diff --git a/site.yml b/common.yml similarity index 64% rename from site.yml rename to common.yml index fb1a772..6b3c6f3 100644 --- a/site.yml +++ b/common.yml @@ -2,7 +2,3 @@ hosts: all roles: - common - -- hosts: dns - roles: - - dns diff --git a/group_vars/all.yml b/group_vars/all.yml index 2cf310d..82b1512 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -3,4 +3,4 @@ dns_servers: - 1.1.1.1 - 1.0.0.1 dns_dnssec: true -dns_domains: [] +dns_domains: ["internal.simponic.xyz"] diff --git a/inventory b/inventory index 92f527e..0df2ee2 100644 --- a/inventory +++ b/inventory @@ -1,22 +1,24 @@ [private] -johan.internal.simponic.xyz ansible_user=root ansible_connection=ssh -nijika.internal.simponic.xyz ansible_user=root ansible_connection=ssh -ryo.internal.simponic.xyz ansible_user=root ansible_connection=ssh -#ash.internal.simponic.xyz ansible_user=root ansible_connection=ssh +johan ansible_user=root ansible_connection=ssh +nijika ansible_user=root ansible_connection=ssh +ryo ansible_user=root ansible_connection=ssh +#ash ansible_user=root ansible_connection=ssh [webservers] -levi.internal.simponic.xyz ansible_user=root ansible_connection=ssh +levi ansible_user=root ansible_connection=ssh #ash.internal.simponic.xyz ansible_user=root ansible_connection=ssh -[dns] -nijika.internal.simponic.xyz ansible_user=root ansible_connection=ssh -ryo.internal.simponic.xyz ansible_user=root ansible_connection=ssh +[dnsprimary] +nijika ansible_user=root ansible_connection=ssh ansible_host=107.173.19.33 # nijika + +[dnsreplica] +ryo ansible_user=root ansible_connection=ssh ansible_host=107.172.103.253 # ryo [internaldns] -johan.internal.simponic.xyz ansible_user=root ansible_connection=ssh +johan ansible_user=root ansible_connection=ssh [mail] -#ash.internal.simponic.xyz ansible_user=root ansible_connection=ssh +#ash ansible_user=root ansible_connection=ssh [vpn] -johan.internal.simponic.xyz ansible_user=root ansible_connection=ssh +johan ansible_user=root ansible_connection=ssh diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index d3bf8b9..1d2e987 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -16,7 +16,7 @@ mode: u=rw,g=r,o=r - name: restart sshd - service: name=sshd state=restarted + service: name=sshd state=restarted enabled=yes # FIREWALL - name: install UFW @@ -28,7 +28,7 @@ name: OpenSSH - name: restart ufw - service: name=ufw state=restarted + service: name=ufw state=restarted enabled=yes # FAIL2BAN - name: install fail2ban @@ -43,7 +43,7 @@ mode: u=rw,g=r,o=r - name: restart fail2ban - service: name=fail2ban state=restarted + service: name=fail2ban state=restarted enabled=yes # DNS - name: install systemd-resolved diff --git a/roles/common/tasks/systemd-resolved.yml b/roles/common/tasks/systemd-resolved.yml index 43cb132..dc40275 100644 --- a/roles/common/tasks/systemd-resolved.yml +++ b/roles/common/tasks/systemd-resolved.yml @@ -41,7 +41,7 @@ no_extra_spaces: true register: conf_domains -- name: Check if network manager runs +- name: Check if systemd-resolve runs ansible.builtin.shell: pgrep systemd-resolve failed_when: false changed_when: false diff --git a/roles/private/tasks/main.yml b/roles/private/tasks/main.yml deleted file mode 100644 index ed97d53..0000000 --- a/roles/private/tasks/main.yml +++ /dev/null @@ -1 +0,0 @@ ----