Merge branch 'master' of git.uumas.fi:uumas/ansible-general
This commit is contained in:
uumas
@@ -3,7 +3,7 @@
|
||||
namespace: uumas
|
||||
name: general
|
||||
description: General roles
|
||||
version: 0.5.12
|
||||
version: 0.5.13
|
||||
readme: README.md
|
||||
authors:
|
||||
- uumas
|
||||
|
||||
@@ -1 +1 @@
|
||||
Installs caddy https server
|
||||
Installs caddy
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
short_description: Installs caddy
|
||||
description: Installs caddy
|
||||
options:
|
||||
caddy_admin_email:
|
||||
description: Email address used for ssl certs
|
||||
|
||||
3
roles/compatcheck/README.md
Normal file
3
roles/compatcheck/README.md
Normal file
@@ -0,0 +1,3 @@
|
||||
Checks that the host is runing a supported os.
|
||||
Supported distros and versions are defined by the compatcheck_supported_distros variable.
|
||||
This role is used by other roles to check compatibility.
|
||||
2
roles/example/README.md
Normal file
2
roles/example/README.md
Normal file
@@ -0,0 +1,2 @@
|
||||
This role is just an example.
|
||||
It pings the host, if example_ping is set to true.
|
||||
@@ -1,4 +1,7 @@
|
||||
---
|
||||
locale_package: []
|
||||
locale_gen: true
|
||||
lcocale_configure: true
|
||||
|
||||
gen_locales:
|
||||
- en_US.UTF-8
|
||||
@@ -1,21 +1,21 @@
|
||||
---
|
||||
|
||||
- name: Include variables for os family {{ ansible_os_family }}
|
||||
ansible.builtin.include_vars: "{{ ansible_os_family }}.yml"
|
||||
|
||||
- name: Install locales package
|
||||
ansible.builtin.package:
|
||||
name: "{{ locale_package }}"
|
||||
when: locale_package is defined
|
||||
when: locale_package | length > 0
|
||||
|
||||
- name: Generate locales
|
||||
community.general.locale_gen:
|
||||
name: "{{ item }}"
|
||||
loop: "{{ gen_locales }}"
|
||||
when: locale_gen | default('true')
|
||||
when: locale_gen
|
||||
|
||||
- name: Put default locale config in place
|
||||
ansible.builtin.template:
|
||||
src: locale.j2
|
||||
dest: "{{ locale_config }}"
|
||||
mode: '0644'
|
||||
when: locale_configure
|
||||
@@ -1,3 +1,2 @@
|
||||
---
|
||||
|
||||
locale_config: /etc/locale.conf
|
||||
@@ -1,4 +1,3 @@
|
||||
---
|
||||
|
||||
locale_package: locales
|
||||
locale_config: /etc/default/locale
|
||||
@@ -1,4 +1,3 @@
|
||||
---
|
||||
|
||||
locale_config: /etc/locale.conf
|
||||
locale_gen: false
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
|
||||
- name: Restart prometheus-node-exporter
|
||||
ansible.builtin.systemd:
|
||||
name: prometheus-node-exporter
|
||||
@@ -1,8 +1,7 @@
|
||||
---
|
||||
|
||||
argument_specs:
|
||||
main:
|
||||
short_description: Prometheus node exporter
|
||||
description: Installs and configures prometheus node exporter to listen on local ipv4 address
|
||||
options:
|
||||
local_network:
|
||||
description: The local ipv4 network block, listen address is taken from this block
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
|
||||
- name: Install prometheus node exporter
|
||||
ansible.builtin.apt:
|
||||
name: prometheus-node-exporter
|
||||
1
roles/raw_python/README.md
Normal file
1
roles/raw_python/README.md
Normal file
@@ -0,0 +1 @@
|
||||
Installs python using only the raw module
|
||||
5
roles/raw_python/meta/argument_specs.yaml
Normal file
5
roles/raw_python/meta/argument_specs.yaml
Normal file
@@ -0,0 +1,5 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
description: Installs python using only the raw module
|
||||
options: {}
|
||||
31
roles/raw_python/tasks/main.yaml
Normal file
31
roles/raw_python/tasks/main.yaml
Normal file
@@ -0,0 +1,31 @@
|
||||
---
|
||||
- name: Check ansible dependencies
|
||||
ansible.builtin.raw: which python3
|
||||
register: _python_test
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
|
||||
- name: Install ansible dependencies
|
||||
when: _python_test.rc != 0
|
||||
block:
|
||||
- name: Get os release information
|
||||
ansible.builtin.raw: cat /etc/os-release
|
||||
changed_when: false
|
||||
register: _os_release
|
||||
|
||||
- name: Parse os release content
|
||||
ansible.builtin.set_fact:
|
||||
_os_release_id: >-
|
||||
{{ (_os_release.stdout_lines
|
||||
| select('search', '^ID='))[0]
|
||||
| regex_replace('^ID=', '') }}
|
||||
_os_release_variant_id: >-
|
||||
{{ (_os_release.stdout_lines
|
||||
| select('search', '^VARIANT_ID='))[0]
|
||||
| default('none')
|
||||
| regex_replace('^VARIANT_ID=', '') }}
|
||||
|
||||
- name: Install ansible dependencies (Fedora CoreOS)
|
||||
ansible.builtin.raw: rpm-ostree install -y -A python3 python3-libselinux
|
||||
changed_when: true
|
||||
when: _os_release_id == 'fedora' and _os_release_variant_id == 'coreos'
|
||||
3
roles/vhost/README.md
Normal file
3
roles/vhost/README.md
Normal file
@@ -0,0 +1,3 @@
|
||||
Sets up a vhost on a web server.
|
||||
Supports reverse proxies, redirects and simple resonses.
|
||||
Currently only supports caddy.
|
||||
@@ -19,5 +19,6 @@ vhost_proxy_delete_headers: []
|
||||
|
||||
vhost_redirect_type: temporary
|
||||
vhost_redirect_preserve_path: false
|
||||
vhost_redirect_preserve_query: "{{ vhost_redirect_preserve_path }}"
|
||||
|
||||
vhost_respond_content_type: plain
|
||||
|
||||
@@ -20,16 +20,18 @@ argument_specs:
|
||||
- present
|
||||
- absent
|
||||
vhost_type:
|
||||
description: Required if vhost_state is present
|
||||
type: str
|
||||
required: "{{ vhost_state == 'present' }}"
|
||||
required: false
|
||||
choices:
|
||||
- reverse_proxy
|
||||
- redirect
|
||||
- respond
|
||||
- absent
|
||||
vhost_domains:
|
||||
description: Required if vhost_state is present
|
||||
type: list
|
||||
required: "{{ vhost_state == 'present' }}"
|
||||
required: false
|
||||
elements: str
|
||||
vhost_web_server:
|
||||
description: Defines which server software to use for vhost. This role does nothing if set to none.
|
||||
@@ -94,13 +96,13 @@ argument_specs:
|
||||
- Port where to proxy requests to.
|
||||
- Only applicable if vhost_type is reverse_proxy and vhost_proxy_target_netproto is tcp.
|
||||
type: int
|
||||
required: "{{ vhost_state == 'present' and vhost_type == 'reverse_proxy' and vhost_proxy_target_netproto == 'tcp' }}"
|
||||
required: false
|
||||
vhost_proxy_target_socket:
|
||||
description:
|
||||
- Unix socket path to proxy requests to.
|
||||
- Only applicable if vhost_type is reverse_proxy and vhost_proxy_target_netproto is unix.
|
||||
type: str
|
||||
required: "{{ vhost_state == 'present' and vhost_type == 'reverse_proxy' and vhost_proxy_target_netproto == 'unix' }}"
|
||||
required: false
|
||||
vhost_proxy_delete_headers:
|
||||
description: List of headers to delete from proxied requests
|
||||
type: list
|
||||
@@ -111,13 +113,18 @@ argument_specs:
|
||||
vhost_redirect_target:
|
||||
description: "Only applicable if vhost_type is redirect. Example: https://www.domain.tld/location"
|
||||
type: str
|
||||
required: "{{ vhost_state == 'present' and vhost_type == 'redirect' }}"
|
||||
required: false
|
||||
vhost_redirect_preserve_path:
|
||||
description: Whether to keep the original request path
|
||||
type: bool
|
||||
required: false
|
||||
default: false
|
||||
redirect type:
|
||||
vhost_redirect_preserve_query:
|
||||
description: Whether to keep the original request query string
|
||||
type: bool
|
||||
required: false
|
||||
default: "{{ vhost_redirect_preserve_path }}"
|
||||
redirect_type:
|
||||
description: Only applicable if vhost_type is redirect
|
||||
type: str
|
||||
required: false
|
||||
@@ -129,7 +136,7 @@ argument_specs:
|
||||
vhost_respond_content:
|
||||
description: Content to respond with. Json content can be set as yaml as long as vhost_respond_content_type is set to json
|
||||
type: str
|
||||
required: "{{ vhost_state == 'present' and vhost_type == 'respond' }}"
|
||||
required: false
|
||||
vhost_respond_content_type:
|
||||
description: Type of the respond content
|
||||
type: str
|
||||
@@ -234,6 +241,11 @@ argument_specs:
|
||||
type: bool
|
||||
required: false
|
||||
default: "{{ vhost_redirect_preserve_path }}"
|
||||
redirect_preserve_query:
|
||||
description: Whether to keep the original request query string
|
||||
type: bool
|
||||
required: false
|
||||
default: "{{ vhost_redirect_preserve_query }}"
|
||||
redirect_type:
|
||||
description: Only applicable if vhost_type is redirect
|
||||
type: str
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
ansible.builtin.blockinfile:
|
||||
path: /etc/caddy/Caddyfile
|
||||
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}"
|
||||
# yamllint disable rule:line-length
|
||||
block: |
|
||||
{{ vhost_domains | join(' ') }} {
|
||||
{% for location in vhost_locations_all %}
|
||||
@@ -41,7 +42,7 @@
|
||||
request_header -{{ header }}
|
||||
{% endfor %}
|
||||
{% elif location.type == 'redirect' %}
|
||||
redir {{ location.redirect_target }}{{ '{uri}' if location.redirect_preserve_path }} {{ location.redirect_type }}
|
||||
redir * {{ location.redirect_target }}{{ '{path}' if location.redirect_preserve_path }}{{ '?{query}' if location.redirect_preserve_query }} {{ location.redirect_type }}
|
||||
{% elif location.type == 'respond' %}
|
||||
{% if location.respond_content_type == 'json' %}
|
||||
respond `{{ location.respond_content | to_json }}`
|
||||
@@ -52,6 +53,7 @@
|
||||
}
|
||||
{% endfor %}
|
||||
}
|
||||
# yamllint enable rule:line-length
|
||||
validate: 'caddy validate --config %s --adapter caddyfile'
|
||||
backup: true
|
||||
state: "{{ vhost_state }}"
|
||||
|
||||
@@ -41,6 +41,7 @@
|
||||
|
||||
'redirect_target': item.redirect_target | default(vhost_redirect_target if vhost_type == 'redirect' else ''),
|
||||
'redirect_preserve_path': item.redirect_preserve_path | default(vhost_redirect_preserve_path),
|
||||
'redirect_preserve_query': item.redirect_preserve_query | default(vhost_redirect_preserve_query),
|
||||
'redirect_type': item.redirect_type | default(vhost_redirect_type),
|
||||
|
||||
'respond_content': item.respond_content | default(vhost_respond_content if vhost_type == 'respond' else ''),
|
||||
|
||||
Reference in New Issue
Block a user