dustin/configpolicy: Ansible configuration policy for the private network/home lab of Dustin C. Hatch - configpolicy - Gitea: Git with a cup of tea

dustin/configpolicy

Go to file

Dustin C. Hatch 0500adadfa ci: zabbix: Use multiple sudo-pass files

The `zabbix.yml` playbook applies to hosts that are not members of the
*pyrocufflink.blue* domain, and thus have different passwords for
`sudo`. Using the `-e` argument to `ansible-playbook` and specifying a
single Vault-encrypted file that defines the `ansible_become_password`
variable effectively forces Ansible to try to use that password on every
host. This is because variables defined on the command line, or read
from a file specified on the command line, have the highest precedence.

To use different passwords on different hosts, the normal variable
scoping rules have to be used. To that end, one `sudo-pass` file is
created in the `group_vars/pyrocufflink` directory, so it will apply to
all machines that are members of the *pyrocufflink.blue* domain.
Additionally, another `sudo-pass` file is created in the `host_vars/gw0`
directory; it will only apply to the gateway device.

2018-06-22 19:33:23 -05:00

ci: zabbix: Use multiple sudo-pass files

2018-06-22 19:33:23 -05:00

pyrocufflink: Convert variables file to directory

2018-06-22 19:20:22 -05:00

hosts: Add dch-gw to zabbix group

2018-06-19 20:40:58 -05:00

roles/zabbix: Respect host_uses_firewalld

2018-06-19 20:37:09 -05:00

hosts: Add git0.pyrocufflink.blue

2018-06-04 20:03:55 -05:00

.gitignore

Protect vault secret with GPG

2018-01-29 15:11:07 -06:00

.vault-secret.sh

Protect vault secret with GPG

2018-01-29 15:11:07 -06:00

ansible.cfg

ansible.cfg: Fix remote_tmp

2018-05-19 10:20:22 -05:00

ansible.yml

ansible: Install Ansible

2018-04-08 12:20:03 -05:00

base.yml

base: Base playbook

2018-01-29 15:03:45 -06:00

certbot.yml

certbot: Playbook to deploy certbot

2018-06-13 22:23:27 -05:00

dch-gw.yml

dch-gw: Initial commit

2018-03-27 20:44:43 -05:00

dch-root-ca.crt

pyrocufflink: Trust DCH Root CA

2018-06-04 20:03:55 -05:00

dch-vpn.yml

dch-vpn: PB to deploy Pyrocufflink VPN server

2018-05-20 13:23:20 -05:00

dhcpcd.yml

dhcpcd: Install and configure dhcpcd

2018-03-13 23:19:50 -05:00

dhcpd.yml

dhcpd: Install and configure ISC DHCPD

2018-03-27 20:44:43 -05:00

domain-controller.yml

domain-controller: Configure local AD authentication

2018-03-11 18:16:17 -05:00

dyngroups.yml

dyngroups: Dynamic host classification

2018-03-27 20:44:43 -05:00

firewalld.yml

firewalld: Playbook to bootstrap firewalld

2018-01-29 15:11:07 -06:00

gitea.yml

gitea: Restrict SSH configuration

2018-06-06 21:45:36 -05:00

hostname.yml

hostname: Also write /etc/hosts

2018-04-08 10:11:43 -05:00

hosts

hosts: Add dch-gw to zabbix group

2018-06-19 20:40:58 -05:00

jenkins-slave.yml

jenkins-slave: Apply ssh-hostkeys role

2018-04-08 12:32:02 -05:00

named-server.yml

named-server: Playbook to deploy BIND

2018-01-29 15:10:04 -06:00

network.yml

network: Playbook to configure networking

2018-03-27 20:44:43 -05:00

ntp.yml

ntp: Initial PB and role to set up ntpd

2018-04-22 11:19:22 -05:00

postgresql.yml

postgresql: PB to deploy PostgreSQL server

2018-04-14 15:28:46 -05:00

pyrocufflink.yml

pyrocufflink: Trust DCH Root CA

2018-06-04 20:03:55 -05:00

radius.yml

radius: PB to configure RADIUS servers

2018-05-06 13:09:18 -05:00

radvd.yml

radvd: Install and configure radvd

2018-03-27 20:44:43 -05:00

remount.yml

remount: PB to remount read-only filesystems

2018-04-15 13:45:38 -05:00

samba-dc.yml

samba-dc: Configure samba4 winbind

2018-03-11 18:16:17 -05:00

smtp-relay.yml

smtp-relay: PB to deploy Postfix SMTP relay

2018-04-15 11:38:51 -05:00

zabbix-agent.yml

zabbix: Playbooks for Zabbix server, agents

2018-04-14 15:31:17 -05:00

zabbix-server.yml

zabbix: Playbooks for Zabbix server, agents

2018-04-14 15:31:17 -05:00

zabbix.yml

zabbix: Playbooks for Zabbix server, agents

2018-04-14 15:31:17 -05:00