Fixed remaining syntax errors and added example var files

Signed-off-by: Jim Martens <github@2martens.de>
This commit is contained in:
Jim Martens 2020-01-03 21:42:10 +01:00
parent 70a6d46d4b
commit 20e31b32e0
12 changed files with 25 additions and 51 deletions

4
.gitignore vendored
View File

@ -1,3 +1,5 @@
# ---> Ansible # ---> Ansible
*.retry *.retry
hosts
initial_vars.yml
collabora_vars.yml

View File

@ -1,12 +1,11 @@
--- ---
- name: Set up Collabora Online - name: Set up Collabora Online
hosts: vps hosts: vps
vars: vars_files:
ssh_user: ssh_login - collabora_vars.yml
remote_user: "{{ ssh_user }}" remote_user: "{{ ssh_user }}"
become: yes become: yes
become_user: root become_user: root
become_method: su
gather_facts: no
roles: roles:
- collabora - collabora

View File

@ -0,0 +1,4 @@
---
admin_mail: admin@example.com
ssh_user: ssh_login
nextcloud_domain: nextcloud.com

View File

@ -4,25 +4,8 @@
port: 22 port: 22
remote_user: root remote_user: root
hosts: vps hosts: vps
vars: vars_files:
- ssh_user: ssh_login - initial_vars.yml
vars_prompt:
- name: new_root_pw
prompt: "What should be the new root password?"
private: yes
encrypt: "sha512_crypt"
confirm: yes
salt_size: 7
- name: new_user_password
prompt: "Password of the SSH login user"
private: yes
encrypt: "sha512_crypt"
confirm: yes
salt_size: 7
- name: ssh_key
prompt: "public SSH key file location for new SSH login user"
private: no
tasks: tasks:
- name: update the package list - name: update the package list
apt: apt:
@ -35,11 +18,11 @@
- name: updates password of root user - name: updates password of root user
user: user:
name: root name: root
password: {{ new_root_pw }} password: {{ new_root_pw | password_hash('sha512') }}
- name: create ssh login user - name: create ssh login user
user: user:
name: {{ ssh_user }} name: {{ ssh_user }}
password: {{ new_user_password }} password: {{ new_user_password | password_hash('sha512') }}
append: yes append: yes
groups: groups:
- sudo - sudo

5
initial_vars.yml.example Normal file
View File

@ -0,0 +1,5 @@
---
new_root_pw: newStrongRootPW
new_user_password: newStringUserPW
ssh_key: ~/.ssh/id_ed25519.pub
ssh_user: ssh_login

View File

@ -24,4 +24,4 @@
- name: enable ssl - name: enable ssl
command: command:
cmd: a2enmod ssl cmd: a2enmod ssl
notify: restart apache notify: restart apache

View File

@ -0,0 +1,2 @@
---
nextcloud_domain: nextcloud.com

View File

@ -14,7 +14,7 @@
- name: enable collabora site - name: enable collabora site
command: command:
cmd: a2ensite {{ ansible_domain }}.conf cmd: a2ensite {{ ansible_domain }}.conf
notify: reload apache notify: reload apache
- name: run certbot - name: run certbot
command: command:
cmd: certbot --apache --non-interactive --keep-until-expiring --no-eff-email --redirect --renew-with-new-domains --agree-tos -d {{ ansible_domain }} cmd: certbot --apache --non-interactive --keep-until-expiring --no-eff-email --redirect --renew-with-new-domains --agree-tos -d {{ ansible_domain }}

View File

@ -6,9 +6,5 @@
owner: root owner: root
group: root group: root
mode: 0644 mode: 0644
vars_prompt:
- name: nextcloud_domain
prompt: "Nextcloud domain"
private: no
- name: start collabora docker container - name: start collabora docker container
command: docker-compose --project-directory /etc/collabora up -d command: docker-compose --project-directory /etc/collabora up -d

View File

@ -2,4 +2,5 @@
sshport: 22 sshport: 22
openports_list: openports_list:
- 22 - 22
admin_mail: admin@example.com
#blacklist_ip_list: #blacklist_ip_list:

View File

@ -1,13 +1,10 @@
--- ---
- name: ensure apticron packages are installed - name: ensure apticron packages are installed
apt: apt:
pkg: "{{ packages }}" name: apticron
state: latest state: latest
update_cache: yes update_cache: yes
cache_valid_time: 600 cache_valid_time: 600
vars:
packages:
- apticron
- name: configure apticron - name: configure apticron
template: template:
@ -16,8 +13,3 @@
owner: root owner: root
group: root group: root
mode: 0644 mode: 0644
vars_prompt:
- name: admin_mail
prompt: "Mail of server admin"
private: no

View File

@ -1,17 +1,7 @@
--- ---
- include: apt.yml - include: apt.yml
tags:
- apt
- include: apticron.yml - include: apticron.yml
tags:
- apticron
- include: disk-check.yml - include: disk-check.yml
tags:
- disk
- include: ufw.yml - include: ufw.yml
tags:
- firewall
- include: fail2ban.yml - include: fail2ban.yml
tags:
- firewall
- include: tools.yml - include: tools.yml