansible_host=ns2.verdnatura.es
|
|
||||||
smtp ansible_host=smtp.verdnatura.es
|
|
||||||
mailgw1 ansible_host=mailgw1.verdnatura.es
|
|
||||||
mailgw2 ansible_host=mailgw2.verdnatura.es
|
|
||||||
mail2 ansible_host=mail2.verdnatura.es
|
|
||||||
postfixadmin ansible_host=postfixadmin.verdnatura.es
|
|
||||||
postfix ansible_host=postfix.servers.dc.verdnatura.es
|
|
||||||
time1 ansible_host=time1.verdnatura.es
|
|
||||||
time2 ansible_host=time2.verdnatura.es
|
|
||||||
pbx ansible_host=pbx.servers.dc.verdnatura.es
|
|
||||||
homes ansible_host=homes.servers.dc.verdnatura.es
|
|
||||||
server ansible_host=server.servers.dc.verdnatura.es
|
|
||||||
mail ansible_host=mail.static.verdnatura.es
|
|
||||||
vpn ansible_host=vpn.servers.dc.verdnatura.es
|
|
||||||
cacti ansible_host=cacti.verdnatura.es
|
|
||||||
logger ansible_host=logger.servers.dc.verdnatura.es
|
|
||||||
nagios ansible_host=nagios.verdnatura.es
|
|
||||||
nagiosql-db ansible_host=nagiosql-db.verdnatura.es
|
|
||||||
doku ansible_host=doku.verdnatura.es
|
|
||||||
unifi ansible_host=unifi.verdnatura.es
|
|
||||||
ubd ansible_host=ubd.verdnatura.es
|
|
||||||
opera ansible_host=opera.verdnatura.es
|
|
||||||
dc1 ansible_host=dc1.servers.dc.verdnatura.es
|
|
||||||
dc2 ansible_host=dc2.servers.dc.verdnatura.es
|
|
||||||
ldap-proxy1 ansible_host=ldap-proxy1.servers.dc.verdnatura.es
|
|
||||||
ldap-proxy2 ansible_host=ldap-proxy2.servers.dc.verdnatura.es
|
|
||||||
ldap1 ansible_host=ldap1.servers.dc.verdnatura.es
|
|
||||||
ldap2 ansible_host=ldap2.servers.dc.verdnatura.es
|
|
||||||
ldap3 ansible_host=ldap3.servers.dc.verdnatura.es
|
|
||||||
ldapweb ansible_host=ldapweb.verdnatura.es
|
|
||||||
db1 ansible_host=db1.servers.dc.verdnatura.es
|
|
||||||
db2 ansible_host=db2.servers.dc.verdnatura.es
|
|
||||||
db-proxy1 ansible_host=db-proxy1.servers.dc.verdnatura.es
|
|
||||||
db-proxy2 ansible_host=db-proxy2.servers.dc.verdnatura.es
|
|
||||||
db-proxy-vip1 ansible_host=db-proxy-vip1.verdnatura.es
|
|
||||||
db-proxy-vip2 ansible_host=db-proxy-vip2.verdnatura.es
|
|
||||||
test-db1 ansible_host=test-db1.servers.dc.verdnatura.es
|
|
||||||
test-db-proxy1 ansible_host=test-db-proxy1.servers.dc.verdnatura.es
|
|
||||||
test-db-proxy2 ansible_host=test-db-proxy2.servers.dc.verdnatura.es
|
|
||||||
monthly-db ansible_host=monthly-db.servers.dc.verdnatura.es
|
|
||||||
dev-db ansible_host=dev-db.servers.dc.verdnatura.es
|
|
||||||
test-db-vip1 ansible_host=test-db-vip1.verdnatura.es
|
|
||||||
test-db-vip2 ansible_host=test-db-vip2.verdnatura.es
|
|
||||||
asterisk ansible_host=asterisk.verdnatura.es
|
|
||||||
train ansible_host=train.verdnatura.es
|
|
||||||
tftp ansible_host=tftp.backup.dc.verdnatura.es
|
|
||||||
core-agent ansible_host=core-agent.static.verdnatura.es
|
|
||||||
core-proxy ansible_host=core-proxy.static.verdnatura.es
|
|
||||||
spamd-db ansible_host=spamd-db.servers.dc.verdnatura.es
|
|
||||||
spamd ansible_host=spamd.servers.dc.verdnatura.es
|
|
||||||
dovecot ansible_host=dovecot.servers.dc.verdnatura.es
|
|
||||||
debian12-vm ansible_host=debian12-vm.servers.dc.verdnatura.es
|
|
||||||
freeradiustotp ansible_host=freeradiustotp.servers.dc.verdnatura.es
|
|
||||||
iventoy ansible_host=iventoy.servers.dc.verdnatura.es
|
|
||||||
|
|
||||||
[devices]
|
|
||||||
|
|
||||||
nas2 ansible_host=nas2.servers.dc.verdnatura.es
|
|
||||||
|
|
||||||
[windows]
|
|
||||||
|
|
||||||
a3 ansible_host=a3.static.verdnatura.es
|
|
||||||
adwindows ansible_host=adwindows.servers.dc.verdnatura.es
|
|
||||||
franceexpress ansible_host=franceexpress.servers.dc.verdnatura.es
|
|
||||||
contaplus ansible_host=contaplus.static.verdnatura.es
|
|
||||||
rdswebbbdd ansible_host=rdswebbbdd.servers.dc.verdnatura.es
|
|
||||||
dipole ansible_host=dipole.static.verdnatura.es
|
|
||||||
printserver ansible_host=printserver.servers.dc.verdnatura.es
|
|
||||||
sage ansible_host=sage.static.verdnatura.es
|
|
||||||
mrw ansible_host=mrw.servers.dc.verdnatura.es
|
|
||||||
bt1 ansible_host=bt1.servers.dc.verdnatura.es
|
|
||||||
bt2 ansible_host=bt2.servers.dc.verdnatura.es
|
|
||||||
rds-licenses ansible_host=rds-licenses.servers.dc.verdnatura.es
|
|
||||||
integra2 ansible_host=integra2.servers.dc.verdnatura.es
|
|
||||||
docuware ansible_host=docuware.static.verdnatura.es
|
|
||||||
logiflora ansible_host=logiflora.static.verdnatura.es
|
|
||||||
wac ansible_host=wac.servers.dc.verdnatura.es
|
|
||||||
|
|
||||||
[backup]
|
|
||||||
|
|
||||||
vm-backup ansible_host=vm-backup.backup.dc.verdnatura.es
|
|
||||||
kube-backup ansible_host=kube-backup.backup.dc.verdnatura.es
|
|
||||||
backup-san ansible_host=backup-san.backup.dc.verdnatura.es
|
|
||||||
backup-nas ansible_host=backup-nas.backup.dc.verdnatura.es
|
|
||||||
bacularis ansible_host=bacularis.backup.dc.verdnatura.es
|
|
||||||
bacula-dir ansible_host=bacula-dir.backup.dc.verdnatura.es
|
|
||||||
bacula-db ansible_host=bacula-db.backup.dc.verdnatura.es
|
|
||||||
|
|
||||||
[core]
|
|
||||||
|
|
||||||
mox1 ansible_host=mox1.verdnatura.es
|
|
||||||
mox2 ansible_host=mox2.verdnatura.es
|
|
||||||
mox3 ansible_host=mox3.verdnatura.es
|
|
||||||
mox4 ansible_host=mox4.verdnatura.es
|
|
||||||
mox5 ansible_host=mox5.verdnatura.es
|
|
||||||
|
|
||||||
[ilo]
|
|
||||||
|
|
||||||
mox1-ilo ansible_host=mox1-ilo.verdnatura.es
|
|
||||||
mox2-ilo ansible_host=mox2-ilo.verdnatura.es
|
|
||||||
mox3-ilo ansible_host=mox3-ilo.verdnatura.es
|
|
||||||
mox4-ilo ansible_host=mox4-ilo.verdnatura.es
|
|
||||||
mox5-ilo ansible_host=mox5-ilo.verdnatura.es
|
|
||||||
ve3-ilo ansible_host=ve3-ilo.verdnatura.es
|
|
||||||
ve4-ilo ansible_host=ve4-ilo.verdnatura.es
|
|
||||||
ve5-ilo ansible_host=ve5-ilo.verdnatura.es
|
|
||||||
|
|
||||||
[kubernetes]
|
|
||||||
|
|
||||||
kube-master1 ansible_host=kube-master1.servers.dc.verdnatura.es
|
|
||||||
kube-master2 ansible_host=kube-master2.servers.dc.verdnatura.es
|
|
||||||
kube-master3 ansible_host=kube-master3.servers.dc.verdnatura.es
|
|
||||||
kube-worker1 ansible_host=kube-worker1.servers.dc.verdnatura.es
|
|
||||||
kube-worker2 ansible_host=kube-worker2.servers.dc.verdnatura.es
|
|
||||||
kube-worker3 ansible_host=kube-worker3.servers.dc.verdnatura.es
|
|
||||||
kube-worker4 ansible_host=kube-worker4.servers.dc.verdnatura.es
|
|
||||||
kube-proxy1 ansible_host=kube-proxy1.servers.dc.verdnatura.es
|
|
||||||
kube-proxy2 ansible_host=kube-proxy2.servers.dc.verdnatura.es
|
|
||||||
kube-helm ansible_host=kube-helm.servers.dc.verdnatura.es
|
|
||||||
kube-proxy-vip1 ansible_host=kube-proxy-vip1.verdnatura.es
|
|
||||||
kube-proxy-vip2 ansible_host=kube-proxy-vip2.verdnatura.es
|
|
||||||
|
|
||||||
[swarm]
|
|
||||||
|
|
||||||
swarm-mgr1 ansible_host=swarm-mgr1.servers.dc.verdnatura.es
|
|
||||||
swarm-mgr2 ansible_host=swarm-mgr2.servers.dc.verdnatura.es
|
|
||||||
swarm-mgr3 ansible_host=swarm-mgr3.servers.dc.verdnatura.es
|
|
||||||
swarm-worker1 ansible_host=swarm-worker1.servers.dc.verdnatura.es
|
|
||||||
swarm-worker2 ansible_host=swarm-worker2.servers.dc.verdnatura.es
|
|
||||||
swarm-worker3 ansible_host=swarm-worker3.servers.dc.verdnatura.es
|
|
||||||
swarm-worker4 ansible_host=swarm-worker4.servers.dc.verdnatura.es
|
|
||||||
swarm-proxy1 ansible_host=swarm-proxy1.servers.dc.verdnatura.es
|
|
||||||
swarm-proxy2 ansible_host=swarm-proxy2.servers.dc.verdnatura.es
|
|
||||||
|
|
||||||
[vmware]
|
|
||||||
|
|
||||||
ve3 ansible_host=ve3.verdnatura.es
|
|
||||||
ve4 ansible_host=ve4.verdnatura.es
|
|
||||||
ve5 ansible_host=ve5.verdnatura.es
|
|
||||||
vcenter ansible_host=vcenter.verdnatura.es
|
|
||||||
|
|
||||||
[test]
|
|
||||||
|
|
||||||
W2019 ansible_host=10.1.5.224
|
|
||||||
graphite ansible_host=graphite.lab.verdnatura.es
|
|
||||||
metric1 ansible_host=metric1.lab.verdnatura.es
|
|
||||||
plantilladebian12 ansible_host=plantilladebian12.lab.verdnatura.es
|
|
||||||
docker-test ansible_host=docker-test.lab.verdnatura.es
|
|
||||||
nagios4-test ansible_host=nagios4-test.lab.verdnatura.es
|
|
||||||
nagios4-test2 ansible_host=nagios4-test2.lab.verdnatura.es
|
|
||||||
cephtest01 ansible_host=cephtest01.lab.verdnatura.es
|
|
||||||
cephtest02 ansible_host=cephtest02.lab.verdnatura.es
|
|
||||||
cephtest03 ansible_host=cephtest03.lab.verdnatura.es
|
|
||||||
core-proxytest ansible_host=core-proxytest.lab.verdnatura.es
|
|
||||||
openldap-test ansible_host=openldap-test.lab.verdnatura.es
|
|
||||||
test-playbook ansible_host=test-playbook.lab.verdnatura.es
|
|
||||||
zabbix-frontend-web ansible_host=zabbix-frontend-web.lab.verdnatura.es
|
|
||||||
zabbix-server-db ansible_host=zabbix-server-db.lab.verdnatura.es
|
|
||||||
testansible ansible_host=10.29.6.79
|
|
||||||
freeradius-playbook ansible_host=freeradius-playbook.lab.verdnatura.es
|
|
||||||
debian-vn-test ansible_host=debian-vn-test.lab.verdnatura.es
|
|
||||||
iventoy-test ansible_host=iventoy-test.lab.verdnatura.es
|
|
||||||
kubelab-proxy1 ansible_host=kubelab-proxy1.lab.verdnatura.es
|
|
71
hosts2
71
hosts2
|
@ -1,71 +0,0 @@
|
||||||
[pcscomerciales]
|
|
||||||
|
|
||||||
pc120 ansible_host=pc120.algemesi.verdnatura.es
|
|
||||||
pc213 ansible_host=pc213.algemesi.verdnatura.es
|
|
||||||
pc227 ansible_host=pc227.algemesi.verdnatura.es
|
|
||||||
pc235 ansible_host=pc235.algemesi.verdnatura.es
|
|
||||||
pc237 ansible_host=pc237.algemesi.verdnatura.es
|
|
||||||
pc243 ansible_host=pc243.algemesi.verdnatura.es
|
|
||||||
pc278 ansible_host=pc278.algemesi.verdnatura.es
|
|
||||||
pc279 ansible_host=pc279.algemesi.verdnatura.es
|
|
||||||
pc281 ansible_host=pc281.algemesi.verdnatura.es
|
|
||||||
pc289 ansible_host=pc289.algemesi.verdnatura.es
|
|
||||||
pc290 ansible_host=pc290.algemesi.verdnatura.es
|
|
||||||
pc291 ansible_host=pc291.algemesi.verdnatura.es
|
|
||||||
pc300 ansible_host=pc300.algemesi.verdnatura.es
|
|
||||||
pc301 ansible_host=pc301.algemesi.verdnatura.es
|
|
||||||
pc302 ansible_host=pc302.algemesi.verdnatura.es
|
|
||||||
pc304 ansible_host=pc304.algemesi.verdnatura.es
|
|
||||||
pc305 ansible_host=pc305.algemesi.verdnatura.es
|
|
||||||
pc308 ansible_host=pc308.algemesi.verdnatura.es
|
|
||||||
pc311 ansible_host=pc311.algemesi.verdnatura.es
|
|
||||||
pc312 ansible_host=pc312.algemesi.verdnatura.es
|
|
||||||
pc313 ansible_host=pc313.algemesi.verdnatura.es
|
|
||||||
pc318 ansible_host=pc318.algemesi.verdnatura.es
|
|
||||||
pc328 ansible_host=pc328.algemesi.verdnatura.es
|
|
||||||
pc342 ansible_host=pc342.algemesi.verdnatura.es
|
|
||||||
pc344 ansible_host=pc344.algemesi.verdnatura.es
|
|
||||||
pc350 ansible_host=pc350.algemesi.verdnatura.es
|
|
||||||
pc356 ansible_host=pc356.algemesi.verdnatura.es
|
|
||||||
pc358 ansible_host=pc358.algemesi.verdnatura.es
|
|
||||||
pc367 ansible_host=pc367.algemesi.verdnatura.es
|
|
||||||
pc371 ansible_host=pc371.algemesi.verdnatura.es
|
|
||||||
pc372 ansible_host=pc372.algemesi.verdnatura.es
|
|
||||||
pc373 ansible_host=pc373.algemesi.verdnatura.es
|
|
||||||
pc377 ansible_host=pc377.algemesi.verdnatura.es
|
|
||||||
pc378 ansible_host=pc378.algemesi.verdnatura.es
|
|
||||||
pc381 ansible_host=pc381.algemesi.verdnatura.es
|
|
||||||
pc382 ansible_host=pc382.algemesi.verdnatura.es
|
|
||||||
pc383 ansible_host=pc383.algemesi.verdnatura.es
|
|
||||||
pc385 ansible_host=pc385.algemesi.verdnatura.es
|
|
||||||
pc386 ansible_host=pc386.algemesi.verdnatura.es
|
|
||||||
pc387 ansible_host=pc387.algemesi.verdnatura.es
|
|
||||||
pc388 ansible_host=pc388.algemesi.verdnatura.es
|
|
||||||
pc389 ansible_host=pc389.algemesi.verdnatura.es
|
|
||||||
pc390 ansible_host=pc390.algemesi.verdnatura.es
|
|
||||||
pc391 ansible_host=pc391.algemesi.verdnatura.es
|
|
||||||
pc392 ansible_host=pc392.algemesi.verdnatura.es
|
|
||||||
pc393 ansible_host=pc393.algemesi.verdnatura.es
|
|
||||||
pc396 ansible_host=pc396.algemesi.verdnatura.es
|
|
||||||
pc397 ansible_host=pc397.algemesi.verdnatura.es
|
|
||||||
pc409 ansible_host=pc409.algemesi.verdnatura.es
|
|
||||||
pc413 ansible_host=pc413.algemesi.verdnatura.es
|
|
||||||
pc415 ansible_host=pc415.algemesi.verdnatura.es
|
|
||||||
pc417 ansible_host=pc417.algemesi.verdnatura.es
|
|
||||||
pc426 ansible_host=pc426.algemesi.verdnatura.es
|
|
||||||
pc429 ansible_host=pc429.algemesi.verdnatura.es
|
|
||||||
pc431 ansible_host=pc431.algemesi.verdnatura.es
|
|
||||||
pc432 ansible_host=pc432.algemesi.verdnatura.es
|
|
||||||
pc440 ansible_host=pc440.algemesi.verdnatura.es
|
|
||||||
pc456 ansible_host=pc456.algemesi.verdnatura.es
|
|
||||||
pc457 ansible_host=pc457.algemesi.verdnatura.es
|
|
||||||
pc458 ansible_host=pc458.algemesi.verdnatura.es
|
|
||||||
pc459 ansible_host=pc459.algemesi.verdnatura.es
|
|
||||||
pc461 ansible_host=pc461.algemesi.verdnatura.es
|
|
||||||
pc463 ansible_host=pc463.algemesi.verdnatura.es
|
|
||||||
pc465 ansible_host=pc465.algemesi.verdnatura.es
|
|
||||||
pc466 ansible_host=pc466.algemesi.verdnatura.es
|
|
||||||
pc467 ansible_host=pc467.algemesi.verdnatura.es
|
|
||||||
pc468 ansible_host=pc468.algemesi.verdnatura.es
|
|
||||||
pc473 ansible_host=pc473.algemesi.verdnatura.es
|
|
||||||
pc476 ansible_host=pc476.algemesi.verdnatura.es
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
hostname_fqdn: "{{inventory_hostname_short}}.{{host_domain}}"
|
||||||
|
ansible_host: "{{hostname_fqdn}}"
|
||||||
|
passbolt: 'anatomicjc.passbolt.passbolt'
|
||||||
|
passbolt_inventory: 'anatomicjc.passbolt.passbolt_inventory'
|
||||||
|
sysadmin_mail: sysadmin@domain.local
|
||||||
|
sysadmin_group: sysadmin
|
||||||
|
smtp_server: smtp.domain.local
|
||||||
|
homes_server: homes.domain.local
|
||||||
|
nagios_server: nagios.domain.local
|
||||||
|
time_server: time1.domain.local time2.domain.local
|
||||||
|
main_dns_server: ns1.domain.local
|
||||||
|
ldap_uri: ldap://ldap.domain.local
|
||||||
|
ldap_base: dc=domain,dc=local
|
||||||
|
dc_net: "10.0.0.0/16"
|
||||||
|
resolvers:
|
||||||
|
- '8.8.8.8'
|
||||||
|
- '8.8.4.4'
|
||||||
|
awx_email: awx@domain.local
|
||||||
|
awx_pub_key: >
|
||||||
|
ssh-ed25519
|
||||||
|
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||||
|
awx@domain.local
|
||||||
|
passbolt_folder: 00000000-0000-0000-0000-000000000000
|
|
@ -0,0 +1,20 @@
|
||||||
|
[all:vars]
|
||||||
|
host_domain=domain.local
|
||||||
|
|
||||||
|
[pve:vars]
|
||||||
|
host_domain=core.domain.local
|
||||||
|
|
||||||
|
[ceph]
|
||||||
|
ceph[1:3]
|
||||||
|
|
||||||
|
[pve]
|
||||||
|
pve[1:5]
|
||||||
|
|
||||||
|
[infra:children]
|
||||||
|
ceph
|
||||||
|
pve
|
||||||
|
|
||||||
|
[servers]
|
||||||
|
server1 ansible_host=10.0.0.1
|
||||||
|
server1 ansible_host=10.0.0.2
|
||||||
|
server3 ansible_host=10.0.0.3
|
|
@ -1,162 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
# - name: "[CONFIG AWX-USER] Create awx user and config ssh-key"
|
|
||||||
# import_role:
|
|
||||||
# name: config-awx-user
|
|
||||||
# tags: config-awx-user_config
|
|
||||||
|
|
||||||
- name: "[CONFIG ROOT USER] Configure SSH root user"
|
|
||||||
import_role:
|
|
||||||
name: config-root-user
|
|
||||||
when: root_user_enabled is defined and root_user_enabled
|
|
||||||
tags: config-root-user_config
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTNAME] Configure hostname"
|
|
||||||
import_role:
|
|
||||||
name: config-hostname
|
|
||||||
when: hostname_enabled is defined and hostname_enabled
|
|
||||||
tags: config-hostname_config
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTS FILE] Configure hosts file"
|
|
||||||
import_role:
|
|
||||||
name: config-hosts
|
|
||||||
when: hosts_enabled is defined and hosts_enabled
|
|
||||||
tags: config-hosts_config_config
|
|
||||||
|
|
||||||
- name: "[CONFIG RESOLV FILE] Configure resolv file"
|
|
||||||
import_role:
|
|
||||||
name: config-resolv
|
|
||||||
when: resolv_enabled is defined and resolv_enabled
|
|
||||||
tags: config-resolv_config
|
|
||||||
|
|
||||||
# - name: "[CONFIG BASE DEBIAN OS] Configure debian os"
|
|
||||||
# import_role:
|
|
||||||
# name: config-base-debian-os
|
|
||||||
# tags: config-base-debian-os_config
|
|
||||||
|
|
||||||
- name: "[CONFIG UPDATE] Config update"
|
|
||||||
import_role:
|
|
||||||
name: config-update-and-upgrade-packages
|
|
||||||
when: update_enabled is defined and update_enabled
|
|
||||||
tags: config-update-and-upgrade-packages_config
|
|
||||||
|
|
||||||
- name: "[CONFIG INSTALL PACKAGES] Install packages"
|
|
||||||
import_role:
|
|
||||||
name: config-install-packages
|
|
||||||
when: packages_enabled is defined and packages_enabled
|
|
||||||
tags: config-install-packages_config
|
|
||||||
|
|
||||||
- name: "[CONFIG RELAYHOST SMTP] Config relayhost smtp"
|
|
||||||
import_role:
|
|
||||||
name: config-relayhost-smtp
|
|
||||||
when: relay_host_enabled is defined and relay_host_enabled
|
|
||||||
tags: config-relayhost-smtp_config
|
|
||||||
|
|
||||||
- name: "[CONFIG CENTRALIZED AUTH] Config centralized auth"
|
|
||||||
import_role:
|
|
||||||
name: config-centralized-auth
|
|
||||||
when: centralized_auth_enabled is defined and centralized_auth_enabled
|
|
||||||
tags: config-centralized-auth_config
|
|
||||||
|
|
||||||
- name: "[CONFIG SUDOERS] Config sudoers"
|
|
||||||
import_role:
|
|
||||||
name: config-sudoers
|
|
||||||
when: sudoers_enabled is defined and sudoers_enabled
|
|
||||||
tags: config-sudoers_config
|
|
||||||
|
|
||||||
# - name: "[CONFIG SECURE GRUB] configure secure grub"
|
|
||||||
# import_role:
|
|
||||||
# name: config-secure-grub
|
|
||||||
# when: secure_grub_enabled is defined and secure_grub_enabled
|
|
||||||
# tags: config-secure-grub_config
|
|
||||||
|
|
||||||
- name: "[CONFIG VIM OPTIONS] Config vim options"
|
|
||||||
import_role:
|
|
||||||
name: config-vim-options
|
|
||||||
when: vim_options_enabled is defined and vim_options_enabled
|
|
||||||
tags: config-vim-options_config
|
|
||||||
|
|
||||||
- name: "[CONFIG MOTD] Config motd"
|
|
||||||
import_role:
|
|
||||||
name: config-motd
|
|
||||||
when: motd_enabled is defined and motd_enabled
|
|
||||||
tags: config-motd_config
|
|
||||||
|
|
||||||
# - name: "[CONFIG HOT PLUG] Install and configure hot plug"
|
|
||||||
# import_role:
|
|
||||||
# name: config-hot-plug
|
|
||||||
# when: hot_plug_enabled is defined and hot_plug_enabled
|
|
||||||
# tags: config-hot-plug_config
|
|
||||||
|
|
||||||
- name: "[CONFIG LOCALES] Set locales"
|
|
||||||
import_role:
|
|
||||||
name: config-locales
|
|
||||||
when: locales_enabled is defined and locales_enabled
|
|
||||||
tags: config-locales_config
|
|
||||||
|
|
||||||
- name: "[CONFIG TZDATA] Set timezone"
|
|
||||||
import_role:
|
|
||||||
name: config-tzdata
|
|
||||||
when: tzdata_enabled is defined and tzdata_enabled
|
|
||||||
tags: config-tzdata_config
|
|
||||||
|
|
||||||
- name: "[CONFIG REPO VN] Add-repos-vn"
|
|
||||||
import_role:
|
|
||||||
name: config-repo-vn
|
|
||||||
when: repo_vn_enabled is defined and repo_vn_enabled
|
|
||||||
tags: config-repo-vn_config
|
|
||||||
|
|
||||||
- name: "[CONFIG FAIL2BAN] Install and configure fail2ban service"
|
|
||||||
import_role:
|
|
||||||
name: config-fail2ban
|
|
||||||
when: fail2ban_enabled is defined and fail2ban_enabled
|
|
||||||
tags: config-fail2ban_config
|
|
||||||
|
|
||||||
- name: "[CONFIG NAGIOS NRPE] Install and configure nagios nrpe service"
|
|
||||||
import_role:
|
|
||||||
name: config-nagios-nrpe
|
|
||||||
when: nagios_nrpe_enabled is defined and nagios_nrpe_enabled
|
|
||||||
tags: config-nagios-nrpe_config
|
|
||||||
|
|
||||||
# - name: "[CONFIG SERVER TYPE] Install guest side"
|
|
||||||
# import_role:
|
|
||||||
# name: config-server-type
|
|
||||||
# when: server_type_enabled is defined and server_type_enabled
|
|
||||||
# tags: config-server-type_config
|
|
||||||
|
|
||||||
# NO HACE FALTA , PROXMOX CT utiliza ntp client de proxmox
|
|
||||||
# - name: "[CONFIG NTP] Install and configure ntp"
|
|
||||||
# import_role:
|
|
||||||
# name: config-ntp
|
|
||||||
# when: ntp_enabled is defined and ntp_enabled
|
|
||||||
# tags: config-ntp_config
|
|
||||||
|
|
||||||
# - name: "[CONFIG AUTOFS HOMES] Install and configure AUTOFS HOMES"
|
|
||||||
# import_role:
|
|
||||||
# name: config-autofs-homes
|
|
||||||
# when: autofs_homes_enabled is defined and autofs_homes_enabled
|
|
||||||
# tags: config-autofs-homes_config
|
|
||||||
|
|
||||||
- name: "[CONFIG ZABBIX AGENT] Install and configure ZABBIX AGENT"
|
|
||||||
import_role:
|
|
||||||
name: config-zabbix-agent
|
|
||||||
when: zabbix_agent_enabled is defined and zabbix_agent_enabled
|
|
||||||
tags: config-zabbix-agent_config
|
|
||||||
|
|
||||||
#handlers:
|
|
||||||
# - include_tasks: roles/{{ item }}/handlers/main.yaml
|
|
||||||
# with_items:
|
|
||||||
# - config-awx-user
|
|
||||||
# - config-root-user
|
|
||||||
# - config-base-debian-os
|
|
||||||
# - config-repo-vn
|
|
||||||
# - config-fail2ban # or hacer
|
|
||||||
# - config-nagios-nrpe # or hacer
|
|
||||||
# - config-server-type
|
|
|
@ -1,76 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
# - name: "[CONFIG AWX-USER] Create awx user and config ssh-key"
|
|
||||||
# import_role:
|
|
||||||
# name: config-awx-user
|
|
||||||
# tags: config-awx-user_config
|
|
||||||
|
|
