Initial Push of scraped files for ansible

2021-12-06 10:08:12 +01:00
parent 7aa8e04057
commit dc5b5a665d
7 changed files with 7753 additions and 2 deletions
--- a/files/configs/fail2ban/jail.local
+++ b/files/configs/fail2ban/jail.local
@@ -0,0 +1,10 @@
+# Local fail2ban config deployed with ansible
+[sshd]
+bantime = 2h
+findtime = 15m
+maxretry = 5
+
+port = ssh
+logpath = %(sshd_log)s
+backend = %(sshd_backend)s
+
--- a/files/configs/rpis/resolve.conf
+++ b/files/configs/rpis/resolve.conf
@@ -0,0 +1,4 @@
+nameserver 9.9.9.9
+options edns0 trust-ad
+search home
+
--- a/files/scripts/bashrc/deploy-bashrc.sh
+++ b/files/scripts/bashrc/deploy-bashrc.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# This script deploys a custom bashrc to the Userhomes on nodes
+
+# Vars
+BASHRC_URL=https://config.voser.cloud/linux/bash/bashrc
+BASHRC_TMP_PATH=/tmp/bashrc
+
+# Information Gatering
+## Get the bashrc
+curl -k $BASHRC_URL > $BASHRC_TMP_PATH
+
+#Script
+## Get the Userhomes & Write BASHRC to USERhome
+for USER in $(ls /home/*/ -d | cut -d "/" -f 3)
+do
+	cp $BASHRC_TMP_PATH /home/$USER/.bashrc
+	chown $USER /home/$USER/.bashrc
+	chgrp $USER /home/$USER/.bashrc
+done
+
+## Write the Custom bash to the Root Usershome directory
+cp $BASHRC_TMP_PATH /root/.bashrc
+chown root /root/.bashrc
+chgrp root /root/.bashrc
+
+# Remove temporary Bashrc
+rm -f $BASHRC_TMP_PATH
--- a/files/templates/facts.yaml
+++ b/files/templates/facts.yaml
--- a/files/templates/keepalived/keepalived.conf.j2
+++ b/files/templates/keepalived/keepalived.conf.j2
@@ -0,0 +1,24 @@
+vrrp_track_process track_k3s {
+	process k3s-server
+	weight 100
+}
+
+vrrp_instance rpis_vip {
+        state {% if ansible_hostname == 'node0' %}MASTER{% else %}BACKUP{% endif %}
+
+        interface eth0
+        virtual_router_id 1{{  ansible_hostname[-1] }}
+        priority {% if ansible_hostname == 'node0' %}11{% else %}10{% endif %}
+
+        advert_int 1
+        authentication {
+              auth_type PASS
+              auth_pass 5up3r53cr3tPW!
+        }
+        virtual_ipaddress {
+              192.168.1.10/24
+        }
+	track_process {
+		track_k3s
+	}
+}
--- a/playbooks/dnsfix/dnsfix.yaml
+++ b/playbooks/dnsfix/dnsfix.yaml
@@ -5,7 +5,7 @@
  tasks:
    - name: "Copy working resolv.conf"
      ansible.builtin.copy:
-        src: /srv/ansible/files/rpis/resolve.conf
+        src: /srv/ansible/files/configs/rpis/resolve.conf
        dest: /etc/resolv.conf
        owner: root
        group: root
--- a/playbooks/fail2ban/fail2ban.yaml
+++ b/playbooks/fail2ban/fail2ban.yaml
@@ -17,7 +17,7 @@
      become: True
    - name: "Copy Custom Fail2ban Config "
      ansible.builtin.copy:
-        src: /srv/ansible/files/fail2ban/jail.local
+        src: /srv/ansible/files/configs/fail2ban/jail.local
        dest: /etc/fail2ban/jail.local
        owner: root
        group: root