diff options
-rw-r--r-- | ansible/atuin.liw.fi.yml | 18 | ||||
-rw-r--r-- | ansible/debmirror.yml | 1 | ||||
-rw-r--r-- | ansible/exolobe1.yml | 45 | ||||
-rw-r--r-- | ansible/exolobe2.yml | 8 | ||||
-rw-r--r-- | ansible/exolobe5.yml | 9 | ||||
-rw-r--r-- | ansible/git.liw.fi.yml | 10 | ||||
-rw-r--r-- | ansible/group_vars/infinland.yml | 2 | ||||
-rw-r--r-- | ansible/holywood2.yml | 13 | ||||
-rw-r--r-- | ansible/http.liw.fi.yml | 9 | ||||
-rw-r--r-- | ansible/irc.liw.fi.yml | 9 | ||||
-rw-r--r-- | ansible/roles/riot-host/tasks/main.yml | 2 | ||||
-rw-r--r-- | ansible/roles/self-updating-system/templates/unattended-upgrades.conf | 2 | ||||
-rw-r--r-- | ansible/roles/smarthost-client/templates/main.cf | 2 | ||||
-rw-r--r-- | ansible/shell-shell.vm.liw.fi.yml | 27 |
14 files changed, 64 insertions, 93 deletions
diff --git a/ansible/atuin.liw.fi.yml b/ansible/atuin.liw.fi.yml index 763958a..b35ff1d 100644 --- a/ansible/atuin.liw.fi.yml +++ b/ansible/atuin.liw.fi.yml @@ -41,13 +41,14 @@ owner: liw group: liw vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 ansible_python_interpreter: /usr/bin/python3 - hostname: atuin - debian_codename: buster - timezone: Europe/Helsinki + + sane_debian_system_hostname: atuin + sane_debian_system_codename: buster + sane_debian_system_timezone: Europe/Helsinki unix_users: - username: liw @@ -129,13 +130,14 @@ - liw-wmf-laptop - liw-holywood vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 ansible_python_interpreter: /usr/bin/python3 - hostname: nalanda - debian_codename: buster - timezone: UTC + + sane_debian_system_hostname: nalanda + sane_debian_system_codename: buster + sane_debian_system_timezone: UTC unix_users: - username: liw diff --git a/ansible/debmirror.yml b/ansible/debmirror.yml index 2f1617c..f9de0d4 100644 --- a/ansible/debmirror.yml +++ b/ansible/debmirror.yml @@ -17,7 +17,6 @@ hostname: debmirror debian_codename: buster debian_mirror: deb.debian.org - debian_mirror_src: deb.debian.org unix_users: - username: liw diff --git a/ansible/exolobe1.yml b/ansible/exolobe1.yml index e780bd8..2e1c541 100644 --- a/ansible/exolobe1.yml +++ b/ansible/exolobe1.yml @@ -31,16 +31,31 @@ - intel-wifi - riot-host vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: exolobe1 - debian_codename: buster ansible_ssh_host: exolobe1 + sane_debian_system_hostname: exolobe1 + sane_debian_system_codename: buster + sane_debian_system_timezone: Europe/Helsinki + sane_debian_system_sources_lists: + - repo: | + deb http://deb.debian.org/debian buster contrib non-free + + - repo: | + deb http://code.liw.fi/debian unstable main + signing_key: "{{ code_liw_fi_signing_key }}" + + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable main + signing_key: "{{ ci_prod_signing_key }}" + mailname: exolobe1.liw.fi - timezone: Europe/Helsinki + hostname: "{{ sane_debian_system_hostname }}" relayhost: pieni.net:587 smarthost: pieni.net smarthost_user: pienirelay @@ -52,25 +67,3 @@ sudo: yes authorized_keys: | {{ liw_ssh_pub }} - - sources_lists: - - repo: | - deb http://deb.debian.org/debian buster contrib non-free - - - repo: | - deb http://code.liw.fi/debian unstable main - signing_key: "{{ code_liw_fi_signing_key }}" -# keyring_package: code.liw.fi-keyring - -# - repo: | -# deb [signed-by=/usr/share/keyrings/riot-im-archive-keyring.gpg] https://packages.riot.im/debian/ buster main -# signing_key: "{{ riot_im_signing_key }}" - -# - repo: deb http://ci-prep-ick.vm.liw.fi/debian stretch main -# signing_key: "{{ ci_prep_signing_key }}" - - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main - signing_key: "{{ ci_prod_signing_key }}" - - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable main - signing_key: "{{ ci_prod_signing_key }}" diff --git