aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--roles/debian_cloud_server/meta/main.yml1
-rw-r--r--roles/debian_server/defaults/main.yml3
-rw-r--r--roles/debian_server/meta/main.yml6
-rw-r--r--roles/locale/README.md1
-rw-r--r--roles/locale/defaults/main.yml4
-rw-r--r--roles/locale/tasks/main.yml5
-rw-r--r--roles/my_workspace/defaults/main.yml2
-rw-r--r--roles/my_workspace/tasks/project.yml53
-rw-r--r--roles/nfs/README.md2
-rw-r--r--roles/nfs/defaults/main.yml5
-rw-r--r--roles/nfs/handlers/main.yml4
-rw-r--r--roles/nfs/tasks/main.yml26
-rw-r--r--roles/nfs/templates/exports.j211
-rw-r--r--roles/samba/README.md2
-rw-r--r--roles/samba/defaults/main.yml2
-rw-r--r--roles/samba/handlers/main.yml12
-rw-r--r--roles/samba/tasks/main.yml49
-rw-r--r--roles/samba/templates/smb.conf.j215
18 files changed, 176 insertions, 27 deletions
diff --git a/roles/debian_cloud_server/meta/main.yml b/roles/debian_cloud_server/meta/main.yml
index 937ec95..4205fb7 100644
--- a/roles/debian_cloud_server/meta/main.yml
+++ b/roles/debian_cloud_server/meta/main.yml
@@ -3,3 +3,4 @@ dependencies:
- role: debian_server
vars:
debian_server_unattended_upgrades: true
+ - role: firewall
diff --git a/roles/debian_server/defaults/main.yml b/roles/debian_server/defaults/main.yml
index 80776a4..a4661c8 100644
--- a/roles/debian_server/defaults/main.yml
+++ b/roles/debian_server/defaults/main.yml
@@ -14,3 +14,6 @@ debian_server_packages:
- vim
- wget
debian_server_unattended_upgrades: false
+debian_server_locale_list:
+ # The saner option for Europe.
+ - en_GB.UTF-8
diff --git a/roles/debian_server/meta/main.yml b/roles/debian_server/meta/main.yml
index 10d3eb8..6ecaff6 100644
--- a/roles/debian_server/meta/main.yml
+++ b/roles/debian_server/meta/main.yml
@@ -3,7 +3,9 @@ dependencies:
vars:
apt_packages: '{{ debian_server_packages }}'
apt_unattended_upgrades: '{{ debian_server_unattended_upgrades }}'
+ - role: locale
+ vars:
+ locale_list: '{{ debian_server_locale_list }}'
- role: sshd
- - role: firewall
- - role: linux_status
- role: journald
+ - role: linux_status
diff --git a/roles/locale/README.md b/roles/locale/README.md
new file mode 100644
index 0000000..7740691
--- /dev/null
+++ b/roles/locale/README.md
@@ -0,0 +1 @@
+This role sets up locales of your choice, including en_US.UTF-8.
diff --git a/roles/locale/defaults/main.yml b/roles/locale/defaults/main.yml
new file mode 100644
index 0000000..0072326
--- /dev/null
+++ b/roles/locale/defaults/main.yml
@@ -0,0 +1,4 @@
+# en_US.UTF-8 is always included.
+locale_list:
+ # The better locale for Europe, compared to en_US.
+ - en_GB.UTF-8
diff --git a/roles/locale/tasks/main.yml b/roles/locale/tasks/main.yml
new file mode 100644
index 0000000..54fd42d
--- /dev/null
+++ b/roles/locale/tasks/main.yml
@@ -0,0 +1,5 @@
+- name: Set up locales
+ become: true
+ community.general.locale_gen:
+ name: "{{ locale_list + ['en_US.UTF-8'] }}"
+ state: present
diff --git a/roles/my_workspace/defaults/main.yml b/roles/my_workspace/defaults/main.yml
index 2eb04de..2c861e4 100644
--- a/roles/my_workspace/defaults/main.yml
+++ b/roles/my_workspace/defaults/main.yml
@@ -3,3 +3,5 @@
my_workspace_dir: /srv/workspace
my_workspace_projects: []
+
+my_workspace_clone_only: false
diff --git a/roles/my_workspace/tasks/project.yml b/roles/my_workspace/tasks/project.yml
index 790ab74..260950a 100644
--- a/roles/my_workspace/tasks/project.yml
+++ b/roles/my_workspace/tasks/project.yml
@@ -22,31 +22,34 @@
- name: user.email
value: '{{ my_workspace_git_email }}'
- - name: Check for Makefile
- ansible.builtin.file:
- path: '{{ project_dir }}/Makefile'
- state: file
- register: makefile_check
- ignore_errors: true
+ - name: Set the project running
+ when: not my_workspace_clone_only
+ block:
+ - name: Check for Makefile
+ ansible.builtin.file:
+ path: '{{ project_dir }}/Makefile'
+ state: file
+ register: makefile_check
+ ignore_errors: true
- - name: Check for docker-compose.yml
- ansible.builtin.file:
- path: '{{ project_dir }}/docker-compose.yml'
- state: file
- register: docker_compose_check
- ignore_errors: true
+ - name: Check for docker-compose.yml
+ ansible.builtin.file:
+ path: '{{ project_dir }}/docker-compose.yml'
+ state: file
+ register: docker_compose_check
+ ignore_errors: true
- - name: Run make
- become: true
- community.general.make:
- chdir: '{{ project_dir }}'
- when: makefile_check is succeeded
+ - name: Run make
+ become: true
+ community.general.make:
+ chdir: '{{ project_dir }}'
+ when: makefile_check is succeeded
- - name: Run docker-compose
- become: true
- community.docker.docker_compose_v2:
- project_src: '{{ project_dir }}'
- pull: always
- build: always
- remove_orphans: true
- when: makefile_check is not succeeded and docker_compose_check is succeeded
+ - name: Run docker-compose
+ become: true
+ community.docker.docker_compose_v2:
+ project_src: '{{ project_dir }}'
+ pull: always
+ build: always
+ remove_orphans: true
+ when: makefile_check is not succeeded and docker_compose_check is succeeded
diff --git a/roles/nfs/README.md b/roles/nfs/README.md
new file mode 100644
index 0000000..b26e8e7
--- /dev/null
+++ b/roles/nfs/README.md
@@ -0,0 +1,2 @@
+This role installs the NFS server & configures a mount. It doesn't support
+multiple mounts or anything like that.
diff --git a/roles/nfs/defaults/main.yml b/roles/nfs/defaults/main.yml
new file mode 100644
index 0000000..0308c64
--- /dev/null
+++ b/roles/nfs/defaults/main.yml
@@ -0,0 +1,5 @@
+#nfs_dir:
+nfs_opts:
+nfs_all_squash: false
+#nfs_anonuid:
+#nfs_anongid:
diff --git a/roles/nfs/handlers/main.yml b/roles/nfs/handlers/main.yml
new file mode 100644
index 0000000..e92820d
--- /dev/null
+++ b/roles/nfs/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: Reload NFS mounts
+ become: true
+ ansible.builtin.command: /usr/sbin/exportfs -arv
+ listen: nfs_configured
diff --git a/roles/nfs/tasks/main.yml b/roles/nfs/tasks/main.yml
new file mode 100644
index 0000000..f8045e3
--- /dev/null
+++ b/roles/nfs/tasks/main.yml
@@ -0,0 +1,26 @@
+- name: Install NFS
+ become: true
+ ansible.builtin.package:
+ name: nfs-server
+ state: present
+
+- name: Enable & start NFS service
+ become: true
+ ansible.builtin.systemd_service:
+ name: nfs-server
+ enabled: true
+ state: started
+
+- name: Collect required info
+ ansible.builtin.setup:
+ gather_subset: [user]
+
+- name: Configure NFS
+ become: true
+ ansible.builtin.template:
+ src: exports.j2
+ dest: /etc/exports
+ owner: root
+ group: root
+ mode: '644'
+ notify: nfs_configured
diff --git a/roles/nfs/templates/exports.j2 b/roles/nfs/templates/exports.j2
new file mode 100644
index 0000000..301bb45
--- /dev/null
+++ b/roles/nfs/templates/exports.j2
@@ -0,0 +1,11 @@
+{% set _opts = 'rw,sync,insecure,no_subtree_check' %}
+{% if nfs_opts %}
+ {% set _opts %}{{ _opts }},{{ nfs_opts }}{% endset %}
+{% endif %}
+{% if nfs_all_squash %}
+ {% set _anonuid = nfs_anonuid if nfs_anonuid is defined else ansible_facts['user_uid'] %}
+ {% set _anongid = nfs_anongid if nfs_anongid is defined else ansible_facts['user_gid'] %}
+ {% set _opts %}{{ _opts }},all_squash,anonuid={{ _anonuid }},anongid={{ _anongid }}{% endset %}
+{% endif %}
+
+{{ nfs_dir }} *({{ _opts }})
diff --git a/roles/samba/README.md b/roles/samba/README.md
new file mode 100644
index 0000000..db14c86
--- /dev/null
+++ b/roles/samba/README.md
@@ -0,0 +1,2 @@
+This role configures an anonymous Samba share. It doesn't support multiple
+shares, authentication or anything like that.
diff --git a/roles/samba/defaults/main.yml b/roles/samba/defaults/main.yml
new file mode 100644
index 0000000..d032b7f
--- /dev/null
+++ b/roles/samba/defaults/main.yml
@@ -0,0 +1,2 @@
+#samba_share_dir:
+#samba_share_name:
diff --git a/roles/samba/handlers/main.yml b/roles/samba/handlers/main.yml
new file mode 100644
index 0000000..81dfe5e
--- /dev/null
+++ b/roles/samba/handlers/main.yml
@@ -0,0 +1,12 @@
+- name: Collect service facts
+ ansible.builtin.service_facts:
+ listen: samba_configured
+
+- name: Restart Samba service
+ become: true
+ when: |
+ 'smbd.service' in ansible_facts.services and ansible_facts.services['smbd.service'].state == 'running'
+ ansible.builtin.systemd_service:
+ name: smbd
+ state: restarted
+ listen: samba_configured
diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml
new file mode 100644
index 0000000..97aff98
--- /dev/null
+++ b/roles/samba/tasks/main.yml
@@ -0,0 +1,49 @@
+- name: Install Samba
+ become: true
+ ansible.builtin.package:
+ name: samba
+ state: present
+
+- name: Create /etc/samba
+ become: true
+ ansible.builtin.file:
+ path: /etc/samba
+ state: directory
+ owner: root
+ group: root
+ mode: '755'
+
+- name: Format smb.conf
+ become: true
+ ansible.builtin.template:
+ src: smb.conf.j2
+ dest: /etc/samba/smb.conf
+ owner: root
+ group: root
+ mode: '644'
+ validate: '/usr/bin/testparm --suppress-prompt %s'
+ notify: samba_configured
+
+- name: Enable & start Samba
+ become: true
+ ansible.builtin.systemd_service:
+ name: smbd
+ enabled: true
+ state: started
+
+- name: Restart Samba service if necessary
+ ansible.builtin.meta: flush_handlers
+
+# Enable network discovery on Windows.
+- name: Install wsdd
+ become: true
+ ansible.builtin.package:
+ name: wsdd
+ state: present
+
+- name: Enable & start wsdd
+ become: true
+ ansible.builtin.systemd_service:
+ name: wsdd
+ enabled: true
+ state: started
diff --git a/roles/samba/templates/smb.conf.j2 b/roles/samba/templates/smb.conf.j2
new file mode 100644
index 0000000..00ef87b
--- /dev/null
+++ b/roles/samba/templates/smb.conf.j2
@@ -0,0 +1,15 @@
+{{ ansible_managed | comment }}
+
+# https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server#Creating_a_Basic_guest_only_smb.conf_File
+
+[global]
+ logging = syslog
+ map to guest = Bad user
+ server role = standalone server
+ auto services = {{ samba_share_name }}
+
+[{{ samba_share_name }}]
+ path = {{ samba_share_dir }}
+ read only = no
+ guest ok = yes
+ guest only = yes
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-28 13:34:43 +0000