dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity
438 Commits 14 Branches 0 Tags
f9e8c78e5ac175ed59b3db6343cc605a94df847e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Dustin C. Hatch f9e8c78e5a roles/websites: Set authorized_keys file perms 
Because the various "webapp.*" users' home directories are under
`/srv/www`, the default SELinux context type is `httpd_sys_content_t`.
The SSH daemon is not allowed to read files with this label, so it
cannot load the contents of these users' `authorized_keys` files.  To
address this, we have to explicitly set the SELinux type to
`ssh_home_t`.
2020-12-30 20:59:27 -06:00
.certs @ 654b52b608
websites/darkchestofwonders.us: Use Lego cert
2020-03-17 08:45:34 -05:00
certs
hassdb: Fix playbook
2020-08-29 14:22:17 -05:00
ci
ci: collectd: fix syntax error
2020-12-26 09:39:28 -06:00
group_vars
protonvpn: Connect to server by IP address
2020-09-23 18:50:06 -05:00
host_vars
hosts: hass1: Set collectd network interface
2020-12-23 20:57:01 -06:00
passwords/kojiweb_secret
hosts: Add koji0.pyrocufflink.blue
2018-08-12 10:27:20 -05:00
roles
roles/websites: Set authorized_keys file perms
2020-12-30 20:59:27 -06:00
vars
Add rw-root group
2020-08-29 08:53:28 -05:00
vault
Merge branch 'graylog' into master
2020-08-31 20:17:12 -05:00
.gitignore
Protect vault secret with GPG
2018-01-29 15:11:07 -06:00
.gitmodules
certs: Add certificates submodule
2020-02-22 16:28:06 -06:00
.vault-secret.sh
Protect vault secret with GPG
2018-01-29 15:11:07 -06:00
ansible.cfg
ansible.cfg: Disable stupid group name warning
2019-09-19 19:50:35 -05:00
ansible.yml
ansible: Install Ansible
2018-04-08 12:20:03 -05:00
aria2.yml
aria2: Deploy aria2 download manager
2018-08-19 14:17:48 -05:00
base.yml
base: Base playbook
2018-01-29 15:03:45 -06:00
bitwarden_rs.yml
bitwarden_rs: Deploy Bitwarden_rs using Docker
2019-09-19 19:27:29 -05:00
burp-client.yml
burp-client: Apply the cronie role
2019-09-19 19:27:30 -05:00
burp-server.yml
burp-{client,server}: PBs to deploy BURP
2018-08-08 20:14:25 -05:00
certbot.yml
certbot: Playbook to deploy certbot
2018-06-13 22:23:27 -05:00
collectd.yml
collectd: Install and configure collectd
2020-12-08 21:11:27 -06:00
dch-gw.yml
dch-gw: Initial commit
2018-03-27 20:44:43 -05:00
dch-proxy.yml
dch-proxy: PB to deploy HAProxy
2018-07-01 15:19:20 -05:00
dch-root-ca.crt
pyrocufflink: Trust DCH Root CA
2018-06-04 20:03:55 -05:00
dch-vpn.yml
Move VPN server to dedicated VM
2018-10-07 21:42:18 -05:00
dhcpcd.yml
dhcpcd: Install and configure dhcpcd
2018-03-13 23:19:50 -05:00
dhcpd.yml
dhcpd: Install and configure ISC DHCPD
2018-03-27 20:44:43 -05:00
docker.yml
roles/docker: Install and set up Docker daemon
2019-09-19 19:27:12 -05:00
domain-controller.yml
domain-controller: Configure local AD authentication
2018-03-11 18:16:17 -05:00
dyngroups.yml
dyngroups: Dynamic host classification
2018-03-27 20:44:43 -05:00
fileserver.yml
fileserver: Configure Apache ~user directories
2019-01-04 20:52:23 -06:00
