me/env-ansible
me/env-ansible
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Variablize ssh. Make non-sshfs report cron job a loop.

Browse Source
This commit is contained in:
Hyperling 2021-02-07 07:26:54 -06:00
parent a49ae8f7c5
commit ebe579a205
6 changed files with 31 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
facts/general/service.yml
View File

@ -16,5 +16,5 @@
cups_pattern: cupsd cups_pattern: cupsd
cups_browse: cups-browsed cups_browse: cups-browsed
cups_browse_pattern: cups-browsed cups_browse_pattern: cups-browsed
sshfs_leet_cmd: "sshfs ling@leet: /mnt/leet -o allow_other,_netdev" sshfs_leet_cmd: "sshfs {{ leet_ssh }}: /mnt/leet -o allow_other,_netdev"
when: ansible_system == "FreeBSD" when: ansible_system == "FreeBSD"

9
facts/general/system.yml
View File

@ -22,11 +22,12 @@
when: ansible_system == "FreeBSD" when: ansible_system == "FreeBSD"
- name: General | Facts | System | 1337 - name: General | Facts | System | 1337 Drive
set_fact: set_fact:
leet_ssh: 'ling@leet'
leet_drive: /mnt/leet leet_drive: /mnt/leet
- name: General | Facts | System | 1337 Mounted? - name: General | Facts | System | 1337 Drive Mounted?
stat: stat:
path: "{{ leet_drive }}/Temp/ansible" path: "{{ leet_drive }}/Temp/ansible"
register: leet_drive_details register: leet_drive_details
@ -46,6 +47,10 @@
- name: General | Facts | System | Reports - name: General | Facts | System | Reports
set_fact: set_fact:
heartbeat_report: "{{ report_location }}/{{ ansible_hostname }}.txt" heartbeat_report: "{{ report_location }}/{{ ansible_hostname }}.txt"
heartbeat_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/{{ ansible_hostname }}.txt"
lynis_report: "{{ report_location }}/lynis/{{ ansible_hostname }}_lynis.txt" lynis_report: "{{ report_location }}/lynis/{{ ansible_hostname }}_lynis.txt"
lynis_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/lynis/{{ ansible_hostname }}_lynis.txt"
nmap_report: "{{ report_location }}/nmap/{{ ansible_hostname }}_nmap.txt" nmap_report: "{{ report_location }}/nmap/{{ ansible_hostname }}_nmap.txt"
nmap_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/nmap/{{ ansible_hostname }}_nmap.txt"
ansible_pull_report: "{{ report_location }}/pull/{{ ansible_hostname }}_last_pull_times.txt" ansible_pull_report: "{{ report_location }}/pull/{{ ansible_hostname }}_last_pull_times.txt"
ansible_pull_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/pull/{{ ansible_hostname }}_last_pull_times.txt"

2
tasks/general/acct_mgmt/keys.yml
View File

@ -13,4 +13,4 @@
ignore_errors: yes ignore_errors: yes
- name: General | Account Management | Keys | Root | Copy SSH to 1337 - name: General | Account Management | Keys | Root | Copy SSH to 1337
shell: ssh-copy-id -i /root/.ssh/id_rsa ling@leet shell: ssh-copy-id -i /root/.ssh/id_rsa {{ leet_ssh }}

8
tasks/general/acct_mgmt/mounts.yml
View File

@ -15,15 +15,15 @@
regexp: '^# MANAGED BY ANSIBLE | Leet Share' regexp: '^# MANAGED BY ANSIBLE | Leet Share'
line: '# MANAGED BY ANSIBLE | Leet Share' line: '# MANAGED BY ANSIBLE | Leet Share'
state: absent state: absent
insertbefore: '^ling@leet' insertbefore: '^{{ leet_ssh }}'
when: ansible_system == "Linux" when: ansible_system == "Linux"
#TODO Remove this #TODO Remove this
- name: General | Account Management | Mounts | Create 1337 fstab Entry - name: General | Account Management | Mounts | Create 1337 fstab Entry
lineinfile: lineinfile:
path: /etc/fstab path: /etc/fstab
regexp: '^ling@leet' regexp: '^{{ leet_ssh }}'
line: "ling@leet: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0" line: "{{ leet_ssh }}: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0"
state: absent state: absent
backup: yes backup: yes
when: ansible_system == "Linux" when: ansible_system == "Linux"
@ -33,7 +33,7 @@
blockinfile: blockinfile:
path: /etc/fstab path: /etc/fstab
block: | block: |
ling@leet: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0 {{ leet_ssh }}: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0
marker: '# {mark} MANAGED BY ANSIBLE | 1337 Share' marker: '# {mark} MANAGED BY ANSIBLE | 1337 Share'
state: present state: present
backup: yes backup: yes

17
tasks/general/cron/ansible.yml
View File

@ -24,9 +24,24 @@
user: ansible user: ansible
name: "Copy Reports" name: "Copy Reports"
minute: "05,20,35,50" minute: "05,20,35,50"
job: "sudo scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} ling@leet:{{ report_scp_location }}" job: "sudo scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} {{ leet_ssh }}:{{ report_scp_location }}"
state: absent
disabled: no
when: not leet_drive_details.stat.exists
- name: General | Cron | Ansible | Enable Secure Copy Reports
cron:
user: ansible
name: "{{ item.name }}""
minute: "05,20,35,50"
job: "sudo scp {{ item.src }} {{ item.dest }}"
state: present state: present
disabled: no disabled: no
loop:
- { name: 'Ansible Pull Report', src: '{{ ansible_pull_report_scp }}', dest: '{{ ansible_pull_report }}' }
- { name: 'Heartbeat Report', src: '{{ heartbeat_report_scp }}', dest: '{{ heartbeat_report }}' }
- { name: 'Lynis Report', src: '{{ lynis_report_scp }}', dest: '{{ lynis_report }}' }
- { name: 'NMap Report', src: '{{ nmap_report_scp }}', dest: '{{ nmap_report }}' }
when: not leet_drive_details.stat.exists when: not leet_drive_details.stat.exists
- name: General | Cron | Ansible | Disable Secure Copy Reports - name: General | Cron | Ansible | Disable Secure Copy Reports

2
tasks/general/cron/root.yml
View File

@ -16,7 +16,7 @@
user: root user: root
name: "Copy Reports" name: "Copy Reports"
minute: "05,20,35,50" minute: "05,20,35,50"
job: "scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} ling@leet:{{ report_scp_location }}" job: "scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} {{ leet_ssh }}:{{ report_scp_location }}"
state: absent state: absent
disabled: no disabled: no
when: not leet_drive_details.stat.exists when: not leet_drive_details.stat.exists