neulandlabor
/
nll-ansible
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Everything is better now.

This commit is contained in:
lagertonne 2019-08-09 14:27:14 +02:00
parent b390a5d513
commit a6b73e08a7
8 changed files with 83 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
roles/*

1
ansible.cfg
View File

@ -3,3 +3,4 @@
inventory = inventory
remote_user = root
host_key_checking = False
roles_path = ./roles

12
inventory/lgrt-intern
View File

@ -6,17 +6,15 @@ all:
intern:
hosts:
gitea.lgrt.nll.intern:
ansible_host: 10.110.142.50
nll-auth.lgrt.nll.intern:
ansible_host: 10.110.142.51
db01.lgrt.nll.intern:
ansible_host: 10.110.142.52
public-gate.lgrt.nll.intern:
ansible_host: 10.110.142.10
icinga-master.lgrt.nll.intern:
ansible_host: icinga-master.lgrt.nll.intern
ho-wekan.lgrt.nll.intern:
ansible_host: ho-wekan.lgrt.nll.intern
grafana.lgrt.nll.intern:
gitea.lgrt.nll.intern:
nll-wiki.lgrt.nll.intern:
nll-auth-front.lgrt.nll.intern:
influxdb.lgrt.nll.intern:
vars:
ansible_ssh_common_args:
'-o ProxyCommand="ssh -W %h:%p -q root@beach.lab.or.it"'

0
default_containers.yml → playbooks/default_containers.yml
View File

0
deploy_vm.yml → playbooks/deploy_vm.yml
View File

64
playbooks/hosts/db01.yml Normal file
View File

@ -0,0 +1,64 @@
---
- hosts: db01.lgrt.nll.intern
roles:
- role: anxs.postgresql
vars:
postgresql_databases:
- name: monitoring
- name: icingaweb
- name: icinga_director
- name: dokuwiki
- name: gitea
- name: dns
postgresql_listen_addresses:
- "*"
postgresql_users:
- name: icinga
pass: "8ixqRi8fnDz4HkR3nBMfSp7xs2jUsCUK"
encrypted: yes
- name: icingaweb
pass: "32rjnc9wPnQf2wXzUVryP222HXRTexLr"
encrypted: yes
- name: icinga_director
pass: "WQNY8M5g8Ubbn5xy3dTXQWyphU3LsLRd"
encrypted: yes
- name: dokuwiki
pass: "asdjbzqJEtDycbqB3S5nLSPER7oqhLDA"
encrypted: yes
- name: gitea
pass: "UJuN42rTXVeuYdE5jJFQhgv2ZbwzCFvH"
encrypted: yes
- name: dns
pass: "Uosi3HieGhohgawee9iegheR4Ahwaiki"
encrypted: yes
postgresql_user_privileges:
- name: icinga
db: monitoring
priv: "ALL"
- name: icingaweb
db: icingaweb
priv: "ALL"
- name: icinga_director
db: icinga_director
priv: "ALL"
- name: dokuwiki
db: dokuwiki
priv: "ALL"
- name: gitea
db: gitea
priv: "ALL"
- name: dns
db: dns
priv: "ALL"
postgresql_pg_hba_custom:
- { type: host, database: monitoring, user: icinga, address: "10.110.142.0/24", method: md5 }
- { type: host, database: icingaweb, user: icingaweb, address: "10.110.142.0/24", method: md5 }
- { type: host, database: icinga_director, user: icinga_director, address: "10.110.142.0/24", method: md5 }
- { type: host, database: dokuwiki, user: dokuwiki, address: "10.110.142.0/24", method: md5 }
- { type: host, database: gitea, user: gitea, address: "10.110.142.0/24", method: md5 }
- { type: host, database: dns, user: dns, address: "10.110.142.0/24", method: md5 }

10
playbooks/unattended_upgrades.yml Normal file
View File

@ -0,0 +1,10 @@
---
- hosts: all
tasks:
- name: Update all Debian systems
apt:
update_cache: yes
upgrade: safe
when:
- ansible_facts['os_family'] == "Debian"

2
unattended.yml Normal file
View File

@ -0,0 +1,2 @@
---
- import_playbook: playbooks/unattended_upgrades.yml