Add sane hosts
This commit is contained in:
parent
94dc909bd9
commit
ae27f5cc67
5 changed files with 59 additions and 0 deletions
5
group_vars/sane.yml
Normal file
5
group_vars/sane.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
firewall_in:
|
||||||
|
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
|
||||||
|
- {proto: tcp, port: 443, from: [172.20.20.0/22]}
|
||||||
|
- {proto: tcp, port: 9100, from: [172.20.20.0/22]}
|
||||||
8
host_vars/sane02.home.foo.sh.yml
Normal file
8
host_vars/sane02.home.foo.sh.yml
Normal file
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
vmhost: vmhost02.home.foo.sh
|
||||||
|
network_interfaces:
|
||||||
|
- device: eth0
|
||||||
|
vlan: 20
|
||||||
|
mac: "52:54:00:ac:dc:88"
|
||||||
|
virt_install_devices:
|
||||||
|
- 001.003
|
||||||
|
|
@ -98,6 +98,9 @@ relay:
|
||||||
hosts:
|
hosts:
|
||||||
relay01.home.foo.sh:
|
relay01.home.foo.sh:
|
||||||
relay02.home.foo.sh:
|
relay02.home.foo.sh:
|
||||||
|
sane:
|
||||||
|
hosts:
|
||||||
|
sane02.home.foo.sh:
|
||||||
shell:
|
shell:
|
||||||
hosts:
|
hosts:
|
||||||
shell01.foo.sh:
|
shell01.foo.sh:
|
||||||
|
|
@ -161,6 +164,7 @@ rocky9:
|
||||||
mirror:
|
mirror:
|
||||||
mongodb:
|
mongodb:
|
||||||
prometheus:
|
prometheus:
|
||||||
|
sane:
|
||||||
sqldb:
|
sqldb:
|
||||||
static:
|
static:
|
||||||
vmhost:
|
vmhost:
|
||||||
|
|
|
||||||
40
playbooks/sane.yml
Normal file
40
playbooks/sane.yml
Normal file
|
|
@ -0,0 +1,40 @@
|
||||||
|
---
|
||||||
|
- name: Deploy KVM virtual machines
|
||||||
|
ansible.builtin.import_playbook: include/deploy-kvm-guest.yml
|
||||||
|
vars:
|
||||||
|
myhosts: sane
|
||||||
|
|
||||||
|
- name: Configure instance
|
||||||
|
hosts: sane
|
||||||
|
user: root
|
||||||
|
gather_facts: true
|
||||||
|
|
||||||
|
vars_files:
|
||||||
|
- "{{ ansible_private }}/vars.yml"
|
||||||
|
|
||||||
|
roles:
|
||||||
|
- base
|
||||||
|
- sane
|
||||||
|
- scanservjs
|
||||||
|
- mod_auth_gssapi
|
||||||
|
- role: keytab
|
||||||
|
keytab_path: /etc/httpd/httpd.keytab
|
||||||
|
keytab_principals: HTTP/scan.foo.sh@FOO.SH
|
||||||
|
keytab_group: apache
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: Require authentication for scanservjs
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /etc/httpd/conf.local.d/scanservjs-auth.conf
|
||||||
|
content: |
|
||||||
|
<Location /scanservjs>
|
||||||
|
AuthType GSSAPI
|
||||||
|
GssapiBasicAuth On
|
||||||
|
AuthName "Password Required"
|
||||||
|
Require valid-user
|
||||||
|
</Location>
|
||||||
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: "{{ ansible_wheel }}"
|
||||||
|
notify: Restart apache
|
||||||
|
|
||||||
2
site.yml
2
site.yml
|
|
@ -47,6 +47,8 @@
|
||||||
ansible.builtin.import_playbook: playbooks/proxy.yml
|
ansible.builtin.import_playbook: playbooks/proxy.yml
|
||||||
- name: Configure relay hosts
|
- name: Configure relay hosts
|
||||||
ansible.builtin.import_playbook: playbooks/relay.yml
|
ansible.builtin.import_playbook: playbooks/relay.yml
|
||||||
|
- name: Configure sane hosts
|
||||||
|
ansible.builtin.import.playbook: playbooks/sane.yml
|
||||||
- name: Configure shell hosts
|
- name: Configure shell hosts
|
||||||
ansible.builtin.import_playbook: playbooks/shell.yml
|
ansible.builtin.import_playbook: playbooks/shell.yml
|
||||||
- name: Configure sqldb hosts
|
- name: Configure sqldb hosts
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue