summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--playbooks/travel.yml21
-rw-r--r--playbooks/untravel.yml21
-rw-r--r--playbooks/update.yml7
-rw-r--r--roles/common/files/reboot-auto.crontab2
-rw-r--r--roles/common/tasks/aide.yml4
-rw-r--r--roles/common/tasks/cron.yml7
-rw-r--r--roles/common/tasks/logo.yml4
-rw-r--r--roles/dnsserver/tasks/pkgs.yml4
-rw-r--r--roles/torrelay/tasks/#main.yml#79
-rw-r--r--roles/torrelay/tasks/main.yml8
10 files changed, 17 insertions, 140 deletions
diff --git a/playbooks/travel.yml b/playbooks/travel.yml
deleted file mode 100644
index 3ef9e7e..0000000
--- a/playbooks/travel.yml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-- hosts: blackbird
- remote_user: root
- tasks:
- - name: Désactive le miroir du réseau local
- ini_file: dest=/etc/yum.repos.d/updates-fantom.repo
- section=updates-fantom
- option=enabled
- value=0
-
- - name: Active le dépôt Updates
- ini_file: dest=/etc/yum.repos.d/fedora-updates.repo
- section=updates
- option=enabled
- value=1
-
- - name: Active Delta RPM
- ini_file: dest=/etc/yum.conf
- section=main
- option=deltarpm
- value=1
diff --git a/playbooks/untravel.yml b/playbooks/untravel.yml
deleted file mode 100644
index 1a04a0e..0000000
--- a/playbooks/untravel.yml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-- hosts: blackbird
- remote_user: root
- tasks:
- - name: Désactive le dépôt Updates
- ini_file: dest=/etc/yum.repos.d/fedora-updates.repo
- section=updates
- option=enabled
- value=0
-
- - name: Active le miroir du réseau local
- ini_file: dest=/etc/yum.repos.d/updates-fantom.repo
- section=updates-fantom
- option=enabled
- value=1
-
- - name: Désactive Delta RPM
- ini_file: dest=/etc/yum.conf
- section=main
- option=deltarpm
- value=0
diff --git a/playbooks/update.yml b/playbooks/update.yml
index 58cd0be..844bb2d 100644
--- a/playbooks/update.yml
+++ b/playbooks/update.yml
@@ -13,10 +13,3 @@
register: update2
when: ansible_pkg_mgr == "dnf"
-- hosts:
- - reboot
- remote_user: root
- tasks:
- - name: Reboot automatique
- command: reboot
- when: update1.changed == true or update2.changed == true
diff --git a/roles/common/files/reboot-auto.crontab b/roles/common/files/reboot-auto.crontab
new file mode 100644
index 0000000..c7b6983
--- /dev/null
+++ b/roles/common/files/reboot-auto.crontab
@@ -0,0 +1,2 @@
+# Reboot du Dimanche
+40 4 * * 7 root systemctl reboot
diff --git a/roles/common/tasks/aide.yml b/roles/common/tasks/aide.yml
index 919a3a7..f14da74 100644
--- a/roles/common/tasks/aide.yml
+++ b/roles/common/tasks/aide.yml
@@ -1,10 +1,10 @@
- name: Installation du HIDS AIDE
yum: name=aide state=present
- when: ansible_distribution == "CentOS"
+ when: ansible_pkg_mgr == "yum"
- name: Installation du HIDS AIDE
dnf: name=aide state=present
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
+ when: ansible_pkg_mgr == "dnf"
- name: Activation Cron du HIDS AIDE
copy: src=aidereport.sh dest=/etc/cron.daily/z-aidereport.sh mode=755
diff --git a/roles/common/tasks/cron.yml b/roles/common/tasks/cron.yml
index 5abc63f..05013bf 100644
--- a/roles/common/tasks/cron.yml
+++ b/roles/common/tasks/cron.yml
@@ -1,10 +1,10 @@
- name: Installation démon Cron
yum: name=crontabs state=present
- when: ansible_distribution == "CentOS"
+ when: ansible_pkg_mgr == "yum"
- name: Installation démon Cron
dnf: name=crontabs state=present
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
+ when: ansible_pkg_mgr == "dnf"
- name: Rapport disques durs
template: src=diskreport.sh.j2 dest=/etc/cron.daily/diskreport.sh mode=755
@@ -21,3 +21,6 @@
- name: Rapport d'uptime des machines physiques
copy: src=uptimereport.sh dest=/etc/cron.weekly/a-uptimereport.sh mode=755
when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
+
+- name: Reboot automatique
+ copy: src=reboot-auto.crontab dest=/etc/cron.d/reboot-auto mode=644
diff --git a/roles/common/tasks/logo.yml b/roles/common/tasks/logo.yml
index 5d08b63..2802bc4 100644
--- a/roles/common/tasks/logo.yml
+++ b/roles/common/tasks/logo.yml
@@ -11,11 +11,11 @@
section=main
option=exclude
value=linux_logo
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21
+ when: ansible_pkg_mgr == "yum"
- name: Ajout linux_logo en Exclude (dnf)
ini_file: dest=/etc/dnf/dnf.conf
section=main
option=exclude
value=linux_logo
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
+ when: ansible_pkg_mgr == "dnf"
diff --git a/roles/dnsserver/tasks/pkgs.yml b/roles/dnsserver/tasks/pkgs.yml
index e112954..256b8d7 100644
--- a/roles/dnsserver/tasks/pkgs.yml
+++ b/roles/dnsserver/tasks/pkgs.yml
@@ -1,7 +1,7 @@
- name: Installation de bind
yum: name=bind state=present
- when: ansible_distribution == "CentOS"
+ when: ansible_pkg_mgr == "yum"
