enable all restarted services and add internal.simponic.xyz search domain

2024-01-01 16:55:50 -05:00 · 2024-01-01 16:55:50 -05:00 · 64e3ad7da4
commit 64e3ad7da4
parent 3b818dc0b9
6 changed files with 18 additions and 21 deletions
--- a/common.yml
+++ b/common.yml
@ -2,7 +2,3 @@
  hosts: all
  roles:
    - common
 - hosts: dns
  roles:
    - dns
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@ -3,4 +3,4 @@ dns_servers:
  - 1.1.1.1
  - 1.0.0.1
 dns_dnssec: true
-dns_domains: []
+dns_domains: ["internal.simponic.xyz"]
--- a/24
+++ b/24
@ -1,22 +1,24 @@
 [private]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan  ansible_user=root ansible_connection=ssh
-nijika.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+nijika  ansible_user=root ansible_connection=ssh
-ryo.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+ryo  ansible_user=root ansible_connection=ssh
-#ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+#ash ansible_user=root ansible_connection=ssh
 [webservers]
-levi.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+levi  ansible_user=root ansible_connection=ssh
 #ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
-[dns]
+[dnsprimary]
-nijika.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+nijika  ansible_user=root ansible_connection=ssh ansible_host=107.173.19.33   # nijika
-ryo.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+
 [dnsreplica]
 ryo  ansible_user=root ansible_connection=ssh ansible_host=107.172.103.253 # ryo
 [internaldns]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan ansible_user=root ansible_connection=ssh
 [mail]
-#ash.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+#ash  ansible_user=root ansible_connection=ssh
 [vpn]
-johan.internal.simponic.xyz  ansible_user=root ansible_connection=ssh
+johan ansible_user=root ansible_connection=ssh
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -16,7 +16,7 @@
    mode: u=rw,g=r,o=r
 - name: restart sshd
-  service: name=sshd state=restarted
+  service: name=sshd state=restarted enabled=yes
 # FIREWALL
 - name: install UFW
@ -28,7 +28,7 @@
    name: OpenSSH
 - name: restart ufw
-  service: name=ufw state=restarted
+  service: name=ufw state=restarted enabled=yes
 # FAIL2BAN
 - name: install fail2ban
@ -43,7 +43,7 @@
    mode: u=rw,g=r,o=r
 - name: restart fail2ban
-  service: name=fail2ban state=restarted
+  service: name=fail2ban state=restarted enabled=yes
 # DNS
 - name: install systemd-resolved
--- a/roles/common/tasks/systemd-resolved.yml
+++ b/roles/common/tasks/systemd-resolved.yml
@ -41,7 +41,7 @@
    no_extra_spaces: true
  register: conf_domains
- name: Check if network manager runs
+- name: Check if systemd-resolve runs
  ansible.builtin.shell: pgrep systemd-resolve
  failed_when: false
  changed_when: false
--- a/roles/private/tasks/main.yml
+++ b/roles/private/tasks/main.yml
@ -1 +0,0 @@
 ---