firewalld.yml
firewalld: Playbook to bootstrap firewalld
2018-01-29 15:11:07 -06:00
gitea.yml
gitea: Restrict SSH configuration
2018-06-06 21:45:36 -05:00
graylog.yml
graylog: Add PB to deploy Graylog server
2019-10-28 18:47:09 -05:00
hassdb.yml
hassdb: Fix playbook
2020-08-29 14:22:17 -05:00
homeassistant.yml
homeassistant: Do not apply hass-dhcp
2020-07-04 14:25:16 -05:00
hostname.yml
hostname: Also write /etc/hosts
2018-04-08 10:11:43 -05:00
hosts
Merge branch 'collectd' into master
2020-12-23 21:26:01 -06:00
hosts.offline
Merge branch 'collectd' into master
2020-12-23 21:26:01 -06:00
jenkins-slave.yml
jenkins-slave: Apply ssh-hostkeys role
2018-04-08 12:32:02 -05:00
koji-builder.yml
koji: Add playbooks for Koji
2018-08-12 10:14:25 -05:00
koji-hub.yml
koji: Add playbooks for Koji
2018-08-12 10:14:25 -05:00
koji-web.yml
koji: Add playbooks for Koji
2018-08-12 10:14:25 -05:00
koji.yml
koji: Add playbooks for Koji
2018-08-12 10:14:25 -05:00
motioneye.yml
motioneye: Deploy motionEye camera software
2020-10-03 11:29:39 -05:00
named-server.yml
named-server: Playbook to deploy BIND
2018-01-29 15:10:04 -06:00
net-ifaces.yml
net-ifaces: PB to apply net-ifaces role
2018-07-23 17:35:10 -05:00
network.yml
network: Playbook to configure networking
2018-03-27 20:44:43 -05:00
nextcloud.yml
roles/cert: Add handler topic notification
2020-12-26 10:38:17 -06:00
ntp.yml
ntp: Initial PB and role to set up ntpd
2018-04-22 11:19:22 -05:00
postgresql.yml
postgresql: PB to deploy PostgreSQL server
2018-04-14 15:28:46 -05:00
protonvpn.yml
pyrocufflink-dns: Cloudflare over ProtonVPN
2020-09-06 11:06:58 -05:00
pyrocufflink.yml
pyrocufflink: Trust DCH Root CA
2018-06-04 20:03:55 -05:00
radius.yml
radius: PB to configure RADIUS servers
2018-05-06 13:09:18 -05:00
radvd.yml
radvd: Install and configure radvd
2018-03-27 20:44:43 -05:00
remount.yml
remount: PB to remount read-only filesystems
2018-04-15 13:45:38 -05:00
rngd.yml
rngd: PB to set up rngd
2018-08-13 20:25:22 -05:00
samba-dc.yml
samba-dc: Configure samba4 winbind
2018-03-11 18:16:17 -05:00
smtp-relay.yml
smtp-relay: PB to deploy Postfix SMTP relay
2018-04-15 11:38:51 -05:00
squid.yml
squid: Add role and PB to deploy Squid
2018-08-12 16:00:32 -05:00
taiga.yml
taiga: Add playbook for Taiga
2019-09-19 19:51:45 -05:00
vmhost.yml
vmhost: PB to set up VM hosts
2018-07-23 17:35:10 -05:00
websites.yml
roles/cert: Add handler topic notification
2020-12-26 10:38:17 -06:00
wheelhost.yml
wheelhost: Publish wheels built by Jenkins
2019-03-22 10:19:27 -05:00
zabbix-agent.yml
zabbix: Playbooks for Zabbix server, agents
2018-04-14 15:31:17 -05:00
zabbix-server.yml
zabbix: Playbooks for Zabbix server, agents
2018-04-14 15:31:17 -05:00
zabbix.yml
zabbix: Playbooks for Zabbix server, agents
2018-04-14 15:31:17 -05:00
Description
Ansible configuration policy for the private network/home lab of Dustin C. Hatch
http://dustin.hatch.name/
7.7 MiB
Languages
Jinja 86.2%
Python 6.6%
Shell 4.6%
Groovy 2.6%