Skip to content
Snippets Groups Projects
Commit ed65470e authored by Lars Beckers's avatar Lars Beckers
Browse files

implement some todos

parent 907b95f1
No related branches found
No related tags found
No related merge requests found
......@@ -3,8 +3,12 @@
#- name: ensure kerberos is installed
# apt: name=krb5-user,krb5-clients state=latest
# tags: kerberos packages
# tags:
# - kerberos
# - packages
#
#- name: configure kerberos
# template: src=krb5.conf.j2 dest=/etc/krb5.conf owner=root group=root mode=0644
# tags: kerberos config
# tags:
# - kerberos
# - config
......@@ -3,12 +3,19 @@
- name: ensure old libnss-ldap and libnss-pam are not installed
apt: name=libnss-ldap,libpam-ldap state=absent
tags: packages clean ldap
tags:
- packages
- clean
- ldap
- name: ensure ldap NSS and PAM modules are installed
apt: name=libnss-ldapd,libpam-ldapd,ldap-utils state=latest
tags: ldap packages
tags:
- ldap
- packages
- name: ensure proper global ldap configuration
template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf owner=root group=root mode=0644
tags: ldap config
tags:
- ldap
- config
......@@ -3,22 +3,30 @@
- name: ensure nscd is installed
apt: name=nscd state=latest
tags: nscd packages
tags:
- nscd
- packages
- name: ensure proper nscd configuration
copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root group=root mode=0644
notify:
- restart nscd
- clear nscd caches
tags: nscd config
tags:
- nscd
- config
- name: ensure a happy nscd
file: path=/etc/netgroup state=touch
notify:
- restart nscd
- clear nscd caches
tags: nscd config
tags:
- nscd
- config
- name: ensure nscd is running
service: name=nscd state=running enabled=yes
tags: nscd service
tags:
- nscd
- service
......@@ -3,14 +3,20 @@
- name: ensure nslcd is installed
apt: name=nslcd state=latest
tags: nslcd packages
tags:
- nslcd
- packages
- name: ensure proper nslcd configuration
template: src=nslcd.conf.j2 dest=/etc/nslcd.conf owner=root group=nslcd mode=0640
notify:
- restart nslcd
tags: nslcd config
tags:
- nslcd
- config
- name: ensure nslcd is running and enabled
service: name=nslcd state=running enabled=yes
tags: nslcd service
tags:
- nslcd
- service
......@@ -3,8 +3,12 @@
- name: ensure users of group admin are in the sudoers
copy: src=sudo/admin dest=/etc/sudoers.d/admin owner=root group=root mode=0440
tags: sudo config
tags:
- sudo
- config
- name: check whole sudo config
command: visudo -q -c -f /etc/sudoers
tags: sudo test
tags:
- sudo
- test
......@@ -3,36 +3,56 @@
- name: ensure nfs client utils are installed
apt: name=nfs-common state=latest
tags: nfs-client packages
tags:
- nfs-client
- packages
- name: ensure CIFS utils are installed
apt: name=cifs-utils,smbclient state=latest
tags: cifs-client packages
tags:
- cifs-client
- packages
# makes life much easier to have an automounter and not /etc/fstab
- name: ensure automounter is installed
apt: name=autofs state=latest
tags: autofs packages
tags:
- autofs
- packages
- name: ensure automounter is configured
copy: src=auto.master dest=/etc/auto.master owner=root group=root mode=0644
notify:
- restart autofs
tags: autofs config
tags:
- autofs
- config
- name: ensure mounts from central storage are available
template: src=auto.nfs.j2 dest=/etc/auto.nfs owner=root group=root mode=0644
notify:
- restart autofs
tags: autofs config
tags:
- autofs
- config
- name: ensure automounter is enabled
service: name=autofs state=running enabled=yes
tags:
- autofs
- service
- name: ensure linking of home
script: create_netdir.sh home
tags: fsmpi
tags:
- fsmpi
- autofs
- name: ensure linking of pub
script: create_netdir.sh pub
tags: fsmpi
tags:
- fsmpi
- autofs
- meta: flush_handlers
- include: umask.yml
......
......@@ -3,6 +3,13 @@
- name: configure default umask and other user related stuff
copy: src=login.defs dest=/etc/login.defs owner=root group=root mode=0644
tags:
- umask
- config
- name: activate pam.d session modules to set default umask
copy: src=pam_common-session dest=/etc/pam.d/common-session owner=root group=root mode=0644
tags:
- umask
- pam
- config
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment