From bbbc7c9ae9493e4399b8c916bce32afc68c38c8e Mon Sep 17 00:00:00 2001 From: Matthieu Saulnier Date: Sun, 9 Dec 2018 23:13:37 +0100 Subject: Add systemd unit timeout for tor service and cleanup old tasks --- roles/torrelay/files/tor.service | 4 ++++ roles/torrelay/handlers/main.yml | 1 + roles/torrelay/handlers/systemd.yml | 2 ++ roles/torrelay/tasks/config.yml | 7 +++++++ roles/torrelay/tasks/pkgs.yml | 7 ------- roles/torrelay/tasks/selinux.yml | 7 +++++-- 6 files changed, 19 insertions(+), 9 deletions(-) create mode 100644 roles/torrelay/files/tor.service create mode 100644 roles/torrelay/handlers/systemd.yml diff --git a/roles/torrelay/files/tor.service b/roles/torrelay/files/tor.service new file mode 100644 index 0000000..8c1f13f --- /dev/null +++ b/roles/torrelay/files/tor.service @@ -0,0 +1,4 @@ +.include /lib/systemd/system/tor.service + +[Service] +TimeoutSec=infinity diff --git a/roles/torrelay/handlers/main.yml b/roles/torrelay/handlers/main.yml index e75a5eb..d7d314b 100644 --- a/roles/torrelay/handlers/main.yml +++ b/roles/torrelay/handlers/main.yml @@ -1 +1,2 @@ - import_tasks: tor.yml +- import_tasks: systemd.yml diff --git a/roles/torrelay/handlers/systemd.yml b/roles/torrelay/handlers/systemd.yml new file mode 100644 index 0000000..d81fdba --- /dev/null +++ b/roles/torrelay/handlers/systemd.yml @@ -0,0 +1,2 @@ +- name: reload systemd + command: /usr/bin/systemctl --system daemon-reload diff --git a/roles/torrelay/tasks/config.yml b/roles/torrelay/tasks/config.yml index ef21d81..f236881 100644 --- a/roles/torrelay/tasks/config.yml +++ b/roles/torrelay/tasks/config.yml @@ -1,3 +1,10 @@ +- name: Réglage du timeout du service systemd + copy: + src: tor.service + dest: /etc/systemd/system/tor.service + mode: 0644 + notify: reload systemd + - name: Configuration de proxychains copy: src: proxychains.conf diff --git a/roles/torrelay/tasks/pkgs.yml b/roles/torrelay/tasks/pkgs.yml index 67e9d1d..5a54ecd 100644 --- a/roles/torrelay/tasks/pkgs.yml +++ b/roles/torrelay/tasks/pkgs.yml @@ -6,13 +6,6 @@ dnf: name=tor state=present when: ansible_pkg_mgr == "dnf" -- name: Installation de paquets optionnels depuis le dépôt - yum: name={{ item }} state=present - with_items: - - tor-arm - - proxychains - when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "yum" - - name: Installation de paquets optionnels depuis le dépôt dnf: name={{ item }} state=present with_items: diff --git a/roles/torrelay/tasks/selinux.yml b/roles/torrelay/tasks/selinux.yml index 4141858..de256fd 100644 --- a/roles/torrelay/tasks/selinux.yml +++ b/roles/torrelay/tasks/selinux.yml @@ -36,5 +36,8 @@ when: semodulelist is failed - name: Configuration du booleen SELinux - seboolean: name=tor_can_network_relay state=yes persistent=yes - when: ansible_selinux.status != "disabled" and is_gardian is defined + seboolean: + name: tor_can_network_relay + state: yes + persistent: yes + when: ansible_selinux.status != "disabled" and orport is defined -- cgit