moving files to old
This commit is contained in:
@@ -1,30 +0,0 @@
|
||||
---
|
||||
# general settings
|
||||
default_username: debian
|
||||
dot_forward_email: <YOUR_EMAIL_GOES_HERE>
|
||||
private_key: .ssh/id_rsa
|
||||
public_key: .ssh/id_rsa.pub
|
||||
ntpserver: pool.ntp.org
|
||||
timezone: Europe/Rome
|
||||
|
||||
# default sshd port
|
||||
sshd_port: 22
|
||||
|
||||
# generate random passwords for default user and root user
|
||||
default_password: "{{lookup('password', '/dev/null length=15 chars=ascii_letters,digits,punctuation')}}"
|
||||
root_password: "{{lookup('password', '/dev/null length=15 chars=ascii_letters,digits,punctuation')}}"
|
||||
|
||||
# unattended packages install configuration
|
||||
unattended_mail: "{{dot_forward_email}}"
|
||||
unattended_remove_unused_dependencies: true
|
||||
unattended_automatic_reboot_time: "03:00"
|
||||
unattended_update_days: "Sat"
|
||||
unattended_clean_interval: 7
|
||||
|
||||
# fail2ban
|
||||
fail2ban_loglevel: INFO
|
||||
fail2ban_services:
|
||||
- name: ssh
|
||||
port: ssh
|
||||
filter: sshd
|
||||
logpath: /var/log/auth.log
|
||||
@@ -1,49 +0,0 @@
|
||||
---
|
||||
# packages to install
|
||||
packages_to_install:
|
||||
- sudo
|
||||
- python-apt
|
||||
- git-core
|
||||
- ufw
|
||||
- dnsutils
|
||||
- build-essential
|
||||
- acl
|
||||
- screen
|
||||
- bash-completion
|
||||
- ntp
|
||||
- jq
|
||||
- htop
|
||||
- psmisc
|
||||
- python-pip
|
||||
- python3-pip
|
||||
- vim
|
||||
- netcat
|
||||
- net-tools
|
||||
- nmap
|
||||
- lynx
|
||||
- wget
|
||||
- curl
|
||||
- gzip
|
||||
- rsync
|
||||
- logrotate
|
||||
# - logcheck
|
||||
- rkhunter
|
||||
- cryptsetup
|
||||
- python-glade2
|
||||
- dos2unix
|
||||
- mlocate
|
||||
- rclone
|
||||
- bc
|
||||
- zsh
|
||||
- hddtemp
|
||||
- lm-sensors
|
||||
- qemu-guest-agent
|
||||
- atop
|
||||
- sshfs
|
||||
- reptyr
|
||||
- lvm2
|
||||
- parted
|
||||
- rename
|
||||
- glances
|
||||
- gnupg
|
||||
- exim4
|
||||
@@ -1,23 +0,0 @@
|
||||
---
|
||||
# flag to install or skip docker module installation and configuration
|
||||
install_docker: true
|
||||
|
||||
# docker
|
||||
docker__channel: ["stable"]
|
||||
docker__version: "19.03.5"
|
||||
docker__state: "present"
|
||||
docker__compose_version: "1.25.0"
|
||||
docker__users: ["{{default_username}}"]
|
||||
docker__daemon_flags:
|
||||
- "-H unix://"
|
||||
#- "-H unix:// --iptables=false"
|
||||
# "a" removes unused images (useful in production).
|
||||
# "f" forces it to happen without prompting you to agree.
|
||||
docker__cron_jobs_prune_flags: "af"
|
||||
docker__cron_jobs:
|
||||
- name: "Docker disk clean up"
|
||||
job: "docker system prune -{{docker__cron_jobs_prune_flags}} > /dev/null 2>&1"
|
||||
schedule: ["0", "0", "*", "*", "0"]
|
||||
cron_file: "docker-disk-clean-up"
|
||||
user: "{{(docker__users | first) | d('root')}}"
|
||||
state: "present"
|
||||
@@ -1,30 +0,0 @@
|
||||
---
|
||||
# monit
|
||||
config_monit: true
|
||||
monit_enable_email_notifications: false
|
||||
monit_email_to: "{{dot_forward_email}}"
|
||||
monit_enable_web_server: false
|
||||
monit_web_server_allow_list:
|
||||
- localhost
|
||||
monit_web_server_local_only: true
|
||||
monit_monitor_services:
|
||||
- name: "cron"
|
||||
monitored: true
|
||||
pidfile: "/var/run/crond.pid"
|
||||
start_program: "/usr/sbin/service cron start"
|
||||
stop_program: "/usr/sbin/service cron stop"
|
||||
- name: "fail2ban"
|
||||
monitored: true
|
||||
pidfile: "/var/run/fail2ban/fail2ban.pid"
|
||||
start_program: "/etc/init.d/fail2ban start"
|
||||
stop_program: "/etc/init.d/fail2ban stop"
|
||||
- name: "sshd"
|
||||
monitored: true
|
||||
pidfile: "/var/run/sshd.pid"
|
||||
start_program: "/etc/init.d/ssh start"
|
||||
stop_program: "/etc/init.d/ssh stop"
|
||||
- name: "syslogd"
|
||||
monitored: true
|
||||
pidfile: "/var/run/rsyslogd.pid"
|
||||
start_program: "/etc/init.d/rsyslog start"
|
||||
stop_program: "/etc/init.d/rsyslog stop"
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
# Local LAN IP-range addresses
|
||||
local_lan: "192.168.0.0/16"
|
||||
docker_overlay_ips: "172.0.0.0/8"
|
||||
|
||||
# ufw rules
|
||||
ufw_rules:
|
||||
- {rule: allow, port: 22, src: "{{local_lan}}", proto: tcp, direction: "in"}
|
||||
- {rule: allow, port: 22, src: "{{docker_overlay_ips}}", proto: tcp, direction: "in"}
|
||||
# - {rule: allow, port: 80, src: "0.0.0.0/0", proto: tcp, direction: "in"}
|
||||
# - {rule: allow, port: 443, src: "0.0.0.0/0", proto: tcp, direction: "in"}
|
||||
|
||||
# network configuration for our server
|
||||
interfaces_template: "interfaces-dhcp-server.j2"
|
||||
@@ -1,15 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
36663239336238393633346563366232393635633365343535663163336438613066633062626133
|
||||
3630376365643565653430363030616132383332306339370a393139616163366461376133373935
|
||||
35386535363862353237306264336230646334346162316666613238343863303336633533626538
|
||||
3364313966306362330a626634313961326664303761363635633039333138353331306132636261
|
||||
35623366333637353962383730613966336461623936376235313365303661663238316563613838
|
||||
33303032306137373863303564643236653530333366366136363837666661663864376139626634
|
||||
64613839333335663237333533633464393831663331356437376133396330396661366366373461
|
||||
33353462393063313731316364333034373066653563336533363032363038326331303433666634
|
||||
62376637343463386538333566303234313330663234313664616433653563353165386366653638
|
||||
65613736633135316463316537653638326233353134343537393239663537613734313762346434
|
||||
63393437356366613332623666383532363365303239666637666362626366623862666334303537
|
||||
35333663343137643737383533323134363937386239616136326534653261636361386463326236
|
||||
64306433666465343066333136346434656537626631656632393737626565396130373036333530
|
||||
3265646137373062393035636531376339623231366139373664
|
||||
Reference in New Issue
Block a user