Skip to content
Snippets Groups Projects
Commit 51c823cd authored by Lars Beckers's avatar Lars Beckers
Browse files

split common role

parent 188b6728
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 0 additions and 501 deletions
server/files/apticron.conf apticron/files/apticron.conf
+ 0
0
View file @ 51c823cd
File moved
server/tasks/apticron.yml apticron/tasks/apticron.yml
+ 0
0
View file @ 51c823cd
File moved
server/tasks/main.yml apticron/tasks/main.yml
+ 0
0
View file @ 51c823cd
File moved
common/files/fsmpi/issue.net branding/files/fsmpi/issue.net
+ 0
0
View file @ 51c823cd
File moved
common/files/fsmpi/motd branding/files/fsmpi/motd
+ 0
0
View file @ 51c823cd
File moved
common/files/root/gitconfig branding/files/gitconfig
+ 0
0
View file @ 51c823cd
File moved
common/tasks/shell.yml branding/tasks/shell.yml
+ 0
0
View file @ 51c823cd
File moved
common/defaults/main.yml deleted 100644 → 0
+ 0
11
View file @ 188b6728
---
# file: roles/common/defaults/main.yml
apt_use_updates: yes
apt_use_backports: yes
ssh_authorized_keys: "{{ inventory_dir }}/files/keys"
ssh_mkhomedir: yes
ssh_strong_crypto: yes
ssh_gssapi: yes
ssh_sftp_options: ""
ssh_allow_groups: []
common/files/locale deleted 100644 → 0
+ 0
1
View file @ 188b6728
LANG=en_US.UTF-8
common/files/logrotate.conf deleted 100644 → 0
+ 0
33
View file @ 188b6728
# see "man logrotate" for details
# rotate log files daily
daily
# keep 7 days worth of backlogs
rotate 7
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
compress
delaycompress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0660 root utmp
rotate 1
}
# system-specific logs may be configured here
common/files/molly-guard deleted 100644 → 0
+ 0
6
View file @ 188b6728
# molly-guard settings
#
# ALWAYS_QUERY_HOSTNAME
# when set, causes the 30-query-hostname script to always ask for the
# hostname, even if no SSH session was detected.
ALWAYS_QUERY_HOSTNAME=true
common/files/pam/mkhomedir deleted 100644 → 0
+ 0
6
View file @ 188b6728
Name: Create home directory during login
Default: yes
Priority: 900
Session-Type: Additional
Session:
required pam_mkhomedir.so umask=0077 skel=/etc/skel
common/files/pam/sshd deleted 100644 → 0
+ 0
55
View file @ 188b6728
# PAM configuration for the Secure Shell service
# Standard Un*x authentication.
@include common-auth
# Disallow non-root logins when /etc/nologin exists.
account required pam_nologin.so
# Uncomment and edit /etc/security/access.conf if you need to set complex
# access limits that are hard to express in sshd_config.
# account required pam_access.so
# Standard Un*x authorization.
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible that a
# module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
# Set the loginuid process attribute.
session required pam_loginuid.so
# Create a new session keyring.
session optional pam_keyinit.so force revoke
# Standard Un*x session setup and teardown.
@include common-session
# Print the message of the day upon successful login.
# This includes a dynamically generated part from /run/motd.dynamic
# and a static (admin-editable) part from /etc/motd.
session optional pam_motd.so motd=/run/motd.dynamic
session optional pam_motd.so noupdate
# Print the status of the user's mailbox upon successful login.
session optional pam_mail.so standard noenv # [1]
# Set up user limits from /etc/security/limits.conf.
session required pam_limits.so
# Read environment variables from /etc/environment and
# /etc/security/pam_env.conf.
session required pam_env.so # [1]
# In Debian 4.0 (etch), locale-related environment variables were moved to
# /etc/default/locale, so read that as well.
session required pam_env.so user_readenv=1 envfile=/etc/default/locale
# SELinux needs to intervene at login time to ensure that the process starts
# in the proper default security context. Only sessions which are intended
# to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
# Standard Un*x password updating.
@include common-password
common/files/root/bashrc deleted 100644 → 0
+ 0
175
View file @ 188b6728
bash_prompt() {
case $TERM in
xterm*|rxvt*)
local TITLEBAR='\[\033]0;\u:${NEW_PWD}\007\]'
;;
*)
local TITLEBAR=""
;;
esac
local NONE="\[\033[0m\]" # unsets color to term's fg color
# regular colors
local K="\[\033[0;30m\]" # black
local R="\[\033[0;31m\]" # red
local G="\[\033[0;32m\]" # green
local Y="\[\033[0;33m\]" # yellow
local B="\[\033[0;34m\]" # blue
local M="\[\033[0;35m\]" # magenta
local C="\[\033[0;36m\]" # cyan
local W="\[\033[0;37m\]" # white
# emphasized (bolded) colors
local EMK="\[\033[1;30m\]"
local EMR="\[\033[1;31m\]"
local EMG="\[\033[1;32m\]"
local EMY="\[\033[1;33m\]"
local EMB="\[\033[1;34m\]"
local EMM="\[\033[1;35m\]"
local EMC="\[\033[1;36m\]"
local EMW="\[\033[1;37m\]"
# background colors
local BGK="\[\033[40m\]"
local BGR="\[\033[41m\]"
local BGG="\[\033[42m\]"
local BGY="\[\033[43m\]"
local BGB="\[\033[44m\]"
local BGM="\[\033[45m\]"
local BGC="\[\033[46m\]"
local BGW="\[\033[47m\]"
local UC=$G # user's color
[ $UID -eq "0" ] && UC=$R # root's color
PS1="$TITLEBAR ${EMW}\t [${UC}\u ${EMK}@ ${C}\h${EMW}] ${EMC}\w ${UC}\\$ ${NONE}"
# without colors: PS1="[\u@\h \${NEW_PWD}]\\$ "
# extra backslash in front of \$ to make bash colorize the prompt
}
#append_root() {
# export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$1/lib
# export PATH=$PATH:$1/bin
# export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:$1/lib/pkgconfig
# for D in $1/lib/python*/site-packages; do
# export PYTHONPATH=$PYTHONPATH:$D
# done
#}
prepend_root() {
echo "** prepend $1"
export LD_LIBRARY_PATH="$1/lib:$LD_LIBRARY_PATH"
export PATH="$1/bin:$PATH"
export PKG_CONFIG_PATH="$1/lib/pkgconfig:$PKG_CONFIG_PATH"
for D in $1/lib/python*/site-packages; do
export PYTHONPATH="$D:$PYTHONPATH"
done
}
append_element() {
local IFS=":"
for item in $1; do
if ! [[ $item == $2* ]]; then
echo -n "$item:"
fi
done
echo $2
}
prepend_element() {
local IFS=":"
echo $2
for item in $1; do
if ! [[ $item == $2* ]]; then
echo -n ":$item"
fi
done
}
remove_element() {
local IFS=":"
for item in $1; do
if ! [[ $item == $2* ]]; then
echo -n ":$item"
fi
done
}
list_path() {
local IFS=":"
for item in $1; do
echo $item
done
}
append_root() {
export LD_LIBRARY_PATH=$(append_element $LD_LIBRARY_PATH $1/lib)
export PATH=$(append_element $PATH $1/bin)
export PKG_CONFIG_PATH=$(append_element $PKG_CONFIG_PATH $1/lib/pkgconfig)
for D in $1/lib/python*/site-packages; do
export PYTHONPATH=$(append_element $PYTHONPATH $D)
done
}
remove_root() {
PATH=$(remove_element $PATH $1)
LD_LIBRARY_PATH=$(remove_element $LD_LIBRARY_PATH $1)
PKG_CONFIG_PATH=$(remove_element $PKG_CONFIG_PATH $1)
PYTHONPATH=$(remove_element $PYTHONPATH $1)
}
# Check for an interactive session
[ -z "$PS1" ] && return
if [ "$PS1" ]; then
shopt -s checkwinsize
shopt -s cdspell
# don't put duplicate lines in the history. See bash(1) for more options
# don't overwrite GNU Midnight Commander's setting of `ignorespace'.
HISTCONTROL=$HISTCONTROL${HISTCONTROL+,}ignoredups
# ... or force ignoredups and ignorespace
HISTCONTROL=ignoreboth
# append to the history file, don't overwrite it
shopt -s histappend
alias ls='ls -h --color=auto'
alias l='ls -lh --color=auto'
alias ll='ls -Alh --color=auto'
alias ssh='ssh -A -X'
alias make='make -j 4'
alias ne='TERM=xterm ne'
alias ..='cd ..'
bash_prompt
export EDITOR=/usr/bin/vim
set bell-style none
# enhanced bash completition
if [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
if [ -f ~/.bash_completion ]; then
. ~/.bash_completion
fi
# if [ -z "$SSH_AUTH_SOCK" ] && [ "${SSH_AUTH_SOCK}xxx" = "xxx" ]; then
# SSH_ENV="$HOME/.ssh/environment"
# echo "Starting KeyChain"
# # Source SSH settings, if applicable
# keychain --nogui --eval id_rsa
# . ~/.keychain/$HOSTNAME-sh &> /dev/null
# . ~/.keychain/$HOSTNAME-sh-gpg &> /dev/null
# fi
#prepend_root $HOME/.local
if [ -f $HOME/.bashrc.local ]
then
source $HOME/.bashrc.local
fi
fi
common/files/root/vimrc deleted 100644 → 0
+ 0
52
View file @ 188b6728
filetype plugin indent on
syntax enable
let g:tex_flavor = "latex"
let g:ansible_options = {'ignore_blank_lines': 0}
set noexrc
set nocompatible
set ruler
set showmode
set number
set showcmd
set showmatch
set wrap
set tabstop=8
set shiftwidth=8
set softtabstop=8
set noexpandtab
set smarttab
"set autoindent
set copyindent
set wrapscan
set hlsearch
set incsearch
set ignorecase
set smartcase
set notitle
set undolevels=1000
set history=1000
set noerrorbells
set novisualbell
set background=dark
"set spell
set nobackup
"set viminfo=$HOME/.cache/viminfo
":nmap <Space> i_<Esc>r
:nmap <F1> :echo<CR>
:imap <F1> <C-o>:echo<CR>
cmap w!! w !sudo tee % >/dev/null
au BufRead /tmp/mutt-* set textwidth=72
map <F6> : !hunspell %<CR>: e %<CR>
"set textwidth=79
set backspace=2
set wrapmargin=0
set formatoptions=c,q,r,t
common/files/rwth_chain_sha2.pem deleted 100644 → 0
+ 0
84
View file @ 188b6728
SHA-2 chain, PCA Jul 14
subject= /C=DE/O=RWTH Aachen/CN=RWTH Aachen CA/emailAddress=ca@rwth-aachen.de
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIHF5Bg4cwAkzANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQG
EwJERTETMBEGA1UEChMKREZOLVZlcmVpbjEQMA4GA1UECxMHREZOLVBLSTEkMCIG
A1UEAxMbREZOLVZlcmVpbiBQQ0EgR2xvYmFsIC0gRzAxMB4XDTE0MDUxMjE1MDU1
M1oXDTE5MDcwOTIzNTkwMFowXjELMAkGA1UEBhMCREUxFDASBgNVBAoTC1JXVEgg
QWFjaGVuMRcwFQYDVQQDEw5SV1RIIEFhY2hlbiBDQTEgMB4GCSqGSIb3DQEJARYR
Y2FAcnd0aC1hYWNoZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4MAhk48jcelLfNUI5kvMv+CF54xJnL4x/cJQnN2NId6CJ3fqs0siO2exIACfz
djxOUpQ6ZFOn5pdTvTi7stnk8WAaP/d9LFd8k9Gbxjh7xh3L+0a3ac+/tHJcX564
ntUxGtVGMuShEoUaZUT5fw97TL36UJ8OqXLrqpdAKcFKaJ+pgRp2gTLj4MNUMPjA
4GlstpjoLnT++qFm7t/ZS92/E3OqNJUwHH6C35vSroVscmg+a7XxT6U4JO99MYxN
cTIMzhPS9Ytp+302w7i51daBjr0hFGPK0nLSV6gv77zBSFJ7AVGJJxBSUzDn0xkD
LYvZwqaeYkj8kDB2oSeRyfGjAgMBAAGjggH+MIIB+jASBgNVHRMBAf8ECDAGAQH/
AgEBMA4GA1UdDwEB/wQEAwIBBjARBgNVHSAECjAIMAYGBFUdIAAwHQYDVR0OBBYE
FG7VPsAcL3HJPL9JTu9qVUjs0fI4MB8GA1UdIwQYMBaAFEm3xs/oPR9/6kR7Eyn3
8QpwPt5kMBwGA1UdEQQVMBOBEWNhQHJ3dGgtYWFjaGVuLmRlMIGIBgNVHR8EgYAw
fjA9oDugOYY3aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1jYS9w
dWIvY3JsL2NhY3JsLmNybDA9oDugOYY3aHR0cDovL2NkcDIucGNhLmRmbi5kZS9n
bG9iYWwtcm9vdC1jYS9wdWIvY3JsL2NhY3JsLmNybDCB1wYIKwYBBQUHAQEEgcow
gccwMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NTUC1TZXJ2
ZXIvT0NTUDBHBggrBgEFBQcwAoY7aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9i
YWwtcm9vdC1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwRwYIKwYBBQUHMAKGO2h0
dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtY2EvcHViL2NhY2VydC9j
YWNlcnQuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQBu4RMsIIzIOBrkrz5loQOmoZuH
ekB7LGlYBiou7YTqjWOaAxUGL5xf2L9qo2QnxeFhWUnDIHsgTHtoJQmAgM/e/gwT
v0u/x3zWAsgOGPPXKuLrJRrLIcwoWT9V9VzqZfbzga9s0Uo2s7wVxGnSexKAmzGG
dIsYP7BBQWkAr6bFWLQmD2R8Cr5OTOHNBS//w2ZuWsvetM7HAOH4ECTYZtG4ZXP2
u0jclErqjePssIkh09lb3ESeIZ+8avIqAXz0QVTNti3HYAPandLyq7PhR/PaWajJ
Z6Hq30iq2w32zhFAghqTjJMPJCgU78MehKS5QdVCFfIr4xJA+O7sr1kh3eYu
-----END CERTIFICATE-----
subject= /C=DE/O=DFN-Verein/OU=DFN-PKI/CN=DFN-Verein PCA Global - G01
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIIUE7G9T0RtGQwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
BhMCREUxHDAaBgNVBAoTE0RldXRzY2hlIFRlbGVrb20gQUcxHzAdBgNVBAsTFlQt
VGVsZVNlYyBUcnVzdCBDZW50ZXIxIzAhBgNVBAMTGkRldXRzY2hlIFRlbGVrb20g
Um9vdCBDQSAyMB4XDTE0MDcyMjEyMDgyNloXDTE5MDcwOTIzNTkwMFowWjELMAkG
A1UEBhMCREUxEzARBgNVBAoTCkRGTi1WZXJlaW4xEDAOBgNVBAsTB0RGTi1QS0kx
JDAiBgNVBAMTG0RGTi1WZXJlaW4gUENBIEdsb2JhbCAtIEcwMTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAOmbw2eF+Q2u9Y1Uw5ZQNT1i6W5M7ZTXAFuV
InTUIOs0j9bswDEEC5mB4qYU0lKgKCOEi3SJBF5b4OJ4wXjLFssoNTl7LZBF0O2g
AHp8v0oOGwDDhulcKzERewzzgiRDjBw4i2poAJru3E94q9LGE5t2re7eJujvAa90
D8EJovZrzr3TzRQwT/Xl46TIYpuCGgMnMA0CZWBN7dEJIyqWNVgn03bGcbaQHcTt
/zWGfW8zs9sPxRHCioOhlF1Ba9jSEPVM/cpRrNm975KDu9rrixZWVkPP4dUTPaYf
JzDNSVTbyRM0mnF1xWzqpwuY+SGdJ68+ozk5SGqMrcmZ+8MS8r0CAwEAAaOCAYYw
ggGCMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUSbfGz+g9H3/qRHsTKffxCnA+
3mQwHwYDVR0jBBgwFoAUMcN5G7r1U9cX4Il6LRdsCrMrnTMwEgYDVR0TAQH/BAgw
BgEB/wIBAjBiBgNVHSAEWzBZMBEGDysGAQQBga0hgiwBAQQCAjARBg8rBgEEAYGt
IYIsAQEEAwAwEQYPKwYBBAGBrSGCLAEBBAMBMA8GDSsGAQQBga0hgiwBAQQwDQYL
KwYBBAGBrSGCLB4wPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL3BraTAzMzYudGVs
ZXNlYy5kZS9ybC9EVF9ST09UX0NBXzIuY3JsMHgGCCsGAQUFBwEBBGwwajAsBggr
BgEFBQcwAYYgaHR0cDovL29jc3AwMzM2LnRlbGVzZWMuZGUvb2NzcHIwOgYIKwYB
BQUHMAKGLmh0dHA6Ly9wa2kwMzM2LnRlbGVzZWMuZGUvY3J0L0RUX1JPT1RfQ0Ff
Mi5jZXIwDQYJKoZIhvcNAQELBQADggEBAGMgKP2cIYZyvjlGWTkyJbypAZsNzMp9
QZyGbQpuLLMTWXWxM5IbYScW/8Oy1TWC+4QqAUm9ZrtmL7LCBl1uP27jAVpbykNj
XJW24TGnH9UHX03mZYJOMvnDfHpLzU1cdO4h8nUC7FI+0slq05AjbklnNb5/TVak
7Mwvz7ehl6hyPsm8QNZapAg91ryCw7e3Mo6xLI5qbbc1AhnP9TlEWGOnJAAQsLv8
Tq9uLzi7pVdJP9huUG8sl5bcHUaaZYnPrszy5dmfU7M+oS+SqdgLxoQfBMbrHuif
fbV7pQLxJMUkYxE0zFqTICp5iDolQpCpZTt8htMSFSMp/CzazDlbVBc=
-----END CERTIFICATE-----
subject= /C=DE/O=Deutsche Telekom AG/OU=T-TeleSec Trust Center/CN=Deutsche Telekom Root CA 2
-----BEGIN CERTIFICATE-----
MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB
IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE
RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl
U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290
IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU
ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC
QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr
rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S
NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc
QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH
txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP
BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp
tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
Cm26OWMohpLzGITY+9HPBVZkVw==
-----END CERTIFICATE-----
common/files/sudo/default deleted 100644 → 0
+ 0
27
View file @ 188b6728
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Allow members of group sudo to execute any command
%admin ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
common/files/timezone deleted 100644 → 0
+ 0
1
View file @ 188b6728
Europe/Berlin
common/handlers/main.yml deleted 100644 → 0
+ 0
26
View file @ 188b6728
---
# file: roles/common/handlers/main.yml
- name: restart ntpd
service: name=ntp state=restarted
- name: restart sshd
service: name=ssh state=restarted
- name: restart lldpd
service: name=lldpd state=restarted
- name: restart rsyslogd
service: name=rsyslog state=restarted
- name: rerun depmod
command: depmod -ae
- name: update initramfs
command: update-initramfs -u
- name: update timezone
command: dpkg-reconfigure --frontend noninteractive tzdata
- name: regenerate pam config
shell: DEBIAN_FRONTEND=noninteractive pam-auth-update --force
common/tasks/dns.yml deleted 100644 → 0
+ 0
24
View file @ 188b6728
---
# file: roles/common/tasks/dns.yml
- name: ensure dns is configured
template: src=resolv.conf.j2 dest=/etc/resolv.conf owner=root group=root mode=0644
tags:
- dns
- config
- name: ensure dbus is installed, since hostnamectl needs this
apt: name=dbus state=present
tags:
- packages
- dns
- network
- config
- name: ensure the hostname is not a fqdn for non-hypervisors
hostname: name="{{ inventory_hostname }}"
when: not (inventory_hostname in groups['vm-hosts']) and not (inventory_hostname == 'cloud')
tags:
- dns
- network
- config
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment