diff --git a/roles/autofs_client/tasks/main.yml b/roles/autofs_client/tasks/main.yml index b9bcbfc..7b56f1f 100755 --- a/roles/autofs_client/tasks/main.yml +++ b/roles/autofs_client/tasks/main.yml @@ -17,16 +17,24 @@ content: | username={{ samba_user }} password={{ samba_password }} - mode: '0700' + mode: '0600' + owner: root + group: root + - name: Creating a file with content + ansible.builtin.copy: + dest: "/etc/auto.m-server" + content: | + docker_data -fstype=nfs m-server.home.lan:/share/docker_data + downloads -fstype=nfs m-server.home.lan:/media/data/downloads + mode: '0600' owner: root group: root - - name: Creating a file with content ansible.builtin.copy: dest: "/etc/auto.nas-movies" content: | - movies -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0777,file_mode=0777,uid=jd,rw ://nas.home.lan/movies - mode: '0700' + movies -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/movies + mode: '0600' owner: root group: root @@ -34,8 +42,8 @@ ansible.builtin.copy: dest: "/etc/auto.nas-music" content: | - music -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0777,file_mode=0777,uid=jd,rw ://nas.home.lan/music - mode: '0700' + music -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/music + mode: '0600' owner: root group: root @@ -43,8 +51,8 @@ ansible.builtin.copy: dest: "/etc/auto.nas-shows" content: | - shows -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0777,file_mode=0777,uid=jd,rw ://nas.home.lan/shows - mode: '0700' + shows -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/shows + mode: '0600' owner: root group: root @@ -54,12 +62,12 @@ content: | nas-data -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Data nas-docker-data -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/docker_data - nas-photo -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Photo + nas-photo -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Photo nas-public -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Public nas-install -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/install nas-downloads -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/downloads - nas-games -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/qda_2 - mode: '0700' + nas-games -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/qda_2 + mode: '0600' owner: root group: root # - name: Reconfigure autofs Server @@ -84,10 +92,16 @@ path: /etc/auto.master regexp: "^/media/data/shows/nas.*" line: /media/data/shows/nas /etc/auto.nas-shows --timeout 360 --ghost + + - name: Reconfigure autofs Server ansible.builtin.lineinfile: path: /etc/auto.master line: /media/nas /etc/auto.nas --timeout 360 --ghost + - name: Reconfigure autofs Server + ansible.builtin.lineinfile: + path: /etc/auto.master + line: /media/m-server /etc/auto.m-server --timeout 360 --ghost - name: Restart docker service ansible.builtin.service: diff --git a/roles/docker/files/ca.pem b/roles/docker/files/ca.pem index fabfc50..e629a56 100755 --- a/roles/docker/files/ca.pem +++ b/roles/docker/files/ca.pem @@ -1,33 +1,33 @@ -----BEGIN CERTIFICATE----- -MIIFqTCCA5GgAwIBAgIUKOBdRdfxq0T1Y7YREkEGUC5B644wDQYJKoZIhvcNAQEL +MIIFqTCCA5GgAwIBAgIUJ3kgn/onrwoKs+MqhsHo7RmF/20wDQYJKoZIhvcNAQEL BQAwZDELMAkGA1UEBhMCU0sxETAPBgNVBAgMCFNsb3Zha2lhMQswCQYDVQQHDAJT SzETMBEGA1UECgwKc2VjdG9ycS5ldTELMAkGA1UECwwCSVQxEzARBgNVBAMMCnNl -Y3RvcnEuZXUwHhcNMjUwMzE4MTcxODA5WhcNMjYwMzE4MTcxODA5WjBkMQswCQYD +Y3RvcnEuZXUwHhcNMjUwMzExMTc1MDA5WhcNMjYwMzExMTc1MDA5WjBkMQswCQYD VQQGEwJTSzERMA8GA1UECAwIU2xvdmFraWExCzAJBgNVBAcMAlNLMRMwEQYDVQQK DApzZWN0b3JxLmV1MQswCQYDVQQLDAJJVDETMBEGA1UEAwwKc2VjdG9ycS5ldTCC -AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKTuAq0CKeyTRUz9N2nSyPL5 -MxCJZuKsFdiijjJBA0aVe7VN7sys3NYVr8A2FOpbUcWJiX3yDfPFBfIUaPubS+DR -4O/LInT0gXBtuQZipzyyVugo2gr0WKN1Zl1lv0Jge0bwFuw4uZyZlDahF4NM4ee/ -1PZ0YgMYZNqTDfCrwy65cUIrw3AVNZQTdyYIodq2D5e3xhFO6DV4WgLskFzoN6TG -yYMW7g1+meGrxSsx25MiDh3A6N8LeTyfmJgWL3dhLmpeoK2XkjljMe6G8pBaJm5A -EGi8Hw6tIYtlP/E8CkWlTSTTK7RloLiy2kHaaHJNnAyjJk6N7QVJl4MBXXOj+OkF -KbX/NUhwkXHeaqApBSTobJtPFeH1TVkEYKQ7rp/iFUHCQh8/C8v0O+SBV3TFNfS3 -IwVFbBAWQb0099ULlAqbgCViqSpsdVpg4hFr5R8FLpGSZ0dYIhgfTIdhd/4Ny9/C -4ZyCbDyfmvxDoijINwvAwM9miPA4b1at4Irsw2jvrMxCMv+6keu0saDlPCw9f7O5 -AJGlpU9OSJ5UscSzbMOA1yiZsjI9+VCnQiaZ2Sb5U9yiLUWsz87kJed2X6Au61gP -t8cKnCQgT+QFd6rkrxlRtMmECEWIOG6pVnk8iTQnMcnd/CtZUXTGA7plAv9FeXJD -dmANM6qvXIszQP9FGBznAgMBAAGjUzBRMB0GA1UdDgQWBBTtSLVx7ddURGlWtSMl -P9hjUvXA3TAfBgNVHSMEGDAWgBTtSLVx7ddURGlWtSMlP9hjUvXA3TAPBgNVHRMB -Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCVrHIOyr7GfX9BzAc9lcMpkhuX -QvHesC45vEA6GSaLMT8CLe251Tag5qPAtf25aIM1ohcqLoqbjlTl51Ng3p9tow8t -N+ITqmlJ71XxlI/3EcaZc+GwrOnwedH3XzuGS/Af6qXx5vaA0jvmkkuBvy3dQWld -utOVBvpiYgepvYidDfpaeANfEz1UqerP4oTko5mFiKOgRjE+5/dodkWaTxjzVq6k -LFaMuZt8h3CaolglmEAuepGJ1PBuwXE/V59Yxtj6ravxZ8Zsig11qve7MH6THIO2 -YaH/kB5CIniIsfikiDcNbuljiFdvp5Hx8hEcaCXSsZqNWxG0Ly/eRUJrMFZlW7+f -yucbRIbGT9B3QjyOO9sojbeIjklS3fbPUSlAqMt+mTG74enGlrzrOrPN1QkO6Otc -nZv+/u64VasO5C717n1zowquyWKKIvcUXzORxJZ26o1YiCxeJn5iRdeIyAeVSVHB -Tzx3T/nbf9Vwvv5F1O3/5Dec3iQxhU3Tpr9QZ4bUHSjInKsdB71+TQzvsD9ep9Ok -wD0C1Dvf5RMf8NBrIXh+Y4/Agn1UuPkfxzOxHUVWRIhJsWKtXkn3izffsq8Dg4jG -xKkxPq4XZZW23pl08xId1u77VfXY5M55uycDQeU2Q/U/wM6F5Z9d3xsj+Ch4jbMV -uUFBhdL6wpJ0oAps3A== +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJsXcxwOjZ3jBO3j7gps12vo +zXmSNEoka5RiUvZlfopifwKVxFMzAJd/yoeaxiUBYKIlHgZ/OYu/+WkrwgpX2HO3 +2ZuB83Ym7P3TkTBhRp1S/HqBIb6aORGKhiuhZt6PNiCgqFszmb4Wl0Ox2cYxWYi5 +1DeHXNa5vRob2rSfsJwtamiksJkAsXclQu5dyfMv+cvc4Pob1o/DT76+xDpqT4lr +pzXhpfXyT/xwtOEWku/53fccU0SBSSHPp6HzZUWHoodmHPigYYFEz1drYk1nDr3u +gZq+nEQAVpcn1JrH7DuUaX/CrgBZNRdQ8d+mQ9EEDAQXNfzlH10ebfTjm2ol40cu +9mwVJQ5Ru+h2xvfAlbcqnDTinXFgABuquSNzEz/1eJMIhm+myVOqF1WGeA/LnXGp +OaNny7oQW8/9OLmpAZKIFzcD7KxvdBAu9IkO/KduqJohD8BBPqVAksan85bmEs8R +Iu46XAJ7nmlX1DLchBtwvYv5MRdna73M52rTpNlmidWuiUeysZs8Nx7dGh1bd5I6 +9JnHcMl01UorQn0uitnO9zrOTEg0KkEmUZab1A2CbqeoYYLXi72Sva959faviXb0 +0HaPDtWuih9jQORu7fH7H6ghLFdfgUOp9am1hQpX1P7uXmUOB4iztMrh3bM8m2ZE +HEvr+VfNkcq9KaAfXPhHAgMBAAGjUzBRMB0GA1UdDgQWBBTG6a566m85pq5bLi0O +nC5y0pg6sjAfBgNVHSMEGDAWgBTG6a566m85pq5bLi0OnC5y0pg6sjAPBgNVHRMB +Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQA5g9OxfcoAbYvi2T89E5205QkC +ZxwWgrHIVGICeOF1K2nIypnddoJQUvMT/GYIK4QjZSWLGB2+YZMtXS+U/C9uxKOm +d7bbzp437wUZwUJRtA4JZayxIitVTtzLYYLimb13GrsPs2KwGaZALe0K7dYzDwP1 +74gqOPvP7snDD98c6HV6vVXnTN+0T7djQyv/TqcyQ/IZjVY6JpsqgMg1rHqkYhDM +Na7XBgwOt0Y4QmgS6EYEVv1+QsVB0U1tdH1oa+zwiyj5xDwVNmU5bLocEq3kYIRU +tQUarNNKY4fMq529Heq7Ki63DLYTP8tJGh0Yijm9SFPqKYaZy6iL5xbdRFNCIFR/ +FnBZmRVxvPealAoIg9vutHkQrdqebBfX11PwWtLn+fkGTXq+5fBwjYllK04/MBk0 +SNjt6qwnOGZOc4gmEjthF4oVcVKoE7sVSCdgu/2jtLeJ48s0MwGhWZCk21ZgJbZY +5gMahOiSndmudTo1ubFrqLb71MBTpqjiHTF2VLdxZEsrFCqeQAbsG+KmMuj+UhzV +yuO3ycAGSDxsgbyHHYzjo2O5BvY35J7w1lZe1CExgoeeYFWlJ6t5PySf6OJupFit +7FNwYgVXqC3+vwEWmbXz0WHwPh4aCvfSuNAHoiwX2UyzceYOWB5F4TmA2Chj23Ih +isOdaq7ol1Q0iF9tjQ== -----END CERTIFICATE----- diff --git a/roles/docker/files/server-cert.pem b/roles/docker/files/server-cert.pem index f100ae8..28d3e9c 100755 --- a/roles/docker/files/server-cert.pem +++ b/roles/docker/files/server-cert.pem @@ -1,32 +1,32 @@ -----BEGIN CERTIFICATE----- -MIIFmzCCA4OgAwIBAgIUIAmyLpdLLc9jLlk3yzZruYnzMDIwDQYJKoZIhvcNAQEL +MIIFkDCCA3igAwIBAgIUUYzivwquTJnP+9/Q/zb/0Ew+eVowDQYJKoZIhvcNAQEL BQAwZDELMAkGA1UEBhMCU0sxETAPBgNVBAgMCFNsb3Zha2lhMQswCQYDVQQHDAJT SzETMBEGA1UECgwKc2VjdG9ycS5ldTELMAkGA1UECwwCSVQxEzARBgNVBAMMCnNl -Y3RvcnEuZXUwHhcNMjUwMzE4MTcxOTA5WhcNMjYwMzE4MTcxOTA5WjAYMRYwFAYD -VQQDDA1yYWNrLmhvbWUubGFuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC -AgEA21urOCdoUPOBRqJBzEickOvhdQKCCTcbxHlxy80jR1PUDqmZeqPktKr0QCtf -ntb0NH+/Ntiu3ZZBBkeyPfA50QIADmII5AbOHADszWEsKz9vhltFKpWQfsmU9H6U -fPyHL0muqz32ujRZnQUIvQ5ekrH9ghLOhllOv+Rqbj5w6AjNYOxBuy0qgb7AZJCV -zBjfSYm80pCY6RDU0C+v4X5TbyDAwNY5FAUfsFqpExHo9YbB2V9VNE2vW8mIy/Kg -OZ9SfRhuFY5Gl1aEdQJUaAQe05oLvvkPPmOCv6CyEfJV5Esrnz2xludpIhET+eHu -PXWvcvVCHPAO8HnGhqtYBmyOb8UVDgL07voXif+jtr/G31m+u4zeYrnvoe7u1U2X -GeV97+yZafKTAD4c6kbja+ojH7JV5dwVIEmw4cSv+GWbM+JdrUskcl5Ku+vAUg/u -RT/N6b98iWWhbwtbQkVzs4g93KWeu+416/p9DKUwT7OcKKvvc5Kxxk9Empkv5xtI -ScABwb6YtGeVUE9CX+Xj5hHOc1zXEJ8t8PQwBKLTOd94H5I72AxjZZ+fF52ysp+w -eGULuIYKbJI5yzIg6JYHhLR08YvGydBgbmymnejd7hGKnsNh2y5lizxBEdfqfMvw -pAexpue3mh40dJS3c82tEo7YlsDQGwK2G/eK4k7rZDgQVpsCAwEAAaOBkDCBjTA2 -BgNVHREELzAtgg1yYWNrLmhvbWUubGFuhwTAqE1lhwTAqE03hwTAqE3uhwTAqE03 -hwR/AAABMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBSm0Th+Qn2nTOHq -tqS7oIP+H/AhLjAfBgNVHSMEGDAWgBTtSLVx7ddURGlWtSMlP9hjUvXA3TANBgkq -hkiG9w0BAQsFAAOCAgEAF3sZbSWnNj9X48kKtm/2btrBwC2cEg5x8pfb/orjNZmi -47rXkLOzE0v09TO8+gFhKu6pR9SLmhTsgPRkGYolP4Bx889NMSzcoXTT18Vf6LTH -LA3okzg4wI5uAa4OCAUJ78D9OJniJhdTamlCCw2r0TDxmf1Wc4ofWYlHuSolWetH -MyhHjU8wp7BIG+we5CKwCQedDufrPLw9zBm7eLq9kBDUNifO0m0rJuYcnaxtGT/w -AUFxKJ1xHNt0lqSYHpd1ljvJKXAeugN4iuoCBBuVuQHCTweeW6g4O7HPefB1cyCS -HCUx4kKM95pPiMn0MwYPUZrP6sXsf+RPRHWROwZ/lwXcLlsmF177B7uEHqaAl66D -5YQz0JtkAcpoglyHPYS4Z9NCEiPMNuT/xiHMESp5nBxWQk3lfg7GpwAgjNQ4uic+ -V1A5X9jTZg8qwfy1DSP33KWUgrS+uMFmJkPx6SA+2TksQkqTpr6ogS/aDgd9Sz7c -QlA1yHUJ9Si3cP8w5y73Ih3mCUX/caq3eMCRqpK22BhShamZrUvoPESSywtCOVWq -nzDAWZeRgFZIqAV54PFunJBd0S4yVeRkd4hgXWdEdIpbOXj3/zCY5Gl51QrymB4+ -WC4a8ZM3dTDwndCBN0p7+9Ol2YPRgv41C0vN55bib1wm2sTnQfs86ctST2ZXy28= +Y3RvcnEuZXUwHhcNMjUwMzExMTc1MDEzWhcNMjYwMzExMTc1MDEzWjAcMRowGAYD +VQQDDBFtLXNlcnZlci5ob21lLmxhbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC +AgoCggIBALcgqTwwWnKeiHt1ZZQjoyZw/c/DbPwQnBuQVhNGF6RX7apXP/eY4Sf8 +/l2y6awZd6vM4JyFonPENbll/dEVgFEPgwwiqiaBC9PuZIbC60LLYwpDUmaHXNAd +xgohSWOEc7uT1lcW2yn5n1A93JpoOScb/dAmjWPUYV3BqnKTtcqVs3a5SzWxnIqO +szWt97SZpRY3GWIAiOmFqcKE5gL7FkSaMyS81E/Qfct/37o5OHWpiBhzLZUyop1e +z9f7RrgDRzEoNlJisWFY/wF0xvmowkslL8QsYBTkfgofP7dEm8MOn0hJOFzuUY75 +TAp+h6wiL0bhTab4XDOrFjFy5ivehICdDSal+IlNEmI9Zsziy/1gW7WXCMMgOXKn +xX7se2OFbHGCaf9NCn+0ODHev9ZeDni5SQsgyD3Zjyh3kc7AZ97M8jNJlCGb2QaJ +f/BF2Q9EzbQYHjor97r/+tMdvYkYNo9+FYoJH3yP+T378Tn+DFe8KthvbqCSF01t +aDdfcRu0p+qNalVkD2rctohJgiEuhzVIIpfqe3P9yMyzBYgwoXMUIthug4wOo8gE +Xwr7cgTTK8pxPQGlo1JL0WuBxodtdHP9/VQmf3Qkgj3W0UTAP3rphnvg/5S5tqIT +P7W+HVjEzTEh2z2FGxz4lvEbo82FrhxnCrW+Gk/jhbY99Lr3SeetAgMBAAGjgYEw +fzAoBgNVHREEITAfghFtLXNlcnZlci5ob21lLmxhbocEwKhN7ocEfwAAATATBgNV +HSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUOIy9QvfKWPuMGEp4C2yvjNO2uYsw +HwYDVR0jBBgwFoAUxumueupvOaauWy4tDpwuctKYOrIwDQYJKoZIhvcNAQELBQAD +ggIBAIJBsaPUjAApSDplyUGru6XnLL1UHjG+g49A12QIfgG9x2frRRhvAbx21121 +sCJ5/dvHJS/a8xppcNd4cMFrvLrOkZn6s+gfeXc20sMscdyjnjIbxdmDiUwnhoFT ++9OKg5BYokg11PmEOhMEK7L9qEXaf5L+9TdcxBl/qvciqSpZ9FsOGDYCgB0EMsQ/ +48/Tj/0ABF+c/+WVXzWL51Gdj6waM0qqXjGArbjAUA7ft8gy18n/6DyM3KWlZXCb ++mAwUGnOvHFNbb8jgxSDvFeIos0P6Edq0PDcK5k1uYEeATp0CC6/F3z1Eai2vKy+ +c1BbJZtDJmlKTL+7vykHMSVqAuN/Vq4uvtxv1pOCR1UJk1mW0mr6Ovm9sVVk5HFD +3j6nOF81PiabdWA6GbbSCQdlpL2v0KipAR/sNheMwXAe+5NGJAiE5uaBgQSTVZS+ +7b4DDKFxfkHR9ISOGURgf9wRxqF6jNS4qqQp9+sOdK6y++ZVGRTTpQbCHEg9V79r +TTGs4lbvaFCmF/Y9/NPSrRo//l+XhJrpjoeyx04iy6QipErCCFK2dHH5hYfS3ISt +kbaw2ARNqbcktQkWwA+W+rb83en/w3WG1v2vByKGCr1s4jHAhWtSLZhXx+PIYeT+ +ml/kv+Y3W1T/lOcsytJrXug8t+g4nh9wYTnRl5YwruaKQjWF -----END CERTIFICATE----- diff --git a/roles/docker/files/server-key.pem b/roles/docker/files/server-key.pem index 3a95292..9c99001 100755 --- a/roles/docker/files/server-key.pem +++ b/roles/docker/files/server-key.pem @@ -1,52 +1,52 @@ -----BEGIN PRIVATE KEY----- -MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDbW6s4J2hQ84FG -okHMSJyQ6+F1AoIJNxvEeXHLzSNHU9QOqZl6o+S0qvRAK1+e1vQ0f7822K7dlkEG -R7I98DnRAgAOYgjkBs4cAOzNYSwrP2+GW0UqlZB+yZT0fpR8/IcvSa6rPfa6NFmd -BQi9Dl6Ssf2CEs6GWU6/5GpuPnDoCM1g7EG7LSqBvsBkkJXMGN9JibzSkJjpENTQ -L6/hflNvIMDA1jkUBR+wWqkTEej1hsHZX1U0Ta9byYjL8qA5n1J9GG4VjkaXVoR1 -AlRoBB7Tmgu++Q8+Y4K/oLIR8lXkSyufPbGW52kiERP54e49da9y9UIc8A7wecaG -q1gGbI5vxRUOAvTu+heJ/6O2v8bfWb67jN5iue+h7u7VTZcZ5X3v7Jlp8pMAPhzq -RuNr6iMfslXl3BUgSbDhxK/4ZZsz4l2tSyRyXkq768BSD+5FP83pv3yJZaFvC1tC -RXOziD3cpZ677jXr+n0MpTBPs5woq+9zkrHGT0SamS/nG0hJwAHBvpi0Z5VQT0Jf -5ePmEc5zXNcQny3w9DAEotM533gfkjvYDGNln58XnbKyn7B4ZQu4hgpskjnLMiDo -lgeEtHTxi8bJ0GBubKad6N3uEYqew2HbLmWLPEER1+p8y/CkB7Gm57eaHjR0lLdz -za0SjtiWwNAbArYb94riTutkOBBWmwIDAQABAoICAGBqHsw8OfQWy3QF3mDRa4uh -OgQJmak+QSSu8m8PF9oChPr63ZxTjDNCzr+jsNAqj8TBf4S2YcnAgI0nlzb1Lxxo -QikQOvMq8I3LdEnjU5wgsj6+QBzzB0NLC/8Y4eA7yJlmy/C1eAwo9Vh4PXqHZdcZ -h6ET7hWMDHp4hbU2Gb9LGyZmQY/pTr0fYAXzrPu71OzILyfn6WXLgZaN10MIGNkH -7uDzZ7wecmq7toPMw/WjCPInnlYybQitgMSPvJAHMKUOR1iPJAThwK+DWiEr6na8 -Rzxl0SbtaysaERqlRs5koeRIpBV9Wi7gjcSv4ty9rOOc3DXG5/IXvEQ17KdKMKIs -R1wWynxM2yR3mHi4btNpFthdZ7B3BhnliTcBRyWJWU8Zkd7pcM6AwOaA2vU7wb1c -mvLGomtDhWf/ij/Ww8fWBmpj7yLuA5bOBCGHmCqS+ow4AUZANC6mc50GmZs4Llg0 -8CJgaynrdFKBhPbVZ/OoDK/d6yDostRx/PGReGjue1ly93sjNw16QeulHj8cWk3R -LXNnQaDf1MCvoW7826Fzpzl/jLnB6q5CyLwdqToDtT46Zm8lGvrfb+2K0v0R3a2A -qQLZZDoNzau8D7bjQctaHOUdIxYh1E1k+fdvyncWDOUPitNuaL9Li/usddNZKKvN -hg3CDkxtUQdDKY6bTxo1AoIBAQD5nnGGHIhxzpYwjETl42+jM0JZywdV0zv+AQSZ -AmQvHm2CNrr8FgdA6H1uX9iKvRShPlmvgun8mxKKZ4SFfCvqWwy1NVP0VCeZ6COX -xSoAxO2P75j/HVZo4ZPtXrobj1t7wBllMv5YJCJL/pvNrNUeDaUmjp5oLRkGGIRA -ZvDVmeMFNP/N0lKQfVaQ2Zr8HxvxADEtvq7Zr5YQzyNtpY80wEOpHYU1QXaf67va -A/R90onbHxiSc8LYuPu9ltvzzwDaN4laYaxz4QemSPHSLfQoNKTrJ0th6h0+ElXt -CUIaiZK/6RG2mgqk7X/CVFsbwRCCeegi+OgiTBjatrryGwXlAoIBAQDg9zE9ep4c -HXJbIvEjhvv8HIoa7Jeb2Ktspqja9FZv8qn8o0e41fXnmdNkjeJPrEcUMyJrlGCG -UlcIh8L5zdvr0Ja1epmcfJmOyfhyUwsovG3X9DlGjunKAfUaHEEozh8pd3p9MhAb -Re/q6u5OU2MAChe8gjlD7ycPZcHhztqcoaVxg9KmozV5WSj/NWu5+o+o2PgwCbUi -n5qEwVW9tY2qVmzmSTO/2ii4pM6SZpAGoyY4F0HR7GYYtX9JT8OiFTxVe9Qpl155 -ldFl2Mgf14kLZJqTmXBB+m3Ocujjn7HxLHoWc3q2Po3SDwpVeqQFtm1+0ap9e1XP -6K2gXiYQYCJ/AoIBAENf0bJqFyXopb8azSnjlmlNV5ZW53bx2dp4Od52t8XEB7jC -vvt1kqWhWuGkuxTPbjcLVje6NR+6V2nGAQ3qcwwBYU+zwiJLaJjxAFJhpDGq9ZgJ -CpmpOH58jGngTIlNy1p+ghw/hEkUD7HFWhZMlQVUl4PtsLHbokpz6ZZccpqku5LX -OEg8gY6AVhIoud1dJDSLYbrAIf+dlfqZfi2FJz8MufZ2glLahYMqpHx23tHrNsxO -+1nkJu5KF6CXjGylLcy4erlLbbmlPmRSgfrB7om/k9fotj8KarQrTMf63L2+7j4g -UWig8UiM1hQEosa9+I/PCaoO1tETCw5VjeX1B0UCggEANhByDvpW4R7airh9BzK7 -gD1Dm3DchqGtoPD0h5pM456H56U96VfSPxSizvmiN8+JTXt0fDIueFl1fSFTZEFq -5uM8NOT/4bG4Ha7APIlklyehplKVKTXTTa7mvp2nsyzGJGsITuonIMbP/77yAnTb -x/ik97K8HG1vD64+yAu0Ugwu/HbXuyBiC4W36o1mFE35FHUAQFs04ttEgT8NYggt -wY//n+BbxXGic613z4tCdbXjy3sbYF3Vs3561p2KwHsmAs09kblFBSdSKY3Nmolr -8Ab/dxVa+yA6H3FSMtIAK5uqw5aBGSczYhYnP5+3p3/OFLpCpOFtIAglIfM+ZpUT -9QKCAQBoACOCu9VZtw+8C7avhw8nv/V+SFm2anK8Q5lOQiYo40ULklbqe+onzKJ3 -oNjl7iyXZSkTyq6wEdOsKhPr7HndRTTcH2O7mxKcdEWkMtJLlo3xlohqBQymAlQl -GEOblCG6sC0SPnse+RrrtU4EsXaTIJsOCrcmWwYnqO8nItzEnzT1ifN9Xt0rwI9y -7ZNAM1rvbVbm/uySCRf1slZWyHm+Dqr4oUNaZvTk6sFdlSs3emUzDb4mje9G3V86 -cXZNizURN4KA3+ADjCFPpQ6HO4rGNSqKKEEiW1aVPsCC0z0vxd1vY8taYVwL/B4p -/dKUFh7pGk5UE/IXZWlBVDufNy/b +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC3IKk8MFpynoh7 +dWWUI6MmcP3Pw2z8EJwbkFYTRhekV+2qVz/3mOEn/P5dsumsGXerzOCchaJzxDW5 +Zf3RFYBRD4MMIqomgQvT7mSGwutCy2MKQ1Jmh1zQHcYKIUljhHO7k9ZXFtsp+Z9Q +PdyaaDknG/3QJo1j1GFdwapyk7XKlbN2uUs1sZyKjrM1rfe0maUWNxliAIjphanC +hOYC+xZEmjMkvNRP0H3Lf9+6OTh1qYgYcy2VMqKdXs/X+0a4A0cxKDZSYrFhWP8B +dMb5qMJLJS/ELGAU5H4KHz+3RJvDDp9ISThc7lGO+UwKfoesIi9G4U2m+FwzqxYx +cuYr3oSAnQ0mpfiJTRJiPWbM4sv9YFu1lwjDIDlyp8V+7HtjhWxxgmn/TQp/tDgx +3r/WXg54uUkLIMg92Y8od5HOwGfezPIzSZQhm9kGiX/wRdkPRM20GB46K/e6//rT +Hb2JGDaPfhWKCR98j/k9+/E5/gxXvCrYb26gkhdNbWg3X3EbtKfqjWpVZA9q3LaI +SYIhLoc1SCKX6ntz/cjMswWIMKFzFCLYboOMDqPIBF8K+3IE0yvKcT0BpaNSS9Fr +gcaHbXRz/f1UJn90JII91tFEwD966YZ74P+UubaiEz+1vh1YxM0xIds9hRsc+Jbx +G6PNha4cZwq1vhpP44W2PfS690nnrQIDAQABAoICAACEElRh8wKkg6xWkQULDMdi +wWen/H85frbufBhkyQH3NWjErCMmwzJsMWi9EUkKGs7VWKgLv7uadY4q03XHhgmc +GrAEwS6UaFmNgd5fmk3j1rHhUSIUyq8JNkbtIPr9bC+a6C/OuRYpE4o2V1zzPK1D +HokafrNqxHGne/g8ASfgGcApH9C1MwR9bnyi6txmhRcDM7SiZ5JCDCGdgg11eirz +45PvsAysg3ZfA4DAQOWn4defEj8NtO9kisbRKWBKosrrJmSWZ4fnd6F8TzSX/dO8 +MEEXUW7RJ7G0vviTnSeQNnjsZB+wQk84y3lRGDzvCVxR7cqLdaKjMD38zQdr1HiM +IysiYw7aUQ8ukz+4I4izPmn/iDdTxNzTHSvaxCjKRqsaj9R3kEFqtVuOoInfwKD9 +iSoEI35IkEIJwhvnt/xfZY03HwI7JBvSgA23zM5L2dvuM0nwGVcn+/WkLcYRum2y +hXRbpQ69dVTiFCxQG71bdcuK8z2lxXDPsyBjkcBta/WwQe8sHHdrszyc1Zf5DIDx +341bQ0cJEZQJD5BmKNij6Ow0N9g/0vySAScKF1zM9J0fE/XBihNYIH9JCXPRrFqw +BmUGmNjjyJSbnYMxjyVDz8g9026N+w23VtLv0UlA4hF3Hexupqol7XM+MhqNSFIO +A+F8Ho9U38LZfA3yt8JpAoIBAQD00RQmllHGtRR2zsIA0LPMVUyV3DOshJ4XYj8a +sN2rSU9rgNRB0rnpgWoGMAysOerPphvoY6bf1wrI3dFt5pzQMuKJLz6VFl135k5R +11kxZfCmZC/pIp3WLkIHDthAXkU5IKnWw/4vQgmIwTZ5I7rNjPaJYuoH8z5Buuwi +qUnEJj3czq4iNW2DHAFd657NQImrIbvN4T9SHLGrFBG3Bqf43xc/TMNqOnD7FcYe ++DIkBFXBFqx6pwMjP7hUwo88Oxzp7I/MaDXw9LnSPt2YQqdyNaaFiyk8JWc87LMq +DFaXFh+aON9XFxvKfCQA5uNCwyaWMi8zNWLpFTPKuZPPaWR5AoIBAQC/fi5ReLUL +HEpGgKw9UstgexmdnQLVisVfRH9eaQn/U6Yoo8XD0gpdjtqdA9dStV3jw9zKAoeP +twg819A/nl+kavDP1bGxaxEou9BUFvxyqw0OrA1bKznNlcpCNpqShSiFVO/6CqaU +awaDRuAsf4gs8/vKzw3q5bPErC+/a8x8USicOMc1tPrUxmTSwoXCfgtb+l7+7K48 +QeA27zPxaOCotAhef1T6KW1mYC7vP0ertZwiG+Lqoh9fzrun5TUYielqqrAJWPFC +o12r6jqhr9a6dPZ0/ZBCK3JyvdYGt321P6yffA78sz0hvSqT9JMmNnZJSc6oOiuB +qqutqzl/KgfVAoIBAQDoZWD/kEpompSmg3beVz+WhJKC39mdtvZrtDO7HpIOezUN +E+pp4aPh6Zu/6/TbuM8R9tkfLRnH+tad/xNDhFrvuJ4bI+IAnI51twY54nck0WQ0 +T367jMTQAHFlSc42rEaCCGOxH7Q3IDT0wJT5QdWeMmYF3QPUMC+1Lb/i11jS/opT +BU9/4b/nabpSccz5gn4tGYSx11TImbx+bjqyx3rEYOIskK4gNQHzF6RO2cSfNA5D +kUaB1/C+kUpmC5r0zhiQZqPKolIyPd33mv23/+38GLnOo1+tXMQ3rWoWTEgWfEXb +nIlGnwUeneF/ia3KPn5urYzoy5DtOddEZg3OInnhAoIBAGrVZ9v2PvMi5mFtGirg +TSzXoNPpLBKc6D6dRX4TlgtHzNSxgf0c6sGFmHuvD+tJ2kbfGAfv31eTotnnAXzs +y6k8LHuXWhqEhD84gSLY7CDBQ3ijDpSFiisjXYMRWa1S8udoGrZiSMtW5nxJB3pr +8Do8KIbee4JIgsG/2qet6ZiV4tU9bA6PmL0qrkdTVTLMBWRcS7FntFFT41Zin5UY +kPYt8tldqrgicrGCCc1afY7TtHbnHfMPXfeiq9kgrD2ze3ESJ0IfyAIIiJMIC4v3 +QRInfPSKHnh8Ks7PEGAQ8OY0zwbvPKFJElsHYYDIG2xfSCDdN5ltUqZ15G/wrhQ/ +C70CggEAHKhqoWElJNa3Ba4UscXKWL28cXRkMLdZGRngU5W9GLUQhDVYHdy+x5jU +5V4OnhCFo4Vq8uc2HsKnknhu/KGJ2gf3g8ASkILCG6aqB+0xZ+N6/dW0Yfft7vV4 +az9azn2nEK6Pqiokm0ggc+UhZ4C6EKWY3Vefs0scxKBIx48aGDP0I/XwFrZpwdWC +Z/jlCjTZlJ+5G7VenkqWtIlJmXZ6zrRFkPKlmxSTKIrDTJaD0dcNmDrwe+au0x+y +YHMSo0gMN9W5pFN6LDc/JYXOkb995mkKXyzeRTFy+v2yFig6rSwBStwcSTsuNWAe +FOWrzZPSFGNqLJEHjZdIBAaDR6ER7A== -----END PRIVATE KEY----- diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 80624a7..2618d3d 100755 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,86 +1,96 @@ - name: Setup docker become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" block: - - name: Print arch - ansible.builtin.debug: - msg: "{{ ansible_architecture }}" - - name: Install docker - ansible.builtin.apt: - name: - - ca-certificates - - curl - - telnet - - net-tools - - python3-pip - - python3-dev - state: present - update_cache: true - - name: Get keys for raspotify - ansible.builtin.command: - install -m 0755 -d /etc/apt/keyrings - changed_when: my_output.rc != 0 + - name: Facts + ansible.builtin.setup: - - name: Add an Apt signing key to a specific keyring file - ansible.builtin.apt_key: - url: https://download.docker.com/linux/debian/gpg - keyring: /etc/apt/keyrings/docker.asc - when: - - ansible_distribution == "Debian" and ansible_distribution_major_version == "12" + # - name: Print arch + # ansible.builtin.debug: + # msg: "{{ ansible_architecture }}" + # - name: Install docker dependencies + # ansible.builtin.apt: + # name: + # - ca-certificates + # - curl + # - telnet + # - net-tools + # - python3-pip + # - python3-dev + # state: present + # update_cache: true + # - name: Get keys for raspotify + # ansible.builtin.command: + # install -m 0755 -d /etc/apt/keyrings + + + # # - name: Add an Apt signing key to a specific keyring file + # # ansible.builtin.apt_key: + # # url: https://download.docker.com/linux/debian/gpg + # # keyring: /etc/apt/keyrings/docker.asc + # # when: + # # - ansible_distribution == "Debian" and ansible_distribution_major_version == "12" + + # # - name: Get keys for raspotify + # # ansible.builtin.shell: + # # curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc + # # when: + # # - ansible_distribution == "Debian" and ansible_distribution_major_version == "12" # - name: Get keys for raspotify # ansible.builtin.shell: - # curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc + # curl -fsSL https://download.docker.com/linux/raspbian/gpg -o /etc/apt/keyrings/docker.asc # when: # - ansible_distribution == "Debian" and ansible_distribution_major_version == "12" - - name: Add an Apt signing key to a specific keyring file - ansible.builtin.apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - keyring: /etc/apt/keyrings/docker.asc - when: - - ansible_distribution == "Ubuntu" - # - name: Get keys for raspotify - # ansible.builtin.shell: - # curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc + + + # - name: Add an Apt signing key to a specific keyring file + # ansible.builtin.apt_key: + # url: https://download.docker.com/linux/ubuntu/gpg + # keyring: /etc/apt/keyrings/docker.asc # when: # - ansible_distribution == "Ubuntu" - - name: Change file ownership, group and permissions - ansible.builtin.file: - path: /etc/apt/keyrings/docker.asc - owner: root - group: root - mode: '0644' + + # # - name: Get keys for raspotify + # # ansible.builtin.shell: + # # curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc + # # when: + # # - ansible_distribution == "Ubuntu" + # - name: Change file ownership, group and permissions + # ansible.builtin.file: + # path: /etc/apt/keyrings/docker.asc + # owner: root + # group: root + # mode: '0644' + + # # - name: Get keys for raspotify + # # ansible.builtin.shell: + # # chmod a+r /etc/apt/keyrings/docker.asc # - name: Get keys for raspotify - # ansible.builtin.shell: - # chmod a+r /etc/apt/keyrings/docker.asc + # ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc]\ + # https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" |\ + # tee /etc/apt/sources.list.d/docker.list > /dev/null + # when: + # - ansible_distribution == "Debian" and ansible_distribution_major_version == "12" - - name: Get keys for raspotify - ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc]\ - https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" |\ - sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - when: - - ansible_distribution == "Debian" and ansible_distribution_major_version == "12" - changed_when: my_output.rc != 0 + # - name: Get keys for raspotify + # ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc]\ + # https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" |\ + # sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + # when: + # - ansible_distribution == "Ubuntu" - - name: Get keys for raspotify - ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc]\ - https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" |\ - sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - when: - - ansible_distribution == "Ubuntu" - changed_when: my_output.rc != 0 - - - name: Install docker - ansible.builtin.apt: - name: - - docker-ce - - docker-ce-cli - - containerd.io - - docker-buildx-plugin - - docker-compose-plugin - update_cache: true + # - name: Install docker + # ansible.builtin.apt: + # name: + # - docker-ce + # - docker-ce-cli + # - containerd.io + # - docker-buildx-plugin + # - docker-compose-plugin + # update_cache: true - name: Create a directory docker.service.d ansible.builtin.file: @@ -131,20 +141,20 @@ notify: restart_docker when: mode == "nocert" - - name: Creating a file with content - ansible.builtin.copy: - dest: "/etc/systemd/system/docker.service.d/override.conf" - content: | - [Service] - ExecStart= - ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --tlsverify \ - --tlscacert=/etc/docker/certs/ca.pem --tlscert=/etc/docker/certs/server-cert.pem \ - --tlskey=/etc/docker/certs/server-key.pem -H=0.0.0.0:2376 - mode: '0600' - owner: root - group: root - notify: restart_docker - when: mode != "nocert" + # - name: Creating a file with content + # ansible.builtin.copy: + # dest: "/etc/systemd/system/docker.service.d/override.conf" + # content: | + # [Service] + # ExecStart= + # ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --tlsverify \ + # --tlscacert=/etc/docker/certs/ca.pem --tlscert=/etc/docker/certs/server-cert.pem \ + # --tlskey=/etc/docker/certs/server-key.pem -H=0.0.0.0:2376 + # mode: '0600' + # owner: root + # group: root + # notify: restart_docker + # when: mode != "nocert" - name: Just force systemd to reread configs ansible.builtin.systemd: diff --git a/roles/hosts/handlers/main.yml b/roles/hosts/handlers/main.yml deleted file mode 100755 index 90ec872..0000000 --- a/roles/hosts/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: restart_docker - ansible.builtin.service: - name: docker.service - state: restarted - become: true \ No newline at end of file diff --git a/roles/ssh_banner/tasks/main.yml b/roles/ssh_banner/tasks/main.yml index 95cf266..2f6e875 100755 --- a/roles/ssh_banner/tasks/main.yml +++ b/roles/ssh_banner/tasks/main.yml @@ -20,7 +20,7 @@ {{ logo.stdout }} owner: 0 group: 0 - mode: "0600" + mode: "0777" - name: Reconfigure sshd ansible.builtin.lineinfile: diff --git a/roles/zabbix-agent/tasks/main.yml b/roles/zabbix-agent/tasks/main.yml index 8cafc94..975d3ef 100755 --- a/roles/zabbix-agent/tasks/main.yml +++ b/roles/zabbix-agent/tasks/main.yml @@ -37,7 +37,7 @@ - name: Install a .deb package from the internet2 ansible.builtin.apt: # deb: https://repo.zabbix.com/zabbix/6.4/raspbian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian11_all.deb - deb: https://repo.zabbix.com/zabbix/7.0/raspbian/pool/main/z/zabbix-release/zabbix-release_7.0-1+debian11_all.deb + deb: https://repo.zabbix.com/zabbix/7.2/release/raspbian/pool/main/z/zabbix-release/zabbix-release_latest_7.2+debian12_all.deb retries: 5 delay: 5 when: diff --git a/ssh_key.pem b/ssh_key.pem old mode 100755 new mode 100644