||||||
# - name: "[CONFIG ROOT USER] Configure SSH root user"
|
|
||||||
# import_role:
|
|
||||||
# name: config-root-user
|
|
||||||
# tags: config-root-user_config
|
|
||||||
|
|
||||||
- name: "[CONFIG BASE DEBIAN OS] Configure debian os"
|
|
||||||
import_role:
|
|
||||||
name: config-base-debian-os
|
|
||||||
# tags: config-base-debian-os_config
|
|
||||||
|
|
||||||
- name: "[CONFIG LOCALES] Set locales"
|
|
||||||
import_role:
|
|
||||||
name: config-locales
|
|
||||||
|
|
||||||
- name: "[CONFIG TZDATA] Set timezone"
|
|
||||||
import_role:
|
|
||||||
name: config-tzdata
|
|
||||||
|
|
||||||
- name: "[CONFIG REPO VN] Add-repos-vn"
|
|
||||||
import_role:
|
|
||||||
name: config-repo-vn
|
|
||||||
# tags: config-repo-vn_config
|
|
||||||
|
|
||||||
- name: "[CONFIG FAIL2BAN] Install and configure fail2ban service"
|
|
||||||
import_role:
|
|
||||||
name: config-fail2ban
|
|
||||||
# tags: config-fail2ban_config
|
|
||||||
|
|
||||||
- name: "[CONFIG NAGIOS NRPE] Install and configure nagios nrpe service"
|
|
||||||
import_role:
|
|
||||||
name: config-nagios-nrpe
|
|
||||||
# tags: config-nagios-nrpe_config
|
|
||||||
|
|
||||||
# - name: "[CONFIG SERVER TYPE] Install guest side"
|
|
||||||
# import_role:
|
|
||||||
# name: config-server-type
|
|
||||||
# tags: config-server-type_config
|
|
||||||
|
|
||||||
- name: "[CONFIG NTP] Install and configure ntp"
|
|
||||||
import_role:
|
|
||||||
name: config-ntp
|
|
||||||
# tags: config-ntp_config
|
|
||||||
|
|
||||||
- name: "[CONFIG AUTOFS HOMES] Install and configure AUTOFS HOMES"
|
|
||||||
import_role:
|
|
||||||
name: config-autofs-homes
|
|
||||||
|
|
||||||
- name: "[CONFIG ZABBIX AGENT] Install and configure ZABBIX AGENT"
|
|
||||||
import_role:
|
|
||||||
name: config-zabbix-agent
|
|
||||||
# tags: config-zabbix-agent_config
|
|
||||||
|
|
||||||
#handlers:
|
|
||||||
# - include_tasks: roles/{{ item }}/handlers/main.yaml
|
|
||||||
# with_items:
|
|
||||||
# - config-awx-user
|
|
||||||
# - config-root-user
|
|
||||||
# - config-base-debian-os
|
|
||||||
# - config-repo-vn
|
|
||||||
# - config-fail2ban # or hacer
|
|
||||||
# - config-nagios-nrpe # or hacer
|
|
||||||
# - config-server-type
|
|
|
@ -1,156 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
# - name: "[CONFIG AWX-USER] Create awx user and config ssh-key"
|
|
||||||
# import_role:
|
|
||||||
# name: config-awx-user
|
|
||||||
# tags: config-awx-user_config
|
|
||||||
|
|
||||||
- name: "[CONFIG ROOT USER] Configure SSH root user"
|
|
||||||
import_role:
|
|
||||||
name: config-root-user
|
|
||||||
when: root_user_enabled is defined and root_user_enabled
|
|
||||||
tags: config-root-user_config
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTNAME] Configure hostname"
|
|
||||||
import_role:
|
|
||||||
name: config-hostname
|
|
||||||
when: hostname_enabled is defined and hostname_enabled
|
|
||||||
tags: config-hostname_config
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTS FILE] Configure hosts file"
|
|
||||||
import_role:
|
|
||||||
name: config-hosts
|
|
||||||
when: hosts_enabled is defined and hosts_enabled
|
|
||||||
tags: config-hosts_config_config
|
|
||||||
|
|
||||||
- name: "[CONFIG RESOLV FILE] Configure resolv file"
|
|
||||||
import_role:
|
|
||||||
name: config-resolv
|
|
||||||
when: resolv_enabled is defined and resolv_enabled
|
|
||||||
tags: config-resolv_config
|
|
||||||
|
|
||||||
- name: "[CONFIG UPDATE] Config update"
|
|
||||||
import_role:
|
|
||||||
name: config-update-and-upgrade-packages
|
|
||||||
when: update_enabled is defined and update_enabled
|
|
||||||
tags: config-update-and-upgrade-packages_config
|
|
||||||
|
|
||||||
- name: "[CONFIG INSTALL PACKAGES] Install packages"
|
|
||||||
import_role:
|
|
||||||
name: config-install-packages
|
|
||||||
when: packages_enabled is defined and packages_enabled
|
|
||||||
tags: config-install-packages_config
|
|
||||||
|
|
||||||
- name: "[CONFIG RELAYHOST SMTP] Config relayhost smtp"
|
|
||||||
import_role:
|
|
||||||
name: config-relayhost-smtp
|
|
||||||
when: relay_host_enabled is defined and relay_host_enabled
|
|
||||||
tags: config-relayhost-smtp_config
|
|
||||||
|
|
||||||
- name: "[CONFIG CENTRALIZED AUTH] Config centralized auth"
|
|
||||||
import_role:
|
|
||||||
name: config-centralized-auth
|
|
||||||
when: centralized_auth_enabled is defined and centralized_auth_enabled
|
|
||||||
tags: config-centralized-auth_config
|
|
||||||
|
|
||||||
- name: "[CONFIG SUDOERS] Config sudoers"
|
|
||||||
import_role:
|
|
||||||
name: config-sudoers
|
|
||||||
when: sudoers_enabled is defined and sudoers_enabled
|
|
||||||
tags: config-sudoers_config
|
|
||||||
|
|
||||||
- name: "[CONFIG SECURE GRUB] configure secure grub"
|
|
||||||
import_role:
|
|
||||||
name: config-secure-grub
|
|
||||||
when: secure_grub_enabled is defined and secure_grub_enabled
|
|
||||||
tags: config-secure-grub_config
|
|
||||||
|
|
||||||
- name: "[CONFIG VIM OPTIONS] Config vim options"
|
|
||||||
import_role:
|
|
||||||
name: config-vim-options
|
|
||||||
when: vim_options_enabled is defined and vim_options_enabled
|
|
||||||
tags: config-vim-options_config
|
|
||||||
|
|
||||||
- name: "[CONFIG MOTD] Config motd"
|
|
||||||
import_role:
|
|
||||||
name: config-motd
|
|
||||||
when: motd_enabled is defined and motd_enabled
|
|
||||||
tags: config-motd_config
|
|
||||||
|
|
||||||
- name: "[CONFIG HOT PLUG] Install and configure hot plug"
|
|
||||||
import_role:
|
|
||||||
name: config-hot-plug
|
|
||||||
when: hot_plug_enabled is defined and hot_plug_enabled
|
|
||||||
tags: config-hot-plug_config
|
|
||||||
|
|
||||||
- name: "[CONFIG LOCALES] Set locales"
|
|
||||||
import_role:
|
|
||||||
name: config-locales
|
|
||||||
when: locales_enabled is defined and locales_enabled
|
|
||||||
tags: config-locales_config
|
|
||||||
|
|
||||||
- name: "[CONFIG TZDATA] Set timezone"
|
|
||||||
import_role:
|
|
||||||
name: config-tzdata
|
|
||||||
when: tzdata_enabled is defined and tzdata_enabled
|
|
||||||
tags: config-tzdata_config
|
|
||||||
|
|
||||||
- name: "[CONFIG REPO VN] Add-repos-vn"
|
|
||||||
import_role:
|
|
||||||
name: config-repo-vn
|
|
||||||
when: repo_vn_enabled is defined and repo_vn_enabled
|
|
||||||
tags: config-repo-vn_config
|
|
||||||
|
|
||||||
- name: "[CONFIG FAIL2BAN] Install and configure fail2ban service"
|
|
||||||
import_role:
|
|
||||||
name: config-fail2ban
|
|
||||||
when: fail2ban_enabled is defined and fail2ban_enabled
|
|
||||||
tags: config-fail2ban_config
|
|
||||||
|
|
||||||
- name: "[CONFIG NAGIOS NRPE] Install and configure nagios nrpe service"
|
|
||||||
import_role:
|
|
||||||
name: config-nagios-nrpe
|
|
||||||
when: nagios_nrpe_enabled is defined and nagios_nrpe_enabled
|
|
||||||
tags: config-nagios-nrpe_config
|
|
||||||
|
|
||||||
- name: "[CONFIG SERVER TYPE] Install guest side"
|
|
||||||
import_role:
|
|
||||||
name: config-server-type
|
|
||||||
when: server_type_enabled is defined and server_type_enabled
|
|
||||||
tags: config-server-type_config
|
|
||||||
|
|
||||||
- name: "[CONFIG NTP] Install and configure ntp"
|
|
||||||
import_role:
|
|
||||||
name: config-ntp
|
|
||||||
when: ntp_enabled is defined and ntp_enabled
|
|
||||||
tags: config-ntp_config
|
|
||||||
|
|
||||||
- name: "[CONFIG AUTOFS HOMES] Install and configure AUTOFS HOMES"
|
|
||||||
import_role:
|
|
||||||
name: config-autofs-homes
|
|
||||||
when: autofs_homes_enabled is defined and autofs_homes_enabled
|
|
||||||
tags: config-autofs-homes_config
|
|
||||||
|
|
||||||
- name: "[CONFIG ZABBIX AGENT] Install and configure ZABBIX AGENT"
|
|
||||||
import_role:
|
|
||||||
name: config-zabbix-agent
|
|
||||||
when: zabbix_agent_enabled is defined and zabbix_agent_enabled
|
|
||||||
tags: config-zabbix-agent_config
|
|
||||||
|
|
||||||
#handlers:
|
|
||||||
# - include_tasks: roles/{{ item }}/handlers/main.yaml
|
|
||||||
# with_items:
|
|
||||||
# - config-awx-user
|
|
||||||
# - config-root-user
|
|
||||||
# - config-base-debian-os
|
|
||||||
# - config-repo-vn
|
|
||||||
# - config-fail2ban # or hacer
|
|
||||||
# - config-nagios-nrpe # or hacer
|
|
||||||
# - config-server-type
|
|
|
@ -1,72 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
# - name: "[CONFIG AWX-USER] Create awx user and config ssh-key"
|
|
||||||
# import_role:
|
|
||||||
# name: config-awx-user
|
|
||||||
# tags: config-awx-user_config
|
|
||||||
|
|
||||||
- name: "[CONFIG ROOT USER] Configure SSH root user"
|
|
||||||
import_role:
|
|
||||||
name: config-root-user
|
|
||||||
tags: config-root-user_config
|
|
||||||
|
|
||||||
- name: "[CONFIG BASE DEBIAN OS] Configure debian os"
|
|
||||||
import_role:
|
|
||||||
name: config-base-debian-os
|
|
||||||
tags: config-base-debian-os_config
|
|
||||||
|
|
||||||
- name: "[CONFIG LOCALES] Set locales"
|
|
||||||
import_role:
|
|
||||||
name: config-locales
|
|
||||||
|
|
||||||
- name: "[CONFIG TZDATA] Set timezone"
|
|
||||||
import_role:
|
|
||||||
name: config-tzdata
|
|
||||||
|
|
||||||
- name: "[CONFIG REPO VN] Add-repos-vn"
|
|
||||||
import_role:
|
|
||||||
name: config-repo-vn
|
|
||||||
tags: config-repo-vn_config
|
|
||||||
|
|
||||||
- name: "[CONFIG FAIL2BAN] Install and configure fail2ban service"
|
|
||||||
import_role:
|
|
||||||
name: config-fail2ban
|
|
||||||
tags: config-fail2ban_config
|
|
||||||
|
|
||||||
- name: "[CONFIG NAGIOS NRPE] Install and configure nagios nrpe service"
|
|
||||||
import_role:
|
|
||||||
name: config-nagios-nrpe
|
|
||||||
tags: config-nagios-nrpe_config
|
|
||||||
|
|
||||||
- name: "[CONFIG SERVER TYPE] Install guest side"
|
|
||||||
import_role:
|
|
||||||
name: config-server-type
|
|
||||||
tags: config-server-type_config
|
|
||||||
|
|
||||||
- name: "[CONFIG NTP] Install and configure ntp"
|
|
||||||
import_role:
|
|
||||||
name: config-ntp
|
|
||||||
tags: config-ntp_config
|
|
||||||
|
|
||||||
- name: "[CONFIG ZABBIX AGENT] Install and configure ZABBIX AGENT"
|
|
||||||
import_role:
|
|
||||||
name: config-zabbix-agent
|
|
||||||
tags: config-zabbix-agent_config
|
|
||||||
|
|
||||||
#handlers:
|
|
||||||
# - include_tasks: roles/{{ item }}/handlers/main.yaml
|
|
||||||
# with_items:
|
|
||||||
# - config-awx-user
|
|
||||||
# - config-root-user
|
|
||||||
# - config-base-debian-os
|
|
||||||
# - config-repo-vn
|
|
||||||
# - config-fail2ban # or hacer
|
|
||||||
# - config-nagios-nrpe # or hacer
|
|
||||||
# - config-server-type
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG AUTOFS HOMES] Comprobando si es necesario configurar AUTOFS HOMES"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar AUTOFS HOMES en la máquina"
|
|
||||||
when: autofs_homes_enabled is not defined or not autofs_homes_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG AUTOFS HOMES] Install and configure AUTOFS HOMES"
|
|
||||||
import_role:
|
|
||||||
name: config-autofs-homes
|
|
||||||
when: autofs_homes_enabled is defined and autofs_homes_enabled
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CREATE AWX-USER] Create awx user and config ssh-key"
|
|
||||||
import_role:
|
|
||||||
name: config-awx-user
|
|
|
@ -1,20 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
#- hosts: '{{ ip_addr }}'
|
|
||||||
# become: yes
|
|
||||||
# become_method: sudo
|
|
||||||
# gather_facts: yes
|
|
||||||
|
|
||||||
# tasks:
|
|
||||||
|
|
||||||
# - name: "[CONFIG BASE DEBIAN OS] Configure debian os"
|
|
||||||
# import_role:
|
|
||||||
# name: config-base-debian-os
|
|
||||||
|
|
||||||
# - name: "[CONFIG LOCALES] Set locales"
|
|
||||||
# import_role:
|
|
||||||
# name: config-locales
|
|
||||||
|
|
||||||
# - name: "[CONFIG TZDATA] Set timezone"
|
|
||||||
# import_role:
|
|
||||||
# name: config-tzdata
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG CENTRALIZED AUTH] Comprobando si es necesario configurar centralized auth"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar centralized auth en la máquina"
|
|
||||||
when: centralized_auth_enabled is not defined or not centralized_auth_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG CENTRALIZED AUTH] Config centralized auth"
|
|
||||||
import_role:
|
|
||||||
name: config-centralized-auth
|
|
||||||
when: centralized_auth_enabled is defined and centralized_auth_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG FAIL2BAN] Comprobando si es necesario configurar fail2ban "
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar fail2ban en la máquina"
|
|
||||||
when: fail2ban_enabled is not defined or not fail2ban_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG FAIL2BAN] Install and configure fail2ban service"
|
|
||||||
import_role:
|
|
||||||
name: config-fail2ban
|
|
||||||
when: fail2ban_enabled is defined and fail2ban_enabled
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG FREERADIUS TOTOP] Install and configure FREERADIUS TOTOP"
|
|
||||||
import_role:
|
|
||||||
name: config-freeradius-totp
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTNAME] Comprobando si es necesario configurar hostname "
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar hostname en la máquina"
|
|
||||||
when: hostname_enabled is not defined or not hostname_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTNAME] Configure hostname"
|
|
||||||
import_role:
|
|
||||||
name: config-hostname
|
|
||||||
when: hostname_enabled is defined and hostname_enabled
|
|
|
@ -1,19 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTS FILE] Comprobando si es necesario configurar hosts file "
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar hosts file en la máquina"
|
|
||||||
when: hosts_enabled is not defined or not hosts_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG HOSTS FILE] Configure hosts file"
|
|
||||||
import_role:
|
|
||||||
name: config-hosts
|
|
||||||
when: hosts_enabled is defined and hosts_enabled
|
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG HOT PLUG] Comprobando si es necesario configurar hot plug"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar hot plug en la máquina"
|
|
||||||
when: hot_plug_enabled is not defined or not hot_plug_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG HOT PLUG] Install and configure hot plug"
|
|
||||||
import_role:
|
|
||||||
name: config-hot-plug
|
|
||||||
when: hot_plug_enabled is defined and hot_plug_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG INSTALL PACKAGES] Comprobando si es necesario instalar paqueteria"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario instalar paqueteria en la máquina"
|
|
||||||
when: packages_enabled is not defined or not packages_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG INSTALL PACKAGES] Install packages"
|
|
||||||
import_role:
|
|
||||||
name: config-install-packages
|
|
||||||
when: packages_enabled is defined and packages_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG LOCALES] Comprobando si es necesario configurar locales"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar locales en la máquina"
|
|
||||||
when: locales_enabled is not defined or not locales_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG LOCALES] Set locales"
|
|
||||||
import_role:
|
|
||||||
name: config-locales
|
|
||||||
when: locales_enabled is defined and locales_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG MOTD] Comprobando si es necesario configurar motd"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar motd en la máquina"
|
|
||||||
when: motd_enabled is not defined or not motd_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG MOTD] Config motd"
|
|
||||||
import_role:
|
|
||||||
name: config-motd
|
|
||||||
when: motd_enabled is defined and motd_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG NAGIOS NRPE] Comprobando si es necesario configurar nagios nrpe service "
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar nagios nrpe service en la máquina"
|
|
||||||
when: nagios_nrpe_enabled is not defined or not nagios_nrpe_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG NAGIOS NRPE] Install and configure nagios nrpe service"
|
|
||||||
import_role:
|
|
||||||
name: config-nagios-nrpe
|
|
||||||
when: nagios_nrpe_enabled is defined and nagios_nrpe_enabled
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: ns1
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG NSUPDATE] configure zone with NSUPDATE"
|
|
||||||
import_role:
|
|
||||||
name: config-nsupdate
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG NTP] Comprobando si es necesario configurar ntp"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar ntp en la máquina"
|
|
||||||
when: ntp_enabled is not defined or not ntp_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG NTP] Install and configure ntp"
|
|
||||||
import_role:
|
|
||||||
name: config-ntp
|
|
||||||
when: ntp_enabled is defined and ntp_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG RELAYHOST SMTP] Comprobando si es necesario configurar relayhost smtp"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar relayhost smtp en la máquina"
|
|
||||||
when: relay_host_enabled is not defined or not relay_host_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG RELAYHOST SMTP] Config relayhost smtp"
|
|
||||||
import_role:
|
|
||||||
name: config-relayhost-smtp
|
|
||||||
when: relay_host_enabled is defined and relay_host_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG REPO VN] Comprobando si es necesario configurar repositorios"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar repositorios en la máquina"
|
|
||||||
when: repo_vn_enabled is not defined or not repo_vn_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG REPO VN] Add-repos-vn"
|
|
||||||
import_role:
|
|
||||||
name: config-repo-vn
|
|
||||||
when: repo_vn_enabled is defined and repo_vn_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG RESOLV FILE] Comprobando si es necesario configurar resolv file "
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar resolv file en la máquina"
|
|
||||||
when: resolv_enabled is not defined or not resolv_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG RESOLV FILE] Configure resolv file"
|
|
||||||
import_role:
|
|
||||||
name: config-resolv
|
|
||||||
when: resolv_enabled is defined and resolv_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG ROOT USER] Comprobando si es necesario configurar SSH root user"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar SSH root user en la máquina"
|
|
||||||
when: root_user_enabled is not defined or not root_user_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG ROOT USER] Configure SSH root user"
|
|
||||||
import_role:
|
|
||||||
name: config-root-user
|
|
||||||
when: root_user_enabled is defined and root_user_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG SECURE GRUB] Comprobando si es necesario configurar secure grub"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar secure grub en la máquina"
|
|
||||||
when: secure_grub_enabled is not defined or not secure_grub_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG SECURE GRUB] configure secure grub"
|
|
||||||
import_role:
|
|
||||||
name: config-secure-grub
|
|
||||||
when: secure_grub_enabled is defined and secure_grub_enabled
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: localhost
|
|
||||||
become: no
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG SEND MAIL] Send Mail"
|
|
||||||
import_role:
|
|
||||||
name: config-send-mail
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: no
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG SERVER TYPE] Comprobando si es necesario instalar guest side"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario instalar guest side en la máquina"
|
|
||||||
when: server_type_enabled is not defined or not server_type_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG SERVER TYPE] Install guest side"
|
|
||||||
import_role:
|
|
||||||
name: config-server-type
|
|
||||||
when: server_type_enabled is defined and server_type_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG SUDOERS] Comprobando si es necesario configurar sudoers"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar sudoers en la máquina"
|
|
||||||
when: sudoers_enabled is not defined or not sudoers_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG SUDOERS] Config sudoers"
|
|
||||||
import_role:
|
|
||||||
name: config-sudoers
|
|
||||||
when: sudoers_enabled is defined and sudoers_enabled
|
|
|
@ -1,18 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- hosts: '{{ ip_addr }}'
|
|
||||||
become: yes
|
|
||||||
become_method: sudo
|
|
||||||
gather_facts: yes
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
|
|
||||||
- name: "[CONFIG TZDATA] Comprobando si es necesario configurar timezone"
|
|
||||||
debug:
|
|
||||||
msg: "No es necesario configurar timezone en la máquina"
|
|
||||||
when: tzdata_enabled is not defined or not tzdata_enabled
|
|
||||||
|
|
||||||
- name: "[CONFIG TZDATA] Set timezone"
|
|
||||||
import_role:
|
|
||||||
name: config-tzdata
|
|
||||||
when: tzdata_enabled is defined and tzdata_enabled
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue