diff options
| author | Matthieu Saulnier <fantom@fedoraproject.org> | 2019-08-31 21:45:59 +0200 |
|---|---|---|
| committer | Matthieu Saulnier <fantom@fedoraproject.org> | 2019-08-31 21:45:59 +0200 |
| commit | e2ea8b0441a6d8578e5d0875ccd8aae90b8a884e (patch) | |
| tree | ab4866e6c9b320d7b7d68e73350faf3847624c91 /roles | |
| parent | 14eec54199f7f10ba5b29a05a6345e9799584d46 (diff) | |
| download | playbooks-ansible-e2ea8b0441a6d8578e5d0875ccd8aae90b8a884e.tar.gz playbooks-ansible-e2ea8b0441a6d8578e5d0875ccd8aae90b8a884e.tar.xz playbooks-ansible-e2ea8b0441a6d8578e5d0875ccd8aae90b8a884e.zip | |
Add new tags : firstinstall and keys
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/common/tasks/ca.yml | 4 | ||||
| -rw-r--r-- | roles/common/tasks/repos.yml | 24 | ||||
| -rw-r--r-- | roles/proxy/tasks/config.yml | 9 |
3 files changed, 29 insertions, 8 deletions
diff --git a/roles/common/tasks/ca.yml b/roles/common/tasks/ca.yml index 74bde08..43bd853 100644 --- a/roles/common/tasks/ca.yml +++ b/roles/common/tasks/ca.yml @@ -4,6 +4,7 @@ dest: /etc/pki/ca-trust/source/anchors/root.pem mode: 0444 register: cafile + tags: firstinstall - name: Désinstallation de l'autorité de certification CACert file: @@ -13,15 +14,18 @@ - name: Mise à jour de la base de confiance CA command: /usr/bin/update-ca-trust when: cafile is changed + tags: firstinstall - name: Installation CA personnel pour applis serveur copy: src: root.pem dest: /etc/pki/tls/certs/mon-ca.crt mode: 0444 + tags: keys - name: Installation et renouvellement de la CRL copy: src: crt-crl.pem dest: /etc/pki/tls/certs/crt-crl.pem mode: 0444 + tags: keys diff --git a/roles/common/tasks/repos.yml b/roles/common/tasks/repos.yml index dd2fae9..1da874e 100644 --- a/roles/common/tasks/repos.yml +++ b/roles/common/tasks/repos.yml @@ -7,7 +7,8 @@ mode: 0644 when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" - tags: localmirror + tags: [ localmirror, firstinstall ] + - name: Installation du dépôt updates Hidden template: @@ -18,7 +19,8 @@ mode: 0644 when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" - tags: localmirror + tags: [ localmirror, firstinstall ] + - name: Désactivation du dépôt Updates ini_file: @@ -29,7 +31,8 @@ when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" and mirrorenable == "1" or mirrorhiddenenable == "1" - tags: localmirror + tags: [ localmirror, firstinstall ] + - name: Activation du dépôt Updates ini_file: @@ -40,7 +43,8 @@ when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" and mirrorenable == "0" and mirrorhiddenenable == "0" - tags: localmirror + tags: [ localmirror, firstinstall ] + @@ -53,7 +57,8 @@ mode: 0644 when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" - tags: localmirror + tags: [ localmirror, firstinstall ] + - name: Installation du dépôt Fedora fantom Hidden template: @@ -64,7 +69,8 @@ mode: 0644 when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" - tags: localmirror + tags: [ localmirror, firstinstall ] + - name: Désactivation du dépôt Fedora ini_file: @@ -75,7 +81,8 @@ when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" and mirrorenable == "1" or mirrorhiddenenable == "1" - tags: localmirror + tags: [ localmirror, firstinstall ] + - name: Activation du dépôt Fedora ini_file: @@ -86,7 +93,8 @@ when: ansible_distribution_version|int >= mirrorlimitdown and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" and mirrorenable == "0" and mirrorhiddenenable == "0" - tags: localmirror + tags: [ localmirror, firstinstall ] + diff --git a/roles/proxy/tasks/config.yml b/roles/proxy/tasks/config.yml index 596bc0b..176fa03 100644 --- a/roles/proxy/tasks/config.yml +++ b/roles/proxy/tasks/config.yml @@ -33,6 +33,7 @@ group: root mode: 0644 register: crtupdate + tags: keys - name: Installation du fichier dhparam copy: @@ -42,6 +43,7 @@ group: root mode: 0644 register: dhupdate + tags: keys - name: Installation des fichiers clé copy: @@ -51,6 +53,7 @@ group: root mode: 0440 register: keyupdate + tags: keys # Assurer la compabilité avec les anciens services - name: Suppression ancien certificat @@ -58,36 +61,42 @@ path: /etc/pki/tls/certs/casperlefantom.1.crt state: absent when: crtupdate is changed + tags: keys - name: Lien avec les anciens noms de certificat file: src: "/etc/pki/tls/certs/{{ maindomain }}.{{ crtversion }}.crt" dest: /etc/pki/tls/certs/casperlefantom.1.crt state: link + tags: keys - name: Suppression ancien dhparam file: path: /etc/pki/tls/certs/dhparam-4096.pem state: absent when: dhupdate is changed + tags: keys - name: Lien avec les anciens noms de dhparam file: src: "/etc/pki/tls/certs/dhparam-4096.{{ crtversion }}.pem" dest: /etc/pki/tls/certs/dhparam-4096.pem state: link + tags: keys - name: Suppression ancienne clé file: path: /etc/pki/tls/private/casperlefantom.1.key state: absent when: keyupdate is changed + tags: keys - name: Lien avec les anciens noms de clé file: src: "/etc/pki/tls/private/{{ maindomain }}.{{ crtversion }}.key" dest: /etc/pki/tls/private/casperlefantom.1.key state: link + tags: keys - name: Installation du htpasswd pour bittorrent copy: |