From d0ff9cc204aae810afc6837bc3202a0d11f0507e Mon Sep 17 00:00:00 2001
From: shirenn <shirenn@crans.org>
Date: Fri, 18 Jun 2021 22:39:04 +0200
Subject: [PATCH] =?UTF-8?q?[apt]=20M=C3=A0J?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../all/{vars.yaml => ansible-header.yml} | 43 -------------------
group_vars/all/ldap.yml | 10 +++++
group_vars/all/mirror.yml | 7 +++
group_vars/ovh/vars.yml | 5 ---
group_vars/re2o.yml | 1 +
host_vars/airbus.cachan-adm.crans.org.yml | 2 +-
host_vars/fyre.cachan-adm.crans.org.yml | 6 +--
host_vars/gulp.cachan-adm.crans.org.yml | 2 +-
host_vars/omnomnom.cachan-adm.crans.org.yml | 6 +--
host_vars/re2o-ldap.cachan-adm.crans.org.yml | 2 +-
host_vars/re2o.cachan-adm.crans.org.yml | 2 +-
host_vars/rodauh.cachan-adm.crans.org.yml | 2 +-
.../cachan.yml | 6 +--
host_vars/sputnik.adm.crans.org.yml | 2 +
host_vars/terenez.cachan-adm.crans.org.yml | 2 +-
host_vars/unifi.cachan-adm.crans.org.yml | 2 +-
host_vars/zephir.cachan-adm.crans.org.yml | 6 +--
plays/root.yml | 18 --------
.../templates/apt/sources.list.j2 | 18 +-------
.../re2o/templates/re2o/settings_local.py.j2 | 2 +-
20 files changed, 33 insertions(+), 111 deletions(-)
rename group_vars/all/{vars.yaml => ansible-header.yml} (54%)
create mode 100644 group_vars/all/ldap.yml
create mode 100644 group_vars/all/mirror.yml
delete mode 100644 group_vars/ovh/vars.yml
diff --git a/group_vars/all/vars.yaml b/group_vars/all/ansible-header.yml
similarity index 54%
rename from group_vars/all/vars.yaml
rename to group_vars/all/ansible-header.yml
index 1803dd01..3a7faebd 100644
--- a/group_vars/all/vars.yaml
+++ b/group_vars/all/ansible-header.yml
@@ -1,5 +1,4 @@
---
-
# Custom header
dirty: "{% if template_fullpath is defined %}{{ lookup('pipe', 'git diff --quiet -- ' + template_fullpath | quote + ' || echo dirty') }}{% else %}{{ lookup('pipe', 'git diff --quiet || echo dirty') }}{% endif %}"
ansible_header: |
@@ -17,45 +16,3 @@ ansible_header: |
{% endif %}
+++++++++++++++++++++++++++++++++++++++++++++++++++
-
-# Crans subnets
-adm_subnet: 10.231.136.0/24
-
-# # Role rsync-client
-# to_backup:
-# - {
-# name: "var",
-# path: "/var",
-# auth_users: "backupcrans",
-# secrets_file: "/etc/rsyncd.secrets",
-# hosts_allow: ["zephir.adm.crans.org", "10.231.136.6"],
-# }
-# - {
-# name: "slash",
-# path: "/",
-# auth_users: "backupcrans",
-# secrets_file: "/etc/rsyncd.secrets",
-# hosts_allow: ["zephir.adm.crans.org", "10.231.136.6"],
-# }
-#
-# re2o:
-# server: re2o.adm.crans.org
-# service_user: "{{ vault.re2o_service_user }}"
-# service_password: "{{ vault.re2o_service_password }}"
-#
-#
-# # global server definitions
-glob_smtp: smtp.adm.crans.org
-glob_mirror:
- name: mirror.adm.crans.org
- ip: 172.16.10.30
-
-glob_ldap:
- uri: 'ldap://re2o-ldap.adm.crans.org/'
- users_base: 'cn=Utilisateurs,dc=crans,dc=org'
- servers:
- - 172.16.10.1
- - 172.16.10.11
- - 172.16.10.12
- - 172.16.10.13
- base: 'dc=crans,dc=org'
diff --git a/group_vars/all/ldap.yml b/group_vars/all/ldap.yml
new file mode 100644
index 00000000..781301c8
--- /dev/null
+++ b/group_vars/all/ldap.yml
@@ -0,0 +1,10 @@
+---
+glob_ldap:
+ uri: 'ldap://re2o-ldap.adm.crans.org/'
+ users_base: 'cn=Utilisateurs,dc=crans,dc=org'
+ servers:
+ - 172.16.10.1
+ - 172.16.10.11
+ - 172.16.10.12
+ - 172.16.10.13
+ base: 'dc=crans,dc=org'
diff --git a/group_vars/all/mirror.yml b/group_vars/all/mirror.yml
new file mode 100644
index 00000000..2e122109
--- /dev/null
+++ b/group_vars/all/mirror.yml
@@ -0,0 +1,7 @@
+---
+glob_mirror:
+ hostname: mirror.adm.crans.org
+ ip: 172.16.10.30
+
+debian_mirror: http://mirror.adm.crans.org/debian
+debian_components: main contrib non-free
diff --git a/group_vars/ovh/vars.yml b/group_vars/ovh/vars.yml
deleted file mode 100644
index ad05e346..00000000
--- a/group_vars/ovh/vars.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# Parameters for debian and ubuntu mirror
-debian_mirror: http://deb.debian.org/debian
-ubuntu_mirror: http://deb.debian.org/ubuntu
-debian_components: main contrib non-free
-ubuntu_components: main restricted universe multiverse
diff --git a/group_vars/re2o.yml b/group_vars/re2o.yml
index 6d2c108c..dc9950ee 100644
--- a/group_vars/re2o.yml
+++ b/group_vars/re2o.yml
@@ -11,6 +11,7 @@ glob_re2o:
- 'intranet.crans.org'
- '172.16.10.156'
from_email: "root@crans.org"
+ smtp_server: smtp.adm.crans.org
ldap:
master_password: "{{ vault.ldap_master_password }}"
uri: "ldap://re2o-ldap.adm.crans.org/"
diff --git a/host_vars/airbus.cachan-adm.crans.org.yml b/host_vars/airbus.cachan-adm.crans.org.yml
index 15c0f1d8..45ed67e3 100644
--- a/host_vars/airbus.cachan-adm.crans.org.yml
+++ b/host_vars/airbus.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/fyre.cachan-adm.crans.org.yml b/host_vars/fyre.cachan-adm.crans.org.yml
index 8cd12974..5ef1dfa3 100644
--- a/host_vars/fyre.cachan-adm.crans.org.yml
+++ b/host_vars/fyre.cachan-adm.crans.org.yml
@@ -15,11 +15,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','terenez','cachan-adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/gulp.cachan-adm.crans.org.yml b/host_vars/gulp.cachan-adm.crans.org.yml
index f3996168..63918af1 100644
--- a/host_vars/gulp.cachan-adm.crans.org.yml
+++ b/host_vars/gulp.cachan-adm.crans.org.yml
@@ -8,7 +8,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_postgres:
subnets:
diff --git a/host_vars/omnomnom.cachan-adm.crans.org.yml b/host_vars/omnomnom.cachan-adm.crans.org.yml
index 82e771bb..5c8c18ca 100644
--- a/host_vars/omnomnom.cachan-adm.crans.org.yml
+++ b/host_vars/omnomnom.cachan-adm.crans.org.yml
@@ -15,11 +15,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/re2o-ldap.cachan-adm.crans.org.yml b/host_vars/re2o-ldap.cachan-adm.crans.org.yml
index 15c0f1d8..45ed67e3 100644
--- a/host_vars/re2o-ldap.cachan-adm.crans.org.yml
+++ b/host_vars/re2o-ldap.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/re2o.cachan-adm.crans.org.yml b/host_vars/re2o.cachan-adm.crans.org.yml
index 98020456..5b798430 100644
--- a/host_vars/re2o.cachan-adm.crans.org.yml
+++ b/host_vars/re2o.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
glob_prometheus_node_exporter:
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'cachan-adm') | ipv4 | first }}"
diff --git a/host_vars/rodauh.cachan-adm.crans.org.yml b/host_vars/rodauh.cachan-adm.crans.org.yml
index 3989c95d..639019ad 100644
--- a/host_vars/rodauh.cachan-adm.crans.org.yml
+++ b/host_vars/rodauh.cachan-adm.crans.org.yml
@@ -16,7 +16,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_certbot:
- dns_rfc2136_server: '185.230.79.9'
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
index 06f194e2..ceac53ca 100644
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
@@ -12,11 +12,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','terenez','cachan-adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/sputnik.adm.crans.org.yml b/host_vars/sputnik.adm.crans.org.yml
index 0ad18335..53e020ec 100644
--- a/host_vars/sputnik.adm.crans.org.yml
+++ b/host_vars/sputnik.adm.crans.org.yml
@@ -1,4 +1,6 @@
---
+debian_mirror: http://deb.debian.org/debian
+
postfix:
primary: false
secondary: true
diff --git a/host_vars/terenez.cachan-adm.crans.org.yml b/host_vars/terenez.cachan-adm.crans.org.yml
index aba1824f..c01f9e65 100644
--- a/host_vars/terenez.cachan-adm.crans.org.yml
+++ b/host_vars/terenez.cachan-adm.crans.org.yml
@@ -12,7 +12,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/unifi.cachan-adm.crans.org.yml b/host_vars/unifi.cachan-adm.crans.org.yml
index 2d7cd4bc..f70a17e6 100644
--- a/host_vars/unifi.cachan-adm.crans.org.yml
+++ b/host_vars/unifi.cachan-adm.crans.org.yml
@@ -17,7 +17,7 @@ glob_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/host_vars/zephir.cachan-adm.crans.org.yml b/host_vars/zephir.cachan-adm.crans.org.yml
index 5f5cf00e..f954d343 100644
--- a/host_vars/zephir.cachan-adm.crans.org.yml
+++ b/host_vars/zephir.cachan-adm.crans.org.yml
@@ -15,11 +15,7 @@ loc_ntp_client:
servers:
- terenez.cachan-adm.crans.org
-debian_mirror: http://172.17.10.202/debian
-
-loc_mirror:
- name: mirror.cachan-adm.crans.org
- ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
+debian_mirror: http://mirror.cachan-adm.crans.org/debian
loc_borg:
remote:
diff --git a/plays/root.yml b/plays/root.yml
index 421bc6b8..18a6bca3 100755
--- a/plays/root.yml
+++ b/plays/root.yml
@@ -2,24 +2,6 @@
---
# root is the first playbook to launch (as root) whe initiation a new server
-- hosts: server
- tasks:
- - name: Check if mirror.adm is defined in /etc/hosts
- lineinfile:
- state: absent
- path: /etc/hosts
- regexp: '^{{ glob_mirror.ip }}'
- check_mode: True
- changed_when: False
- register: check_mirror
-
- - name: Define mirror.adm.crans.org if it doesn't exist.
- lineinfile:
- path: /etc/hosts
- line: '{{ glob_mirror.ip }} {{ glob_mirror.name }}'
- insertafter: '127.0.0.1 localhost'
- when: check_mirror.found == 0
-
- hosts: virtu
roles:
- proxmox-apt-sources
diff --git a/roles/debian-apt-sources/templates/apt/sources.list.j2 b/roles/debian-apt-sources/templates/apt/sources.list.j2
index db45e8a5..57a4901f 100644
--- a/roles/debian-apt-sources/templates/apt/sources.list.j2
+++ b/roles/debian-apt-sources/templates/apt/sources.list.j2
@@ -1,4 +1,4 @@
-{{ ansible_header | comment }}
+{{ ansible_header }}
{% if ansible_distribution == "Debian" %}
# Mises à jour de sécurité
@@ -14,19 +14,3 @@ deb {{ debian_mirror }} {{ ansible_distribution_release }} {{ debian_compone
# Dépôt pour mises à jour fréquentes (volatile)
deb {{ debian_mirror }} {{ ansible_distribution_release }}-updates {{ debian_components }}
-
-{% if backports | default(false) %}
-# Backports
-deb {{ debian_mirror }} {{ ansible_distribution_release }}-backports {{ debian_components }}
-{% endif %}
-
-{% elif ansible_distribution == "Ubuntu" %}
-# Mises à jour de sécurité
-deb {{ ubuntu_mirror }} {{ ansible_distribution_release }}-security {{ ubuntu_components }}
-
-# Dépôt classique
-deb {{ ubuntu_mirror }} {{ ansible_distribution_release }} {{ ubuntu_components }}
-
-# Dépôt pour mises à jour fréquentes (volatile)
-deb {{ ubuntu_mirror }} {{ ansible_distribution_release }}-updates {{ ubuntu_components }}
-{% endif %}
diff --git a/roles/re2o/templates/re2o/settings_local.py.j2 b/roles/re2o/templates/re2o/settings_local.py.j2
index 1636a370..c558c032 100644
--- a/roles/re2o/templates/re2o/settings_local.py.j2
+++ b/roles/re2o/templates/re2o/settings_local.py.j2
@@ -63,7 +63,7 @@ LOGO_PATH = "static_files/logo.png"
# The mail configuration for Re2o to send mails
SERVER_EMAIL = '{{ re2o.from_email }}' # The mail address to use
-EMAIL_HOST = '{{ glob_smtp }}' # The host to use
+EMAIL_HOST = '{{ re2o.smtp_server }}' # The host to use
EMAIL_PORT = 25 # The port to use
# Settings of the LDAP structure
--
GitLab