diff options
author | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-01-06 18:48:59 +0100 |
---|---|---|
committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-01-06 18:48:59 +0100 |
commit | 9222b89e867d33923dc695088e2f995312f07cb8 (patch) | |
tree | 460ba7dd2a93a58b1bf63fd3e36fc8b9a0d3566e /roles/torrelay/tasks/main.yml | |
parent | 52097b94aa3969f6345c6ef043f14fc78dfc8261 (diff) | |
download | playbooks-ansible-9222b89e867d33923dc695088e2f995312f07cb8.tar.gz playbooks-ansible-9222b89e867d33923dc695088e2f995312f07cb8.tar.xz playbooks-ansible-9222b89e867d33923dc695088e2f995312f07cb8.zip |
Split torreplay tasks into multiple files
Diffstat (limited to 'roles/torrelay/tasks/main.yml')
-rw-r--r-- | roles/torrelay/tasks/main.yml | 81 |
1 files changed, 10 insertions, 71 deletions
diff --git a/roles/torrelay/tasks/main.yml b/roles/torrelay/tasks/main.yml index 5b960e5..1081c8b 100644 --- a/roles/torrelay/tasks/main.yml +++ b/roles/torrelay/tasks/main.yml @@ -1,75 +1,14 @@ -- name: Installation du paquet Tor depuis le dépôt - yum: name=tor state=present - when: ansible_pkg_mgr == "yum" +- name: Installation des paquets + include: pkgs.yml -- name: Installation du paquet Tor depuis le dépôt - dnf: name=tor state=present - when: ansible_pkg_mgr == "dnf" +- name: Configuration des services + include: config.yml -- name: Installation de paquets optionnels depuis le dépôt - yum: name={{ item }} state=present - with_items: - - tor-arm - - proxychains - when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "yum" +- name: Configuration du parefeu + include: fw.yml -- name: Installation de paquets optionnels depuis le dépôt - dnf: name={{ item }} state=present - with_items: - - tor-arm - - proxychains - when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "dnf" +- name: Modules et booleens SELinux + include: selinux.yml -- name: Configuration de proxychains - copy: src=proxychains.conf dest=/etc/proxychains.conf - mode=644 - when: ansible_distribution == "Fedora" - -- name: Création des répertoires de base - file: path=/usr/local/share/tor state=directory - -- name: Installation de la page d'accueil html - copy: src=index-fedora.html dest=/usr/local/share/tor/tor-exit-notice.html - mode=644 - -- name: Configuration du service - template: src=keys.j2 dest=/etc/tor/torrc - owner=root - group=root - mode=644 - -- name: Ouverture des ports Firewalld standards - firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled - with_nested: - - [ '9001/tcp', '9030/tcp' ] - - [ 'true', 'false' ] - when: ansible_distribution == "Fedora" and is_public is defined - -- name: Ouverture des ports Firewalld spéciaux - firewalld: service={{ item[0] }} permanent={{ item[1] }} state=enabled - with_nested: - - [ 'pop3', 'pop3s' ] - - [ 'true', 'false' ] - when: ansible_distribution == "Fedora" and is_gardian is defined - -- name: Déploiement du module SELinux pour hidden_services - copy: src=tor-selinux-f22-policy-module.pp dest=/root/tor-selinux-f22-policy-module.pp - mode=644 - when: ansible_distribution == "Fedora" - -- name: Déploiement du module SELinux pour AVC dac error - copy: src=tor-dac-capabilities.pp dest=/root/tor-dac-capabilities.pp - mode=644 - when: ansible_distribution == "Fedora" - -- name: Déploiement du module SELinux pour hidden_services - copy: src=tor-selinux-centos6.6-policy-module.pp dest=/root/tor-selinux-centos6.6-policy-module.pp - mode=644 - when: ansible_distribution == "CentOS" - -- name: Configuration du booleen SELinux - seboolean: name=tor_can_network_relay state=yes persistent=yes - when: ansible_selinux.status != "disabled" and is_gardian is defined - -- name: Activation et démarrage du relai Tor - service: name=tor state=started enabled=yes +- name: Gestion du service + include: services.yml |