me/env-ansible
me/env-ansible
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
env-ansible/tasks/general/software/services.yml
Hyperling c59e706c17
Add initial HUGO support, FreeBSD 13 support, and script for Ansible to hit dev branch. (#4) 
* Create HUGO file.

* Add HUGO.

* Add script for running system against development branch.

* Add newline to end of file.

* Comment unused blocks.

* Add path of site that HUGO should host.

* Newlines, comments, and HUGO path. (#2) (#3)

* Create HUGO file.

* Add HUGO.

* Add script for running system against development branch.

* Add newline to end of file.

* Comment unused blocks.

* Add path of site that HUGO should host.

* FreeBSD is complaining about certbot not having dict object stdout. This whole playbook is supposed to be skipped though, lol.

* FreeBSD 13 is still mad. Ansible 2.11.2, jinja 2.11.2 (same version number??), Python 3.8.10.

* Fix root group to be existing variable. FreeBSD uses wheel.

* Allow choosing Github branch dynamically.

* `branch` needs to be at General level. Testing if this works...

* Change other `localhost` to `everything`.

* Update FreeBSD status.

* Goodbye, Code-OSS on Linux!

* Delete a terrible file.

* Remove excess tag.

* "Fix" SSHFS for FreeBSD.

* Variablize FreeBSD's loading of fusefs.

* Variablize /etc/rc.conf. Enable FuseFS more properly.

* Add beginning ticks.

* Add missing playbook.

* Enable FreeBSD mount job.

* Rearrange items to be more consistent with comment.

* It seems  FreeBSD removed the `gnome3` metapackage. Use `gnome3-lite` instead. Also add Telegram.

* Python is to 3.8 now.

* Expand on FreeBSD work.

* Expand on FreeBSD work.

* Add placeholders for Gitlab.

* Add parameter for Gitlab install.

* Add Gitlab playbook.

* Ensure FreeBSD uses the correct Python install.

* Add newline.

* Fix NFS for FreeBSD workstations.

* Remove unnecessary line, restricted install to Linux in playbook.

* Fix mount options for FreeBSD.

* Fix mount number, as well as system-specific facts.

* Add placeholders for remote viewing.

* Add RDP for FreeBSD.

* Omg! It works! Add setting enforcement.

* Always remove OSS.

* Remove hosts from explicit dev testing.
2021-07-19 07:07:03 -05:00

97 lines
2.9 KiB
YAML
Raw Blame History

---
# Enable and disable services.
## Cron ##
- name: General | Software | Services | Enable CROND
service:
name: "{{ crond }}"
pattern: "{{ crond_pattern }}"
state: started
enabled: yes
## SSHFS ##
- name: General | Software | Services | Enable FuseFS (FreeBSD rc.conf)
lineinfile:
path: "{{ rc_conf }}"
regexp: 'fusefs_enable='
line: 'fusefs_enable="YES" # MANAGED BY ANSIBLE'
state: present
create: yes
backup: yes
when: ansible_system == "FreeBSD"
- name: General | Software | Services | Enable SSHFS (FreeBSD service)
service:
name: fusefs
pattern: fusefs
state: started
enabled: yes
when: ansible_system == "FreeBSD"
## CUPS ##
- name: General | Software | Services | Disable CUPS Daemon
service:
name: "{{ cups }}"
pattern: "{{ cups_pattern }}"
state: stopped
enabled: no
- name: General | Software | Services | Disable CUPS-Browse Daemon
service:
name: "{{ cups_browse }}"
pattern: "{{ cups_browse_pattern }}"
state: stopped
enabled: no
## SSHD ##
- name: General | Software | Services | Configure SSHD
lineinfile:
path: "{{ sshd_config }}"
regexp: '{{ item.key }}'
line: '{{ item.value }} # MANAGED BY ANSIBLE'
state: present
create: no
backup: yes
loop:
- { "key": '^[\#]?AllowUsers', "value": 'AllowUsers ling'}
- { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin no'}
- { "key": '^[\#]?AllowTcpForwarding', "value": 'AllowTcpForwarding no'}
- { "key": '^[\#]?ClientAliveInterval', "value": 'ClientAliveInterval 60'}
- { "key": '^[\#]?ClientAliveCountMax', "value": 'ClientAliveCountMax 2'}
- { "key": '^[\#]?Compression', "value": 'Compression no'}
- { "key": '^[\#]?LogLevel', "value": 'LogLevel verbose'}
- { "key": '^[\#]?MaxAuthTries', "value": 'MaxAuthTries 3'}
- { "key": '^[\#]?MaxSessions', "value": 'MaxSessions 2'}
#- { "key": '^[\#]?Port', "value": 'Port '}
- { "key": '^[\#]?TCPKeepAlive', "value": 'TCPKeepAlive no'}
- { "key": '^[\#]?X11Forwarding', "value": 'X11Forwarding no'}
- { "key": '^[\#]?AllowAgentForwarding', "value": 'AllowAgentForwarding no'}
- { "key": '^[\#]?PermitEmptyPasswords', "value": 'PermitEmptyPasswords no'}
- name: General | Software | Services | Configure SSHD
lineinfile:
path: "{{ sshd_config }}"
regexp: '{{ item.key }}'
line: '{{ item.value }} # MANAGED BY ANSIBLE'
state: present
create: no
backup: yes
loop:
- { "key": '^[\#]?AllowUsers', "value": 'AllowUsers root ling'}
- { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin yes'}
- { "key": '^[\#]?MaxSessions', "value": 'MaxSessions 5'}
when: "'pve' in ansible_kernel"
- name: General | Software | Services | Enable SSHD
service:
name: "{{ sshd }}"
pattern: "{{ sshd_pattern }}"
state: reloaded
enabled: yes
Reference in New Issue View Git Blame Copy Permalink