Initial Push of scraped files for ansible
This commit is contained in:
janic
parent
7aa8e04057
commit
dc5b5a665d
10
files/configs/fail2ban/jail.local
Normal file
10
files/configs/fail2ban/jail.local
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# Local fail2ban config deployed with ansible
|
||||||
|
[sshd]
|
||||||
|
bantime = 2h
|
||||||
|
findtime = 15m
|
||||||
|
maxretry = 5
|
||||||
|
|
||||||
|
port = ssh
|
||||||
|
logpath = %(sshd_log)s
|
||||||
|
backend = %(sshd_backend)s
|
||||||
|
|
||||||
4
files/configs/rpis/resolve.conf
Normal file
4
files/configs/rpis/resolve.conf
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
nameserver 9.9.9.9
|
||||||
|
options edns0 trust-ad
|
||||||
|
search home
|
||||||
|
|
||||||
28
files/scripts/bashrc/deploy-bashrc.sh
Executable file
28
files/scripts/bashrc/deploy-bashrc.sh
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# This script deploys a custom bashrc to the Userhomes on nodes
|
||||||
|
|
||||||
|
# Vars
|
||||||
|
BASHRC_URL=https://config.voser.cloud/linux/bash/bashrc
|
||||||
|
BASHRC_TMP_PATH=/tmp/bashrc
|
||||||
|
|
||||||
|
# Information Gatering
|
||||||
|
## Get the bashrc
|
||||||
|
curl -k $BASHRC_URL > $BASHRC_TMP_PATH
|
||||||
|
|
||||||
|
#Script
|
||||||
|
## Get the Userhomes & Write BASHRC to USERhome
|
||||||
|
for USER in $(ls /home/*/ -d | cut -d "/" -f 3)
|
||||||
|
do
|
||||||
|
cp $BASHRC_TMP_PATH /home/$USER/.bashrc
|
||||||
|
chown $USER /home/$USER/.bashrc
|
||||||
|
chgrp $USER /home/$USER/.bashrc
|
||||||
|
done
|
||||||
|
|
||||||
|
## Write the Custom bash to the Root Usershome directory
|
||||||
|
cp $BASHRC_TMP_PATH /root/.bashrc
|
||||||
|
chown root /root/.bashrc
|
||||||
|
chgrp root /root/.bashrc
|
||||||
|
|
||||||
|
# Remove temporary Bashrc
|
||||||
|
rm -f $BASHRC_TMP_PATH
|
||||||
7685
files/templates/facts.yaml
Normal file
7685
files/templates/facts.yaml
Normal file
File diff suppressed because it is too large
Load Diff
24
files/templates/keepalived/keepalived.conf.j2
Normal file
24
files/templates/keepalived/keepalived.conf.j2
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
vrrp_track_process track_k3s {
|
||||||
|
process k3s-server
|
||||||
|
weight 100
|
||||||
|
}
|
||||||
|
|
||||||
|
vrrp_instance rpis_vip {
|
||||||
|
state {% if ansible_hostname == 'node0' %}MASTER{% else %}BACKUP{% endif %}
|
||||||
|
|
||||||
|
interface eth0
|
||||||
|
virtual_router_id 1{{ ansible_hostname[-1] }}
|
||||||
|
priority {% if ansible_hostname == 'node0' %}11{% else %}10{% endif %}
|
||||||
|
|
||||||
|
advert_int 1
|
||||||
|
authentication {
|
||||||
|
auth_type PASS
|
||||||
|
auth_pass 5up3r53cr3tPW!
|
||||||
|
}
|
||||||
|
virtual_ipaddress {
|
||||||
|
192.168.1.10/24
|
||||||
|
}
|
||||||
|
track_process {
|
||||||
|
track_k3s
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -5,7 +5,7 @@
|
|||||||
tasks:
|
tasks:
|
||||||
- name: "Copy working resolv.conf"
|
- name: "Copy working resolv.conf"
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: /srv/ansible/files/rpis/resolve.conf
|
src: /srv/ansible/files/configs/rpis/resolve.conf
|
||||||
dest: /etc/resolv.conf
|
dest: /etc/resolv.conf
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
|
|||||||
@ -17,7 +17,7 @@
|
|||||||
become: True
|
become: True
|
||||||
- name: "Copy Custom Fail2ban Config "
|
- name: "Copy Custom Fail2ban Config "
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: /srv/ansible/files/fail2ban/jail.local
|
src: /srv/ansible/files/configs/fail2ban/jail.local
|
||||||
dest: /etc/fail2ban/jail.local
|
dest: /etc/fail2ban/jail.local
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user