diff --git a/init.retry b/init.retry deleted file mode 100644 index fbeeb3c..0000000 --- a/init.retry +++ /dev/null @@ -1 +0,0 @@ -e3r4p3.42.fr diff --git a/provision.yml b/provision.yml index bdecaac..975b5b1 100644 --- a/provision.yml +++ b/provision.yml @@ -9,63 +9,76 @@ name: ['sudo', 'mailutils', 'fail2ban', 'apache2', 'python-pip', 'iptables-persistent'] update_cache: "yes" state: "present" + tags: [ "apt", "sudo" ] - name: "Add tanguy to sudoers" user: name: "tanguy" groups: "sudo" append: yes + tags: [ "sudo" ] - name: "Upload firewall config" copy: src: "files/firewall.conf" dest: "/etc/iptables/rules.v4" owner: "root" group: "root" + tags: [ "firewall" ] - name: "Apply firewall config" command: "iptables-restore -c /etc/iptables/rules.v4" + tags: [ "firewall" ] - name: "Upload fail2ban config" copy: src: "files/jail.local" dest: "/etc/fail2ban/" owner: "root" group: "root" + tags: [ "firewall" ] - name: "Restart fail2ban" service: name: "fail2ban" state: "restarted" + tags: [ "firewall" ] - name: "Upload update_script.sh" copy: src: "files/update_script.sh" dest: "/usr/sbin/update_script.sh" owner: "root" group: "root" + tags: [ "scripts" ] - name: "Upload update_script" copy: src: "files/update_script" dest: "/etc/cron.d/update_script" owner: "root" group: "root" + tags: [ "scripts" ] - name: "Upload check_crontab.sh" copy: src: "files/check_crontab.sh" dest: "/usr/sbin/check_crontab.sh" owner: "root" group: "root" + tags: [ "scripts" ] - name: "Upload check_crontab" copy: src: "files/check_crontab" dest: "/etc/cron.d/check_crontab" owner: "root" group: "root" + tags: [ "scripts" ] - name: "Create .ssl directory" file: path: "/home/tanguy/.ssl" state: "directory" + tags: [ "ssl" ] - name: "Installing pyOpenSSL python lib" pip: name: "pyOpenSSL" + tags: [ "ssl" ] - name: "Generate ssl private key" openssl_privatekey: path: "/home/tanguy/.ssl/server.key" + tags: [ "ssl" ] - name: "Generate ssl certficate signing request" openssl_csr: path: "/home/tanguy/.ssl/server.csr" @@ -75,33 +88,41 @@ country_name: "FR" locality_name: "Paris" organization_name: "42.fr" + tags: [ "ssl" ] - name: "Generate ssl selfsigned certificate" openssl_certificate: path: "/home/tanguy/.ssl/server.crt" csr_path: "/home/tanguy/.ssl/server.csr" privatekey_path: "/home/tanguy/.ssl/server.key" provider: "selfsigned" + tags: [ "ssl" ] - name: "Upload website" copy: src: "files/default-ssl.conf" dest: "/etc/apache2/sites-available/" owner: "root" group: "root" + tags: [ "ssl" ] - name: "Create webiste dir" file: path: "/var/www/nice_website" state: "directory" + tags: [ "website" ] - name: "Upload website" copy: src: "files/index.html" dest: "/var/www/nice_website/" owner: "root" group: "root" + tags: [ "website" ] - name: "Activate nice website" command: "a2ensite default-ssl" + tags: [ "website" ] - name: "Activate ssl module" command: "a2enmod ssl" + tags: [ "website" ] - name: "Restart apache2" service: name: "apache2" state: "restarted" + tags: [ "website" ] diff --git a/templates/init.yml.j2 b/templates/init.yml.j2 index 5396a6a..b5c7069 100644 --- a/templates/init.yml.j2 +++ b/templates/init.yml.j2 @@ -16,21 +16,16 @@ dest: "/etc/ssh/" owner: "root" group: "root" - - name: "Install sudo" - apt: - name: ['sudo'] - update_cache: "yes" - state: "present" - - name: "Add tanguy to sudoers" - user: - name: "tanguy" - groups: "sudo" - append: yes + tags: [ "ssh" ] + - name: "Restart ssh service" + service: + name: "ssh" + state: "restarted" - name: "Upload public key for tanguy" authorized_key: user: "tanguy" state: "present" - key: "{{ lookup('file', '/Users/tmaze/.ssh/id_rsa.pub') }}" + key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" - name: "Restart networking service" service: name: "networking"