diff options
| author | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-11-25 19:32:04 +0100 |
|---|---|---|
| committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2018-11-25 19:32:04 +0100 |
| commit | 81242a6b5f17997bfe071e08cf8a3bb625de4298 (patch) | |
| tree | 132128ea197a8f533c863f90306f45cfd7d2a615 /roles | |
| parent | 0188f70696bd24ea544dc439b7cc58c06d5e6ecb (diff) | |
| download | playbooks-ansible-81242a6b5f17997bfe071e08cf8a3bb625de4298.tar.gz playbooks-ansible-81242a6b5f17997bfe071e08cf8a3bb625de4298.tar.xz playbooks-ansible-81242a6b5f17997bfe071e08cf8a3bb625de4298.zip | |
Update lineinfile and firewalld module syntax
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/bittorrent/tasks/fw.yml | 5 | ||||
| -rw-r--r-- | roles/clients/tasks/fw.yml | 15 | ||||
| -rw-r--r-- | roles/common/tasks/setvars.yml | 7 | ||||
| -rw-r--r-- | roles/common/tasks/ssh.yml | 17 | ||||
| -rw-r--r-- | roles/dnsserver/tasks/fw.yml | 5 | ||||
| -rw-r--r-- | roles/mtaserver/tasks/fw.yml | 10 | ||||
| -rw-r--r-- | roles/ntpserver/tasks/fw.yml | 5 | ||||
| -rw-r--r-- | roles/torrelay/tasks/fw.yml | 10 |
8 files changed, 57 insertions, 17 deletions
diff --git a/roles/bittorrent/tasks/fw.yml b/roles/bittorrent/tasks/fw.yml index f98f47e..973b2e1 100644 --- a/roles/bittorrent/tasks/fw.yml +++ b/roles/bittorrent/tasks/fw.yml @@ -1,5 +1,8 @@ - name: Ouverture des ports Firewalld - firewalld: port=51413/tcp permanent={{ item }} state=enabled + firewalld: + port: "51413/tcp" + permanent: "{{ item }}" + state: enabled with_items: - true - false diff --git a/roles/clients/tasks/fw.yml b/roles/clients/tasks/fw.yml index f6f75a9..67a3276 100644 --- a/roles/clients/tasks/fw.yml +++ b/roles/clients/tasks/fw.yml @@ -1,16 +1,25 @@ - name: Fermeture des ports de services - firewalld: service={{ item[0] }} permanent={{ item[1] }} state=disabled + firewalld: + service: "{{ item[0] }}" + permanent: "{{ item[1] }}" + state: disabled with_nested: - [ 'dhcpv6-client', 'mdns', 'samba-client' ] - [ 'true', 'false' ] when: ansible_distribution == "Fedora" - name: Fermeture du port SSH après reboot - firewalld: service=ssh permanent=true state=disabled + firewalld: + service: ssh + permanent: true + state: disabled when: ansible_distribution == "Fedora" - name: Fermeture des plages de port - firewalld: port={{ item[0] }} permanent={{ item[1] }} state=disabled + firewalld: + port: "{{ item[0] }}" + permanent: "{{ item[1] }}" + state: disabled with_nested: - [ '1025-65535/tcp', '1025-65535/udp' ] - [ 'true', 'false' ] diff --git a/roles/common/tasks/setvars.yml b/roles/common/tasks/setvars.yml index 5ace00c..0553298 100644 --- a/roles/common/tasks/setvars.yml +++ b/roles/common/tasks/setvars.yml @@ -1,3 +1,6 @@ - name: Configuration de la variable EDITOR - lineinfile: dest=/root/bin/setvars create=yes state=present - line="export EDITOR=emacs" + lineinfile: + dest: /root/bin/setvars + create: yes + state: present + line: "export EDITOR=emacs" diff --git a/roles/common/tasks/ssh.yml b/roles/common/tasks/ssh.yml index 2347285..d5ba7f8 100644 --- a/roles/common/tasks/ssh.yml +++ b/roles/common/tasks/ssh.yml @@ -1,10 +1,17 @@ - name: Accès uniquement par clé ssh - lineinfile: dest=/etc/ssh/sshd_config state=present backrefs=yes regexp="^PasswordAuthentication yes" - line="PasswordAuthentication no" + lineinfile: + dest: /etc/ssh/sshd_config + state: present + backrefs: yes + regexp: "^PasswordAuthentication yes" + line: "PasswordAuthentication no" notify: restart sshd - name: Décommenter option par défaut - lineinfile: dest=/etc/ssh/sshd_config state=present backrefs=yes - regexp="^#PermitRootLogin yes" - line="PermitRootLogin yes" + lineinfile: + dest: /etc/ssh/sshd_config + state: present + backrefs: yes + regexp: "^#PermitRootLogin yes" + line: "PermitRootLogin yes" notify: restart sshd diff --git a/roles/dnsserver/tasks/fw.yml b/roles/dnsserver/tasks/fw.yml index 1f1ed0c..910a1ef 100644 --- a/roles/dnsserver/tasks/fw.yml +++ b/roles/dnsserver/tasks/fw.yml @@ -1,5 +1,8 @@ - name: Ouverture des ports Firewalld - firewalld: service=dns permanent={{ item }} state=enabled + firewalld: + service: dns + permanent: "{{ item }}" + state: enabled with_items: - true - false diff --git a/roles/mtaserver/tasks/fw.yml b/roles/mtaserver/tasks/fw.yml index 4d88579..c6e2d17 100644 --- a/roles/mtaserver/tasks/fw.yml +++ b/roles/mtaserver/tasks/fw.yml @@ -1,12 +1,18 @@ - name: Ouverture du port SMTP - firewalld: service=smtp permanent={{ item }} state=enabled + firewalld: + service: smtp + permanent: "{{ item }}" + state: enabled with_items: - true - false when: is_mtamaster is defined - name: Ouverture du port Submission - firewalld: service=smtp-submission permanent={{ item }} state=enabled + firewalld: + service: "smtp-submission" + permanent: "{{ item }}" + state: enabled with_items: - true - false diff --git a/roles/ntpserver/tasks/fw.yml b/roles/ntpserver/tasks/fw.yml index d25ee39..965c94b 100644 --- a/roles/ntpserver/tasks/fw.yml +++ b/roles/ntpserver/tasks/fw.yml @@ -1,5 +1,8 @@ - name: Ouverture des ports Firewalld - firewalld: service=ntp permanent={{ item }} state=enabled + firewalld: + service: ntp + permanent: "{{ item }}" + state: enabled with_items: - true - false diff --git a/roles/torrelay/tasks/fw.yml b/roles/torrelay/tasks/fw.yml index 77a1166..590f0bd 100644 --- a/roles/torrelay/tasks/fw.yml +++ b/roles/torrelay/tasks/fw.yml @@ -1,12 +1,18 @@ - name: Ouverture des ports Firewalld standards - firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled + firewalld: + port: "{{ item[0] }}" + permanent: "{{ item[1] }}" + state: enabled with_nested: - [ '9001/tcp', '9030/tcp' ] - [ 'true', 'false' ] when: is_public is defined - name: Ouverture des ports Firewalld spéciaux - firewalld: service={{ item[0] }} permanent={{ item[1] }} state=enabled + firewalld: + service: "{{ item[0] }}" + permanent: "{{ item[1] }}" + state: enabled with_nested: - [ 'pop3', 'pop3s' ] - [ 'true', 'false' ] |