diff options
author | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-10-20 15:21:27 +0200 |
---|---|---|
committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-10-20 15:21:27 +0200 |
commit | 5ff258def6b42b626b7a3f517072b9fb314677be (patch) | |
tree | 0d33f5c7c656ca5708b79a77b2e43569d2ce8df0 /roles | |
parent | a78de469361a2f9e3c483342e5a5226bc2228bf2 (diff) | |
download | playbooks-ansible-5ff258def6b42b626b7a3f517072b9fb314677be.tar.gz playbooks-ansible-5ff258def6b42b626b7a3f517072b9fb314677be.tar.xz playbooks-ansible-5ff258def6b42b626b7a3f517072b9fb314677be.zip |
Update file and copy modules syntax
Diffstat (limited to 'roles')
-rw-r--r-- | roles/clients/tasks/mnt.yml | 4 | ||||
-rw-r--r-- | roles/clients/tasks/sudo.yml | 7 | ||||
-rw-r--r-- | roles/clients/tasks/sysctl.yml | 5 | ||||
-rw-r--r-- | roles/common/tasks/aide.yml | 5 | ||||
-rw-r--r-- | roles/common/tasks/binutils.yml | 14 | ||||
-rw-r--r-- | roles/common/tasks/ca.yml | 10 | ||||
-rw-r--r-- | roles/common/tasks/cron.yml | 5 | ||||
-rw-r--r-- | roles/common/tasks/mnt.yml | 4 | ||||
-rw-r--r-- | roles/common/tasks/rc.yml | 10 | ||||
-rw-r--r-- | roles/common/tasks/repos.yml | 16 | ||||
-rw-r--r-- | roles/common/tasks/selinux.yml | 10 | ||||
-rw-r--r-- | roles/dnsserver/tasks/common.yml | 7 | ||||
-rw-r--r-- | roles/dnsserver/tasks/config.yml | 10 | ||||
-rw-r--r-- | roles/dnsserver/tasks/dirs.yml | 25 | ||||
-rw-r--r-- | roles/mtaserver/tasks/config.yml | 30 | ||||
-rw-r--r-- | roles/mtaserver/tasks/systemd.yml | 20 | ||||
-rw-r--r-- | roles/torrelay/tasks/config.yml | 16 | ||||
-rw-r--r-- | roles/torrelay/tasks/selinux.yml | 18 |
18 files changed, 148 insertions, 68 deletions
diff --git a/roles/clients/tasks/mnt.yml b/roles/clients/tasks/mnt.yml index 2c1cf88..18ab55b 100644 --- a/roles/clients/tasks/mnt.yml +++ b/roles/clients/tasks/mnt.yml @@ -1,5 +1,7 @@ - name: Ajout des points de montage temporaires - file: name={{ item }} state=directory + file: + path: {{ item }} + state: directory with_items: - /mnt/nfs3/ - /mnt/nfs4/ diff --git a/roles/clients/tasks/sudo.yml b/roles/clients/tasks/sudo.yml index e5efa1b..fd76403 100644 --- a/roles/clients/tasks/sudo.yml +++ b/roles/clients/tasks/sudo.yml @@ -1,4 +1,5 @@ - name: Configuration sudo pour l'utilisateur casper - copy: src=sudo - dest=/etc/sudoers.d/{{ ansible_hostname }} - mode=440 + copy: + src: sudo + dest: /etc/sudoers.d/{{ ansible_hostname }} + mode: 0440 diff --git a/roles/clients/tasks/sysctl.yml b/roles/clients/tasks/sysctl.yml index a92f2b5..b733743 100644 --- a/roles/clients/tasks/sysctl.yml +++ b/roles/clients/tasks/sysctl.yml @@ -1,2 +1,5 @@ - name: Configuration sysctl de la swap - copy: src=swapwait.conf dest=/etc/sysctl.d/swapwait.conf mode=644 + copy: + src: swapwait.conf + dest: /etc/sysctl.d/swapwait.conf + mode: 0644 diff --git a/roles/common/tasks/aide.yml b/roles/common/tasks/aide.yml index f8335dd..a8640fd 100644 --- a/roles/common/tasks/aide.yml +++ b/roles/common/tasks/aide.yml @@ -7,7 +7,10 @@ when: ansible_pkg_mgr == "dnf" - name: Activation Cron du HIDS AIDE - copy: src=aidereport.sh dest=/etc/cron.daily/z-aidereport.sh mode=755 + copy: + src: aidereport.sh + dest: /etc/cron.daily/z-aidereport.sh + mode: 0755 when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 28 and ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" notify: initialize aide diff --git a/roles/common/tasks/binutils.yml b/roles/common/tasks/binutils.yml index 74371da..d2e6290 100644 --- a/roles/common/tasks/binutils.yml +++ b/roles/common/tasks/binutils.yml @@ -1,17 +1,25 @@ - name: Création des répertoires - file: name={{ item }} state=directory + file: + path: {{ item }} + state: directory