Add sane hosts
This commit is contained in:
parent
94dc909bd9
commit
ae27f5cc67
5 changed files with 59 additions and 0 deletions
5
group_vars/sane.yml
Normal file
5
group_vars/sane.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
firewall_in:
|
||||
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
|
||||
- {proto: tcp, port: 443, from: [172.20.20.0/22]}
|
||||
- {proto: tcp, port: 9100, from: [172.20.20.0/22]}
|
||||
8
host_vars/sane02.home.foo.sh.yml
Normal file
8
host_vars/sane02.home.foo.sh.yml
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
vmhost: vmhost02.home.foo.sh
|
||||
network_interfaces:
|
||||
- device: eth0
|
||||
vlan: 20
|
||||
mac: "52:54:00:ac:dc:88"
|
||||
virt_install_devices:
|
||||
- 001.003
|
||||
|
|
@ -98,6 +98,9 @@ relay:
|
|||
hosts:
|
||||
relay01.home.foo.sh:
|
||||
relay02.home.foo.sh:
|
||||
sane:
|
||||
hosts:
|
||||
sane02.home.foo.sh:
|
||||
shell:
|
||||
hosts:
|
||||
shell01.foo.sh:
|
||||
|
|
@ -161,6 +164,7 @@ rocky9:
|
|||
mirror:
|
||||
mongodb:
|
||||
prometheus:
|
||||
sane:
|
||||
sqldb:
|
||||
static:
|
||||
vmhost:
|
||||
|
|
|
|||
40
playbooks/sane.yml
Normal file
40
playbooks/sane.yml
Normal file
|
|
@ -0,0 +1,40 @@
|
|||
---
|
||||
- name: Deploy KVM virtual machines
|
||||
ansible.builtin.import_playbook: include/deploy-kvm-guest.yml
|
||||
vars:
|
||||
myhosts: sane
|
||||
|
||||
- name: Configure instance
|
||||
hosts: sane
|
||||
user: root
|
||||
gather_facts: true
|
||||
|
||||
vars_files:
|
||||
- "{{ ansible_private }}/vars.yml"
|
||||
|
||||
roles:
|
||||
- base
|
||||
- sane
|
||||
- scanservjs
|
||||
- mod_auth_gssapi
|
||||
- role: keytab
|
||||
keytab_path: /etc/httpd/httpd.keytab
|
||||
keytab_principals: HTTP/scan.foo.sh@FOO.SH
|
||||
keytab_group: apache
|
||||
|
||||
tasks:
|
||||
- name: Require authentication for scanservjs
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/httpd/conf.local.d/scanservjs-auth.conf
|
||||
content: |
|
||||
<Location /scanservjs>
|
||||
AuthType GSSAPI
|
||||
GssapiBasicAuth On
|
||||
AuthName "Password Required"
|
||||
Require valid-user
|
||||
</Location>
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: "{{ ansible_wheel }}"
|
||||
notify: Restart apache
|
||||
|
||||
2
site.yml
2
site.yml
|
|
@ -47,6 +47,8 @@
|
|||
ansible.builtin.import_playbook: playbooks/proxy.yml
|
||||
- name: Configure relay hosts
|
||||
ansible.builtin.import_playbook: playbooks/relay.yml
|
||||
- name: Configure sane hosts
|
||||
ansible.builtin.import.playbook: playbooks/sane.yml
|
||||
- name: Configure shell hosts
|
||||
ansible.builtin.import_playbook: playbooks/shell.yml
|
||||
- name: Configure sqldb hosts
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue