diff --git a/group_vars/all/vars.yaml b/group_vars/all/ansible-header.yml
similarity index 54%
rename from group_vars/all/vars.yaml
rename to group_vars/all/ansible-header.yml
index 1803dd0190fe57ffb9f2a568d5cae95c7e122873..3a7faebd8af1461affb0ce4e79aa60ef84e17ecf 100644
--- a/group_vars/all/vars.yaml
+++ b/group_vars/all/ansible-header.yml
@@ -1,5 +1,4 @@
---
-
# Custom header
dirty: "{% if template_fullpath is defined %}{{ lookup('pipe', 'git diff --quiet -- ' + template_fullpath | quote + ' || echo dirty') }}{% else %}{{ lookup('pipe', 'git diff --quiet || echo dirty') }}{% endif %}"
ansible_header: |
@@ -17,45 +16,3 @@ ansible_header: |
{% endif %}
+++++++++++++++++++++++++++++++++++++++++++++++++++
-
-# Crans subnets
-adm_subnet: 10.231.136.0/24
-
-# # Role rsync-client
-# to_backup:
-# - {
-# name: "var",
-# path: "/var",
-# auth_users: "backupcrans",
-# secrets_file: "/etc/rsyncd.secrets",
-# hosts_allow: ["zephir.adm.crans.org", "10.231.136.6"],
-# }
-# - {
-# name: "slash",
-# path: "/",
-# auth_users: "backupcrans",
-# secrets_file: "/etc/rsyncd.secrets",
-# hosts_allow: ["zephir.adm.crans.org", "10.231.136.6"],
-# }
-#
-# re2o:
-# server: re2o.adm.crans.org
-# service_user: "{{ vault.re2o_service_user }}"
-# service_password: "{{ vault.re2o_service_password }}"
-#
-#
-# # global server definitions
-glob_smtp: smtp.adm.crans.org
-glob_mirror:
- name: mirror.adm.crans.org
- ip: 172.16.10.30
-
-glob_ldap:
- uri: 'ldap://re2o-ldap.adm.crans.org/'
- users_base: 'cn=Utilisateurs,dc=crans,dc=org'
- servers:
- - 172.16.10.1
- - 172.16.10.11
- - 172.16.10.12
- - 172.16.10.13
- base: 'dc=crans,dc=org'
diff --git a/group_vars/all/ldap.yml b/group_vars/all/ldap.yml
new file mode 100644
index 0000000000000000000000000000000000000000..781301c88ecad49bcb11bb4d8dff0e3d13858442
--- /dev/null
+++ b/group_vars/all/ldap.yml
@@ -0,0 +1,10 @@
+---
+glob_ldap:
+ uri: 'ldap://re2o-ldap.adm.crans.org/'
+ users_base: 'cn=Utilisateurs,dc=crans,dc=org'
+ servers:
+ - 172.16.10.1
+ - 172.16.10.11
+ - 172.16.10.12
+ - 172.16.10.13
+ base: 'dc=crans,dc=org'
diff --git a/group_vars/all/mirror.yml b/group_vars/all/mirror.yml
new file mode 100644
index 0000000000000000000000000000000000000000..2e1221096057c462473881e39cc537787e2ca2a8
--- /dev/null
+++ b/group_vars/all/mirror.yml
@@ -0,0 +1,7 @@
+---
+glob_mirror:
+ hostname: mirror.adm.crans.org
+ ip: 172.16.10.30
+
+debian_mirror: http://mirror.adm.crans.org/debian
+debian_components: main contrib non-free
diff --git a/group_vars/ovh/vars.yml b/group_vars/ovh/vars.yml
deleted file mode 100644
index ad05e34683564852df4e094b720ccaef7d666fb2..0000000000000000000000000000000000000000
--- a/group_vars/ovh/vars.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# Parameters for debian and ubuntu mirror
-debian_mirror: http://deb.debian.org/debian
-ubuntu_mirror: http://deb.debian.org/ubuntu
-debian_components: main contrib non-free
-ubuntu_components: main restricted universe multiverse
diff --git a/group_vars/re2o.yml b/group_vars/re2o.yml
index 6d2c108cc32aa07e1f9af4ef66e441b814b2affa..dc9950ee2e325acf79040146b4d946eacb3b08ed 100644
--- a/group_vars/re2o.yml
+++ b/group_vars/re2o.yml
@@ -11,6 +11,7 @@ glob_re2o:
- 'intranet.crans.org'
- '172.16.10.156'
from_email: "root@crans.org"
+ smtp_server: smtp.adm.crans.org
ldap:
master_password: "{{ vault.ldap_master_password }}"
uri: "ldap://re2o-ldap.adm.crans.org/"
diff --git a/host_vars/airbus.cachan-adm.crans.org.yml b/host_vars/airbus.cachan-adm.crans.org.yml
index 15c0f1d8262dde99690df49cf846f41c10bd8135..45ed67e3c37c585ddd1fd51aa52f0fe6e12066aa 100644
--- a/host_vars/airbus.cachan-adm.crans.org.yml
+++ b/host_vars/airbus.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/fyre.cachan-adm.crans.org.yml b/host_vars/fyre.cachan-adm.crans.org.yml
index 8cd129749fe24592be2518076afb2ec6c2a50da8..5ef1dfa3c3100fdbd3ccba57edb7ecd63be736ab 100644
--- a/host_vars/fyre.cachan-adm.crans.org.yml
+++ b/host_vars/fyre.cachan-adm.crans.org.yml
@@ -15,11 +15,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','terenez','cachan-adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/gulp.cachan-adm.crans.org.yml b/host_vars/gulp.cachan-adm.crans.org.yml
index f3996168971fc429f1b883dadf318957b627c50d..63918af1c4cca9310765bfbc2db387689969b192 100644
--- a/host_vars/gulp.cachan-adm.crans.org.yml
+++ b/host_vars/gulp.cachan-adm.crans.org.yml
@@ -8,7 +8,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_postgres:
subnets:
diff --git a/host_vars/omnomnom.cachan-adm.crans.org.yml b/host_vars/omnomnom.cachan-adm.crans.org.yml
index 82e771bbceb10f91db23428f3a52a150b6175010..5c8c18ca38836449ffbe973c885f098d026c7dc2 100644
--- a/host_vars/omnomnom.cachan-adm.crans.org.yml
+++ b/host_vars/omnomnom.cachan-adm.crans.org.yml
@@ -15,11 +15,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/re2o-ldap.cachan-adm.crans.org.yml b/host_vars/re2o-ldap.cachan-adm.crans.org.yml
index 15c0f1d8262dde99690df49cf846f41c10bd8135..45ed67e3c37c585ddd1fd51aa52f0fe6e12066aa 100644
--- a/host_vars/re2o-ldap.cachan-adm.crans.org.yml
+++ b/host_vars/re2o-ldap.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/re2o.cachan-adm.crans.org.yml b/host_vars/re2o.cachan-adm.crans.org.yml
index 980204566012c4d3ed0a6e79da59f0da7e88c67f..5b798430f9cad40849745b63d5aee6c4ad6cab7a 100644
--- a/host_vars/re2o.cachan-adm.crans.org.yml
+++ b/host_vars/re2o.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
glob_prometheus_node_exporter:
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'cachan-adm') | ipv4 | first }}"
diff --git a/host_vars/rodauh.cachan-adm.crans.org.yml b/host_vars/rodauh.cachan-adm.crans.org.yml
index 3989c95d66d44dae7939ad5bdda31c7652c60100..639019ad3633040d42bcf6ad3701646547d2b784 100644
--- a/host_vars/rodauh.cachan-adm.crans.org.yml
+++ b/host_vars/rodauh.cachan-adm.crans.org.yml
@@ -16,7 +16,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_certbot:
- dns_rfc2136_server: '185.230.79.9'
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
index 06f194e24ca298a1fcd3712cf3d551bb4d8af9ed..ceac53ca1a36d3b0c89fbd6ab799191dd1bcee13 100644
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
@@ -12,11 +12,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','terenez','cachan-adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/sputnik.adm.crans.org.yml b/host_vars/sputnik.adm.crans.org.yml
index 0ad18335eb30ae0a5a56f2a413d50188b85c5386..53e020ec0ced04b91174af9f29d66d3f4ff95e28 100644
--- a/host_vars/sputnik.adm.crans.org.yml
+++ b/host_vars/sputnik.adm.crans.org.yml
@@ -1,4 +1,6 @@
---
+debian_mirror: http://deb.debian.org/debian
+
postfix:
primary: false
secondary: true
diff --git a/host_vars/terenez.cachan-adm.crans.org.yml b/host_vars/terenez.cachan-adm.crans.org.yml
index aba1824ff931b6f99cddcea270644ba868a388b9..c01f9e652718c958542cea87ab409359ab4ccad4 100644
--- a/host_vars/terenez.cachan-adm.crans.org.yml