with_items: - /root/bin/ - /etc/skel/bin/ - name: Installation des scripts pour root - copy: src={{ item.name }} dest=/root/bin/{{ item.dest }} mode=755 + copy: + src: {{ item.name }} + dest: /root/bin/{{ item.dest }} + mode: 0755 with_items: - { name: 'setfunctions.sh', dest: 'setfunctions' } - { name: 'startt.sh', dest: 'startt' } - name: Installation des scripts pour squelette - copy: src={{ item.name }} dest=/etc/skel/bin/{{ item.dest }} mode=755 + copy: + src: {{ item.name }} + dest: /etc/skel/bin/{{ item.dest }} + mode: 0755 with_items: - { name: 'setfunctions.sh', dest: 'setfunctions' } - { name: 'startt.sh', dest: 'startt' } diff --git a/roles/common/tasks/ca.yml b/roles/common/tasks/ca.yml index 6c9b02c..72f1730 100644 --- a/roles/common/tasks/ca.yml +++ b/roles/common/tasks/ca.yml @@ -1,8 +1,14 @@ - name: Installation de mon autorité de certification - copy: src=root.pem dest=/etc/pki/ca-trust/source/anchors/root.pem mode=444 + copy: + src: root.pem + dest: /etc/pki/ca-trust/source/anchors/root.pem + mode: 0444 - name: Installation de l'autorité de certification CACert - copy: src=cacert.pem dest=/etc/pki/ca-trust/source/anchors/cacert.pem mode=444 + copy: + src: cacert.pem + dest: /etc/pki/ca-trust/source/anchors/cacert.pem + mode: 0444 - name: Mise à jour de la base de confiance CA command: /usr/bin/update-ca-trust diff --git a/roles/common/tasks/cron.yml b/roles/common/tasks/cron.yml index c05e877..7646287 100644 --- a/roles/common/tasks/cron.yml +++ b/roles/common/tasks/cron.yml @@ -27,5 +27,8 @@ when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" - name: Rapport d'uptime des machines physiques - copy: src=uptimereport.sh dest=/etc/cron.weekly/a-uptimereport.sh mode=755 + copy: + src: uptimereport.sh + dest: /etc/cron.weekly/a-uptimereport.sh + mode: 0755 when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" diff --git a/roles/common/tasks/mnt.yml b/roles/common/tasks/mnt.yml index 443bec4..babf574 100644 --- a/roles/common/tasks/mnt.yml +++ b/roles/common/tasks/mnt.yml @@ -1,5 +1,7 @@ - name: Ajout des points de montage temporaires - file: name={{ item }} state=directory + file: + path: {{ item }} + state: directory with_items: - /mnt/nfs1/ - /mnt/nfs2/ diff --git a/roles/common/tasks/rc.yml b/roles/common/tasks/rc.yml index 424801b..db88245 100644 --- a/roles/common/tasks/rc.yml +++ b/roles/common/tasks/rc.yml @@ -1,5 +1,8 @@ - name: Installation des fichiers rc root - copy: src={{ item.name }} dest=/root/{{ item.dest }} mode=644 + copy: + src: {{ item.name }} + dest: /root/{{ item.dest }} + mode: 0644 with_items: - { name: 'bashrc', dest: '.bashrc' } - { name: 'emacs.rc', dest: '.emacs' } @@ -7,7 +10,10 @@ - { name: 'tmux.conf', dest: '.tmux.conf' } - name: Installation des fichiers rc squelette - copy: src={{ item.name }} dest=/etc/skel/{{ item.dest }} mode=644 + copy: + src: {{ item.name }} + dest: /etc/skel/{{ item.dest }} + mode: 0644 with_items: - { name: 'bashrc', dest: '.bashrc' } - { name: 'emacs.rc', dest: '.emacs' } diff --git a/roles/common/tasks/repos.yml b/roles/common/tasks/repos.yml index 52abc62..fd0e113 100644 --- a/roles/common/tasks/repos.yml +++ b/roles/common/tasks/repos.yml @@ -1,5 +1,7 @@ - name: Installation du dépôt updates Fantom - copy: src=updates-fantom.repo dest=/etc/yum.repos.d/updates-fantom.repo + copy: + src: updates-fantom.repo + dest: /etc/yum.repos.d/updates-fantom.repo when: ansible_distribution_version|int >= 20 and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" @@ -37,13 +39,17 @@ - name: Installation du dépôt updates Hidden - copy: src=updates-fantom-hidden.repo dest=/etc/yum.repos.d/updates-fantom-hidden.repo + copy: + src: updates-fantom-hidden.repo + dest: /etc/yum.repos.d/updates-fantom-hidden.repo when: ansible_distribution_version|int >= 20 and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" - name: Installation du dépôt Fedora Fantom - copy: src=fedora-fantom.repo dest=/etc/yum.repos.d/fedora-fantom.repo + copy: + src: fedora-fantom.repo + dest: /etc/yum.repos.d/fedora-fantom.repo when: ansible_distribution_version|int >= 24 and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" @@ -81,7 +87,9 @@ - name: Installation du dépôt Fedora fantom Hidden - copy: src=fedora-fantom-hidden.repo dest=/etc/yum.repos.d/fedora-fantom-hidden.repo + copy: + src: fedora-fantom-hidden.repo + dest: /etc/yum.repos.d/fedora-fantom-hidden.repo when: ansible_distribution_version|int >= 24 and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" diff --git a/roles/common/tasks/selinux.yml b/roles/common/tasks/selinux.yml index ccd7140..92268e7 100644 --- a/roles/common/tasks/selinux.yml +++ b/roles/common/tasks/selinux.yml @@ -1,7 +1,13 @@ - name: Rapport SELinux - copy: src=eaureport.sh dest=/etc/cron.daily/eaureport.sh mode=755 + copy: + src: eaureport.sh + dest: /etc/cron.daily/eaureport.sh + mode: 0755 when: ansible_selinux.status != "disabled" - name: Relabel système de fichier - copy: src=selinuxresto.sh dest=/etc/cron.monthly/selinuxresto.sh mode=755 + copy: + src: selinuxresto.sh + dest: /etc/cron.monthly/selinuxresto.sh + mode: 0755 when: ansible_selinux.status != "disabled" diff --git a/roles/dnsserver/tasks/common.yml b/roles/dnsserver/tasks/common.yml index 667eea4..6cee24a 100644 --- a/roles/dnsserver/tasks/common.yml +++ b/roles/dnsserver/tasks/common.yml @@ -6,7 +6,8 @@ - name: Configuration de sudo - copy: src=sudo - dest=/etc/sudoers.d/{{ ansible_hostname }} - mode=440 + copy: + src: sudo + dest: /etc/sudoers.d/{{ ansible_hostname }} + mode: 0440 diff --git a/roles/dnsserver/tasks/config.yml b/roles/dnsserver/tasks/config.yml index 03e03c2..02d90d0 100644 --- a/roles/dnsserver/tasks/config.yml +++ b/roles/dnsserver/tasks/config.yml @@ -6,10 +6,12 @@ notify: restart named - name: Installation des fichiers de zone - copy: src={{ item }}.zone dest=/var/named/ - owner=root - group=named - mode=640 + copy: + src: {{ item }}.zone + dest: /var/named/ + owner: root + group: named + mode: 0640 when: is_dnsmaster is defined notify: reload named with_items: "{{ zonelist }}" diff --git a/roles/dnsserver/tasks/dirs.yml b/roles/dnsserver/tasks/dirs.yml index 87f4ebe..87e256d 100644 --- a/roles/dnsserver/tasks/dirs.yml +++ b/roles/dnsserver/tasks/dirs.yml @@ -1,18 +1,25 @@ - name: Création du répertoire de log dans /var/log/ - file: path=/var/log/named/ state=directory - owner=root - group=named - mode=770 + file: + path: /var/log/named/ + state: directory + owner: root + group: named + mode: 0770 - name: Création du répertoire de log dans /var/named/chroot/ - file: path=/var/named/chroot/var/log/named/ state=directory - owner=named - group=named - mode=770 + file: + path: /var/named/chroot/var/log/named/ + state: directory + owner: named + group: named + mode: 0770 when: ansible_distribution == "CentOS" - name: Modification des permissions de /var/named/ - file: path=/var/named/ state=directory mode=770 + file: + path: /var/named/ + state: directory + mode: 0770 - name: Configuration booleen SELinux de /var/named/ seboolean: name=named_write_master_zones state=yes persistent=yes diff --git a/roles/mtaserver/tasks/config.yml b/roles/mtaserver/tasks/config.yml index aaa6375..af8ae87 100644 --- a/roles/mtaserver/tasks/config.yml +++ b/roles/mtaserver/tasks/config.yml @@ -6,10 +6,12 @@ notify: restart postfix - name: Configuration du master - copy: src=master.cf dest=/etc/postfix/master.cf - owner=root - group=root - mode=644 + copy: + src: master.cf + dest: /etc/postfix/master.cf + owner: root + group: root + mode: 0644 when: is_mtamaster is defined notify: restart postfix @@ -25,18 +27,22 @@ - { name: 'relay_recipients.j2', filename: 'relay_recipients' } - name: Installation des tables statiques - copy: src=virtual dest=/etc/postfix/virtual - owner=root - group=root - mode=644 + copy: + src: virtual + dest: /etc/postfix/virtual + owner: root + group: root + mode: 0644 when: is_mtamaster is defined notify: virtualmap - name: Installation de la table credentials - copy: src=credentials dest=/etc/postfix/credentials - owner=root - group=root - mode=400 + copy: + src: credentials + dest: /etc/postfix/credentials + owner: root + group: root + mode: 0400 notify: credentialmap - name: Configuration alias root diff --git a/roles/mtaserver/tasks/systemd.yml b/roles/mtaserver/tasks/systemd.yml index 890bee9..42f7fe9 100644 --- a/roles/mtaserver/tasks/systemd.yml +++ b/roles/mtaserver/tasks/systemd.yml @@ -1,12 +1,16 @@ - name: Installation des envois email systemd - copy: src=systemd-email.sh dest=/usr/local/bin/systemd-email - owner=root - group=root - mode=755 + copy: + src: systemd-email.sh + dest: /usr/local/bin/systemd-email + owner: root + group: root + mode: 0755 - name: Installation service envois email systemd - copy: src=status-email-root@.service dest=/etc/systemd/system/status-email-root@.service - owner=root - group=root - mode=644 + copy: + src: status-email-root@.service + dest: /etc/systemd/system/status-email-root@.service + owner: root + group: root + mode: 0644 notify: reload systemd diff --git a/roles/torrelay/tasks/config.yml b/roles/torrelay/tasks/config.yml index 3936e11..e8f755c 100644 --- a/roles/torrelay/tasks/config.yml +++ b/roles/torrelay/tasks/config.yml @@ -1,14 +1,20 @@ - name: Configuration de proxychains - copy: src=proxychains.conf dest=/etc/proxychains.conf - mode=644 + copy: + src: proxychains.conf + dest: /etc/proxychains.conf + mode: 0644 when: ansible_distribution == "Fedora" - name: Création des répertoires de base - file: path=/usr/local/share/tor state=directory + file: + path: /usr/local/share/tor + state: directory - name: Installation de la page html - copy: src=index-fedora.html dest=/usr/local/share/tor/tor-exit-notice.html - mode=644 + copy: + src: index-fedora.html + dest: /usr/local/share/tor/tor-exit-notice.html + mode: 0644 - name: Configuration du service template: src=keys.j2 dest=/etc/tor/torrc diff --git a/roles/torrelay/tasks/selinux.yml b/roles/torrelay/tasks/selinux.yml index 39b98c9..c3ba4c2 100644 --- a/roles/torrelay/tasks/selinux.yml +++ b/roles/torrelay/tasks/selinux.yml @@ -1,16 +1,22 @@ - name: Déploiement du module SELinux pour hidden_services - copy: src=tor-selinux-f22-policy-module.pp dest=/root/tor-selinux-f22-policy-module.pp - mode=644 + copy: + src: tor-selinux-f22-policy-module.pp + dest: /root/tor-selinux-f22-policy-module.pp + mode: 0644 when: ansible_distribution == "Fedora" - name: Déploiement du module SELinux pour AVC dac error - copy: src=tor-dac-capabilities.pp dest=/root/tor-dac-capabilities.pp - mode=644 + copy: + src: tor-dac-capabilities.pp + dest: /root/tor-dac-capabilities.pp + mode: 0644 when: ansible_distribution == "Fedora" - name: Déploiement du module SELinux pour hidden_services - copy: src=tor-selinux-centos6.6-policy-module.pp dest=/root/tor-selinux-centos6.6-policy-module.pp - mode=644 + copy: + src: tor-selinux-centos6.6-policy-module.pp + dest: /root/tor-selinux-centos6.6-policy-module.pp + mode: 0644 when: ansible_distribution == "CentOS" - name: Configuration du booleen SELinux |