add etckeeper (#649)
Reviewed-on: #649 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
parent
170e788c9b
commit
154a6d6c41
|
@ -1,7 +1,4 @@
|
||||||
---
|
---
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: ansible-lint
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- gitleaks
|
- gitleaks
|
||||||
steps:
|
steps:
|
||||||
|
@ -9,11 +6,14 @@ steps:
|
||||||
image: quay.io/ansible/creator-ee
|
image: quay.io/ansible/creator-ee
|
||||||
commands:
|
commands:
|
||||||
- ansible-lint --version
|
- ansible-lint --version
|
||||||
- echo $VAULT-PASS > ./vault-pass.yml # nach des Secret in Großschreibung
|
- echo $${VAULTPASS} > ./vault-pass.yml # nach des Secret in Großschreibung
|
||||||
|
- cat ./vault-pass.yml #debug
|
||||||
- ansible-galaxy install -r requirements.yml
|
- ansible-galaxy install -r requirements.yml
|
||||||
- ansible-lint --force-color --format pep8
|
- ansible-lint --force-color --format pep8
|
||||||
when:
|
when:
|
||||||
event:
|
event:
|
||||||
exclude:
|
exclude:
|
||||||
- tag
|
- tag
|
||||||
secret: [vault-pass] #dieses Secret darf verwendet werden
|
secrets:
|
||||||
|
- source: vault-pass # name des Secrets in Woodpecker/GUI
|
||||||
|
target: vaultpass # lower-case Name der variable zur Verwendung in dem CI-File, wird dann so genutzt $${VAULTPASS}
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
---
|
---
|
||||||
kind: pipeline
|
|
||||||
type: docker
|
|
||||||
name: gitleaks
|
|
||||||
steps:
|
steps:
|
||||||
gitleaks:
|
gitleaks:
|
||||||
image: zricethezav/gitleaks:latest
|
image: zricethezav/gitleaks:latest
|
||||||
|
|
|
@ -3,6 +3,8 @@
|
||||||
roles:
|
roles:
|
||||||
- role: mgrote_ntp_chrony_client
|
- role: mgrote_ntp_chrony_client
|
||||||
tags: "ntp"
|
tags: "ntp"
|
||||||
|
- role: mgrote_etckeeper
|
||||||
|
tags: "etckeeper"
|
||||||
- role: mgrote_postfix
|
- role: mgrote_postfix
|
||||||
tags: "postfix"
|
tags: "postfix"
|
||||||
- role: mgrote_fail2ban
|
- role: mgrote_fail2ban
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
- name: ensure etckeeper is installed
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- etckeeper
|
||||||
|
- git
|
||||||
|
state: present
|
||||||
|
install_recommends: false
|
||||||
|
|
||||||
|
- name: ensure repository is initialized
|
||||||
|
ansible.builtin.command: etckeeper init
|
||||||
|
args:
|
||||||
|
chdir: /etc/
|
||||||
|
creates: /etc/.etckeeper
|
||||||
|
...
|
Loading…
Reference in New Issue