Mercurial Mercurial > ansible-roles / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Base is rpi specific.
authorLuke Hoersten <luke@hoersten.org>
Sun, 09 Feb 2020 12:20:22 -0600
changeset 3 0dc5400538ef
parent 2 2556522a2a45
child 4 46fe3aa0080c
Base is rpi specific.
base/defaults/main.yaml file | annotate | diff | comparison | revisions
base/files/jail.local file | annotate | diff | comparison | revisions
base/tasks/main.yml file | annotate | diff | comparison | revisions
base/templates/wpa_supplicant.conf.j2 file | annotate | diff | comparison | revisions
rpi-base/defaults/main.yaml file | annotate | diff | comparison | revisions
rpi-base/files/jail.local file | annotate | diff | comparison | revisions
rpi-base/tasks/main.yml file | annotate | diff | comparison | revisions
rpi-base/templates/wpa_supplicant.conf.j2 file | annotate | diff | comparison | revisions 
--- a/base/defaults/main.yaml	Sun Feb 09 12:05:37 2020 -0600
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
----
-
-rpi_base_enable_wifi: True
-rpi_base_timezone: "America/Chicago"
-rpi_base_apt_packages:
-  - "log2ram"
-  - "fail2ban"
-  - "unattended-upgrades"
-  - "emacs-nox"
-  - "htop"
-  - "jq"
-  - "tree"
-  - "iperf3"
--- a/base/files/jail.local	Sun Feb 09 12:05:37 2020 -0600
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,10 +0,0 @@
-[ssh]
-
-enabled = true
-port = ssh
-filter = sshd
-logpath = /var/log/auth.log
-bantime = 900
-banaction = iptables-allports
-findtime = 900
-maxretry = 3
--- a/base/tasks/main.yml	Sun Feb 09 12:05:37 2020 -0600
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,42 +0,0 @@
----
-
-- name: turn swap off
-  become: yes
-  command: "swapoff -a"
-  changed_when: false
-
-- name: remove swap apt package
-  become: yes
-  apt: state="absent" name="dphys-swapfile"
-
-- name: add log2ram apt key
-  become: yes
-  apt_key: url="https://azlux.fr/repo.gpg.key"
-
-- name: add log2ram apt repo
-  become: yes
-  apt_repository: repo="deb http://packages.azlux.fr/debian/ buster main"
-
-- name: set timezone
-  become: yes
-  timezone: name="{{rpi_base_timezone}}"
-
-- name: setup wifi
-  become: yes
-  template: src="wpa_supplicant.conf.j2" dest="/etc/wpa_supplicant/wpa_supplicant.conf" mode="0644"
-
-- name: update apt package cache
-  become: yes
-  apt: upgrade="dist" autoremove="yes" autoclean="yes" update_cache="yes" cache_valid_time="3600"
-
-- name: install extra apt packages
-  become: yes
-  apt: name="{{rpi_base_apt_packages}}" state="latest"
-
-- name: install fail2ban config
-  become: yes
-  copy: src="jail.local" dest="/etc/fail2ban/jail.local"
-
-- name: authorize admin ssh keys
-  become: yes
-  authorized_key: user="{{ansible_user}}" key="https://github.com/{{github_user}}.keys"
--- a/base/templates/wpa_supplicant.conf.j2	Sun Feb 09 12:05:37 2020 -0600
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-# {{ansible_managed}}
-
-country=US
-ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
-update_config=1
-{% for network in wpa_networks %}
-
-network={
-    ssid="{{network.ssid}}"
-    psk="{{network.psk}}"
-    disabled={% if rpi_base_enable_wifi %}0{% else %}1{% endif %}
-
-}
-{% endfor %}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rpi-base/defaults/main.yaml	Sun Feb 09 12:20:22 2020 -0600
@@ -0,0 +1,13 @@
+---
+
+rpi_base_enable_wifi: True
+rpi_base_timezone: "America/Chicago"
+rpi_base_apt_packages:
+  - "log2ram"
+  - "fail2ban"
+  - "unattended-upgrades"
+  - "emacs-nox"
+  - "htop"
+  - "jq"
+  - "tree"
+  - "iperf3"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rpi-base/files/jail.local	Sun Feb 09 12:20:22 2020 -0600
@@ -0,0 +1,10 @@
+[ssh]
+
+enabled = true
+port = ssh
+filter = sshd
+logpath = /var/log/auth.log
+bantime = 900
+banaction = iptables-allports
+findtime = 900
+maxretry = 3
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rpi-base/tasks/main.yml	Sun Feb 09 12:20:22 2020 -0600
@@ -0,0 +1,42 @@
+---
+
+- name: turn swap off
+  become: yes
+  command: "swapoff -a"
+  changed_when: false
+
+- name: remove swap apt package
+  become: yes
+  apt: state="absent" name="dphys-swapfile"
+
+- name: add log2ram apt key
+  become: yes
+  apt_key: url="https://azlux.fr/repo.gpg.key"
+
+- name: add log2ram apt repo
+  become: yes
+  apt_repository: repo="deb http://packages.azlux.fr/debian/ buster main"
+
+- name: set timezone
+  become: yes
+  timezone: name="{{rpi_base_timezone}}"
+
+- name: setup wifi
+  become: yes
+  template: src="wpa_supplicant.conf.j2" dest="/etc/wpa_supplicant/wpa_supplicant.conf" mode="0644"
+
+- name: update apt package cache
+  become: yes
+  apt: upgrade="dist" autoremove="yes" autoclean="yes" update_cache="yes" cache_valid_time="3600"
+
+- name: install extra apt packages
+  become: yes
+  apt: name="{{rpi_base_apt_packages}}" state="latest"
+
+- name: install fail2ban config
+  become: yes
+  copy: src="jail.local" dest="/etc/fail2ban/jail.local"
+
+- name: authorize admin ssh keys
+  become: yes
+  authorized_key: user="{{ansible_user}}" key="https://github.com/{{github_user}}.keys"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/rpi-base/templates/wpa_supplicant.conf.j2	Sun Feb 09 12:20:22 2020 -0600
@@ -0,0 +1,14 @@
+# {{ansible_managed}}
+
+country=US
+ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
+update_config=1
+{% for network in wpa_networks %}
+
+network={
+    ssid="{{network.ssid}}"
+    psk="{{network.psk}}"
+    disabled={% if rpi_base_enable_wifi %}0{% else %}1{% endif %}
+
+}
+{% endfor %}
ansible-roles