freifunk/Ansible-Configuration Changeset - 5cef574d0b15 · Chaos Computer Club Lëtzebuerg Projects

Changeset - 5cef574d0b15

Parent rev.

Child rev.

[Not reviewed]

0 2 0

x - 21 months ago 2023-08-21 22:51:41
xbr@c3l.lu

style: use inventory name for hostname + add network_index

2 files changed with 4 insertions and 4 deletions:

hosts

initial_server_setup/initial_setup.yml

0 comments (0 inline, 0 general)

hosts

➞

Show inline comments

 # This is the default ansible 'hosts' file.
+#
 # It should live in /etc/ansible/hosts
+#
 #   - Comments begin with the '#' character
 #   - Blank lines are ignored
 #   - Groups of hosts are delimited by [header] elements
 #   - You can enter hostnames or ip addresses
 #   - A hostname/ip can be a member of multiple groups
 # server list is here
-fflux-test ansible_host=89.58.3.252 new_hostname=fflux-test
+fflux-test ansible_host=89.58.3.252 network_index=19
 # machines which are used for tests
 [test]
 fflux-test
 # variable for the test group come here
 [test:vars]
 #mac1=ca:fe:ca:fe:00:19
 #ipv4=10.24.128.19
 #ipv6=fd4e:f2d7:88d2:fffe::19
 #vars_files: /etc/ansible/host_vars/firmware.freifunk.lu
 # all machine variables come here
 [all:vars]
 ansible_python_interpreter=/usr/bin/python3
 ansible_ssh_private_key_file=/home/fflux/.ssh/fflux_fflux
 # new machine come here
 [initial]
 #fflux-test
 # machines which run api.freifunk.lu
 [API]

initial_server_setup/initial_setup.yml

➞

Show inline comments

@@ @@ -7,64 +7,64 @@ @@
     - ../user_vars.yml
   vars:
     password: Welcome1234
   tasks:
     - name: Update + Upgrade packages
       ansible.builtin.apt:
         upgrade: true
         update_cache: true
       tags: basic
     - name: Install some basic packages
       ansible.builtin.apt:
         pkg:
           - sudo
           - git
           - vim
           - python3
           - python3-pip
       tags: basic
     # Change Hostname
     - name: "Update Hostnames"
       ansible.builtin.hostname:
-        name: "{{ new_hostname }}"
+        name: "{{ inventory_hostname }}"
       tags: hostname
     # Update /etc/hosts
     - name: Make sure an IPV4 entry in /etc/hosts exists
       ansible.builtin.lineinfile:
         path: /etc/hosts
         regexp: "^{{ ansible_default_ipv4.address }}"
-        line: "{{ ansible_default_ipv4.address }} {{ new_hostname }} {{ new_hostname }}.freifunk.lu"
+        line: "{{ ansible_default_ipv4.address }} {{ inventory_hostname }} {{ inventory_hostname }}.freifunk.lu"
         state: present
       tags: network,hostname,dns
     - name: Make sure an IPV6 entry in /etc/hosts exists
       ansible.builtin.lineinfile:
         path: /etc/hosts
         regexp: "^{{ ansible_default_ipv6.address }}"
-        line: "{{ ansible_default_ipv6.address }} {{ new_hostname }} {{ new_hostname }}.freifunk.lu"
+        line: "{{ ansible_default_ipv6.address }} {{ inventory_hostname }} {{ inventory_hostname }}.freifunk.lu"
         state: present
       tags: network,hostname,dns
     # SSH security improvements (EmptyPass, PassAuth, RootLogin)
     - name: Disable SSH Password Auth
       ansible.builtin.copy:
         dest: /etc/ssh/sshd_config.d/disable_password_auth.conf
         owner: root
         mode: u=rw, g=r, o=r
         content: |
           '# {{ ansible_managed }}'
           'PasswordAuthentication no'
       tags: network,ssh
     - name: Disable SSH Empty Password
       ansible.builtin.copy:
         dest: /etc/ssh/sshd_config.d/disable_empty_password.conf
         owner: root
         mode: u=rw, g=r, o=r
         content: |
           '# {{ ansible_managed }}'
           'PermitEmptyPasswords no'
       tags: network,ssh
     - name: Disable SSH Root Login
       ansible.builtin.copy:

0 comments (0 inline, 0 general)