diff --git a/tasks/2fa_client.yml b/tasks/2fa_client.yml index b33ec872b1..d1395b1423 100644 --- a/tasks/2fa_client.yml +++ b/tasks/2fa_client.yml @@ -1,12 +1,18 @@ --- - name: install pam_url yum: name=pam_url state=installed + tags: + - packages - name: /etc/pki/tls/private/totpcgi.pem copy: src=$puppet_private/2fa-certs/keys/${inventory_hostname}.pem dest=/etc/pki/tls/private/totpcgi.pem mode=0400 + tags: + - config - name: /etc/pki/tls/private/totpcgi-ca.cert copy: src=$puppet_private/2fa-certs/keys/ca.crt dest=/etc/pki/tls/private/totpcgi-ca.cert mode=0400 + tags: + - config - name: /etc/pam_url.conf - split for staging/phx2/everyone else copy: src=$item dest=/etc/pam_url.conf mode=0644 @@ -14,6 +20,8 @@ - $files/2fa/pam_url.conf.${inventory_hostname} - $files/2fa/pam_url.conf.${ansible_domain} - $files/2fa/pam_url.conf + tags: + - config - name: /etc/pam.d/sudo copy: src=$item dest=/etc/pam.d/sudo mode=0644 @@ -21,5 +29,7 @@ - $files/2fa/sudo.pam.${inventory_hostname} - $files/2fa/sudo.pam.${ansible_domain} - $files/2fa/sudo.pam + tags: + - config diff --git a/tasks/base.yml b/tasks/base.yml index c15ce6870c..0a075404aa 100644 --- a/tasks/base.yml +++ b/tasks/base.yml @@ -63,7 +63,7 @@ - rhnsd only_if: '$is_rhel' tags: - - services + - service - config - name: iptables diff --git a/tasks/denyhosts.yml b/tasks/denyhosts.yml index bc24646878..cc4e7566a9 100644 --- a/tasks/denyhosts.yml +++ b/tasks/denyhosts.yml @@ -2,16 +2,25 @@ #install denyhosts - name: install denyhosts yum: name=denyhosts state=installed + tags: + - packages - name: /etc/denyhosts.conf copy: src=$files/denyhosts/denyhosts.conf dest=/etc/denyhosts.conf notify: - restart denyhosts + tags: + - config - name: /var/lib/denyhosts/allowed-hosts copy: src=$files/denyhosts/allowed-hosts dest=/var/lib/denyhosts/allowed-hosts notify: - restart denyhosts + tags: + - config - name: enable the service service: name=denyhosts state=running enabled=true + tags: + - service + diff --git a/tasks/fas_client.yml b/tasks/fas_client.yml index 1c89ef7077..a81bd443a2 100644 --- a/tasks/fas_client.yml +++ b/tasks/fas_client.yml @@ -27,6 +27,8 @@ # - name: setup /etc/nsswitch.conf for client use action: copy src=$files/fas-client/nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=644 + tags: + - config # # fasClients needs a valid /etc/fas.conf. diff --git a/tasks/growroot_cloud.yml b/tasks/growroot_cloud.yml index 637f91efa6..c2e42052d4 100644 --- a/tasks/growroot_cloud.yml +++ b/tasks/growroot_cloud.yml @@ -1,9 +1,14 @@ - name: add infra repo action: get_url url=http://infrastructure.fedoraproject.org/el/infrastructure.repo dest=/etc/yum.repos.d/ only_if: '$is_rhel' + tags: + - config + - name: install cloud-utils action: yum name=cloud-utils state=present + tags: + - packages - name: growpart the second partition (/) to full size action: command growpart /dev/vda 2 diff --git a/tasks/postfix_basic.yml b/tasks/postfix_basic.yml index 6a9206ece2..58abe9726f 100644 --- a/tasks/postfix_basic.yml +++ b/tasks/postfix_basic.yml @@ -2,6 +2,7 @@ action: yum pkg=postfix state=installed tags: - postfix + - packages - name: /etc/postfix/main.cf action: copy src=$item dest=/etc/postfix/main.cf @@ -20,3 +21,5 @@ - name: enable postfix to start action: service name=postfix state=running enabled=true + tags: + - service diff --git a/tasks/rkhunter.yml b/tasks/rkhunter.yml index b97086d30e..325315b79c 100644 --- a/tasks/rkhunter.yml +++ b/tasks/rkhunter.yml @@ -2,11 +2,17 @@ - name: install rkhunter yum: name=rkhunter state=present + tags: + - packages - name: rkhunter.conf template: src=$files/rkhunter/rkhunter.conf.j2 dest=/etc/rkhunter.conf mode=0640 + tags: + - config - name: rkhunter sysconfig copy: src=$files/rkhunter/rkhunter.sysconfig dest=/etc/sysconfig/rkhunter mode=0640 + tags: + - config