Fixed remaining syntax errors and added example var files
Signed-off-by: Jim Martens <github@2martens.de>
This commit is contained in:
parent
70a6d46d4b
commit
20e31b32e0
|
@ -1,3 +1,5 @@
|
||||||
# ---> Ansible
|
# ---> Ansible
|
||||||
*.retry
|
*.retry
|
||||||
|
hosts
|
||||||
|
initial_vars.yml
|
||||||
|
collabora_vars.yml
|
||||||
|
|
|
@ -1,12 +1,11 @@
|
||||||
---
|
---
|
||||||
- name: Set up Collabora Online
|
- name: Set up Collabora Online
|
||||||
hosts: vps
|
hosts: vps
|
||||||
vars:
|
vars_files:
|
||||||
ssh_user: ssh_login
|
- collabora_vars.yml
|
||||||
remote_user: "{{ ssh_user }}"
|
remote_user: "{{ ssh_user }}"
|
||||||
become: yes
|
become: yes
|
||||||
become_user: root
|
become_user: root
|
||||||
become_method: su
|
|
||||||
gather_facts: no
|
|
||||||
roles:
|
roles:
|
||||||
- collabora
|
- collabora
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
admin_mail: admin@example.com
|
||||||
|
ssh_user: ssh_login
|
||||||
|
nextcloud_domain: nextcloud.com
|
|
@ -4,25 +4,8 @@
|
||||||
port: 22
|
port: 22
|
||||||
remote_user: root
|
remote_user: root
|
||||||
hosts: vps
|
hosts: vps
|
||||||
vars:
|
vars_files:
|
||||||
- ssh_user: ssh_login
|
- initial_vars.yml
|
||||||
|
|
||||||
vars_prompt:
|
|
||||||
- name: new_root_pw
|
|
||||||
prompt: "What should be the new root password?"
|
|
||||||
private: yes
|
|
||||||
encrypt: "sha512_crypt"
|
|
||||||
confirm: yes
|
|
||||||
salt_size: 7
|
|
||||||
- name: new_user_password
|
|
||||||
prompt: "Password of the SSH login user"
|
|
||||||
private: yes
|
|
||||||
encrypt: "sha512_crypt"
|
|
||||||
confirm: yes
|
|
||||||
salt_size: 7
|
|
||||||
- name: ssh_key
|
|
||||||
prompt: "public SSH key file location for new SSH login user"
|
|
||||||
private: no
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: update the package list
|
- name: update the package list
|
||||||
apt:
|
apt:
|
||||||
|
@ -35,11 +18,11 @@
|
||||||
- name: updates password of root user
|
- name: updates password of root user
|
||||||
user:
|
user:
|
||||||
name: root
|
name: root
|
||||||
password: {{ new_root_pw }}
|
password: {{ new_root_pw | password_hash('sha512') }}
|
||||||
- name: create ssh login user
|
- name: create ssh login user
|
||||||
user:
|
user:
|
||||||
name: {{ ssh_user }}
|
name: {{ ssh_user }}
|
||||||
password: {{ new_user_password }}
|
password: {{ new_user_password | password_hash('sha512') }}
|
||||||
append: yes
|
append: yes
|
||||||
groups:
|
groups:
|
||||||
- sudo
|
- sudo
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
new_root_pw: newStrongRootPW
|
||||||
|
new_user_password: newStringUserPW
|
||||||
|
ssh_key: ~/.ssh/id_ed25519.pub
|
||||||
|
ssh_user: ssh_login
|
|
@ -24,4 +24,4 @@
|
||||||
- name: enable ssl
|
- name: enable ssl
|
||||||
command:
|
command:
|
||||||
cmd: a2enmod ssl
|
cmd: a2enmod ssl
|
||||||
notify: restart apache
|
notify: restart apache
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
nextcloud_domain: nextcloud.com
|
|
@ -14,7 +14,7 @@
|
||||||
- name: enable collabora site
|
- name: enable collabora site
|
||||||
command:
|
command:
|
||||||
cmd: a2ensite {{ ansible_domain }}.conf
|
cmd: a2ensite {{ ansible_domain }}.conf
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
- name: run certbot
|
- name: run certbot
|
||||||
command:
|
command:
|
||||||
cmd: certbot --apache --non-interactive --keep-until-expiring --no-eff-email --redirect --renew-with-new-domains --agree-tos -d {{ ansible_domain }}
|
cmd: certbot --apache --non-interactive --keep-until-expiring --no-eff-email --redirect --renew-with-new-domains --agree-tos -d {{ ansible_domain }}
|
||||||
|
|
|
@ -6,9 +6,5 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
vars_prompt:
|
|
||||||
- name: nextcloud_domain
|
|
||||||
prompt: "Nextcloud domain"
|
|
||||||
private: no
|
|
||||||
- name: start collabora docker container
|
- name: start collabora docker container
|
||||||
command: docker-compose --project-directory /etc/collabora up -d
|
command: docker-compose --project-directory /etc/collabora up -d
|
||||||
|
|
|
@ -2,4 +2,5 @@
|
||||||
sshport: 22
|
sshport: 22
|
||||||
openports_list:
|
openports_list:
|
||||||
- 22
|
- 22
|
||||||
|
admin_mail: admin@example.com
|
||||||
#blacklist_ip_list:
|
#blacklist_ip_list:
|
||||||
|
|
|
@ -1,13 +1,10 @@
|
||||||
---
|
---
|
||||||
- name: ensure apticron packages are installed
|
- name: ensure apticron packages are installed
|
||||||
apt:
|
apt:
|
||||||
pkg: "{{ packages }}"
|
name: apticron
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
cache_valid_time: 600
|
cache_valid_time: 600
|
||||||
vars:
|
|
||||||
packages:
|
|
||||||
- apticron
|
|
||||||
|
|
||||||
- name: configure apticron
|
- name: configure apticron
|
||||||
template:
|
template:
|
||||||
|
@ -16,8 +13,3 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
vars_prompt:
|
|
||||||
- name: admin_mail
|
|
||||||
prompt: "Mail of server admin"
|
|
||||||
private: no
|
|
||||||
|
|
||||||
|
|
|
@ -1,17 +1,7 @@
|
||||||
---
|
---
|
||||||
- include: apt.yml
|
- include: apt.yml
|
||||||
tags:
|
|
||||||
- apt
|
|
||||||
- include: apticron.yml
|
- include: apticron.yml
|
||||||
tags:
|
|
||||||
- apticron
|
|
||||||
- include: disk-check.yml
|
- include: disk-check.yml
|
||||||
tags:
|
|
||||||
- disk
|
|
||||||
- include: ufw.yml
|
- include: ufw.yml
|
||||||
tags:
|
|
||||||
- firewall
|
|
||||||
- include: fail2ban.yml
|
- include: fail2ban.yml
|
||||||
tags:
|
|
||||||
- firewall
|
|
||||||
- include: tools.yml
|
- include: tools.yml
|
||||||
|
|
Loading…
Reference in New Issue