General FreeBSD and account improvements.

2021-02-03 21:17:48 -06:00 · 2021-02-03 21:17:48 -06:00 · 86e1881090
commit 86e1881090
parent 95024e6400
11 changed files with 53 additions and 32 deletions
--- a/facts/general/gather.yml
+++ b/facts/general/gather.yml
@ -1,6 +1,10 @@
 ---
 # Facts that must be gathered after running tasks.

- name: Facts | General | Gather | Locate BASH
+- name: Facts | General | Gather | Locate bash
  shell: which bash
  register: bash_exec
+
+- name: Facts | General | Gather | Locate ansible-pull
+  shell: which ansible-pull
+  register: ansible_pull_exec
--- a/facts/general/package.yml
+++ b/facts/general/package.yml
@ -1,23 +1,16 @@
 ---
-# Define program names per OS for package builtin.
+# Define program names for package builtin.
 # This file is for ALL systems and should not include UI components.

- name: Facts | Workstation | Package | Pop OS
+- name: Facts | Workstation | Package | apt
  set_fact:
    sshfs: sshfs
    locate: locate
-  when: ansible_distribution == "Pop!_OS"
-
-
- name: Facts | Workstation | Package | Debian and Ubuntu
-  set_fact:
-    sshfs: sshfs
-    locate: locate
-  when: ansible_distribution in ("Debian","Ubuntu")
+  when: ansible_pkg_mgr == "apt"
  

 - name: Facts | Workstation | Package | FreeBSD
  set_fact:
    sshfs: fusefs-sshfs
-    locate: htop # This is just a placeholder to prevent errors
+    locate: htop # Placeholder to prevent errors. locate builtin FreeBSD.
  when: ansible_system == "FreeBSD"
--- a/facts/general/service.yml
+++ b/facts/general/service.yml
@ -1,22 +1,13 @@
 ---
-# Define program names per OS for service builtin.
+# Define program names for service builtin.

- name: Facts | Workstation | Service | Pop OS
+- name: Facts | Workstation | Service | Linux
  set_fact:
    cups: cups
    cups_pattern: cupsd
    cups_browse: cups-browsed
    cups_browse_pattern: cups-browsed
-  when: ansible_distribution == "Pop!_OS"
-
-
- name: Facts | Workstation | Service | Debian and Ubuntu
-  set_fact:
-    cups: cups
-    cups_pattern: cupsd
-    cups_browse: cups-browsed
-    cups_browse_pattern: cups-browsed
-  when: ansible_distribution in ("Debian","Ubuntu")
+  when: ansible_system == "Linux"


 - name: Facts | Workstation | Service | FreeBSD
@ -25,4 +16,5 @@
    cups_pattern: cupsd
    cups_browse: cups-browsed
    cups_browse_pattern: cups-browsed
+    sshfs_leet_cmd: "sshfs ling@leet: /mnt/leet -o defaults.allow_othher,_netdev"
  when: ansible_system == "FreeBSD"
--- a/facts/general/system.yml
+++ b/facts/general/system.yml
@ -6,7 +6,6 @@
    lynis_install_dir: /usr/local/lynis
    lynis_report: /home/ling/lynis.log
    sudoers_install_dir: /etc/sudoers.d/ansible
-    ansible_pull_exec: /usr/bin/ansible-pull
  when: ansible_distribution == "Pop!_OS"


@ -15,7 +14,6 @@
    lynis_install_dir: /usr/local/lynis
    lynis_report: /root/lynis.log
    sudoers_install_dir: /etc/sudoers.d/ansible
-    ansible_pull_exec: /usr/bin/ansible-pull
  when: ansible_distribution in ("Debian","Ubuntu")


@ -24,5 +22,4 @@
    lynis_install_dir: /usr/local/lynis
    lynis_report: /root/lynis.log
    sudoers_install_dir: /usr/local/etc/sudoers.d/ansible
-    ansible_pull_exec: /usr/local/bin/ansible-pull
  when: ansible_system == "FreeBSD"
--- a/local.yml
+++ b/local.yml
@ -27,6 +27,7 @@
    - include: tasks/general/acct_mgmt/mounts.yml

    - include: tasks/general/cron/ansible.yml
+    - include: tasks/general/cron/root.yml


 # Additional setup for systems with GUI.
--- a/tasks/general/acct_mgmt/mounts.yml
+++ b/tasks/general/acct_mgmt/mounts.yml
@ -32,4 +32,13 @@
    warn: false
  when: ansible_system == "Linux"

-# Add @reboot cron job for FreeBSD, fstab does not like fuse or sshfs as mount type
+# FreeBSD also has root cron job for this @reboot
+- name: General | Cron | Root | Create SSHFS Job
+  cron:
+    user: root
+    name: "1337 SSHFS"
+    special_time: reboot
+    job: "{{ sshfs_leet_cmd }}"
+    state: present
+    disabled: no
+  when: ansible_system == "FreeBSD"
--- a/tasks/general/acct_mgmt/users.yml
+++ b/tasks/general/acct_mgmt/users.yml
@ -21,3 +21,11 @@
    create_home: yes
    generate_ssh_key: yes
    #password: "{{ ling_passwd }}"
+  register: user_ling
+
+- name: General | Account Management | User | Hyperling TRASH Folder
+  file: 
+    path: "{{ user_ling.home }}/TRASH"
+    state: directory
+    mode: '0755'
+  when: user_ling.home != ""
--- a/tasks/general/cron/ansible.yml
+++ b/tasks/general/cron/ansible.yml
@ -1,10 +1,11 @@
 ---
+# Jobs relating to the ansible user.

- name: General | Cron | Ansible | Create Main Job
+- name: General | Cron | Ansible | Create Subscriber Job
  cron:
    user: ansible
    name: "Ansible Sync"
    minute: "*/15"
-    job: "{{ ansible_pull_exec }} -o -U https://github.com/Hyperling/ansible.git"
+    job: "sudo {{ ansible_pull_exec }} -o -U https://github.com/Hyperling/ansible.git"
    state: present
    disabled: no
--- a/tasks/general/cron/root.yml
+++ b/tasks/general/cron/root.yml
@ -0,0 +1,12 @@
+---
+# Jobs relating to the root user.
+
+- name: General | Cron | Root | Create SSHFS Job
+  cron:
+    user: root
+    name: "1337 SSHFS"
+    special_time: reboot
+    job: "{{ sshfs_leet_cmd }}"
+    state: present
+    disabled: no
+  when: ansible_system == "FreeBSD"
--- a/tasks/general/tests/lynis.yml
+++ b/tasks/general/tests/lynis.yml
@ -1,4 +1,5 @@
 ---
+# Lynis hardness check.

 - name: General | Tests | Lynis | Install
  git: 
--- a/tasks/general/tests/nmap.yml
+++ b/tasks/general/tests/nmap.yml
@ -0,0 +1,3 @@
+---
+# Nmap port test
+