campus_wg_net_mask:
"{{ campus_wg_net_cidr | ansible.utils.ipaddr('netmask') }}"
campus_wg_net_and_mask:
- "{{ campus_wg_net }} {{ campus_wg_net_mask }}"
+ "{{ campus_wg_net }} {{ campus_wg_net_mask }}"
#+END_SRC
The institute prefers to configure its services with IP addresses
#+CAPTION: [[file:roles_t/front/tasks/main.yml][=roles_t/front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/front/tasks/main.yml
+
- name: Configure hostname.
become: yes
copy:
- name: Include public variables.
include_vars: ../public/vars.yml
tags: accounts
+
- name: Include private variables.
include_vars: ../private/vars.yml
tags: accounts
+
- name: Include members.
include_vars: "{{ lookup('first_found', membership_rolls) }}"
tags: accounts
become: yes
lineinfile:
path: /etc/default/isc-dhcp-server
- line: INTERFACESv4="lan"
- regexp: ^INTERFACESv4=
+ regexp: "^INTERFACESv4="
+ line: "INTERFACESv4=\"lan\""
notify: Restart DHCP server.
- name: Configure DHCP subnet.
line: "{{ item.line }}"
backrefs: yes
loop:
- - { regexp: "^( *cfg_file *=.*/localhost.cfg)", line: "#\\1" }
- - { regexp: "^( *admin_email *= *)",
- line: "\\1{{ ansible_user }}@localhost" }
+ - regexp: "^( *cfg_file *=.*/localhost.cfg)"
+ line: "#\\1"
+ - regexp: "^( *admin_email *= *)"
+ line: "\\1{{ ansible_user }}@localhost"
notify: Reload NAGIOS4.
- name: Configure NAGIOS4 contacts.
become: yes
lineinfile:
path: /etc/php/8.2/apache2/php.ini
- regexp: memory_limit *=
- line: memory_limit = 768M
+ regexp: "memory_limit *="
+ line: "memory_limit = 768M"
- name: Include PHP parameters for Nextcloud.
become: yes
- name: Include public variables.
include_vars: ../public/vars.yml
tags: accounts
+
- name: Include private variables.
include_vars: ../private/vars.yml
tags: accounts
line: "{{ item.line }}"
regexp: "{{ item.regexp }}"
loop:
- - { line: "DEFAULT_INPUT_POLICY=\"ACCEPT\"",
- regexp: "^DEFAULT_INPUT_POLICY=" }
- - { line: "DEFAULT_OUTPUT_POLICY=\"ACCEPT\"",
- regexp: "^DEFAULT_OUTPUT_POLICY=" }
- - { line: "DEFAULT_FORWARD_POLICY=\"DROP\"",
- regexp: "^DEFAULT_FORWARD_POLICY=" }
+ - line: "DEFAULT_INPUT_POLICY=\"ACCEPT\""
+ regexp: "^DEFAULT_INPUT_POLICY="
+ - line: "DEFAULT_OUTPUT_POLICY=\"ACCEPT\""
+ regexp: "^DEFAULT_OUTPUT_POLICY="
+ - line: "DEFAULT_FORWARD_POLICY=\"DROP\""
+ regexp: "^DEFAULT_FORWARD_POLICY="
- name: Configure UFW rules.
become: yes
---
- name: Include public variables.
include_vars: ../public/vars.yml
+
- name: Include private variables.
include_vars: ../private/vars.yml
#+END_SRC
- name: Include public variables.
include_vars: ../public/vars.yml
tags: accounts
+
- name: Include private variables.
include_vars: ../private/vars.yml
tags: accounts
+
- name: Include members.
include_vars: "{{ lookup('first_found', membership_rolls) }}"
tags: accounts
become: yes
lineinfile:
path: /etc/default/isc-dhcp-server
- line: INTERFACESv4="lan"
- regexp: ^INTERFACESv4=
+ regexp: "^INTERFACESv4="
+ line: "INTERFACESv4=\"lan\""
notify: Restart DHCP server.
- name: Configure DHCP subnet.
line: "{{ item.line }}"
backrefs: yes
loop:
- - { regexp: "^( *cfg_file *=.*/localhost.cfg)", line: "#\\1" }
- - { regexp: "^( *admin_email *= *)",
- line: "\\1{{ ansible_user }}@localhost" }
+ - regexp: "^( *cfg_file *=.*/localhost.cfg)"
+ line: "#\\1"
+ - regexp: "^( *admin_email *= *)"
+ line: "\\1{{ ansible_user }}@localhost"
notify: Reload NAGIOS4.
- name: Configure NAGIOS4 contacts.
become: yes
lineinfile:
path: /etc/php/8.2/apache2/php.ini
- regexp: memory_limit *=
- line: memory_limit = 768M
+ regexp: "memory_limit *="
+ line: "memory_limit = 768M"
- name: Include PHP parameters for Nextcloud.
become: yes
line: "{{ item.line }}"
regexp: "{{ item.regexp }}"
loop:
- - { line: "DEFAULT_INPUT_POLICY=\"ACCEPT\"",
- regexp: "^DEFAULT_INPUT_POLICY=" }
- - { line: "DEFAULT_OUTPUT_POLICY=\"ACCEPT\"",
- regexp: "^DEFAULT_OUTPUT_POLICY=" }
- - { line: "DEFAULT_FORWARD_POLICY=\"DROP\"",
- regexp: "^DEFAULT_FORWARD_POLICY=" }
+ - line: "DEFAULT_INPUT_POLICY=\"ACCEPT\""
+ regexp: "^DEFAULT_INPUT_POLICY="
+ - line: "DEFAULT_OUTPUT_POLICY=\"ACCEPT\""
+ regexp: "^DEFAULT_OUTPUT_POLICY="
+ - line: "DEFAULT_FORWARD_POLICY=\"DROP\""
+ regexp: "^DEFAULT_FORWARD_POLICY="
- name: Configure UFW rules.
become: yes
projects / Institute / commitdiff