Skip to content

Roles

En gros il y a un rôle par groupe... Les rôles sont appliqué du plus générique au plus spécifique dans le playbook.

Les rôles customisés pour IPv5 sont ceux commençant par ipv5_.

ipv5_common

tasks (ipv5_common/tasks/mail.yml)

  • install common packages for all servers
  • Create users
  • Configure sudo permission
  • Create zsh config file
  • Create personal custom file for zsh
  • Create zsh/iterm2 config file
  • Set authorized key taken from file
  • Create fail2ban local jail

vars (ipv5_common/vars/main.yml)

  • users
  • packages

files (ipv5_common/files/)

  • iterm2_shell_integration.zsh
  • public_keys (dir)

templates (ipv5_common/templates/)

  • fail2ban.j2
  • zsh.j2

ipv5_hetzner

tasks (ipv5_hetzner/tasks/mail.yml)

  • install common packages for VM
  • Ensure resolv.conf is correct for ipv4/6
  • Ensure resolv.conf is correct for ipv6 only
  • NETDATA | Ensure stream.conf is correct
  • NETDATA | restart service

vars (ipv5_hetzner/vars/main.yml)

  • packages

files (ipv5_hetzner/files/)

  • resolv.conf_dual.txt
  • resolv.conf_v6.txt

templates (ipv5_hetzner/templates/)

  • stream.j2

ipv5_hypervisor

tasks (ipv5_hypervisor/tasks/mail.yml)

  • add backports repository
  • UFW | default (incoming) policy
  • UFW | default (outgoing) policy
  • UFW | rules
  • UFW | start and enable service
  • UFW | reload ufw

vars (ipv5_hypervisor/vars/main.yml)

  • default_incoming_policy
  • ufw_default_outgoing_policy
  • ufw_rules:packages
  • backports_uri
  • backports_distribution
  • backports_components

ipv5_supervisor

tasks (ipv5_supervisor/tasks/mail.yml)

  • NETDATA | insure stream.conf is correct
  • NETDATA | restart service
  • UFW | default (incoming) policy
  • UFW | default (outgoing) policy
  • UFW | rules
  • UFW | start and enable service
  • UFW | reload ufw

vars (ipv5_supervisor/vars/main.yml)

  • default_incoming_policy
  • ufw_default_outgoing_policy
  • ufw_rules:packages

templates (ipv5_supervisor/templates/)

  • stream.j2

ipv5_vm

tasks (ipv5_vm/tasks/mail.yml)

  • install common packages for VM

vars (ipv5_vm/vars/main.yml)

  • packages

ipv5_web

tasks (ipv5_web/tasks/mail.yml)

  • debug dictionary
  • NGINX | Install packages
  • PHP | Install packages
  • UWSGI | Install packages
  • NGINX | Ensure DH-params are present
  • NGINX | Configure vhosts using template
  • NGINX | Create www directories
  • NGINX | Add generic config
  • NGINX | Create log directories
  • NGINX | Enable vhosts
  • LECM | Config file
  • LECM+NGINX | Create dedicated directory
  • LECM | Schedule auto-renew

vars (ipv5_web/vars/main.yml)

  • php
  • vhosts

files (ipv5_web/files/)

  • lecm.cron
  • nginx-generic-config (dir)

templates (ipv5_web/templates/)

  • lecm.j2
  • vhost.j2