enable all restarted services and add internal.simponic.xyz search domain

2024-01-01 16:55:50 -05:00 · 2024-01-01 16:55:50 -05:00 · 64e3ad7da4
commit 64e3ad7da4
parent 3b818dc0b9
6 changed files with 18 additions and 21 deletions
--- a/common.yml
+++ b/common.yml
@ -2,7 +2,3 @@
  hosts: all
  roles:
    - common
-
- hosts: dns
-  roles:
-    - dns
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@ -3,4 +3,4 @@ dns_servers:
  - 1.1.1.1
  - 1.0.0.1
 dns_dnssec: true
-dns_domains: []
+dns_domains: ["internal.simponic.xyz"]
--- a/24
+++ b/24
@ -1,22 +1,24 @@
 [private]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-nijika.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-ryo.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-#ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan  ansible_user=root ansible_connection=ssh
+nijika  ansible_user=root ansible_connection=ssh
+ryo  ansible_user=root ansible_connection=ssh
+#ash ansible_user=root ansible_connection=ssh

 [webservers]
-levi.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+levi  ansible_user=root ansible_connection=ssh
 #ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh

-[dns]
-nijika.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-ryo.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+[dnsprimary]
+nijika  ansible_user=root ansible_connection=ssh ansible_host=107.173.19.33   # nijika
+
+[dnsreplica]
+ryo  ansible_user=root ansible_connection=ssh ansible_host=107.172.103.253 # ryo

 [internaldns]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan ansible_user=root ansible_connection=ssh

 [mail]
-#ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+#ash  ansible_user=root ansible_connection=ssh

 [vpn]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan ansible_user=root ansible_connection=ssh
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -16,7 +16,7 @@
    mode: u=rw,g=r,o=r

 - name: restart sshd
-  service: name=sshd state=restarted
+  service: name=sshd state=restarted enabled=yes

 # FIREWALL
 - name: install UFW
@ -28,7 +28,7 @@
    name: OpenSSH

 - name: restart ufw
-  service: name=ufw state=restarted
+  service: name=ufw state=restarted enabled=yes

 # FAIL2BAN
 - name: install fail2ban
@ -43,7 +43,7 @@
    mode: u=rw,g=r,o=r

 - name: restart fail2ban
-  service: name=fail2ban state=restarted
+  service: name=fail2ban state=restarted enabled=yes

 # DNS
 - name: install systemd-resolved
--- a/roles/common/tasks/systemd-resolved.yml
+++ b/roles/common/tasks/systemd-resolved.yml
@ -41,7 +41,7 @@
    no_extra_spaces: true
  register: conf_domains

- name: Check if network manager runs
+- name: Check if systemd-resolve runs
  ansible.builtin.shell: pgrep systemd-resolve
  failed_when: false
  changed_when: false
--- a/roles/private/tasks/main.yml
+++ b/roles/private/tasks/main.yml
@ -1 +0,0 @@
---