+++ b/host_vars/terenez.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/unifi.cachan-adm.crans.org.yml b/host_vars/unifi.cachan-adm.crans.org.yml
index 2d7cd4bced8684a34d7ed71403788ab0d9083cab..f70a17e698384c6f2bab1ebccd88b94786b16bb0 100644
--- a/host_vars/unifi.cachan-adm.crans.org.yml
+++ b/host_vars/unifi.cachan-adm.crans.org.yml
@@ -17,7 +17,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/zephir.cachan-adm.crans.org.yml b/host_vars/zephir.cachan-adm.crans.org.yml
index 5f5cf00ee9ab9759a98c6aeceb776f1782b5a271..f954d343ae332b0aeb82f8ce0d5f7718d6729738 100644
--- a/host_vars/zephir.cachan-adm.crans.org.yml
+++ b/host_vars/zephir.cachan-adm.crans.org.yml
@@ -15,11 +15,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/plays/root.yml b/plays/root.yml
index 421bc6b8be91bc5423999646874cb306b165dc07..18a6bca338949e52c94855804eaf2661f7d3fb7f 100755
--- a/plays/root.yml
+++ b/plays/root.yml
@@ -2,24 +2,6 @@
---
# root is the first playbook to launch (as root) whe initiation a new server
-- hosts: server
- tasks:
- - name: Check if mirror.adm is defined in /etc/hosts
- lineinfile:
- state: absent
- path: /etc/hosts
- regexp: '^{{ glob_mirror.ip }}'
- check_mode: True
- changed_when: False
- register: check_mirror
-
- - name: Define mirror.adm.crans.org if it doesn't exist.
- lineinfile:
- path: /etc/hosts
- line: '{{ glob_mirror.ip }} {{ glob_mirror.name }}'
- insertafter: '127.0.0.1 localhost'
- when: check_mirror.found == 0
-
- hosts: virtu
roles:
- proxmox-apt-sources
diff --git a/roles/debian-apt-sources/templates/apt/sources.list.j2 b/roles/debian-apt-sources/templates/apt/sources.list.j2
index db45e8a59b34d74a527c195f0a971fbabc53266e..57a4901f65ee87652c56296ff2ef7d746eab4df2 100644
--- a/roles/debian-apt-sources/templates/apt/sources.list.j2
+++ b/roles/debian-apt-sources/templates/apt/sources.list.j2
@@ -1,4 +1,4 @@
-{{ ansible_header | comment }}
+{{ ansible_header }}
{% if ansible_distribution == "Debian" %}
# Mises à jour de sécurité
@@ -14,19 +14,3 @@ deb {{ debian_mirror }} {{ ansible_distribution_release }} {{ debian_compone
# Dépôt pour mises à jour fréquentes (volatile)
deb {{ debian_mirror }} {{ ansible_distribution_release }}-updates {{ debian_components }}
-
-{% if backports | default(false) %}
-# Backports
-deb {{ debian_mirror }} {{ ansible_distribution_release }}-backports {{ debian_components }}
-{% endif %}
-
-{% elif ansible_distribution == "Ubuntu" %}
-# Mises à jour de sécurité
-deb {{ ubuntu_mirror }} {{ ansible_distribution_release }}-security {{ ubuntu_components }}
-
-# Dépôt classique
-deb {{ ubuntu_mirror }} {{ ansible_distribution_release }} {{ ubuntu_components }}
-
-# Dépôt pour mises à jour fréquentes (volatile)
-deb {{ ubuntu_mirror }} {{ ansible_distribution_release }}-updates {{ ubuntu_components }}
-{% endif %}
diff --git a/roles/re2o/templates/re2o/settings_local.py.j2 b/roles/re2o/templates/re2o/settings_local.py.j2
index 1636a370a03b1c922cb88f34fe860423530b8547..c558c032d7cc64d3d91f8a91f1b6e88053e1e1aa 100644
--- a/roles/re2o/templates/re2o/settings_local.py.j2
+++ b/roles/re2o/templates/re2o/settings_local.py.j2
@@ -63,7 +63,7 @@ LOGO_PATH = "static_files/logo.png"
# The mail configuration for Re2o to send mails
SERVER_EMAIL = '{{ re2o.from_email }}' # The mail address to use
-EMAIL_HOST = '{{ glob_smtp }}' # The host to use
+EMAIL_HOST = '{{ re2o.smtp_server }}' # The host to use
EMAIL_PORT = 25 # The port to use
# Settings of the LDAP structure