tvdu29/roger-skyline-1
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added tags

Browse Source
This commit is contained in:
Tanguy MAZE 2018-12-14 12:51:20 +01:00
parent 2e94aefbc0
commit 338c41e8ca
3 changed files with 27 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
init.retry
View File

@ -1 +0,0 @@
e3r4p3.42.fr

21
provision.yml
View File

@ -9,63 +9,76 @@
name: ['sudo', 'mailutils', 'fail2ban', 'apache2', 'python-pip', 'iptables-persistent']
update_cache: "yes"
state: "present"
tags: [ "apt", "sudo" ]
- name: "Add tanguy to sudoers"
user:
name: "tanguy"
groups: "sudo"
append: yes
tags: [ "sudo" ]
- name: "Upload firewall config"
copy:
src: "files/firewall.conf"
dest: "/etc/iptables/rules.v4"
owner: "root"
group: "root"
tags: [ "firewall" ]
- name: "Apply firewall config"
command: "iptables-restore -c /etc/iptables/rules.v4"
tags: [ "firewall" ]
- name: "Upload fail2ban config"
copy:
src: "files/jail.local"
dest: "/etc/fail2ban/"
owner: "root"
group: "root"
tags: [ "firewall" ]
- name: "Restart fail2ban"
service:
name: "fail2ban"
state: "restarted"
tags: [ "firewall" ]
- name: "Upload update_script.sh"
copy:
src: "files/update_script.sh"
dest: "/usr/sbin/update_script.sh"
owner: "root"
group: "root"
tags: [ "scripts" ]
- name: "Upload update_script"
copy:
src: "files/update_script"
dest: "/etc/cron.d/update_script"
owner: "root"
group: "root"
tags: [ "scripts" ]
- name: "Upload check_crontab.sh"
copy:
src: "files/check_crontab.sh"
dest: "/usr/sbin/check_crontab.sh"
owner: "root"
group: "root"
tags: [ "scripts" ]
- name: "Upload check_crontab"
copy:
src: "files/check_crontab"
dest: "/etc/cron.d/check_crontab"
owner: "root"
group: "root"
tags: [ "scripts" ]
- name: "Create .ssl directory"
file:
path: "/home/tanguy/.ssl"
state: "directory"
tags: [ "ssl" ]
- name: "Installing pyOpenSSL python lib"
pip:
name: "pyOpenSSL"
tags: [ "ssl" ]
- name: "Generate ssl private key"
openssl_privatekey:
path: "/home/tanguy/.ssl/server.key"
tags: [ "ssl" ]
- name: "Generate ssl certficate signing request"
openssl_csr:
path: "/home/tanguy/.ssl/server.csr"
@ -75,33 +88,41 @@
country_name: "FR"
locality_name: "Paris"
organization_name: "42.fr"
tags: [ "ssl" ]
- name: "Generate ssl selfsigned certificate"
openssl_certificate:
path: "/home/tanguy/.ssl/server.crt"
csr_path: "/home/tanguy/.ssl/server.csr"
privatekey_path: "/home/tanguy/.ssl/server.key"
provider: "selfsigned"
tags: [ "ssl" ]
- name: "Upload website"
copy:
src: "files/default-ssl.conf"
dest: "/etc/apache2/sites-available/"
owner: "root"
group: "root"
tags: [ "ssl" ]
- name: "Create webiste dir"
file:
path: "/var/www/nice_website"
state: "directory"
tags: [ "website" ]
- name: "Upload website"
copy:
src: "files/index.html"
dest: "/var/www/nice_website/"
owner: "root"
group: "root"
tags: [ "website" ]
- name: "Activate nice website"
command: "a2ensite default-ssl"
tags: [ "website" ]
- name: "Activate ssl module"
command: "a2enmod ssl"
tags: [ "website" ]
- name: "Restart apache2"
service:
name: "apache2"
state: "restarted"
tags: [ "website" ]

17
templates/init.yml.j2
View File

@ -16,21 +16,16 @@
dest: "/etc/ssh/"
owner: "root"
group: "root"
- name: "Install sudo"
apt:
name: ['sudo']
update_cache: "yes"
state: "present"
- name: "Add tanguy to sudoers"
user:
name: "tanguy"
groups: "sudo"
append: yes
tags: [ "ssh" ]
- name: "Restart ssh service"
service:
name: "ssh"
state: "restarted"
- name: "Upload public key for tanguy"
authorized_key:
user: "tanguy"
state: "present"
key: "{{ lookup('file', '/Users/tmaze/.ssh/id_rsa.pub') }}"
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: "Restart networking service"
service:
name: "networking"