PVE-Cluster: Playbooks angepasst

This commit is contained in:
Michael Grote 2021-02-14 14:53:52 +01:00
parent 1b5c28dad5
commit 36ebd32aad
5 changed files with 31 additions and 6 deletions

View file

@ -13,10 +13,6 @@
smart_smartctlmail_cron_minutes: "15"
smart_smartctlmail_cron_hours: "6"
smart_smartctlmail_cron_weekday: "3"
### mgrote.tmux
tmux_conf_destination: "/root/.tmux.conf"
tmux_bashrc_destination: "/root/.bashrc"
tmux_standardsession_name: "default"
### mgrote.zfs_extra # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_*
zfs_extra_max_usage_health: "80"

View file

@ -57,6 +57,8 @@ all:
hosts:
gitlab-runner-test.grote.lan:
gitlab-runner.grote.lan:
gitlab-runner2.grote.lan:
gitlab-runner3.grote.lan:
production:
hosts:
@ -72,6 +74,8 @@ all:
gitlab-runner.grote.lan:
pve3.grote.lan:
pve4.grote.lan:
gitlab-runner2.grote.lan:
gitlab-runner3.grote.lan:
test:
hosts:
wireguard-test.grote.lan:

View file

@ -2,5 +2,6 @@
- hosts: all
roles:
- { role: mgrote.motd, tags: "motd" }
- { role: mgrote.tmux, tags: "tmux", when: "not 'proxmox' in group_names" }
- { role: mgrote.tmux, tags: "tmux",
when: "not 'proxmox' in group_names" }
- { role: geerlingguy.dotfiles, become: true, tags: "dotfiles" }

View file

@ -3,7 +3,9 @@
roles:
- { role: mgrote.fail2ban, tags: "f2b" }
- { role: mgrote.postfix, tags: "postfix" }
- { role: mgrote.deactivate_ssh_password_login, tags: "ssh" }
- { role: mgrote.deactivate_ssh_password_login,
tags: "ssh",
when: "not 'proxmox' in group_names" }
- { role: oefenweb.ufw, # Regeln werden in den Group/Host-Vars gesetzt
tags: "ufw",
become: true,

View file

@ -0,0 +1,22 @@
---
- hosts: proxmox
become: yes
tasks:
- name: allow ssh login with password
become: yes
ansible.builtin.lineinfile:
path: /etc/ssh/sshd_config
regexp: 'PasswordAuthentication no'
line: '#PasswordAuthentication yes'
state: present
validate: "/usr/sbin/sshd -T -f %s"
notify: restart_sshd
handlers:
- name: restart_sshd
become: yes
systemd:
name: sshd
enabled: yes
state: restarted