Commit ed65470e authored by Lars Beckers's avatar Lars Beckers
Browse files

implement some todos

parent 907b95f1
......@@ -3,8 +3,12 @@
#- name: ensure kerberos is installed
# apt: name=krb5-user,krb5-clients state=latest
# tags: kerberos packages
# tags:
# - kerberos
# - packages
#
#- name: configure kerberos
# template: src=krb5.conf.j2 dest=/etc/krb5.conf owner=root group=root mode=0644
# tags: kerberos config
# tags:
# - kerberos
# - config
......@@ -3,12 +3,19 @@
- name: ensure old libnss-ldap and libnss-pam are not installed
apt: name=libnss-ldap,libpam-ldap state=absent
tags: packages clean ldap
tags:
- packages
- clean
- ldap
- name: ensure ldap NSS and PAM modules are installed
apt: name=libnss-ldapd,libpam-ldapd,ldap-utils state=latest
tags: ldap packages
tags:
- ldap
- packages
- name: ensure proper global ldap configuration
template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf owner=root group=root mode=0644
tags: ldap config
tags:
- ldap
- config
......@@ -3,22 +3,30 @@
- name: ensure nscd is installed
apt: name=nscd state=latest
tags: nscd packages
tags:
- nscd
- packages
- name: ensure proper nscd configuration
copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root group=root mode=0644
notify:
- restart nscd
- clear nscd caches
tags: nscd config
tags:
- nscd
- config
- name: ensure a happy nscd
file: path=/etc/netgroup state=touch
notify:
- restart nscd
- clear nscd caches
tags: nscd config
tags:
- nscd
- config
- name: ensure nscd is running
service: name=nscd state=running enabled=yes
tags: nscd service
tags:
- nscd
- service
......@@ -3,14 +3,20 @@
- name: ensure nslcd is installed
apt: name=nslcd state=latest
tags: nslcd packages
tags:
- nslcd
- packages
- name: ensure proper nslcd configuration
template: src=nslcd.conf.j2 dest=/etc/nslcd.conf owner=root group=nslcd mode=0640
notify:
- restart nslcd
tags: nslcd config
tags:
- nslcd
- config
- name: ensure nslcd is running and enabled
service: name=nslcd state=running enabled=yes
tags: nslcd service
tags:
- nslcd
- service
......@@ -3,8 +3,12 @@
- name: ensure users of group admin are in the sudoers
copy: src=sudo/admin dest=/etc/sudoers.d/admin owner=root group=root mode=0440
tags: sudo config
tags:
- sudo
- config
- name: check whole sudo config
command: visudo -q -c -f /etc/sudoers
tags: sudo test
tags:
- sudo
- test
......@@ -3,36 +3,56 @@
- name: ensure nfs client utils are installed
apt: name=nfs-common state=latest
tags: nfs-client packages
tags:
- nfs-client
- packages
- name: ensure CIFS utils are installed
apt: name=cifs-utils,smbclient state=latest
tags: cifs-client packages
tags:
- cifs-client
- packages
# makes life much easier to have an automounter and not /etc/fstab
- name: ensure automounter is installed
apt: name=autofs state=latest
tags: autofs packages
tags:
- autofs
- packages
- name: ensure automounter is configured
copy: src=auto.master dest=/etc/auto.master owner=root group=root mode=0644
notify:
- restart autofs
tags: autofs config
tags:
- autofs
- config
- name: ensure mounts from central storage are available
template: src=auto.nfs.j2 dest=/etc/auto.nfs owner=root group=root mode=0644
notify:
- restart autofs
tags: autofs config
tags:
- autofs
- config
- name: ensure automounter is enabled
service: name=autofs state=running enabled=yes
tags:
- autofs
- service
- name: ensure linking of home
script: create_netdir.sh home
tags: fsmpi
tags:
- fsmpi
- autofs
- name: ensure linking of pub
script: create_netdir.sh pub
tags: fsmpi
tags:
- fsmpi
- autofs
- meta: flush_handlers
- include: umask.yml
......
......@@ -3,6 +3,13 @@
- name: configure default umask and other user related stuff
copy: src=login.defs dest=/etc/login.defs owner=root group=root mode=0644
tags:
- umask
- config
- name: activate pam.d session modules to set default umask
copy: src=pam_common-session dest=/etc/pam.d/common-session owner=root group=root mode=0644
tags:
- umask
- pam
- config
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment