mikepell/dsfin-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- more updates to os-specific setups

Browse Source
This commit is contained in:
Pi
2019-07-29 11:54:52 -04:00
parent f16d598797
commit b85b326204
3 changed files with 95 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
hosts
View File

@@ -1,121 +1,76 @@
sdwcltm2 ansible_host=192.168.50.2 site_clli=CRHMNJAW # list all of the raspberry PI devices in the network
sdwcltm3 ansible_host=192.168.201.55 site_clli=MTLRNJIK # the host name on each will be set to the first column
sdwcltm5 ansible_host=10.8.0.8 site_clli=PHLJPAMT # it can be 1-20 characters, letters, digits, and hyphens
sdwsrvm ansible_host=192.168.60.2 site_clli=WLGRPABW wes-host1 ansible_host=192.168.88.217
sdwcltm8 ansible_host=192.168.150.2 site_clli=FTCLCORN wes-host2 ansible_host=192.168.88.240
ubuntu-server-2 ansible_host=192.168.198.2 site_clli=CMCYCOJL wes-host3 ansible_host=192.168.88.218
sdwcltm7 ansible_host=192.168.199.2 site_clli=SRSPNYGN
sdwsrvl ansible_host=192.168.90.2 site_clli=LSBGFL59
sdwcltm4 ansible_host=192.168.100.2 site_clli=PROVUTZZ
sdwcltm6 ansible_host=192.168.200.34 site_clli=PHLJPAMT
ubuntu-server-1 ansible_host=192.168.201.2 site_clli=MTLRNJIK
sdwcltm9 ansible_host=192.168.200.163 site_clli=NRCRGAQN
#192.168.201.3
ipsectest1 ansible_host=192.168.201.90
ssh-jump ansible_host=192.168.201.9
[ansible-host] [ansible-hosts]
ubuntu-server-1 # there must only be one ansible-host. this is the device
# that will act as the configuration server
wes-host1
[update] [update]
# machines for auto package update # machines for auto package update
# this allows for excluding certain # this allows for excluding certain
# machines from automatically updating # machines from automatically updating
# installed packages # installed packages
sdwcltm2
sdwcltm3
sdwcltm5
sdwsrvm
sdwcltm8
sdwcltm7
sdwsrvl
sdwcltm4
sdwcltm6
sdwcltm9
ipsectest1
[pi] [pi]
sdwcltm2 # include all Raspberry Pi devces here
sdwcltm3 wes-host1
sdwcltm5 wes-host2
sdwsrvm wes-host3
sdwcltm8
sdwcltm6 # use variables for passwords
sdwcltm7 # currently not implemented
sdwsrvl [pi:vars]
sdwcltm4 vncpassword=vncpass99
#192.168.201.3 pipassword=pipassword99
[samba-server] [samba-server]
ipsectest1 # it is best to have only one samba-server host
wes-host1
[smbclient] [smbclient]
sdwcltm2 # it would probably be best to limit this to 10 clients
sdwcltm3 wes-host2
ubuntu-server-1 wes-host3
sdwcltm5
sdwsrvm
sdwcltm8
sdwcltm6
sdwcltm7
sdwsrvl
sdwcltm4
sdwcltm9
[public] [public]
ubuntu-server-1 # not currently used
#
[snmpd] [snmpd]
#192.168.201.3 # installs SNMP daemon
sdwcltm2 #
sdwcltm3
sdwcltm6
sdwcltm8
[netflows] [netflows]
# installs flow client
#
[facebook] [facebook]
sdwcltm5 # devices can be set up for facebook, salesforce or youtube
sdwsrvm # these are mutually exclusive and must be checked by you as there
sdwcltm4 # is no automated process for that
wes-host1
[salesforce] [salesforce]
sdwcltm3 # see comment for facebook
sdwcltm6 wes-host2
sdwcltm7
sdwsrvl
sdwcltm8
[youtube] [youtube]
sdwcltm2 # see comment for facebook
sdwcltm3 wes-host3
[ftpclient] [ftpclient]
sdwcltm2
sdwcltm3
sdwcltm4
sdwcltm5
sdwcltm6
sdwcltm7
sdwcltm8
sdwsrvm
ubuntu-server-1
[sipclient] [sipclient]
sdwcltm2 # generates VoIP traffic, signaling and media
sdwcltm3 wes-host1
sdwcltm4 wes-host3
sdwcltm5
sdwcltm6
sdwcltm7
sdwcltm8
sdwcltm9
sdwsrvl
sdwsrvm
[sipserver] [sipserver]
ubuntu-server-2 # there must only be one sipserver
wes-host2
[ntopng] [ntopng]
sdwcltm5 # hosts running ntop
sdwcltm6

23
roles/common/tasks/main.yaml
View File

@@ -53,7 +53,8 @@
state: restarted state: restarted
tags: enable_openvpn tags: enable_openvpn
when: openvpn_enabled when: openvpn_enabled
- lineinfile: - name: allow pi to sudo without pw
lineinfile:
path: /etc/sudoers path: /etc/sudoers
state: present state: present
regexp: '^%sudo' regexp: '^%sudo'
@@ -61,16 +62,16 @@
validate: 'visudo -cf %s' validate: 'visudo -cf %s'
become: true become: true
tags: pi_sudo tags: pi_sudo
- name: Ensure the locale exists #- name: Ensure the locale exists
locale_gen: # locale_gen:
name: en_US.UTF-8 # name: en_US.UTF-8
state: present # state: present
become: yes # become: yes
- name: set as default locale #- name: set as default locale
command: raspi-config nonint do_change_locale en_US.UTF-8 # command: raspi-config nonint do_change_locale en_US.UTF-8
become: yes # become: yes
- name: set keyboard to us #- name: set keyboard to us
command: raspi-config nonint do_configure_keyboard us # command: raspi-config nonint do_configure_keyboard us
- name: pi - name: pi
become: yes become: yes
user: user:

7
roles/common/vars/os_Ubuntu_18.yml Normal file
View File

@@ -0,0 +1,7 @@
---
dependency_packages:
- vim
- mc
- build-essential
- openvpn
- aptitude