a/ansible/exolobe2.yml b/ansible/exolobe2.yml index faa498c..b77493e 100644 --- a/ansible/exolobe2.yml +++ b/ansible/exolobe2.yml @@ -11,11 +11,11 @@ - storage_system - smarthost-client vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: exolobe2 - debian_codename: buster + sane_debian_system_hostname: exolobe2 + sane_debian_system_codename: buster unix_users: - username: liw @@ -24,7 +24,7 @@ authorized_keys: | {{ liw_ssh_pub }} - mailname: exolobe2.liw.fi + mailname: "{{ sane_debian_system_hostname }}.liw.fi" relayhost: pieni.net:587 smarthost: pieni.net smarthost_user: pienirelay diff --git a/ansible/exolobe5.yml b/ansible/exolobe5.yml index cb4a32d..832c29f 100644 --- a/ansible/exolobe5.yml +++ b/ansible/exolobe5.yml @@ -10,10 +10,11 @@ - vmhost - smarthost-client vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: exolobe5 - debian_codename: buster + + sane_debian_system_hostname: exolobe5 + sane_debian_system_codename: buster unix_users: - username: liw @@ -22,7 +23,7 @@ authorized_keys: | {{ liw_ssh_pub }} - mailname: exolobe5.liw.fi + mailname: "{{ sane_debian_system_hostname }}.liw.fi" relayhost: pieni.net:587 smarthost: pieni.net smarthost_user: pienirelay diff --git a/ansible/git.liw.fi.yml b/ansible/git.liw.fi.yml index 8ba397c..913de5e 100644 --- a/ansible/git.liw.fi.yml +++ b/ansible/git.liw.fi.yml @@ -11,13 +11,13 @@ tags: [gitano] - role: self-updating-system vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: git - debian_codename: buster - debian_mirror: deb.debian.org - debian_mirror_src: deb.debian.org + sane_debian_system_hostname: git + sane_debian_system_codename: buster + sane_debian_system_mirror: deb.debian.org + gitano_bypass_pub: "{{ lookup('file', '/home/liw/.ssh/gitano-bypass-key.pub') }}" gitano_admin_pub: "{{ lookup('file', '/home/liw/.ssh/gitano-admin-key.pub') }}" gitano_site_name: git.liw.fi diff --git a/ansible/group_vars/infinland.yml b/ansible/group_vars/infinland.yml index ec0caf5..d3bbe08 100644 --- a/ansible/group_vars/infinland.yml +++ b/ansible/group_vars/infinland.yml @@ -1,6 +1,4 @@ timezone: Europe/Helsinki -debian_mirror: ftp.se.debian.org -debian_mirror_src: httpredir.debian.org relayhost: pieni.net:587 smarthost: pieni.net smarthost_user: pienirelay diff --git a/ansible/holywood2.yml b/ansible/holywood2.yml index d6908af..cb058ff 100644 --- a/ansible/holywood2.yml +++ b/ansible/holywood2.yml @@ -10,15 +10,14 @@ - smarthost-client - self-updating-system vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: holywood2 - debian_codename: buster - debian_mirror: deb.debian.org - debian_mirror_src: deb.debian.org + sane_debian_system_hostname: holywood2 + sane_debian_system_codename: buster + sane_debian_system_mirror: deb.debian.org - mailname: holywood2.liw.fi + mailname: "{{ sane_debian_system_hostname }}.liw.fi" relayhost: pieni.net:587 smarthost: pieni.net smarthost_user: pienirelay @@ -37,7 +36,7 @@ authorized_keys: | {{ liw_ssh_pub }} - sources_lists: + sane_debian_system_sources_lists: # - repo: deb http://deb.debian.org/debian stretch main contrib non-free - repo: deb http://deb.debian.org/debian buster-backports main contrib non-free # - repo: deb http://code.liw.fi/debian stretch main diff --git a/ansible/http.liw.fi.yml b/ansible/http.liw.fi.yml index 0823984..5008b87 100644 --- a/ansible/http.liw.fi.yml +++ b/ansible/http.liw.fi.yml @@ -8,13 +8,12 @@ tags: [apache] - role: self-updating-system vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: static - debian_codename: buster - debian_mirror: deb.debian.org - debian_mirror_src: deb.debian.org + sane_debian_system_hostname: static + sane_debian_system_codename: buster + sane_debian_system_mirror: deb.debian.org unix_users: - username: liw diff --git a/ansible/irc.liw.fi.yml b/ansible/irc.liw.fi.yml index db580da..4f15651 100644 --- a/ansible/irc.liw.fi.yml +++ b/ansible/irc.liw.fi.yml @@ -7,13 +7,12 @@ - role: self-updating-system - role: irc-client vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: irc - debian_codename: buster - debian_mirror: deb.debian.org - debian_mirror_src: deb.debian.org + sane_debian_system_hostname: irc + sane_debian_system_codename: buster + sane_debian_system_mirror: deb.debian.org unix_users: - username: root diff --git a/ansible/roles/riot-host/tasks/main.yml b/ansible/roles/riot-host/tasks/main.yml index 8fc8563..01c9a80 100644 --- a/ansible/roles/riot-host/tasks/main.yml +++ b/ansible/roles/riot-host/tasks/main.yml @@ -4,7 +4,7 @@ dest: /etc/apt/trusted.gpg.d/ - apt_repository: - repo: "deb [signed-by=/etc/apt/trusted.gpg.d/riot-im-archive-keyring.gpg] https://packages.riot.im/debian/ {{ debian_codename }} main" + repo: "deb [signed-by=/etc/apt/trusted.gpg.d/riot-im-archive-keyring.gpg] https://packages.riot.im/debian/ {{ sane_debian_system_codename }} main" - apt: name: element-desktop diff --git a/ansible/roles/self-updating-system/templates/unattended-upgrades.conf b/ansible/roles/self-updating-system/templates/unattended-upgrades.conf index 8da165e..810b544 100644 --- a/ansible/roles/self-updating-system/templates/unattended-upgrades.conf +++ b/ansible/roles/self-updating-system/templates/unattended-upgrades.conf @@ -3,7 +3,7 @@ // updates, and then reboot during the night. Unattended-Upgrade::Origins-Pattern { - "origin=Debian,codename={{ debian_codename }},label=Debian-Security"; + "origin=Debian,codename={{ sane_debian_system_codename }},label=Debian-Security"; }; Unattended-Upgrade::Mail "root"; diff --git a/ansible/roles/smarthost-client/templates/main.cf b/ansible/roles/smarthost-client/templates/main.cf index 2c026ad..d9deaaf 100644 --- a/ansible/roles/smarthost-client/templates/main.cf +++ b/ansible/roles/smarthost-client/templates/main.cf @@ -32,7 +32,7 @@ myhostname = {{ mailname }} alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname -mydestination = {{ mailname }}, {{ hostname }}, localhost.localdomain, localhost +mydestination = {{ mailname }}, {{ sane_debian_system_hostname }}, localhost.localdomain, localhost relayhost = {{ relayhost }} mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION" diff --git a/ansible/shell-shell.vm.liw.fi.yml b/ansible/shell-shell.vm.liw.fi.yml index 5cccb46..b38eb21 100644 --- a/ansible/shell-shell.vm.liw.fi.yml +++ b/ansible/shell-shell.vm.liw.fi.yml @@ -5,19 +5,16 @@ - role: comfortable-debian-system - role: unix_users - role: linkchecker -# - role: distix-server - role: mail-server - role: emacs - role: self-updating-system vars: - sane_debian_system_version: 0 + sane_debian_system_version: 1 unix_users_version: 1 - hostname: shell - - debian_codename: buster - debian_mirror: deb.debian.org - debian_mirror_src: deb.debian.org + sane_debian_system_hostname: shell + sane_debian_system_codename: buster + sane_debian_system_mirror: deb.debian.org mailname: pieni.net smarthost: mail.pepperfish.net @@ -37,19 +34,3 @@ comment: Soile Mottisenkangas - username: docstory comment: Soile Mottisenkangas -# - username: distix -# comment: distix ticketing system - - distixes: - - name: bugs-liw - repourl: ssh://git@git.liw.fi/bugs-liw-fi-distix - pattern: "^X-Original-To: bugs@liw.fi" - htmldir: /srv/http/bugs.liw.fi - - name: ick-devel - repourl: ssh://git@git.liw.fi/ick-devel-distix - pattern: "^X-Original-To: ick-support@ick.liw.fi" - htmldir: /srv/http/ick-devel.liw.fi - - name: distix-tickets - repourl: ssh://git@git.liw.fi/distix-bugs - pattern: "^X-Original-To: tickets@distix.eu" - htmldir: /srv/http/tickets.distix.eu |