commit b60fb13144ccc1bc24944b4c30ca601528c8d8ab
parent b969f8430404be01554681cac4e15646ab0a0e36
Author: Leah Thein <leah@toaster.fritz.box>
Date: Thu, 3 Dec 2020 22:05:00 +0100
parent b969f8430404be01554681cac4e15646ab0a0e36
Author: Leah Thein <leah@toaster.fritz.box>
Date: Thu, 3 Dec 2020 22:05:00 +0100
general: better task names
17 files changed, 83 insertions(+), 62 deletions(-)
diff --git a/roles/bind/tasks/main.yml b/roles/bind/tasks/main.yml @@ -53,7 +53,7 @@ dest: /etc/awall/optional/dns.json validate: jq '.' %s -- name: "Activate new firewall-rule for: dns" +- name: "Activate firewall-rule for: dns" awall: name: dns state: enabled
diff --git a/roles/cgit/tasks/main.yml b/roles/cgit/tasks/main.yml @@ -1,22 +1,24 @@ --- -- name: Install cgit +- name: "Install Package(s): cgit and it's dependecys" apk: name: cgit git spawn-fcgi fcgiwrap py3-markdown py3-pygments state: present update_cache: yes -- name: create fcgi-service +- name: "Create fcgi-service for: cgit" file: src: /etc/init.d/spawn-fcgi dest: /etc/init.d/spawn-fcgi.cgit state: link -- copy: +- name: "Create config for cgit's fcgi-service" + copy: content: "FCGI_PORT=8001\nFCGI_PROGRAM=/usr/bin/fcgiwrap" dest: /etc/conf.d/spawn-fcgi.cgit -- service: +- name: "Restart and enable service: spawn-fcgi.cgit" + service: name: spawn-fcgi.cgit enabled: yes state: restarted @@ -47,7 +49,7 @@ groups: git append: yes -- name: restart nginx +- name: "Restart service: nginx" service: name: nginx state: restarted
diff --git a/roles/common/tasks/firewall.yml b/roles/common/tasks/firewall.yml @@ -1,9 +1,9 @@ --- -- name: install awall +- name: "Install Package: awall" apk: name: awall lua-lyaml ip6tables -- name: Load iptables kernel module +- name: "Load kernel module: iptables" raw: "modprobe ip_tables" - name: Copy base custom-services configguration to destination host @@ -24,17 +24,20 @@ dest: /etc/awall/optional/ssh.json validate: jq '.' %s -- awall: +- name: "Activate firewall-rule for: ssh" + awall: name: ssh state: enabled activate: yes -- service: +- name: "Enable and start service: iptables" + service: name: iptables enabled: yes state: started -- service: +- name: "Enable and start service: ip6tables" + service: name: ip6tables enabled: yes state: started
diff --git a/roles/common/tasks/network.yml b/roles/common/tasks/network.yml @@ -1,18 +1,18 @@ --- -- name: create /etc/network/interfaces +- name: "create file: /etc/network/interfaces" template: src: interfaces.conf.j2 dest: /etc/network/interfaces mode: 0755 -- name: create /etc/hosts +- name: "create file: /etc/hosts" template: src: hosts.conf.j2 dest: /etc/hosts mode: 0755 -- name: create /etc/resolv.conf +- name: "create file: /etc/resolv.conf" template: src: resolv.conf.j2 dest: /etc/resolv.conf @@ -23,7 +23,8 @@ name: "{{network.hostname}}" use: alpine -- copy: +- name: "create file: /etc/hostname" + copy: content: "{{network.hostname}}" dest: /etc/hostname @@ -45,20 +46,20 @@ reload: yes when: network.natSupport is false -- name: install vlan package +- name: "Install package: vlan" apk: name: vlan update_cache: yes when: network.vlanSupport is true -- name: deinstall vlan package +- name: "Remove package: vlan" apk: name: vlan state: absent update_cache: yes when: network.vlanSupport is false -- name: restart networking service +- name: "Restart service: networking" service: name: networking state: restarted
diff --git a/roles/common/tasks/node-exporter.yml b/roles/common/tasks/node-exporter.yml @@ -1,9 +1,10 @@ --- -- name: install node-exporter +- name: "Install package: node-exporter" apk: name: prometheus-node-exporter -- service: +- name: "Enable and start service: node-exporter" + service: name: node-exporter enabled: yes state: started
diff --git a/roles/common/tasks/packages.yml b/roles/common/tasks/packages.yml @@ -4,7 +4,7 @@ url: http://home.f2k1.de:8080/leah-5f817de5.rsa.pub dest: /etc/apk/keys/leah-5f817de5.rsa.pub -- name: set repositories +- name: "Update file: /etc/apk/repositories" template: src: repositories.j2 dest: /etc/apk/repositories
diff --git a/roles/common/tasks/sshd.yml b/roles/common/tasks/sshd.yml @@ -1,11 +1,11 @@ --- -- name: patch sshd_config +- name: "Patch file: /etc/ssh/sshd_config" patch: src: config-files/ssh/sshd_config.patch dest: /etc/ssh/sshd_config -- name: restart sshd +- name: "Enable and restart service: sshd" service: name: sshd enabled: yes
diff --git a/roles/common/tasks/sudo.yml b/roles/common/tasks/sudo.yml @@ -1,12 +1,12 @@ --- -- name: install sudo +- name: "Install package: sudo" apk: name: sudo state: present update_cache: yes -- name: patch sudoers config +- name: "Patch file: /etc/sudoers" patch: src: config-files/sudo/sudoers.patch dest: /etc/sudoers
diff --git a/roles/gitolite/tasks/main.yml b/roles/gitolite/tasks/main.yml @@ -52,7 +52,8 @@ dest: /etc/awall/optional/ssh.json validate: jq '.' %s -- awall: +- name: "Activate firewall-rule for: ssh" + awall: name: ssh state: enabled activate: yes
diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install grafana +- name: "Install package: grafana" apk: name: grafana state: present @@ -28,11 +28,13 @@ owner: nginx group: nginx -- service: +- name: "Restart and enable service: grafana" + service: name: grafana enabled: yes state: restarted -- service: +- name: "Restart service: nginx" + service: name: nginx state: restarted
diff --git a/roles/maddy/tasks/main.yml b/roles/maddy/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install maddy mailserver +- name: "Install package: maddy" apk: name: maddy state: present @@ -20,7 +20,7 @@ owner: maddy group: maddy -- name: create log-file for maddy +- name: "Create file: /var/log/maddy.log" file: path: /var/log/maddy.log state: touch @@ -34,12 +34,14 @@ dest: /etc/awall/optional/mail.json validate: jq '.' %s -- awall: +- name: "Activate firewall-rule for: mail" + awall: name: mail state: enabled activate: yes -- service: +- name: "Restart and enable service: maddy" + service: name: maddy enabled: yes state: restarted
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml @@ -52,7 +52,7 @@ owner: nginx group: nginx -- name: create a directory for basicauth stuff +- name: "Create directory: /etc/nginx/passwd" file: path: /etc/nginx/passwd state: directory
diff --git a/roles/oeffi-web/tasks/main.yml b/roles/oeffi-web/tasks/main.yml @@ -1,16 +1,11 @@ --- -- name: Install oeffi-web +- name: "Install package: oeffi-web" apk: name: oeffi-web state: present update_cache: yes -- service: - name: oeffi-web - enabled: yes - state: restarted - - name: copy nginx-vhost for oeffi-web to destination host template: src: oeffi-web-vhost.conf.j2 @@ -19,7 +14,13 @@ owner: nginx group: nginx -- name: restart nginx +- name: "Enable and restart service: oeffi-web" + service: + name: oeffi-web + enabled: yes + state: restarted + +- name: "Restart service: nginx" service: name: nginx state: restarted
diff --git a/roles/oeffisearch/tasks/main.yml b/roles/oeffisearch/tasks/main.yml @@ -1,16 +1,11 @@ --- -- name: Install oeffisearch +- name: "Install package: oeffisearch" apk: name: oeffisearch state: present update_cache: yes -- service: - name: oeffisearch - enabled: yes - state: restarted - - name: copy nginx-vhost for oeffisearch to destination host template: src: oeffisearch-vhost.conf.j2 @@ -19,7 +14,13 @@ owner: nginx group: nginx -- name: restart nginx +- name: "Enable and restart service: oeffisearch" + service: + name: oeffisearch + enabled: yes + state: restarted + +- name: "Restart service: nginx" service: name: nginx state: restarted
diff --git a/roles/pleroma/tasks/main.yml b/roles/pleroma/tasks/main.yml @@ -1,18 +1,18 @@ --- -- name: Install postgres +- name: "Install package: postgresql" apk: name: postgresql postgresql-contrib state: present update_cache: yes -- name: Install pleroma +- name: "Install package: pleroma" apk: name: pleroma state: present update_cache: yes -- name: copy config file into place +- name: "Copy config for: pleroma" copy: src: config-files/pleroma/config.exs dest: /etc/pleroma/config.exs @@ -36,17 +36,19 @@ owner: nginx group: nginx -- service: +- name: "Enable and start service: postgresql" + service: name: postgresql enabled: yes state: started -- service: +- name: "Enable and restart service: pleroma" + service: name: pleroma enabled: yes state: restarted -- service: +- name: "Restart service: nginx" + service: name: nginx - enabled: yes state: restarted
diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install prometheus +- name: "Install package: prometheus" apk: name: prometheus chartsrv state: present @@ -24,16 +24,19 @@ owner: nginx group: nginx -- service: +- name: "Restart and enable service: prometheus" + service: name: prometheus enabled: yes state: restarted -- service: +- name: "Restart and enable service: chartsrv" + service: name: chartsrv enabled: yes state: restarted -- service: +- name: "Restart service: nginx" + service: name: nginx state: restarted
diff --git a/roles/radicale/tasks/main.yml b/roles/radicale/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install radicale +- name: "Install package: radicale" apk: name: radicale state: present @@ -30,11 +30,13 @@ owner: nginx group: nginx -- service: +- name: "Enable and restart service: radicale" + service: name: radicale enabled: yes state: restarted -- service: +- name: "Restart service: nginx" + service: name: nginx state: restarted