mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
patch 0002
This commit is contained in:
George Hunt
parent
3a1d427ea0
commit
cb344d7d47
60 changed files with 211 additions and 172 deletions
|
|
@ -5,7 +5,7 @@
|
|||
- libnss-mdns
|
||||
- avahi-daemon
|
||||
- avahi-discover
|
||||
when: is_debian
|
||||
when: is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
|
|
@ -16,7 +16,7 @@
|
|||
- nss-mdns
|
||||
- avahi
|
||||
- avahi-tools
|
||||
when: not is_debian
|
||||
when: not is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
|
|
@ -24,7 +24,7 @@
|
|||
user: name=avahi
|
||||
createhome=no
|
||||
shell=/bin/false
|
||||
when: is_debian
|
||||
when: is_debuntu
|
||||
|
||||
- name: Install avahi announce config files
|
||||
template: src=avahi/schoolserver.service
|
||||
|
|
@ -43,12 +43,12 @@
|
|||
- name: Grab a clean copy of ssh.service
|
||||
copy: src='/usr/share/doc/{{ avahi_ver.stdout }}/ssh.service'
|
||||
dest='/etc/avahi/services/'
|
||||
when: avahi_ver.stdout != "" and not is_debian
|
||||
when: avahi_ver.stdout != "" and not is_debuntu
|
||||
|
||||
- name: Grab a clean copy of ssh.service
|
||||
copy: src='/usr/share/doc/avahi-daemon/examples/ssh.service'
|
||||
dest='/etc/avahi/services/'
|
||||
when: is_debian
|
||||
when: is_debuntu
|
||||
|
||||
- name: set ssh port for avahi
|
||||
lineinfile: dest=/etc/avahi/services/ssh.service
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@
|
|||
owner=dansguardian
|
||||
group=dansguardian
|
||||
mode=0640
|
||||
when: ansible_distribution == "Debian"
|
||||
when: is_debuntu
|
||||
|
||||
- name: Copy dansguardian config file for CentOS
|
||||
template: src=squid/dansguardian.conf.centos.j2
|
||||
|
|
|
|||
|
|
@ -1,14 +1,14 @@
|
|||
- name: Install dhcp package
|
||||
package: name=isc-dhcp-server
|
||||
state=present
|
||||
when: is_debian
|
||||
when: is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
- name: Install dhcp package
|
||||
package: name=dhcp
|
||||
state=present
|
||||
when: not is_debian
|
||||
when: not is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
- name: Create dhcpd needed files
|
||||
command: touch /var/lib/dhcpd/dhcpd.leases
|
||||
creates=/var/lib/dhcpd/dhcpd.leases
|
||||
when: ansible_distribution != "Debian"
|
||||
when: is_redhat
|
||||
|
||||
- name: Check leases permissions
|
||||
file: path=/var/lib/dhcpd/dhcpd.leases
|
||||
|
|
@ -37,4 +37,4 @@
|
|||
group=dhcpd
|
||||
mode=0644
|
||||
state=file
|
||||
when: ansible_distribution != "Debian"
|
||||
when: is_redhat
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@
|
|||
lineinfile: regexp='^CONFIG'
|
||||
line='CONFIG=/etc/{{ proxy }}/squid-xs.conf'
|
||||
dest=/etc/init.d/{{ proxy }}
|
||||
when: squid_enabled and is_debian
|
||||
when: squid_enabled and is_debuntu
|
||||
|
||||
- name: Disable squid service
|
||||
service: name={{ proxy }}
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@
|
|||
- name: Restart hostapd if slave is inactive
|
||||
service: name=hostapd.service
|
||||
state=restarted
|
||||
when: is_debian and xsce_lan_iface == "br0" and item|trim == ""
|
||||
when: is_debuntu and xsce_lan_iface == "br0" and item|trim == ""
|
||||
with_items:
|
||||
- "{{ wifi_slave.stdout }}"
|
||||
ignore_errors: true
|
||||
|
|
|
|||
|
|
@ -1,22 +1,22 @@
|
|||
- name: Disable firewalld service
|
||||
service: name=firewalld
|
||||
enabled=no
|
||||
when: not is_debian
|
||||
when: not is_debuntu
|
||||
|
||||
- name: Use larger hammer to disable firewalld (2 symbolic links involved)
|
||||
shell: "systemctl disable firewalld.service"
|
||||
when: not is_debian
|
||||
when: not is_debuntu
|
||||
|
||||
- name: Mask firewalld service
|
||||
shell: 'systemctl mask firewalld'
|
||||
ignore_errors: yes
|
||||
when: not installing and not is_debian
|
||||
when: not installing and not is_debuntu
|
||||
|
||||
- name: Stop firewalld service
|
||||
service: name=firewalld
|
||||
state=stopped
|
||||
ignore_errors: yes
|
||||
when: not installing and not is_debian
|
||||
when: not installing and not is_debuntu
|
||||
|
||||
- name: Remove iptables.service file from /etc
|
||||
file: path=/etc/systemd/system/iptables.service
|
||||
|
|
@ -29,14 +29,14 @@
|
|||
- name: Install iptables service package
|
||||
package: name=iptables-persistent
|
||||
state=present
|
||||
when: is_debian
|
||||
when: is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
- name: Install iptables service package
|
||||
package: name=iptables-services
|
||||
state=present
|
||||
when: not is_debian
|
||||
when: not is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
|
|
@ -53,4 +53,4 @@
|
|||
- name: Install debian config
|
||||
template: src=gateway/iptables dest=/etc/network/if-pre-up.d/iptables
|
||||
mode=0755
|
||||
when: is_debian
|
||||
when: is_debuntu
|
||||
|
|
|
|||
|
|
@ -93,17 +93,17 @@
|
|||
- include: ifcfg_mods.yml
|
||||
tags:
|
||||
- network
|
||||
when: ansible_distribution != 'Debian' and not installing
|
||||
when: is_redhat and not installing
|
||||
|
||||
- include: debian.yml
|
||||
tags:
|
||||
- network
|
||||
when: is_debian and not is_rpi and not installing
|
||||
when: is_debuntu and not is_rpi and not installing
|
||||
|
||||
- include: rpi_debian.yml
|
||||
tags:
|
||||
- network
|
||||
when: is_debian and is_rpi and not installing
|
||||
when: is_debuntu and is_rpi and not installing
|
||||
|
||||
- name: Create xs network flags
|
||||
template: src=network/{{ item }}.j2
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
with_items:
|
||||
- bind9
|
||||
- bind9utils
|
||||
when: is_debian
|
||||
when: is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
|
|
@ -14,7 +14,7 @@
|
|||
with_items:
|
||||
- bind
|
||||
- bind-utils
|
||||
when: not is_debian
|
||||
when: not is_debuntu
|
||||
tags:
|
||||
- download
|
||||
|
||||
|
|
@ -78,15 +78,15 @@
|
|||
file: src=/etc/{{ apache_config_dir }}/dns-jail.conf
|
||||
path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf
|
||||
state=link
|
||||
when: is_debian and dns_jail_enabled
|
||||
when: is_debuntu and dns_jail_enabled
|
||||
|
||||
- name: Separate enabling/disabling required for debian
|
||||
file: src=/etc/{{ apache_config_dir }}/dns-jail.conf
|
||||
path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf
|
||||
state=absent
|
||||
when: is_debian and not dns_jail_enabled
|
||||
when: is_debuntu and not dns_jail_enabled
|
||||
|
||||
- name: Separate enabling/disabling required for non debian
|
||||
file: path=/etc/{{ apache_config_dir }}/dns-jail.conf
|
||||
state=absent
|
||||
when: not is_debian and not dns_jail_enabled
|
||||
when: not is_debuntu and not dns_jail_enabled
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@
|
|||
- name: add a reference to name server in resolv.conf
|
||||
lineinfile: line="nameserver 127.0.0.1"
|
||||
dest=/etc/resolvconf/resolv.conf.d/head
|
||||
when: named_enabled and is_debian and dns_started.changed
|
||||
when: named_enabled and is_debuntu and dns_started.changed
|
||||
|
||||
- name: Stop dansguardian
|
||||
service: name=dansguardian
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
#!/bin/bash -x
|
||||
{% if is_debian %}
|
||||
{% if is_debuntu %}
|
||||
IPTABLES=/sbin/iptables
|
||||
IPTABLES_DATA=/etc/iptables.up.rules
|
||||
{% else %}
|
||||
|
|
@ -35,7 +35,7 @@ $IPTABLES -A INPUT -p udp --dport 5984 -j DROP
|
|||
if [ "x$WANIF" == "x" ]; then
|
||||
clear_fw
|
||||
# save the rule set
|
||||
{% if is_debian %}
|
||||
{% if is_debuntu %}
|
||||
netfilter-persistent save
|
||||
{% else %}
|
||||
iptables-save > $IPTABLES_DATA
|
||||
|
|
@ -118,7 +118,7 @@ fi
|
|||
# Enable routing.
|
||||
echo 1 > /proc/sys/net/ipv4/ip_forward
|
||||
# save the whole rule set now
|
||||
{% if is_debian %}
|
||||
{% if is_debuntu %}
|
||||
netfilter-persistent save
|
||||
{% else %}
|
||||
iptables-save > $IPTABLES_DATA
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue