79 lines
1.5 KiB
YAML
79 lines
1.5 KiB
YAML
---
|
|
- name: create logsync group
|
|
group:
|
|
name: logsync
|
|
system: true
|
|
|
|
- name: create logsync user
|
|
user:
|
|
name: logsync
|
|
comment: Service logsync
|
|
createhome: false
|
|
group: logsync
|
|
home: /var/empty
|
|
shell: /sbin/nologin
|
|
system: true
|
|
|
|
- name: create logsync ssh key directory
|
|
file:
|
|
path: /etc/ssh/logsync
|
|
state: directory
|
|
mode: 0750
|
|
owner: root
|
|
group: logsync
|
|
|
|
- name: create logsync ssh keys
|
|
command:
|
|
argv:
|
|
- ssh-keygen
|
|
- -t
|
|
- ed25519
|
|
- -C
|
|
- "logsync@{{ inventory_hostname }}"
|
|
- -f
|
|
- /etc/ssh/logsync/id_ed25519
|
|
creates: /etc/ssh/logsync/id_ed25519
|
|
|
|
- name: fix logsync ssh key permissions
|
|
file:
|
|
path: "{{ item }}"
|
|
owner: root
|
|
group: logsync
|
|
mode: 0640
|
|
with_items:
|
|
- /etc/ssh/logsync/id_ed25519
|
|
- /etc/ssh/logsync/id_ed25519.pub
|
|
|
|
- import_role:
|
|
name: rclone
|
|
vars:
|
|
local_user: logsync
|
|
remote_user: logsync
|
|
hostgroup: webservers
|
|
destination: /var/cache/sync-http-logs
|
|
private_key: /etc/ssh/logsync/id_ed25519
|
|
|
|
- name: create cache directory
|
|
file:
|
|
path: /var/cache/sync-http-logs
|
|
state: directory
|
|
mode: 0750
|
|
owner: logsync
|
|
group: logsync
|
|
|
|
- name: create log directory
|
|
file:
|
|
path: /export/web-log
|
|
state: directory
|
|
mode: 0750
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: link data directory
|
|
file:
|
|
dest: /srv/web-log
|
|
src: /export/web-log
|
|
state: link
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
follow: false
|