From 703e8f85e74eba37bead38e7cee1bb01f4520456 Mon Sep 17 00:00:00 2001 From: Szymon Kolano Date: Fri, 8 Nov 2024 22:43:23 +0100 Subject: [PATCH] generic --- pntdc.yml | 4 +- roles/generic/files/chrony.j2 | 66 ++++++++++++++++++++++++++++++ roles/generic/files/sshd_config.j2 | 1 + roles/generic/tasks/main.yml | 14 +++++++ vars/main.yml | 25 +++++++++++ 5 files changed, 108 insertions(+), 2 deletions(-) create mode 100644 roles/generic/files/chrony.j2 create mode 100644 roles/generic/files/sshd_config.j2 diff --git a/pntdc.yml b/pntdc.yml index f8dbb80..d4dd077 100644 --- a/pntdc.yml +++ b/pntdc.yml @@ -6,7 +6,7 @@ - vars/main.yml roles: - generic - - addusers - - pntdc-servers + # - addusers + # - pntdc-servers diff --git a/roles/generic/files/chrony.j2 b/roles/generic/files/chrony.j2 new file mode 100644 index 0000000..ff1ab3f --- /dev/null +++ b/roles/generic/files/chrony.j2 @@ -0,0 +1,66 @@ +# Welcome to the chrony configuration file. See chrony.conf(5) for more +# information about usable directives. + +# Include configuration files found in /etc/chrony/conf.d. +confdir /etc/chrony/conf.d + +# This will use (up to): +# - 4 sources from ntp.ubuntu.com which some are ipv6 enabled +# - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well +# - 1 source from [01].ubuntu.pool.ntp.org each (ipv4 only atm) +# This means by default, up to 6 dual-stack and up to 2 additional IPv4-only +# sources will be used. +# At the same time it retains some protection against one of the entries being +# down (compare to just using one of the lines). See (LP: #1754358) for the +# discussion. +# +# About using servers from the NTP Pool Project in general see (LP: #104525). +# Approved by Ubuntu Technical Board on 2011-02-08. +# See http://www.pool.ntp.org/join.html for more information. +#pool ntp.ubuntu.com iburst maxsources 4 +#pool 0.ubuntu.pool.ntp.org iburst maxsources 1 +#pool 1.ubuntu.pool.ntp.org iburst maxsources 1 +#pool 2.ubuntu.pool.ntp.org iburst maxsources 2 + +pool {{ sk_ntp1 }} +pool {{ sk_ntp2 }} +pool {{ sk_ntp3 }} + +# Use time sources from DHCP. +sourcedir /run/chrony-dhcp + +# Use NTP sources found in /etc/chrony/sources.d. +sourcedir /etc/chrony/sources.d + +# This directive specify the location of the file containing ID/key pairs for +# NTP authentication. +keyfile /etc/chrony/chrony.keys + +# This directive specify the file into which chronyd will store the rate +# information. +driftfile /var/lib/chrony/chrony.drift + +# Save NTS keys and cookies. +ntsdumpdir /var/lib/chrony + +# Uncomment the following line to turn logging on. +#log tracking measurements statistics + +# Log files location. +logdir /var/log/chrony + +# Stop bad estimates upsetting machine clock. +maxupdateskew 100.0 + +# This directive enables kernel synchronisation (every 11 minutes) of the +# real-time clock. Note that it can't be used along with the 'rtcfile' directive. +rtcsync + +# Step the system clock instead of slewing it if the adjustment is larger than +# one second, but only in the first three clock updates. +makestep 1 3 + +# Get TAI-UTC offset and leap seconds from the system tz database. +# This directive must be commented out when using time sources serving +# leap-smeared time. +leapsectz right/UTC diff --git a/roles/generic/files/sshd_config.j2 b/roles/generic/files/sshd_config.j2 new file mode 100644 index 0000000..ee2a45c --- /dev/null +++ b/roles/generic/files/sshd_config.j2 @@ -0,0 +1 @@ +Port {{ sk_ssh_port }} diff --git a/roles/generic/tasks/main.yml b/roles/generic/tasks/main.yml index ed97d53..af11f6c 100644 --- a/roles/generic/tasks/main.yml +++ b/roles/generic/tasks/main.yml @@ -1 +1,15 @@ --- +name: Update & Ubuntu & Debian + apt: + name: "*" + state: latest + update_cache: true + when: ansible_os_family == "Debian" + +name: Install basic software + apt: + name: "{{ sk_ubuntu_software }}" + state: latest + update_cache: true + when: ansible_os_family == "Debian" + diff --git a/vars/main.yml b/vars/main.yml index aac889e..a58d1bc 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,3 +1,28 @@ --- +# ------------------------------------------------- +# Basic Variables +# ------------------------------------------------- sk_host: ansible sk_domain: local +sk_ssh_port: 22022 + +# Configuration for clients +sk_client_username: user +sk_client_passwd: TutajWpiszJakieśMocneHasło! + + +# ------------------------------------------------- +# Aditional Variables +# ------------------------------------------------- +# NTP Pools +sk_ntp1: "0.pl.pool.ntp.org iburst" +sk_ntp2: "2.pl.pool.ntp.org iburst" +sk_ntp3: "3.pl.pool.ntp.org iburst" + + +# Install software on Debian/Ubuntu +sk_ubuntu_software: + - vim + - mc + - htop + - ncdu