diff --git a/.gitignore b/.gitignore index 1377554ebe..b94898552f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ *.swp +*.pyc diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml index 805ee4e11e..23aa481c39 100644 --- a/handlers/restart_services.yml +++ b/handlers/restart_services.yml @@ -26,9 +26,6 @@ - name: restart crond action: service name=crond state=restarted -- name: restart denyhosts - action: service name=denyhosts state=restarted - - name: restart httpd action: service name=httpd state=restarted @@ -59,9 +56,6 @@ - name: restart nfslock action: service name=nfslock state=restarted -- name: restart nrpe - action: service name=nrpe state=restarted - - name: restart ntpd action: service name=ntpd state=restarted @@ -71,9 +65,6 @@ - name: restart postfix action: service name=postfix state=restarted -- name: restart postgresql - service: name=postgresql state=restarted - - name: restart rpcbind action: service name=rpcbind state=restarted @@ -92,11 +83,7 @@ - name: restart sshd action: service name=sshd state=restarted -- name: restart supervisord - action: service name=supervisord state=restarted - - name: restart xinetd action: service name=xinetd state=restarted -- name: run fasclient - action: command /usr/bin/fasClient -i + diff --git a/playbooks/groups/arm-packager.yml b/playbooks/groups/arm-packager.yml index efdc0faaf2..fa02fa42d5 100644 --- a/playbooks/groups/arm-packager.yml +++ b/playbooks/groups/arm-packager.yml @@ -11,17 +11,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - fas_client + tasks: # this is how you include other task lists - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml handlers: - include: $handlers/restart_services.yml diff --git a/playbooks/groups/arm-qa.yml b/playbooks/groups/arm-qa.yml index af789b28ad..3f281af25f 100644 --- a/playbooks/groups/arm-qa.yml +++ b/playbooks/groups/arm-qa.yml @@ -11,17 +11,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - fas_client + tasks: # this is how you include other task lists - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml handlers: - include: $handlers/restart_services.yml diff --git a/playbooks/groups/arm-releng.yml b/playbooks/groups/arm-releng.yml index d2f32129ba..3858ee9b79 100644 --- a/playbooks/groups/arm-releng.yml +++ b/playbooks/groups/arm-releng.yml @@ -10,9 +10,10 @@ - /srv/web/infra/ansible/vars/global.yml - ${private}/vars.yml + roles: + - fas_client + tasks: - # This task sets up fas_client for user management - - include: $tasks/fas_client.yml # This task sets up /etc/hosts for us - include: $tasks/hosts.yml # This task includes our common scripts diff --git a/playbooks/groups/backup-server.yml b/playbooks/groups/backup-server.yml index 965c8cb478..90a4dd46b3 100644 --- a/playbooks/groups/backup-server.yml +++ b/playbooks/groups/backup-server.yml @@ -13,18 +13,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml - tasks: + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/mysql_server.yml - include: $tasks/bacula_server.yml - include: $tasks/rdiff_backup_server.yml diff --git a/playbooks/groups/badges-backend.yml b/playbooks/groups/badges-backend.yml index 77514dd7ff..696cf09437 100644 --- a/playbooks/groups/badges-backend.yml +++ b/playbooks/groups/badges-backend.yml @@ -29,17 +29,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/openvpn_client.yml only_if: "'$env' != 'staging'" - include: $tasks/fedmsg_base.yml diff --git a/playbooks/groups/badges-web.yml b/playbooks/groups/badges-web.yml index c93eb85da4..41a70f2a94 100644 --- a/playbooks/groups/badges-web.yml +++ b/playbooks/groups/badges-web.yml @@ -32,17 +32,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/openvpn_client.yml only_if: "'$env' != 'staging'" - include: $tasks/fedmsg_base.yml diff --git a/playbooks/groups/beaker.yml b/playbooks/groups/beaker.yml index ddd2dd2155..6296bd247c 100644 --- a/playbooks/groups/beaker.yml +++ b/playbooks/groups/beaker.yml @@ -28,19 +28,21 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: # this is how you include other task lists - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/collectd/client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml handlers: - include: $handlers/restart_services.yml diff --git a/playbooks/groups/gallery.yml b/playbooks/groups/gallery.yml index 596ce8b682..17e1961c34 100644 --- a/playbooks/groups/gallery.yml +++ b/playbooks/groups/gallery.yml @@ -29,17 +29,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/fedmsg_base.yml - include: $tasks/apache.yml diff --git a/playbooks/groups/kernel-qa.yml b/playbooks/groups/kernel-qa.yml index b08ebe32b1..b46335ab8e 100644 --- a/playbooks/groups/kernel-qa.yml +++ b/playbooks/groups/kernel-qa.yml @@ -12,18 +12,20 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: # this is how you include other task lists - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml handlers: diff --git a/playbooks/groups/keyserver.yml b/playbooks/groups/keyserver.yml index d8a4ba7a38..9c1c29693a 100644 --- a/playbooks/groups/keyserver.yml +++ b/playbooks/groups/keyserver.yml @@ -29,17 +29,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/fedmsg_base.yml - include: $tasks/apache.yml - include: $tasks/keyserver.yml diff --git a/playbooks/groups/koji-hub.yml b/playbooks/groups/koji-hub.yml index 4d26766d90..1cf81954a2 100644 --- a/playbooks/groups/koji-hub.yml +++ b/playbooks/groups/koji-hub.yml @@ -30,17 +30,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/collectd/client.yml - include: $tasks/koji/koji_hub.yml diff --git a/playbooks/groups/mailman.yml b/playbooks/groups/mailman.yml index d85eab8e69..bea5f23197 100644 --- a/playbooks/groups/mailman.yml +++ b/playbooks/groups/mailman.yml @@ -28,19 +28,21 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: # this is how you include other task lists - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/collectd/client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml handlers: - include: $handlers/restart_services.yml diff --git a/playbooks/groups/mirrorlist.yml b/playbooks/groups/mirrorlist.yml index a6bc4d1e63..f824d6b55d 100644 --- a/playbooks/groups/mirrorlist.yml +++ b/playbooks/groups/mirrorlist.yml @@ -38,24 +38,26 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - geoip + - fas_client + - mirrorlist + tasks: # this is how you include other task lists - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/collectd/client.yml - include: $tasks/openvpn_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/apache.yml - include: $tasks/mod_wsgi.yml - - include: $tasks/geoip.yml - - include: $tasks/mirrorlist.yml handlers: diff --git a/playbooks/groups/postgresl-server.yml b/playbooks/groups/postgresl-server.yml index d95801dd73..bb33a360ff 100644 --- a/playbooks/groups/postgresl-server.yml +++ b/playbooks/groups/postgresl-server.yml @@ -30,20 +30,21 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml - tasks: + roles: + - rkhunter + - denyhosts + - nagios_client + - postgresql_server + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/collectd/client.yml - - include: $tasks/postgresql_server.yml # TODO: add iscsi task diff --git a/playbooks/groups/releng.yml b/playbooks/groups/releng.yml index 649cfbbc5c..f6428405a0 100644 --- a/playbooks/groups/releng.yml +++ b/playbooks/groups/releng.yml @@ -31,10 +31,12 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - nagios_client + tasks: - include: $tasks/koji/releng_config.yml - include: $tasks/motd.yml - - include: $tasks/nagios_client.yml handlers: - include: $handlers/restart_services.yml diff --git a/playbooks/groups/sign.yml b/playbooks/groups/sign.yml index c287286cd4..1c5c64d20c 100644 --- a/playbooks/groups/sign.yml +++ b/playbooks/groups/sign.yml @@ -19,9 +19,11 @@ tasks: - include: $tasks/base.yml - include: $tasks/serialgetty.yml - - include: $tasks/rkhunter.yml - include: $tasks/motd.yml - include: $tasks/sign_setup.yml + roles: + - rkhunter + handlers: - include: $handlers/restart_services.yml diff --git a/playbooks/groups/taskbot.yml b/playbooks/groups/taskbot.yml index 5c4e24ab9c..eab5ae91e3 100644 --- a/playbooks/groups/taskbot.yml +++ b/playbooks/groups/taskbot.yml @@ -28,19 +28,21 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: # this is how you include other task lists - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/collectd/client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml handlers: - include: $handlers/restart_services.yml diff --git a/playbooks/groups/virthost.yml b/playbooks/groups/virthost.yml index 5d5b22c018..ab93d9071f 100644 --- a/playbooks/groups/virthost.yml +++ b/playbooks/groups/virthost.yml @@ -12,18 +12,19 @@ - ${private}/vars.yml - ${vars}/${ansible_distribution}.yml - tasks: + roles: + - rkhunter + - denyhosts + - nagios_client + - fas_client + tasks: - include: $tasks/hosts.yml - include: $tasks/yumrepos.yml - include: $tasks/base.yml - - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - - include: $tasks/rkhunter.yml - - include: $tasks/denyhosts.yml - - include: $tasks/nagios_client.yml - include: $tasks/collectd/client.yml - include: $tasks/virthost.yml diff --git a/playbooks/rkhunter_update.yml b/playbooks/rkhunter_update.yml index a47d6bf266..c69ea645e6 100644 --- a/playbooks/rkhunter_update.yml +++ b/playbooks/rkhunter_update.yml @@ -6,20 +6,20 @@ tasks: - name: expire-caches - action: command yum clean expire-cache + command: yum clean expire-cache - name: yum -y ${yumcommand} - action: command yum -y ${yumcommand} + command: yum -y ${yumcommand} async: 7200 poll: 15 - name: check for rkhunter - action: command /usr/bin/test -f /usr/bin/rkhunter + command: /usr/bin/test -f /usr/bin/rkhunter register: rkhunter ignore_errors: true - name: run rkhunter --propupd - action: command /usr/bin/rkhunter --propupd + command: /usr/bin/rkhunter --propupd when: rkhunter|success diff --git a/files/denyhosts/allowed-hosts b/roles/denyhosts/files/allowed-hosts similarity index 100% rename from files/denyhosts/allowed-hosts rename to roles/denyhosts/files/allowed-hosts diff --git a/files/denyhosts/denyhosts.conf b/roles/denyhosts/files/denyhosts.conf similarity index 100% rename from files/denyhosts/denyhosts.conf rename to roles/denyhosts/files/denyhosts.conf diff --git a/roles/denyhosts/handlers/main.yml b/roles/denyhosts/handlers/main.yml new file mode 100644 index 0000000000..83c446bce7 --- /dev/null +++ b/roles/denyhosts/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart denyhosts + action: service name=denyhosts state=restarted diff --git a/tasks/denyhosts.yml b/roles/denyhosts/tasks/main.yml similarity index 71% rename from tasks/denyhosts.yml rename to roles/denyhosts/tasks/main.yml index cc4e7566a9..1e0a1c40da 100644 --- a/tasks/denyhosts.yml +++ b/roles/denyhosts/tasks/main.yml @@ -6,14 +6,14 @@ - packages - name: /etc/denyhosts.conf - copy: src=$files/denyhosts/denyhosts.conf dest=/etc/denyhosts.conf + copy: src=denyhosts.conf dest=/etc/denyhosts.conf notify: - restart denyhosts tags: - config - name: /var/lib/denyhosts/allowed-hosts - copy: src=$files/denyhosts/allowed-hosts dest=/var/lib/denyhosts/allowed-hosts + copy: src=allowed-hosts dest=/var/lib/denyhosts/allowed-hosts notify: - restart denyhosts tags: diff --git a/files/fas-client/fas-client.cron b/roles/fas_client/files/fas-client.cron similarity index 100% rename from files/fas-client/fas-client.cron rename to roles/fas_client/files/fas-client.cron diff --git a/files/fas-client/nsswitch.conf b/roles/fas_client/files/nsswitch.conf similarity index 100% rename from files/fas-client/nsswitch.conf rename to roles/fas_client/files/nsswitch.conf diff --git a/roles/fas_client/handlers/main.yml b/roles/fas_client/handlers/main.yml new file mode 100644 index 0000000000..354ef9d89b --- /dev/null +++ b/roles/fas_client/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: run fasclient + action: command /usr/bin/fasClient -i diff --git a/tasks/fas_client.yml b/roles/fas_client/tasks/main.yml similarity index 74% rename from tasks/fas_client.yml rename to roles/fas_client/tasks/main.yml index fedeb5b1fa..c2f64c7c8d 100644 --- a/tasks/fas_client.yml +++ b/roles/fas_client/tasks/main.yml @@ -9,7 +9,7 @@ # nss_db is needed to store user/group info. # - name: install package needed for fas-client - action: yum state=installed name=$item + yum: state=installed name=$item with_items: - fas-clients - cronie @@ -27,7 +27,7 @@ - packages - name: install nss_db on rhel hosts only - action: yum state=installed name=nss_db + yum: state=installed name=nss_db only_if: "'${ansible_distribution}' == 'RedHat'" tags: - packages @@ -36,7 +36,7 @@ # setup /etc/nsswitch.conf to use nssdb # - name: setup /etc/nsswitch.conf for client use - action: copy src=$files/fas-client/nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=644 + copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=644 tags: - config @@ -54,12 +54,12 @@ # Currently the default template is used, but could be modified on a host basis. # - name: setup /etc/fas.conf for client use - action: template src=$item dest=/etc/fas.conf owner=root mode=600 + template: src=$item dest=/etc/fas.conf owner=root mode=600 with_first_found: - - $files/fas-client/${ansible_fqdn}.fas.conf.j2 - - $files/fas-client/${ansible_hostname}.fas.conf.j2 - - $files/fas-client/${ansible_hostname}.fas.conf.j2 - - $files/fas-client/fas.conf.j2 + - ${ansible_fqdn}.fas.conf.j2 + - ${ansible_hostname}.fas.conf.j2 + - ${ansible_hostname}.fas.conf.j2 + - fas.conf.j2 tags: - config notify: @@ -75,6 +75,6 @@ # - config - name: fas_client cron job - action: copy src=$files/fas-client/fas-client.cron dest=/etc/cron.d/fas-client owner=root mode=644 + copy: src=fas-client.cron dest=/etc/cron.d/fas-client owner=root mode=644 tags: - config diff --git a/files/fas-client/fas.conf.j2 b/roles/fas_client/templates/fas.conf.j2 similarity index 100% rename from files/fas-client/fas.conf.j2 rename to roles/fas_client/templates/fas.conf.j2 diff --git a/files/geoip/geoip_sync b/roles/geoip/files/geoip_sync similarity index 100% rename from files/geoip/geoip_sync rename to roles/geoip/files/geoip_sync diff --git a/tasks/geoip.yml b/roles/geoip/tasks/main.yml similarity index 78% rename from tasks/geoip.yml rename to roles/geoip/tasks/main.yml index d37a5d5d07..da72a52b66 100644 --- a/tasks/geoip.yml +++ b/roles/geoip/tasks/main.yml @@ -10,6 +10,4 @@ with_fileglob: $bigfiles/geoip/*.dat - name: geoip syncing script via cron - copy: src=$files/geoip/geoip_sync dest=/etc/cron.d/geoip_sync mode=0644 - - + copy: src=geoip_sync dest=/etc/cron.d/geoip_sync mode=0644 diff --git a/files/mirrorlist/mirrorlist-server.conf b/roles/mirrorlist/files/mirrorlist-server.conf similarity index 100% rename from files/mirrorlist/mirrorlist-server.conf rename to roles/mirrorlist/files/mirrorlist-server.conf diff --git a/files/mirrorlist/mm-authorized_key b/roles/mirrorlist/files/mm-authorized_key similarity index 100% rename from files/mirrorlist/mm-authorized_key rename to roles/mirrorlist/files/mm-authorized_key diff --git a/files/mirrorlist/mm_sync_data b/roles/mirrorlist/files/mm_sync_data old mode 100755 new mode 100644 similarity index 100% rename from files/mirrorlist/mm_sync_data rename to roles/mirrorlist/files/mm_sync_data diff --git a/files/mirrorlist/supervisord.conf b/roles/mirrorlist/files/supervisord.conf similarity index 100% rename from files/mirrorlist/supervisord.conf rename to roles/mirrorlist/files/supervisord.conf diff --git a/tasks/mirrorlist.yml b/roles/mirrorlist/tasks/main.yml similarity index 83% rename from tasks/mirrorlist.yml rename to roles/mirrorlist/tasks/main.yml index 0bc4cf81e5..6fb68afdb7 100644 --- a/tasks/mirrorlist.yml +++ b/roles/mirrorlist/tasks/main.yml @@ -16,11 +16,11 @@ - name: add authorized_keys for mirrormanager authorized_key: key="{{ item }}" user=mirrormanager state=present with_file: - - $files/mirrorlist/mm-authorized_key + - mm-authorized_key # install mirrorlist-server.conf apache config - name: mirrorlist-server apache conf - copy: src=$files/mirrorlist/mirrorlist-server.conf dest=/etc/httpd/conf.d/mirrorlist-server.conf + copy: src=mirrorlist-server.conf dest=/etc/httpd/conf.d/mirrorlist-server.conf notify: - restart apache tags: @@ -39,7 +39,7 @@ # setup and configure supervisord - name: /etc/supervisord.conf - copy: src=$files/mirrorlist/supervisord.conf dest=/etc/supervisord.conf mode=0644 + copy: src=supervisord.conf dest=/etc/supervisord.conf mode=0644 notify: - restart supervisord diff --git a/files/nagios/client/check_cron.cfg b/roles/nagios_client/files/check_cron.cfg similarity index 100% rename from files/nagios/client/check_cron.cfg rename to roles/nagios_client/files/check_cron.cfg diff --git a/files/nagios/client/check_disk.cfg b/roles/nagios_client/files/check_disk.cfg similarity index 100% rename from files/nagios/client/check_disk.cfg rename to roles/nagios_client/files/check_disk.cfg diff --git a/files/nagios/client/check_lock.cfg b/roles/nagios_client/files/check_lock.cfg similarity index 100% rename from files/nagios/client/check_lock.cfg rename to roles/nagios_client/files/check_lock.cfg diff --git a/files/nagios/client/check_mirrorlist_cache.cfg b/roles/nagios_client/files/check_mirrorlist_cache.cfg similarity index 100% rename from files/nagios/client/check_mirrorlist_cache.cfg rename to roles/nagios_client/files/check_mirrorlist_cache.cfg diff --git a/files/nagios/client/check_postfix_queue.cfg b/roles/nagios_client/files/check_postfix_queue.cfg similarity index 100% rename from files/nagios/client/check_postfix_queue.cfg rename to roles/nagios_client/files/check_postfix_queue.cfg diff --git a/files/nagios/client/check_raid.cfg b/roles/nagios_client/files/check_raid.cfg similarity index 100% rename from files/nagios/client/check_raid.cfg rename to roles/nagios_client/files/check_raid.cfg diff --git a/files/nagios/client/check_swap.cfg b/roles/nagios_client/files/check_swap.cfg similarity index 100% rename from files/nagios/client/check_swap.cfg rename to roles/nagios_client/files/check_swap.cfg diff --git a/files/nagios/client/nrpe.cfg b/roles/nagios_client/files/nrpe.cfg similarity index 100% rename from files/nagios/client/nrpe.cfg rename to roles/nagios_client/files/nrpe.cfg diff --git a/files/nagios/client/scripts/check_lock b/roles/nagios_client/files/scripts/check_lock old mode 100755 new mode 100644 similarity index 100% rename from files/nagios/client/scripts/check_lock rename to roles/nagios_client/files/scripts/check_lock diff --git a/files/nagios/client/scripts/check_postfix_queue b/roles/nagios_client/files/scripts/check_postfix_queue old mode 100755 new mode 100644 similarity index 100% rename from files/nagios/client/scripts/check_postfix_queue rename to roles/nagios_client/files/scripts/check_postfix_queue diff --git a/files/nagios/client/scripts/check_raid.py b/roles/nagios_client/files/scripts/check_raid.py old mode 100755 new mode 100644 similarity index 100% rename from files/nagios/client/scripts/check_raid.py rename to roles/nagios_client/files/scripts/check_raid.py diff --git a/roles/nagios_client/handlers/main.yml b/roles/nagios_client/handlers/main.yml new file mode 100644 index 0000000000..1086c3d4f6 --- /dev/null +++ b/roles/nagios_client/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart nrpe + action: service name=nrpe state=restarted diff --git a/tasks/nagios_client.yml b/roles/nagios_client/tasks/main.yml similarity index 83% rename from tasks/nagios_client.yml rename to roles/nagios_client/tasks/main.yml index 56093f0882..5888ede7fd 100644 --- a/tasks/nagios_client.yml +++ b/roles/nagios_client/tasks/main.yml @@ -18,7 +18,7 @@ - packages - name: install local nrpe check scripts that are not packaged - copy: src=$files/nagios/client/scripts/$item dest=/usr/lib64/nagios/plugins/$item mode=0755 owner=nagios group=nagios + copy: src=scripts/$item dest=/usr/lib64/nagios/plugins/$item mode=0755 owner=nagios group=nagios with_items: - check_postfix_queue - check_raid.py @@ -36,14 +36,14 @@ # FIXME? figure out nrpe selinux policy of DOOM is needed - name: /etc/nagios/nrpe.cfg - template: src=$files/nagios/client/nrpe.cfg dest=/etc/nagios/nrpe.cfg + template: src=nrpe.cfg dest=/etc/nagios/nrpe.cfg notify: - restart nrpe tags: - config - name: install nrpe client configs - template: src=$files/nagios/client/$item dest=/etc/nrpe.d/$item + template: src=$item dest=/etc/nrpe.d/$item with_items: - check_mirrorlist_cache.cfg - check_raid.cfg diff --git a/roles/postgresql_server/handlers/main.yml b/roles/postgresql_server/handlers/main.yml new file mode 100644 index 0000000000..c51e7d1cc8 --- /dev/null +++ b/roles/postgresql_server/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart postgresql + service: name=postgresql state=restarted diff --git a/tasks/postgresql_server.yml b/roles/postgresql_server/tasks/main.yml similarity index 100% rename from tasks/postgresql_server.yml rename to roles/postgresql_server/tasks/main.yml diff --git a/files/rkhunter/rkhunter.conf.j2 b/roles/rkhunter/files/rkhunter.conf.j2 similarity index 100% rename from files/rkhunter/rkhunter.conf.j2 rename to roles/rkhunter/files/rkhunter.conf.j2 diff --git a/files/rkhunter/rkhunter.sysconfig b/roles/rkhunter/files/rkhunter.sysconfig similarity index 100% rename from files/rkhunter/rkhunter.sysconfig rename to roles/rkhunter/files/rkhunter.sysconfig diff --git a/tasks/rkhunter.yml b/roles/rkhunter/tasks/main.yml similarity index 51% rename from tasks/rkhunter.yml rename to roles/rkhunter/tasks/main.yml index 325315b79c..4bec0f7b13 100644 --- a/tasks/rkhunter.yml +++ b/roles/rkhunter/tasks/main.yml @@ -6,12 +6,12 @@ - packages - name: rkhunter.conf - template: src=$files/rkhunter/rkhunter.conf.j2 dest=/etc/rkhunter.conf mode=0640 + template: src=rkhunter.conf.j2 dest=/etc/rkhunter.conf mode=0640 tags: - config - name: rkhunter sysconfig - copy: src=$files/rkhunter/rkhunter.sysconfig dest=/etc/sysconfig/rkhunter mode=0640 + copy: src=rkhunter.sysconfig dest=/etc/sysconfig/rkhunter mode=0640 tags: - config