diff options
author | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-12-24 16:30:32 +0100 |
---|---|---|
committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-12-24 16:30:32 +0100 |
commit | a70091ad7372d17f0dfb58663a6ed4479ca40709 (patch) | |
tree | 7a454aaf21e45e036fa54ae46b0dc014986137f6 | |
parent | 6ed28366124713afb588ad96b7040fbe0841a32d (diff) | |
download | playbooks-ansible-a70091ad7372d17f0dfb58663a6ed4479ca40709.tar.gz playbooks-ansible-a70091ad7372d17f0dfb58663a6ed4479ca40709.tar.xz playbooks-ansible-a70091ad7372d17f0dfb58663a6ed4479ca40709.zip |
Update user and seboolean and firewalld modules syntax
-rw-r--r-- | roles/bittorrent/tasks/fw.yml | 6 | ||||
-rw-r--r-- | roles/clients/tasks/fw.yml | 25 | ||||
-rw-r--r-- | roles/clients/tasks/nvidia.yml | 11 | ||||
-rw-r--r-- | roles/common/tasks/zsh.yml | 8 | ||||
-rw-r--r-- | roles/dnsserver/tasks/dirs.yml | 5 | ||||
-rw-r--r-- | roles/dnsserver/tasks/fw.yml | 6 | ||||
-rw-r--r-- | roles/mtaserver/tasks/fw.yml | 12 | ||||
-rw-r--r-- | roles/ntpserver/tasks/fw.yml | 6 | ||||
-rw-r--r-- | roles/proxy/tasks/fw.yml | 8 | ||||
-rw-r--r-- | roles/torrelay/tasks/fw.yml | 24 |
10 files changed, 51 insertions, 60 deletions
diff --git a/roles/bittorrent/tasks/fw.yml b/roles/bittorrent/tasks/fw.yml index 973b2e1..87fdc46 100644 --- a/roles/bittorrent/tasks/fw.yml +++ b/roles/bittorrent/tasks/fw.yml @@ -1,8 +1,6 @@ - name: Ouverture des ports Firewalld firewalld: port: "51413/tcp" - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - true - - false diff --git a/roles/clients/tasks/fw.yml b/roles/clients/tasks/fw.yml index 67a3276..4cc0b2b 100644 --- a/roles/clients/tasks/fw.yml +++ b/roles/clients/tasks/fw.yml @@ -1,26 +1,29 @@ - name: Fermeture des ports de services firewalld: - service: "{{ item[0] }}" - permanent: "{{ item[1] }}" + service: "{{ item }}" + permanent: yes + immediate: yes state: disabled - with_nested: - - [ 'dhcpv6-client', 'mdns', 'samba-client' ] - - [ 'true', 'false' ] + with_items: + - dhcpv6-client + - mdns + - samba-client when: ansible_distribution == "Fedora" - name: Fermeture du port SSH après reboot firewalld: service: ssh - permanent: true + permanent: yes state: disabled when: ansible_distribution == "Fedora" - name: Fermeture des plages de port firewalld: - port: "{{ item[0] }}" - permanent: "{{ item[1] }}" + port: "{{ item }}" + permanent: yes + immediate: yes state: disabled - with_nested: - - [ '1025-65535/tcp', '1025-65535/udp' ] - - [ 'true', 'false' ] + with_items: + - 1025-65535/tcp + - 1025-65535/udp when: ansible_distribution == "Fedora" diff --git a/roles/clients/tasks/nvidia.yml b/roles/clients/tasks/nvidia.yml index fa00752..5c02444 100644 --- a/roles/clients/tasks/nvidia.yml +++ b/roles/clients/tasks/nvidia.yml @@ -17,10 +17,9 @@ when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 26 - name: Désactivation de Wayland pour GDM - lineinfile: - dest: /etc/gdm/custom.conf - state: present - backrefs: yes - regexp: "^#WaylandEnable=false" - line: "WaylandEnable=false" + ini_file: + path: /etc/gdm/custom.conf + section: daemon + option: WaylandEnable + value: "false" when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 27 diff --git a/roles/common/tasks/zsh.yml b/roles/common/tasks/zsh.yml index f7fc147..4aae75a 100644 --- a/roles/common/tasks/zsh.yml +++ b/roles/common/tasks/zsh.yml @@ -1,7 +1,11 @@ - name: Changement de shell /usr/bin/zsh pour root - user: name=root shell=/usr/bin/zsh + user: + name: root + shell: /usr/bin/zsh when: ansible_distribution == "Fedora" - name: Changement de shell /bin/zsh pour root - user: name=root shell=/bin/zsh + user: + name: root + shell: /bin/zsh when: ansible_distribution == "CentOS" diff --git a/roles/dnsserver/tasks/dirs.yml b/roles/dnsserver/tasks/dirs.yml index 87e256d..f5a0e6d 100644 --- a/roles/dnsserver/tasks/dirs.yml +++ b/roles/dnsserver/tasks/dirs.yml @@ -22,7 +22,10 @@ mode: 0770 - name: Configuration booleen SELinux de /var/named/ - seboolean: name=named_write_master_zones state=yes persistent=yes + seboolean: + name: named_write_master_zones + state: yes + persistent: yes when: ansible_selinux.status != "disabled" - name: Restauration des contextes SELinux du répertoire de logs diff --git a/roles/dnsserver/tasks/fw.yml b/roles/dnsserver/tasks/fw.yml index 910a1ef..d6f707c 100644 --- a/roles/dnsserver/tasks/fw.yml +++ b/roles/dnsserver/tasks/fw.yml @@ -1,8 +1,6 @@ - name: Ouverture des ports Firewalld firewalld: service: dns - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - true - - false diff --git a/roles/mtaserver/tasks/fw.yml b/roles/mtaserver/tasks/fw.yml index 567a079..3177b2e 100644 --- a/roles/mtaserver/tasks/fw.yml +++ b/roles/mtaserver/tasks/fw.yml @@ -1,19 +1,15 @@ - name: Ouverture du port SMTP firewalld: service: smtp - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - true - - false when: mtadomain is defined - name: Ouverture du port Submission firewalld: service: "smtp-submission" - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - true - - false when: mtadomain is defined diff --git a/roles/ntpserver/tasks/fw.yml b/roles/ntpserver/tasks/fw.yml index 965c94b..9aa54b6 100644 --- a/roles/ntpserver/tasks/fw.yml +++ b/roles/ntpserver/tasks/fw.yml @@ -1,8 +1,6 @@ - name: Ouverture des ports Firewalld firewalld: service: ntp - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - true - - false diff --git a/roles/proxy/tasks/fw.yml b/roles/proxy/tasks/fw.yml index eef417a..42f483b 100644 --- a/roles/proxy/tasks/fw.yml +++ b/roles/proxy/tasks/fw.yml @@ -1,9 +1,9 @@ - name: Ouverture des ports principaux dans Firewalld firewalld: port: "{{ item }}/tcp" - permanent: true + permanent: yes + immediate: yes state: enabled - immediate: true with_items: - "{{ revport }}" - "{{ revports }}" @@ -11,9 +11,9 @@ - name: Ouverture des ports auxiliaires Firewalld firewalld: port: "{{ item }}/tcp" - permanent: true + permanent: yes + immediate: yes state: enabled - immediate: true with_items: - "{{ auxport }}" when: auxport is defined diff --git a/roles/torrelay/tasks/fw.yml b/roles/torrelay/tasks/fw.yml index dc44840..8a931aa 100644 --- a/roles/torrelay/tasks/fw.yml +++ b/roles/torrelay/tasks/fw.yml @@ -1,43 +1,35 @@ - name: Ouverture du port ORPort firewalld: port: "{{ orport }}" - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - "true" - - "false" when: orport is defined and orport != httpsport and orport != pop3sport - name: Ouverture du port ORPort firewalld: service: "pop3s" - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - "true" - - "false" when: orport is defined and orport != httpsport and orport == pop3sport - name: Ouverture du port DIRPort firewalld: port: "{{ dirport }}" - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - "true" - - "false" when: dirport is defined and dirport != httpport and dirport != pop3port - name: Ouverture du port DIRPort firewalld: service: "pop3" - permanent: "{{ item }}" + permanent: yes + immediate: yes state: enabled - with_items: - - "true" - - "false" when: dirport is defined and dirport != httpport and dirport == pop3port |