Initial Push of scraped files for ansible
This commit is contained in:
janic
parent
7aa8e04057
commit
dc5b5a665d
10
files/configs/fail2ban/jail.local
Normal file
10
files/configs/fail2ban/jail.local
Normal file
@ -0,0 +1,10 @@
|
||||
# Local fail2ban config deployed with ansible
|
||||
[sshd]
|
||||
bantime = 2h
|
||||
findtime = 15m
|
||||
maxretry = 5
|
||||
|
||||
port = ssh
|
||||
logpath = %(sshd_log)s
|
||||
backend = %(sshd_backend)s
|
||||
|
||||
4
files/configs/rpis/resolve.conf
Normal file
4
files/configs/rpis/resolve.conf
Normal file
@ -0,0 +1,4 @@
|
||||
nameserver 9.9.9.9
|
||||
options edns0 trust-ad
|
||||
search home
|
||||
|
||||
28
files/scripts/bashrc/deploy-bashrc.sh
Executable file
28
files/scripts/bashrc/deploy-bashrc.sh
Executable file
@ -0,0 +1,28 @@
|
||||
#!/bin/bash
|
||||
|
||||
# This script deploys a custom bashrc to the Userhomes on nodes
|
||||
|
||||
# Vars
|
||||
BASHRC_URL=https://config.voser.cloud/linux/bash/bashrc
|
||||
BASHRC_TMP_PATH=/tmp/bashrc
|
||||
|
||||
# Information Gatering
|
||||
## Get the bashrc
|
||||
curl -k $BASHRC_URL > $BASHRC_TMP_PATH
|
||||
|
||||
#Script
|
||||
## Get the Userhomes & Write BASHRC to USERhome
|
||||
for USER in $(ls /home/*/ -d | cut -d "/" -f 3)
|
||||
do
|
||||
cp $BASHRC_TMP_PATH /home/$USER/.bashrc
|
||||
chown $USER /home/$USER/.bashrc
|
||||
chgrp $USER /home/$USER/.bashrc
|
||||
done
|
||||
|
||||
## Write the Custom bash to the Root Usershome directory
|
||||
cp $BASHRC_TMP_PATH /root/.bashrc
|
||||
chown root /root/.bashrc
|
||||
chgrp root /root/.bashrc
|
||||
|
||||
# Remove temporary Bashrc
|
||||
rm -f $BASHRC_TMP_PATH
|
||||
7685
files/templates/facts.yaml
Normal file
7685
files/templates/facts.yaml
Normal file
File diff suppressed because it is too large
Load Diff
24
files/templates/keepalived/keepalived.conf.j2
Normal file
24
files/templates/keepalived/keepalived.conf.j2
Normal file
@ -0,0 +1,24 @@
|
||||
vrrp_track_process track_k3s {
|
||||
process k3s-server
|
||||
weight 100
|
||||
}
|
||||
|
||||
vrrp_instance rpis_vip {
|
||||
state {% if ansible_hostname == 'node0' %}MASTER{% else %}BACKUP{% endif %}
|
||||
|
||||
interface eth0
|
||||
virtual_router_id 1{{ ansible_hostname[-1] }}
|
||||
priority {% if ansible_hostname == 'node0' %}11{% else %}10{% endif %}
|
||||
|
||||
advert_int 1
|
||||
authentication {
|
||||
auth_type PASS
|
||||
auth_pass 5up3r53cr3tPW!
|
||||
}
|
||||
virtual_ipaddress {
|
||||
192.168.1.10/24
|
||||
}
|
||||
track_process {
|
||||
track_k3s
|
||||
}
|
||||
}
|
||||
@ -5,7 +5,7 @@
|
||||
tasks:
|
||||
- name: "Copy working resolv.conf"
|
||||
ansible.builtin.copy:
|
||||
src: /srv/ansible/files/rpis/resolve.conf
|
||||
src: /srv/ansible/files/configs/rpis/resolve.conf
|
||||
dest: /etc/resolv.conf
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
@ -17,7 +17,7 @@
|
||||
become: True
|
||||
- name: "Copy Custom Fail2ban Config "
|
||||
ansible.builtin.copy:
|
||||
src: /srv/ansible/files/fail2ban/jail.local
|
||||
src: /srv/ansible/files/configs/fail2ban/jail.local
|
||||
dest: /etc/fail2ban/jail.local
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
Loading…
Reference in New Issue
Block a user