- name: Installation de bind
dnf: name=bind state=present
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
+ when: ansible_pkg_mgr == "dnf"
diff --git a/roles/torrelay/tasks/#main.yml# b/roles/torrelay/tasks/#main.yml#
deleted file mode 100644
index 4865bea..0000000
--- a/roles/torrelay/tasks/#main.yml#
+++ /dev/null
@@ -1,79 +0,0 @@
-## paquet pourri
-##- name: Installation du paquet centos6 Tor depuis torproject.org
-## yum: name=https://deb.torproject.org/torproject.org/rpm/el/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}/tor-{{ versionupstream }}-tor.1.rh6_7.{{ ansible_architecture }}.rpm state=present
-## when: ansible_distribution == "CentOS" and ansible_distribution_major_version|int == 6
-
-- name: Installation du paquet centos Tor depuis torproject.org
- yum: name=https://deb.torproject.org/torproject.org/rpm/el/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}/tor-{{ versionupstream }}-tor.1.rh7_1_1503.{{ ansible_architecture }}.rpm state=present
- when: ansible_distribution == "CentOS" and ansible_distribution_major_version|int == 7
-
-- name: Installation du paquet Tor depuis le dépôt
- yum: name=tor state=present
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21
-
-- name: Installation du paquet Tor depuis le dépôt
- dnf: name=tor state=present
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
-
-- name: Installation de paquets optionnels depuis le dépôt
- yum: name={{ item }} state=present
- with_items:
- - tor-arm
- - proxychains
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21
-
-- name: Installation de paquets optionnels depuis le dépôt
- dnf: name={{ item }} state=present
- with_items:
- - tor-arm
- - proxychains
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
-
-- name: Configuration de proxychains
- copy: src=proxychains.conf dest=/etc/proxychains.conf
- mode=644
- when: ansible_distribution == "Fedora"
-
-- name: Création des répertoires de base
- file: path=/usr/local/share/tor state=directory
-
-- name: Installation de la page d'accueil html
- copy: src=tor-exit-notice.html dest=/usr/local/share/tor/tor-exit-notice.html
- mode=644
-
-- name: Configuration du service
- template: src=keys.j2 dest=/etc/tor/torrc
- owner=root
- group=root
- mode=644
-
-- name: Ouverture des ports Firewalld standards
- firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled
- with_nested:
- - [ '9001/tcp', '9030/tcp' ]
- - [ 'true', 'false' ]
- when: ansible_distribution == "Fedora" and is_public is defined
-
-- name: Ouverture des ports Firewalld spéciaux
- firewalld: service={{ item[0] }} permanent={{ item[1] }} state=enabled
- with_nested:
- - [ 'http', 'https' ]
- - [ 'true', 'false' ]
- when: ansible_distribution == "Fedora" and is_gardian is defined
-
-- name: Déploiement du module SELinux pour hidden_services
- copy: src=tor-selinux-f22-policy-module.pp dest=/root/tor-selinux-f22-policy-module.pp
- mode=644
- when: ansible_distribution == "Fedora"
-
-- name: Déploiement du module SELinux pour hidden_services
- copy: src=tor-selinux-centos6.6-policy-module.pp dest=/root/tor-selinux-centos6.6-policy-module.pp
- mode=644
- when: ansible_distribution == "CentOS"
-
-- name: Configuration du booleen SELinux
- seboolean: name=tor_can_network_relay state=yes persistent=yes
- when: ansible_selinux.status != "disabled" and is_gardian is defined
-
-- name: Activation et démarrage du relai Tor
- service: name=tor state=started enabled=yes
diff --git a/roles/torrelay/tasks/main.yml b/roles/torrelay/tasks/main.yml
index a5d8072..49ff4be 100644
--- a/roles/torrelay/tasks/main.yml
+++ b/roles/torrelay/tasks/main.yml
@@ -8,25 +8,25 @@
- name: Installation du paquet Tor depuis le dépôt
yum: name=tor state=present
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21
+ when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "yum"
- name: Installation du paquet Tor depuis le dépôt
dnf: name=tor state=present
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
+ when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "dnf"
- name: Installation de paquets optionnels depuis le dépôt
yum: name={{ item }} state=present
with_items:
- tor-arm
- proxychains
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21
+ when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "yum"
- name: Installation de paquets optionnels depuis le dépôt
dnf: name={{ item }} state=present
with_items:
- tor-arm
- proxychains
- when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22
+ when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "dnf"
- name: Configuration de proxychains
copy: src=proxychains.conf dest=/etc/proxychains.conf
generated by cgit (git 2.34.1) at 2024-06-17 22:27:50 +0000