From 64e3ad7da4884c5c36f2e30a5af1f74c88208ff8 Mon Sep 17 00:00:00 2001 From: Elizabeth Hunt Date: Mon, 1 Jan 2024 16:55:50 -0500 Subject: [PATCH] enable all restarted services and add internal.simponic.xyz search domain --- site.yml => common.yml | 4 ---- group_vars/all.yml | 2 +- inventory | 24 +++++++++++++----------- roles/common/tasks/main.yml | 6 +++--- roles/common/tasks/systemd-resolved.yml | 2 +- roles/private/tasks/main.yml | 1 - 6 files changed, 18 insertions(+), 21 deletions(-) rename site.yml => common.yml (64%) delete mode 100644 roles/private/tasks/main.yml diff --git a/site.yml b/common.yml similarity index 64% rename from site.yml rename to common.yml index fb1a772..6b3c6f3 100644 --- a/site.yml +++ b/common.yml @@ -2,7 +2,3 @@ hosts: all roles: - common - -- hosts: dns - roles: - - dns diff --git a/group_vars/all.yml b/group_vars/all.yml index 2cf310d..82b1512 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -3,4 +3,4 @@ dns_servers: - 1.1.1.1 - 1.0.0.1 dns_dnssec: true -dns_domains: [] +dns_domains: ["internal.simponic.xyz"] diff --git a/inventory b/inventory index 92f527e..0df2ee2 100644 --- a/inventory +++ b/inventory @@ -1,22 +1,24 @@ [private] -johan.internal.simponic.xyz ansible_user=root ansible_connection=ssh -nijika.internal.simponic.xyz ansible_user=root ansible_connection=ssh -ryo.internal.simponic.xyz ansible_user=root ansible_connection=ssh -#ash.internal.simponic.xyz ansible_user=root ansible_connection=ssh +johan ansible_user=root ansible_connection=ssh +nijika ansible_user=root ansible_connection=ssh +ryo ansible_user=root ansible_connection=ssh +#ash ansible_user=root ansible_connection=ssh [webservers] -levi.internal.simponic.xyz ansible_user=root ansible_connection=ssh +levi ansible_user=root ansible_connection=ssh #ash.internal.simponic.xyz ansible_user=root ansible_connection=ssh -[dns] -nijika.internal.simponic.xyz ansible_user=root ansible_connection=ssh -ryo.internal.simponic.xyz ansible_user=root ansible_connection=ssh +[dnsprimary] +nijika ansible_user=root ansible_connection=ssh ansible_host=107.173.19.33 # nijika + +[dnsreplica] +ryo ansible_user=root ansible_connection=ssh ansible_host=107.172.103.253 # ryo [internaldns] -johan.internal.simponic.xyz ansible_user=root ansible_connection=ssh +johan ansible_user=root ansible_connection=ssh [mail] -#ash.internal.simponic.xyz ansible_user=root ansible_connection=ssh +#ash ansible_user=root ansible_connection=ssh [vpn] -johan.internal.simponic.xyz ansible_user=root ansible_connection=ssh +johan ansible_user=root ansible_connection=ssh diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index d3bf8b9..1d2e987 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -16,7 +16,7 @@ mode: u=rw,g=r,o=r - name: restart sshd - service: name=sshd state=restarted + service: name=sshd state=restarted enabled=yes # FIREWALL - name: install UFW @@ -28,7 +28,7 @@ name: OpenSSH - name: restart ufw - service: name=ufw state=restarted + service: name=ufw state=restarted enabled=yes # FAIL2BAN - name: install fail2ban @@ -43,7 +43,7 @@ mode: u=rw,g=r,o=r - name: restart fail2ban - service: name=fail2ban state=restarted + service: name=fail2ban state=restarted enabled=yes # DNS - name: install systemd-resolved diff --git a/roles/common/tasks/systemd-resolved.yml b/roles/common/tasks/systemd-resolved.yml index 43cb132..dc40275 100644 --- a/roles/common/tasks/systemd-resolved.yml +++ b/roles/common/tasks/systemd-resolved.yml @@ -41,7 +41,7 @@ no_extra_spaces: true register: conf_domains -- name: Check if network manager runs +- name: Check if systemd-resolve runs ansible.builtin.shell: pgrep systemd-resolve failed_when: false changed_when: false diff --git a/roles/private/tasks/main.yml b/roles/private/tasks/main.yml deleted file mode 100644 index ed97d53..0000000 --- a/roles/private/tasks/main.yml +++ /dev/null @@ -1 +0,0 @@ ----