From 9aa40b39675c0cd9913da83ac60784388b46ddbc Mon Sep 17 00:00:00 2001 From: staticsafe Date: Sat, 22 Aug 2020 16:21:24 -0400 Subject: [PATCH] Clean up site.yml and move some other roles into their own yml files --- ubuntu/firewall.yml | 7 ++++ ubuntu/icinga-client-install.yml | 7 ++++ ubuntu/ipset.yml | 7 ++++ ubuntu/pgbackrest-install.yml | 7 ++++ ubuntu/site.yml | 72 -------------------------------- ubuntu/ssh-enforcement.yml | 7 ++++ 6 files changed, 35 insertions(+), 72 deletions(-) create mode 100644 ubuntu/firewall.yml create mode 100644 ubuntu/icinga-client-install.yml create mode 100644 ubuntu/ipset.yml create mode 100644 ubuntu/pgbackrest-install.yml create mode 100644 ubuntu/ssh-enforcement.yml diff --git a/ubuntu/firewall.yml b/ubuntu/firewall.yml new file mode 100644 index 0000000..b1da650 --- /dev/null +++ b/ubuntu/firewall.yml @@ -0,0 +1,7 @@ +--- +- name: Deploy firewall rules + hosts: firewalled + user: root + + roles: + - firewall-ruleset-deploy diff --git a/ubuntu/icinga-client-install.yml b/ubuntu/icinga-client-install.yml new file mode 100644 index 0000000..11f4a21 --- /dev/null +++ b/ubuntu/icinga-client-install.yml @@ -0,0 +1,7 @@ +--- +- name: install Icinga 2 for client usage + hosts: icinga-clients + user: root + + roles: + - icinga-client diff --git a/ubuntu/ipset.yml b/ubuntu/ipset.yml new file mode 100644 index 0000000..a6216fc --- /dev/null +++ b/ubuntu/ipset.yml @@ -0,0 +1,7 @@ +--- +- name: Deploy ipset rulesets + hosts: ipset + user: root + + roles: + - ipset-deploy diff --git a/ubuntu/pgbackrest-install.yml b/ubuntu/pgbackrest-install.yml new file mode 100644 index 0000000..67f2bc5 --- /dev/null +++ b/ubuntu/pgbackrest-install.yml @@ -0,0 +1,7 @@ +--- +- name: Install pgbackrest + hosts: pgbackrest + user: root + + roles: + - pgbackrest-install diff --git a/ubuntu/site.yml b/ubuntu/site.yml index 6754d00..59ac057 100644 --- a/ubuntu/site.yml +++ b/ubuntu/site.yml @@ -9,75 +9,3 @@ - turn-off-motd-news - apt-maintenance - ssh-enforcement - -- name: install PHP-FPM to required nodes - hosts: php - user: root - - roles: - - php - -- name: install MySQL server to required nodes - hosts: mysql-servers - user: root - - roles: - - mysql - -- name: install Icinga 2 for client usage - hosts: icinga-clients - user: root - - roles: - - icinga-client - -- name: install LEMP stack to required nodes - hosts: lemp-servers - user: root - - roles: - - jdauphant.nginx - - php - - mysql - -- name: Turn off MOTD news on Ubuntu 18.04 hosts - hosts: myubuntunodes - user: root - - roles: - - turn-off-motd-news - -- name: Set up unattended-upgrades for Ubuntu nodes - hosts: myubuntunodes - user: root - - roles: - - apt-maintenance - -- name: Deploy firewall rules - hosts: firewalled - user: root - - roles: - - firewall-ruleset-deploy - -- name: Install pgbackrest - hosts: pgbackrest - user: root - - roles: - - pgbackrest-install - -- name: Deploy ipset rulesets - hosts: ipset - user: root - - roles: - - ipset-deploy - -- name: SSH Enforcement - hosts: cloud - user: root - - roles: - - ssh-enforcement diff --git a/ubuntu/ssh-enforcement.yml b/ubuntu/ssh-enforcement.yml new file mode 100644 index 0000000..bd21976 --- /dev/null +++ b/ubuntu/ssh-enforcement.yml @@ -0,0 +1,7 @@ +--- +- name: SSH Enforcement + hosts: cloud + user: root + + roles: + - ssh-enforcement