diff options
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/clients/tasks/kde.yml | 2 | ||||
| -rw-r--r-- | roles/clients/tasks/pkgs.yml | 4 | ||||
| -rw-r--r-- | roles/clients/tasks/repos.yml | 4 | ||||
| -rw-r--r-- | roles/common/files/bashrc | 4 | ||||
| -rw-r--r-- | roles/common/files/zshrc | 4 | ||||
| -rw-r--r-- | roles/common/tasks/aide.yml | 5 | ||||
| -rw-r--r-- | roles/common/tasks/cron.yml | 12 | ||||
| -rw-r--r-- | roles/common/tasks/logo.yml | 15 | ||||
| -rw-r--r-- | roles/common/tasks/main.yml | 6 | ||||
| -rw-r--r-- | roles/common/tasks/pkgs.yml | 40 | ||||
| -rw-r--r-- | roles/common/tasks/repos.yml | 4 | ||||
| -rw-r--r-- | roles/common/tasks/rkhunter.yml | 2 | ||||
| -rw-r--r-- | roles/common/tasks/services.yml | 2 | ||||
| -rw-r--r-- | roles/common/vars/main.yml | 4 | ||||
| -rw-r--r-- | roles/dnsserver/files/casperlefantom.net.zone | 28 | ||||
| -rw-r--r-- | roles/dnsserver/tasks/dirs.yml | 6 | ||||
| -rw-r--r-- | roles/dnsserver/tasks/pkgs.yml | 5 | ||||
| -rw-r--r-- | roles/dnsserver/vars/main.yml | 1 | ||||
| -rw-r--r-- | roles/ntpserver/tasks/pkgs.yml | 4 | ||||
| -rw-r--r-- | roles/squid/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/torrelay/tasks/main.yml | 34 | ||||
| -rw-r--r-- | roles/torrelay/templates/torrc.j2 | 39 | ||||
| -rw-r--r-- | roles/torrelay/vars/main.yml | 3 | ||||
| -rw-r--r-- | roles/yum-updatesd/tasks/main.yml | 6 |
24 files changed, 200 insertions, 39 deletions
diff --git a/roles/clients/tasks/kde.yml b/roles/clients/tasks/kde.yml index ec65a9c..0945c26 100644 --- a/roles/clients/tasks/kde.yml +++ b/roles/clients/tasks/kde.yml @@ -1,2 +1,2 @@ - name: Installation du groupe de paquets KDE - yum: name="@KDE Plasma Workspaces" state=present + dnf: name="@KDE Plasma Workspaces" state=present diff --git a/roles/clients/tasks/pkgs.yml b/roles/clients/tasks/pkgs.yml index 222630e..689a8bb 100644 --- a/roles/clients/tasks/pkgs.yml +++ b/roles/clients/tasks/pkgs.yml @@ -1,5 +1,5 @@ - name: Installation des paquets de base - yum: name={{ item }} state=present + dnf: name={{ item }} state=present with_items: - irssi - fetchmail @@ -160,7 +160,7 @@ - kde-l10n-French - name: Installation des paquets codecs - yum: name={{ item }} state=present + dnf: name={{ item }} state=present with_items: - gstreamer-ffmpeg - gstreamer-plugin-crystalhd diff --git a/roles/clients/tasks/repos.yml b/roles/clients/tasks/repos.yml index dd848b6..41e3c6a 100644 --- a/roles/clients/tasks/repos.yml +++ b/roles/clients/tasks/repos.yml @@ -1,11 +1,11 @@ - name: Installation des dépôts RPMFusion - yum: name={{ item }} state=present + dnf: name={{ item }} state=present with_items: - http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_distribution_version }}.noarch.rpm - http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-{{ ansible_distribution_version }}.noarch.rpm - name: Mise à jour des dépôts RPMFusion - yum: name={{ item }} state=latest + dnf: name={{ item }} state=latest with_items: - rpmfusion-free-release - rpmfusion-nonfree-release diff --git a/roles/common/files/bashrc b/roles/common/files/bashrc index 3c39bb4..f506493 100644 --- a/roles/common/files/bashrc +++ b/roles/common/files/bashrc @@ -15,7 +15,7 @@ alias screenoff='xset dpms force off' alias ltx='tmux ls' alias atx='tmux attach -t' alias addkey='gpg --keyserver hkp://keys.fedoraproject.org --recv-key' -alias poezio='tmux -2 new-session -s poezio -n "poezio-debug by tor" "proxychains poezio --debug ~/.local/share/poezio/debug.log"' +alias poezio='tmux -2 new-session -s poezio -n "poezio-debug by tor" "proxychains4 poezio --debug ~/.local/share/poezio/debug.log"' # Source global definitions if [ -f /etc/bashrc ]; then @@ -30,7 +30,7 @@ fi # Print fedora linux logo in interactive shell if [ -n "$PS1" ]; then if which linux_logo >/dev/null 2>&1; then - linux_logo -L 26 -F "Bienvenue sur l'hôte #H\n#V, Compilé #C \n#P #X #T, #R, #U" + linux_logo -L fedora -F "Bienvenue sur l'hôte #H\n#V, Compilé #C \n#P #X #T, #R, #U" fi fi diff --git a/roles/common/files/zshrc b/roles/common/files/zshrc index a1a67af..693d06c 100644 --- a/roles/common/files/zshrc +++ b/roles/common/files/zshrc @@ -24,7 +24,7 @@ alias screenoff='xset dpms force off' alias ltx='tmux ls' alias atx='tmux attach -t' alias addkey='gpg --keyserver hkp://keys.fedoraproject.org --recv-key' -alias poezio='tmux -2 new-session -s poezio -n "poezio-debug by tor" "proxychains poezio --debug ~/.local/share/poezio/debug.log"' +alias poezio='tmux -2 new-session -s poezio -n "poezio-debug by tor" "proxychains4 poezio --debug ~/.local/share/poezio/debug.log"' # Define personal variables if [ -f $HOME/bin/setvars ]; then @@ -34,7 +34,7 @@ fi # Print fedora linux logo in interactive shell if [ -n "$PS1" ]; then if which linux_logo >/dev/null 2>&1; then - linux_logo -L 26 -F "Bienvenue sur l'hôte #H\n#V, Compilé #C \n#P #X #T, #R, #U" + linux_logo -L fedora -F "Bienvenue sur l'hôte #H\n#V, Compilé #C \n#P #X #T, #R, #U" fi fi diff --git a/roles/common/tasks/aide.yml b/roles/common/tasks/aide.yml index 2ed2774..919a3a7 100644 --- a/roles/common/tasks/aide.yml +++ b/roles/common/tasks/aide.yml @@ -1,5 +1,10 @@ - name: Installation du HIDS AIDE yum: name=aide state=present + when: ansible_distribution == "CentOS" + +- name: Installation du HIDS AIDE + dnf: name=aide state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 - name: Activation Cron du HIDS AIDE copy: src=aidereport.sh dest=/etc/cron.daily/z-aidereport.sh mode=755 diff --git a/roles/common/tasks/cron.yml b/roles/common/tasks/cron.yml index 53c0a9b..8dab3e2 100644 --- a/roles/common/tasks/cron.yml +++ b/roles/common/tasks/cron.yml @@ -1,10 +1,18 @@ +- name: Installation démon Cron + yum: name=crontabs state=present + when: ansible_distribution == "CentOS" + +- name: Installation démon Cron + dnf: name=crontabs state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 + - name: Rapport disques durs template: src=diskreport.sh.j2 dest=/etc/cron.daily/diskreport.sh mode=755 when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" - name: Rapport SELinux copy: src=eaureport.sh dest=/etc/cron.daily/eaureport.sh mode=755 - when: ansible_selinux != false + when: ansible_selinux.status != "disabled" - name: Rapport RPM Verify copy: src=rpmreport.sh dest=/etc/cron.daily/rpmreport.sh mode=755 @@ -12,7 +20,7 @@ - name: Relabel système de fichier copy: src=selinuxresto.sh dest=/etc/cron.monthly/selinuxresto.sh mode=755 - when: ansible_selinux != false + when: ansible_selinux.status != "disabled" - name: Tests disques durs template: src=diskcheck.sh.j2 dest=/etc/cron.weekly/diskcheck.sh mode=755 diff --git a/roles/common/tasks/logo.yml b/roles/common/tasks/logo.yml index 2c3c169..5d08b63 100644 --- a/roles/common/tasks/logo.yml +++ b/roles/common/tasks/logo.yml @@ -1,8 +1,21 @@ - name: Installation linux_logo Fedora - yum: name=http://fantom.fedorapeople.org/linux_logo-5.11-6.fc{{ logo_release }}.x86_64.rpm state=present + yum: name=https://fantom.fedorapeople.org/linux_logo-5.11-6.fc{{ ansible_distribution_version }}.x86_64.rpm state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21 + +- name: Installation linux_logo Fedora + dnf: name=https://fantom.fedorapeople.org/linux_logo-5.11-6.fc{{ logo_release }}.x86_64.rpm state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 - name: Ajout linux_logo en Exclude (yum) ini_file: dest=/etc/yum.conf section=main option=exclude value=linux_logo + when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21 + +- name: Ajout linux_logo en Exclude (dnf) + ini_file: dest=/etc/dnf/dnf.conf + section=main + option=exclude + value=linux_logo + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 85fe1c3..bb7ac53 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -22,6 +22,9 @@ - name: Configuration Yum include: yum.yml +- name: Configuration DNF + include: dnf.yml + - name: Installation linux_logo Fedora include: logo.yml when: ansible_distribution_version|int >= logo_release|int and ansible_architecture == "x86_64" @@ -44,3 +47,6 @@ - name: Changement de shell pour root include: zsh.yml + +- name: Activation de SELinux + include: selinux.yml diff --git a/roles/common/tasks/pkgs.yml b/roles/common/tasks/pkgs.yml index 5c47967..e0870fa 100644 --- a/roles/common/tasks/pkgs.yml +++ b/roles/common/tasks/pkgs.yml @@ -21,9 +21,40 @@ - at - zsh - libsemanage-python + - libselinux-python + - policycoreutils-python + - cryptsetup + when: ansible_distribution == "CentOS" + +- name: Installation des paquets + dnf: name={{ item }} state=present + with_items: + - emacs-nox + - iotop + - nmap + - screen + - powertop + - ipset + - patch + - gpm + - elinks + - vim-enhanced + - mutt + - nfs-utils + - tcpdump + - bind-utils + - tar + - at + - zsh + - libsemanage-python + - libselinux-python + - policycoreutils-python + - cryptsetup + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 + - name: Installation des paquets Fedora - yum: name={{ item }} state=present + dnf: name={{ item }} state=present with_items: - tmux - htop @@ -42,11 +73,12 @@ - scapy - testdisk - steghide + - yum-utils - docker - when: ansible_distribution == "Fedora" + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 - name: Installation des paquets disgnostic matériel - yum: name={{ item }} state=present + dnf: name={{ item }} state=present with_items: - memtest86+ - lm_sensors @@ -54,5 +86,5 @@ when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" - name: Installation d'un programme de gravure - yum: name=wodim state=present + dnf: name=wodim state=present when: ansible_devices.sr0 is defined diff --git a/roles/common/tasks/repos.yml b/roles/common/tasks/repos.yml index 4009a08..51e2777 100644 --- a/roles/common/tasks/repos.yml +++ b/roles/common/tasks/repos.yml @@ -24,10 +24,10 @@ when: ansible_distribution_version|int >= 22 and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" -- name: Activation du miroir updates-testing +- name: Désactivation du miroir updates-testing ini_file: dest=/etc/yum.repos.d/updates-testing-fantom.repo section=updates-testing-fantom option=enabled - value=1 + value=0 when: ansible_distribution_version|int >= 22 and ansible_architecture == "x86_64" and ansible_distribution_release != "Rawhide" diff --git a/roles/common/tasks/rkhunter.yml b/roles/common/tasks/rkhunter.yml index 1338f1c..318911d 100644 --- a/roles/common/tasks/rkhunter.yml +++ b/roles/common/tasks/rkhunter.yml @@ -1,5 +1,5 @@ - name: Installation du HIDS rkhunter - yum: name=rkhunter state=present + dnf: name=rkhunter state=present notify: initialize rkhunter - name: Activation de tests rkhunter diff --git a/roles/common/tasks/services.yml b/roles/common/tasks/services.yml index d7e5cb8..12e621b 100644 --- a/roles/common/tasks/services.yml +++ b/roles/common/tasks/services.yml @@ -1,6 +1,6 @@ - name: Activation et démarrage du service Console Mouse Manager service: name=gpm state=started enabled=yes - when: notty is not defined + when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" - name: Activation et démarrage du service lm_sensors service: name=lm_sensors state=started enabled=yes diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml index 57b4a3d..4d64425 100644 --- a/roles/common/vars/main.yml +++ b/roles/common/vars/main.yml @@ -1,3 +1,3 @@ minkernel: 2 -maxkernel: 11 -logo_release: 21 +maxkernel: 10 +logo_release: 22 diff --git a/roles/dnsserver/files/casperlefantom.net.zone b/roles/dnsserver/files/casperlefantom.net.zone index 196ac86..d8585ca 100644 --- a/roles/dnsserver/files/casperlefantom.net.zone +++ b/roles/dnsserver/files/casperlefantom.net.zone @@ -1,6 +1,6 @@ $ttl 86400 casperlefantom.net. IN SOA ns1.casperlefantom.net. hostmaster.casperlefantom.net. ( -2015081500 +2015100605 10800 3600 604800 @@ -9,6 +9,9 @@ casperlefantom.net. IN SOA ns1.casperlefantom.net. hostmaster.casperlefantom.net @ IN NS ns1.casperlefantom.net. @ IN NS ns2.casperlefantom.net. @ IN NS ns3.casperlefantom.net. +@ IN NS ns4.casperlefantom.net. +home IN NS home.casperlefantom.net. +work IN NS work.casperlefantom.net. @ IN MX 10 mail.casperlefantom.net. @@ -18,11 +21,18 @@ casperlefantom.net. IN SOA ns1.casperlefantom.net. hostmaster.casperlefantom.net @ IN AAAA 2a00:c70:1:178:170:111:194:c0de @ IN A 176.31.191.26 @ IN AAAA 2001:41d0:52:100::f2 +@ IN A 195.154.75.244 + www IN A 82.247.103.117 www IN AAAA 2a01:e35:2f76:7750::4 * IN CNAME www +home IN A 192.168.0.25 +home IN AAAA 2a01:e35:2f76:7750::4 + +work IN A 192.168.111.162 + bt1 IN A 82.247.103.117 bt1 IN AAAA 2a01:e35:2f76:7750::4 @@ -59,12 +69,6 @@ search IN AAAA 2a01:e35:2f76:7750::4 ssl IN A 82.247.103.117 ssl IN AAAA 2a01:e35:2f76:7750::4 -blackbird IN AAAA 2a01:e35:2f76:7750::2 -mosquito IN AAAA 2a01:e35:2f76:7750::3 -vm01 IN AAAA 2a01:e35:2f76:7750::10 -vm02 IN AAAA 2a01:e35:2f76:7750::11 -vm03 IN AAAA 2a01:e35:2f76:7750::12 - ns2 IN A 178.170.111.194 ns2 IN AAAA 2a00:c70:1:178:170:111:194:c0de @@ -86,6 +90,9 @@ tor-proxy-readme IN AAAA 2a00:c70:1:178:170:111:194:c0de tor-proxy-readme1 IN A 176.31.191.26 tor-proxy-readme1 IN AAAA 2001:41d0:52:100::f2 +tor-proxy-readme2 IN A 195.154.75.244 + + 69656hpv111194 IN A 178.170.111.194 69656hpv111194 IN AAAA 2a00:c70:1:178:170:111:194:c0de @@ -95,8 +102,15 @@ vps128389 IN AAAA 2001:41d0:52:100::f2 ns3 IN A 176.31.191.26 ns3 IN AAAA 2001:41d0:52:100::f2 +ntp3 IN A 176.31.191.26 +ntp3 IN AAAA 2001:41d0:52:100::f2 + rtig IN A 82.247.103.117 rtig IN AAAA 2a01:e35:2f76:7750::4 printer IN A 82.247.103.117 printer IN AAAA 2a01:e35:2f76:7750::4 + +ns4 IN A 195.154.75.244 + +ntp4 IN A 195.154.75.244 diff --git a/roles/dnsserver/tasks/dirs.yml b/roles/dnsserver/tasks/dirs.yml index f7e1083..87f4ebe 100644 --- a/roles/dnsserver/tasks/dirs.yml +++ b/roles/dnsserver/tasks/dirs.yml @@ -16,8 +16,8 @@ - name: Configuration booleen SELinux de /var/named/ seboolean: name=named_write_master_zones state=yes persistent=yes - when: ansible_selinux != false + when: ansible_selinux.status != "disabled" - name: Restauration des contextes SELinux du répertoire de logs - command: /usr/sbin/restorecon -R /var/log/named/ - when: ansible_selinux != false + command: /sbin/restorecon -R /var/log/named/ + when: ansible_selinux.status != "disabled" diff --git a/roles/dnsserver/tasks/pkgs.yml b/roles/dnsserver/tasks/pkgs.yml index 77daa26..e112954 100644 --- a/roles/dnsserver/tasks/pkgs.yml +++ b/roles/dnsserver/tasks/pkgs.yml @@ -1,2 +1,7 @@ - name: Installation de bind yum: name=bind state=present + when: ansible_distribution == "CentOS" + +- name: Installation de bind + dnf: name=bind state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 diff --git a/roles/dnsserver/vars/main.yml b/roles/dnsserver/vars/main.yml index ee91f5b..cae95da 100644 --- a/roles/dnsserver/vars/main.yml +++ b/roles/dnsserver/vars/main.yml @@ -24,6 +24,7 @@ whitelist: - 2001:41d0:52:100::f2 - 93.26.82.216 - 2a02:8432:d32:e600::/64 + - 195.154.75.244 zonelist: - casperlefantom.net diff --git a/roles/ntpserver/tasks/pkgs.yml b/roles/ntpserver/tasks/pkgs.yml index a07336d..67f3cbf 100644 --- a/roles/ntpserver/tasks/pkgs.yml +++ b/roles/ntpserver/tasks/pkgs.yml @@ -3,5 +3,5 @@ when: ansible_distribution == "CentOS" - name: Installation du paquet Chrony - yum: name=chrony state=present - when: ansible_distribution == "Fedora" + dnf: name=chrony state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 diff --git a/roles/squid/tasks/main.yml b/roles/squid/tasks/main.yml index 45de110..6acf4c3 100644 --- a/roles/squid/tasks/main.yml +++ b/roles/squid/tasks/main.yml @@ -1,5 +1,10 @@ - name: Installation du paquet squid depuis le dépôt yum: name=squid state=present + when: ansible_distribution == "CentOS" + +- name: Installation du paquet squid depuis le dépôt + dnf: name=squid state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 - name: Configuration du service template: src=head.j2 dest=/etc/squid/squid.conf diff --git a/roles/torrelay/tasks/main.yml b/roles/torrelay/tasks/main.yml index cd66d27..fd8cd15 100644 --- a/roles/torrelay/tasks/main.yml +++ b/roles/torrelay/tasks/main.yml @@ -4,14 +4,25 @@ - name: Installation du paquet Tor depuis le dépôt yum: name=tor state=present - when: ansible_distribution == "Fedora" + when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21 + +- name: Installation du paquet Tor depuis le dépôt + dnf: name=tor state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 - name: Installation de paquets optionnels depuis le dépôt yum: name={{ item }} state=present with_items: - tor-arm - proxychains - when: ansible_distribution == "Fedora" + when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21 + +- name: Installation de paquets optionnels depuis le dépôt + dnf: name={{ item }} state=present + with_items: + - tor-arm + - proxychains + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 - name: Configuration de proxychains copy: src=proxychains.conf dest=/etc/proxychains.conf @@ -30,19 +41,34 @@ owner=root group=root mode=644 - notify: restart tor -- name: Ouverture des ports Firewalld +- name: Ouverture des ports Firewalld standards firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled with_nested: - [ '9001/tcp', '9030/tcp' ] - [ 'true', 'false' ] when: ansible_distribution == "Fedora" and is_public is defined +- name: Ouverture des ports Firewalld spéciaux + firewalld: service={{ item[0] }} permanent={{ item[1] }} state=enabled + with_nested: + - [ 'http', 'https' ] + - [ 'true', 'false' ] + when: ansible_distribution == "Fedora" and is_gardian is defined + - name: Déploiement du module SELinux pour hidden_services copy: src=tor-selinux-f22-policy-module.pp dest=/root/tor-selinux-f22-policy-module.pp mode=644 when: ansible_distribution == "Fedora" +- name: Déploiement du module SELinux pour hidden_services + copy: src=tor-selinux-centos6.6-policy-module.pp dest=/root/tor-selinux-centos6.6-policy-module.pp + mode=644 + when: ansible_distribution == "CentOS" + +- name: Configuration du booleen SELinux + seboolean: name=tor_can_network_relay state=yes persistent=yes + when: ansible_selinux.status != "disabled" and is_gardian is defined + - name: Activation et démarrage du relai Tor service: name=tor state=started enabled=yes diff --git a/roles/torrelay/templates/torrc.j2 b/roles/torrelay/templates/torrc.j2 index 21f7e92..b2dff22 100644 --- a/roles/torrelay/templates/torrc.j2 +++ b/roles/torrelay/templates/torrc.j2 @@ -11,42 +11,81 @@ DataDirectory /var/lib/tor {% block keys %}{% endblock %} HiddenServiceDir /var/lib/tor/hidden_service1/ HiddenServicePort 22 127.0.0.1:22 + {% if is_public is defined %} HiddenServicePort 9030 127.0.0.1:9030 {% endif %} + HiddenServicePort 80 127.0.0.1:80 HiddenServicePort 443 127.0.0.1:443 + {% if is_mail is defined %} HiddenServicePort 143 127.0.0.1:143 HiddenServicePort 993 127.0.0.1:993 HiddenServicePort 25 127.0.0.1:25 HiddenServicePort 587 127.0.0.1:587 {% endif %} + {% if is_jabber is defined %} HiddenServicePort 5222 127.0.0.1:5222 {% endif %} + {% if is_bitcoin is defined %} HiddenServicePort 8333 127.0.0.1:8333 {% endif %} + {% if is_seeks is defined %} HiddenServiceDir /var/lib/tor/hidden_service2/ HiddenServicePort 80 127.0.0.1:80 HiddenServicePort 443 127.0.0.1:443 {% endif %} + {% if is_public is defined %} ORPort {{ orport }} + + {% if tor_address is defined %} Address {{ tor_address }} {% endif %} + + Nickname {{ nickname }} RelayBandwidthRate {{ bprate }} RelayBandwidthBurst {{ bpburst }} ContactInfo {{ contactinfo }} DirPort {{ dirport }} + + +{% if is_exit is defined %} +DirPortFrontPage /usr/local/share/tor/tor-exit-notice.html +{% endif %} + + +{% endif %} + +{% if is_gardian is defined %} +ORPort {{ httpsport }} + + +{% if tor_address is defined %} +Address {{ tor_address }} +{% endif %} + + +Nickname {{ nickname }} +RelayBandwidthRate {{ bprate }} +RelayBandwidthBurst {{ bpburst }} +ContactInfo {{ contactinfo }} +DirPort {{ httpport }} DirPortFrontPage /usr/local/share/tor/tor-exit-notice.html {% endif %} + MyFamily {% for item in fingerprints %}${{ item }}, {% endfor %} +{% if is_exit is defined %} +ExitRelay 1 +{%endif %} + {% if is_exit is not defined %} ExitPolicy reject *:* {% endif %} diff --git a/roles/torrelay/vars/main.yml b/roles/torrelay/vars/main.yml index eb14b55..36e1826 100644 --- a/roles/torrelay/vars/main.yml +++ b/roles/torrelay/vars/main.yml @@ -6,3 +6,6 @@ fingerprints: - D8AE9C760B74AFE3CA0F48EEB21271E22CF25F7A - C9B3C1661A9577BA24C1C2C6123918921A495509 - 8AAACCAEF793C4C55999A53DC1FFFA43D9FFE224 + - BB60F5BA113A0B8B44B7B37DE3567FE561E92F78 +httpport: 80 +httpsport: 443 diff --git a/roles/yum-updatesd/tasks/main.yml b/roles/yum-updatesd/tasks/main.yml index 15c2de7..1596987 100644 --- a/roles/yum-updatesd/tasks/main.yml +++ b/roles/yum-updatesd/tasks/main.yml @@ -1,6 +1,10 @@ - name: Installation du paquet Yum-Updatesd yum: name=yum-updatesd state=present - when: ansible_distribution == "Fedora" + when: ansible_distribution == "Fedora" and ansible_distribution_version|int <= 21 + +- name: Installation du paquet Yum-Updatesd + dnf: name=yum-updatesd state=present + when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 22 - name: Configuration du service Yum-Updatesd copy: src=yum-updatesd.conf dest=/etc/yum/yum-updatesd.conf mode=644 |