diff options
| -rw-r--r-- | roles/apt/handlers/main.yml | 1 | ||||
| -rw-r--r-- | roles/apt/tasks/main.yml | 4 | ||||
| -rw-r--r-- | roles/firewall/handlers/main.yml | 1 | ||||
| -rw-r--r-- | roles/firewall/tasks/file.yml | 2 | ||||
| -rw-r--r-- | roles/letsencrypt/defaults/main.yml | 4 | ||||
| -rw-r--r-- | roles/letsencrypt/tasks/digitalocean.yml | 2 | ||||
| -rw-r--r-- | roles/letsencrypt/tasks/domain.yml | 4 | ||||
| -rw-r--r-- | roles/my_workspace/defaults/main.yml | 4 | ||||
| -rw-r--r-- | roles/my_workspace/tasks/main.yml | 4 | ||||
| -rw-r--r-- | roles/my_workspace/tasks/project.yml | 2 | ||||
| -rw-r--r-- | roles/sshd/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/sshd/templates/sshd_config.j2 | 2 |
12 files changed, 17 insertions, 15 deletions
diff --git a/roles/apt/handlers/main.yml b/roles/apt/handlers/main.yml index 81438db..354104a 100644 --- a/roles/apt/handlers/main.yml +++ b/roles/apt/handlers/main.yml @@ -3,3 +3,4 @@ ansible.builtin.reboot: # 3 minutes is plenty. reboot_timeout: 180 + listen: apt_reboot diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml index 5d45adb..be4ab8e 100644 --- a/roles/apt/tasks/main.yml +++ b/roles/apt/tasks/main.yml @@ -4,7 +4,7 @@ install_recommends: false update_cache: true upgrade: dist - notify: Reboot + notify: apt_reboot - name: Reboot if necessary ansible.builtin.meta: flush_handlers @@ -14,7 +14,7 @@ ansible.builtin.apt: autoremove: true purge: true - notify: Reboot + notify: apt_reboot - name: Reboot if necessary ansible.builtin.meta: flush_handlers diff --git a/roles/firewall/handlers/main.yml b/roles/firewall/handlers/main.yml index 81438db..0a0fcad 100644 --- a/roles/firewall/handlers/main.yml +++ b/roles/firewall/handlers/main.yml @@ -3,3 +3,4 @@ ansible.builtin.reboot: # 3 minutes is plenty. reboot_timeout: 180 + listen: firewall_reboot diff --git a/roles/firewall/tasks/file.yml b/roles/firewall/tasks/file.yml index 5675276..5f4bb08 100644 --- a/roles/firewall/tasks/file.yml +++ b/roles/firewall/tasks/file.yml @@ -36,7 +36,7 @@ owner: root group: root mode: '640' - notify: Reboot + notify: firewall_reboot - name: Remove temporary file become: true diff --git a/roles/letsencrypt/defaults/main.yml b/roles/letsencrypt/defaults/main.yml index 51ef3c6..e9c4b1a 100644 --- a/roles/letsencrypt/defaults/main.yml +++ b/roles/letsencrypt/defaults/main.yml @@ -1,4 +1,4 @@ letsencrypt_domains: [] -certbot_email: Egor.Tensin@gmail.com -certbot_ini: /root/.certbot.ini +letsencrypt_email: Egor.Tensin@gmail.com +letsencrypt_credentials_ini: /root/.certbot.ini diff --git a/roles/letsencrypt/tasks/digitalocean.yml b/roles/letsencrypt/tasks/digitalocean.yml index 42f4ec0..2dfc1e2 100644 --- a/roles/letsencrypt/tasks/digitalocean.yml +++ b/roles/letsencrypt/tasks/digitalocean.yml @@ -22,7 +22,7 @@ - name: Configure certbot.ini ansible.builtin.template: src: certbot.ini.j2 - dest: '{{ certbot_ini }}' + dest: '{{ letsencrypt_credentials_ini }}' owner: root group: root mode: '600' diff --git a/roles/letsencrypt/tasks/domain.yml b/roles/letsencrypt/tasks/domain.yml index 636230a..bc6e581 100644 --- a/roles/letsencrypt/tasks/domain.yml +++ b/roles/letsencrypt/tasks/domain.yml @@ -17,10 +17,10 @@ ansible.builtin.command: | certbot certonly --noninteractive --agree-tos \ --cert-name '{{ certificate_name }}' \ - --email '{{ certbot_email }}' \ + --email '{{ letsencrypt_email }}' \ --domains '{{ certificate_domains | join(',') }}' \ --preferred-challenges dns \ --dns-digitalocean \ - --dns-digitalocean-credentials '{{ certbot_ini }}' \ + --dns-digitalocean-credentials '{{ letsencrypt_credentials_ini }}' \ --dns-digitalocean-propagation-seconds 30 when: domain_list.changed diff --git a/roles/my_workspace/defaults/main.yml b/roles/my_workspace/defaults/main.yml index 3b49b29..d1104af 100644 --- a/roles/my_workspace/defaults/main.yml +++ b/roles/my_workspace/defaults/main.yml @@ -1,5 +1,5 @@ git_name: Egor Tensin git_email: Egor.Tensin@gmail.com -workspace_dir: /srv/workspace -workspace_projects: [] +my_workspace_dir: /srv/workspace +my_workspace_projects: [] diff --git a/roles/my_workspace/tasks/main.yml b/roles/my_workspace/tasks/main.yml index 6bbb308..48af77b 100644 --- a/roles/my_workspace/tasks/main.yml +++ b/roles/my_workspace/tasks/main.yml @@ -1,7 +1,7 @@ - name: Create workspace directory become: true ansible.builtin.file: - path: '{{ workspace_dir }}' + path: '{{ my_workspace_dir }}' state: directory owner: '{{ ansible_user }}' group: '{{ ansible_user }}' @@ -30,6 +30,6 @@ - name: Update projects ansible.builtin.include_tasks: project.yml - loop: '{{ workspace_projects }}' + loop: '{{ my_workspace_projects }}' loop_control: loop_var: project diff --git a/roles/my_workspace/tasks/project.yml b/roles/my_workspace/tasks/project.yml index d6bf857..276d10b 100644 --- a/roles/my_workspace/tasks/project.yml +++ b/roles/my_workspace/tasks/project.yml @@ -2,7 +2,7 @@ vars: project_url: '{{ project.url | default(project) }}' project_name: "{{ project.name | default(project_url | urlsplit('path') | basename | regex_replace('\\.git$', '')) }}" - project_dir: '{{ workspace_dir }}/{{ project_name }}' + project_dir: '{{ my_workspace_dir }}/{{ project_name }}' block: - name: 'Update repository: {{ project_name }}' ansible.builtin.git: diff --git a/roles/sshd/defaults/main.yml b/roles/sshd/defaults/main.yml index 8d56863..aa0dcda 100644 --- a/roles/sshd/defaults/main.yml +++ b/roles/sshd/defaults/main.yml @@ -1 +1 @@ -ssh_allowed_groups: [] +sshd_allowed_groups: [] diff --git a/roles/sshd/templates/sshd_config.j2 b/roles/sshd/templates/sshd_config.j2 index abcf0d7..1ea1c12 100644 --- a/roles/sshd/templates/sshd_config.j2 +++ b/roles/sshd/templates/sshd_config.j2 @@ -5,7 +5,7 @@ {% set ssh_port = hostvars[inventory_hostname].ansible_port %} {% set ssh_user = hostvars[inventory_hostname].ansible_user %} -{% set groups = [ssh_user] + ssh_allowed_groups %} +{% set groups = [ssh_user] + sshd_allowed_groups %} {% set groups = groups | sort | unique %} Port {{ ssh_port }} |