├── roles
├── tfe
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── files
│ │ ├── fluent-bit.conf
│ │ └── terraform-enterprise.service
│ └── requirements.yml
├── auditd
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── autofs
│ ├── templates
│ │ ├── .gitkeep
│ │ ├── map.j2
│ │ └── template.autofs.j2
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── vars
│ │ └── main.yml
│ └── handlers
│ │ └── main.yml
├── collectd
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── common
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── consul
│ ├── templates
│ │ ├── .gitkeep
│ │ └── service.hcl.j2
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── dnsmasq
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── dryrun
│ ├── templates
│ │ └── .gitkeep
│ ├── handlers
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── assert.yml
├── facts
│ ├── templates
│ │ ├── .gitkeep
│ │ └── facts.j2
│ ├── handlers
│ │ └── main.yml
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── firewall
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── gitlab
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── harbor
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── files
│ │ └── my_harbor.te
│ ├── vars
│ │ └── main.yml
│ └── requirements.yml
├── jenkins
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ ├── requirements.yml
│ └── defaults
│ │ └── main.yml
├── locale
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── logwatch
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── vars
│ │ └── main.yml
├── openbao
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── openssh
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── requirements.yml
├── php_fpm
│ ├── templates
│ │ ├── .gitkeep
│ │ └── php-fpm.conf.j2
│ ├── meta
│ │ └── preferences.yml
│ ├── files
│ │ └── my-php-fpm.te
│ └── requirements.yml
├── podman
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── postgres
│ ├── templates
│ │ ├── .gitkeep
│ │ └── pg_hba.conf.j2
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── prosody
│ ├── templates
│ │ └── .gitkeep
│ └── requirements.yml
├── redis
│ ├── templates
│ │ └── .gitkeep
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ ├── tasks
│ │ └── assert.yml
│ └── requirements.yml
├── scripts
│ ├── templates
│ │ ├── .gitkeep
│ │ └── script.sh.j2
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── service
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── snmpd
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── squid
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── tigervnc
│ ├── templates
│ │ ├── .gitkeep
│ │ ├── config
│ │ └── xstartup
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── users
│ ├── templates
│ │ ├── .gitkeep
│ │ ├── cron.allow.j2
│ │ ├── sudo.j2
│ │ └── sudo_group.j2
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── defaults
│ │ └── main.yml
├── vsftpd
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── auto_update
│ ├── templates
│ │ ├── .gitkeep
│ │ └── automatic.conf.j2
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── bareos_dir
│ ├── templates
│ │ ├── .gitkeep
│ │ └── catalog.conf.j2
│ └── meta
│ │ └── preferences.yml
├── bareos_fd
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── bareos_sd
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── diskspace
│ ├── templates
│ │ └── .gitkeep
│ ├── requirements.yml
│ ├── meta
│ │ ├── preferences.yml
│ │ └── argument_specs.yml
│ ├── defaults
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── logrotate
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── memcached
│ ├── templates
│ │ ├── .gitkeep
│ │ ├── Amazon-memcached.j2
│ │ ├── CentOS-memcached.j2
│ │ ├── Fedora-memcached.j2
│ │ ├── Rocky-memcached.j2
│ │ ├── Archlinux-memcached.j2
│ │ └── openSUSE Tumbleweed-memcached.j2
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── nextcloud
│ ├── templates
│ │ ├── .gitkeep
│ │ └── nextcloud.conf.j2
│ └── meta
│ │ └── preferences.yml
├── nfsserver
│ ├── templates
│ │ ├── .gitkeep
│ │ └── exports.j2
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── assert_host.yml
├── vault_agent
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── zabbix_agent
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── zabbix_proxy
│ ├── templates
│ │ └── .gitkeep
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── requirements.yml
├── zabbix_server
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── zabbix_web
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── awx_configuration
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── bareos_console
│ ├── templates
│ │ └── .gitkeep
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── cisco_anyconnect
│ ├── templates
│ │ └── .gitkeep
│ ├── vars
│ │ └── main.yml
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── collabora_online
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── requirements.yml
├── terraform_agent
│ ├── templates
│ │ ├── .gitkeep
│ │ └── tfc-agent.env.j2
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── vault_auditdevice
│ ├── templates
│ │ └── .gitkeep
│ ├── vars
│ │ └── main.yml
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── vault_autosnapshot
│ ├── templates
│ │ └── .gitkeep
│ ├── vars
│ │ └── main.yml
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── update_pip_packages
│ ├── templates
│ │ └── .gitkeep
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── tasks
│ │ └── package.yml
│ └── vars
│ │ └── main.yml
├── vault_configuration
│ ├── templates
│ │ ├── .gitkeep
│ │ └── vault.env.j2
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── tomcat
│ ├── files
│ │ └── dummy.properties
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── tasks
│ │ └── lib.yml
├── dns
│ ├── files
│ │ └── override.conf
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── vault_snapshot
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── vault_initialize
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── bootstrap
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── git
│ ├── vars
│ │ └── main.yml
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── templates
│ │ └── gitconfig.j2
├── lvm
│ ├── vars
│ │ └── main.yml
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── remi
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ ├── preferences.yml
│ │ └── main.yml
│ ├── requirements.yml
│ ├── tasks
│ │ └── assert.yml
│ └── handlers
│ │ └── main.yml
├── subversion
│ ├── defaults
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── assert.yml
├── virtualbox
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── tasks
│ │ └── assert.yml
├── npm
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── tasks
│ │ └── assert.yml
├── xrdp
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ ├── handlers
│ │ └── main.yml
│ ├── requirements.yml
│ └── files
│ │ └── 45-allow-colord
├── digitalocean_agent
│ ├── files
│ │ ├── digitalocean-agent.list
│ │ └── digitalocean-agent.repo
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── requirements.yml
├── umask
│ ├── defaults
│ │ └── main.yml
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── assert.yml
├── at
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── main.yml
├── cron
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── debug
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── epel
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── tasks
│ │ └── assert.yml
├── fips
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ ├── tasks
│ │ └── assert.yml
│ └── vars
│ │ └── main.yml
├── gitea
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── gnome
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── grub
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── templates
│ │ └── 01_users.j2
│ └── handlers
│ │ └── main.yml
├── java
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── scl
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── main.yml
├── spamassassin
│ ├── templates
│ │ └── spamassassin.conf.j2
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ ├── handlers
│ │ └── main.yml
│ └── requirements.yml
├── tftpd
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── tasks
│ │ └── main.yml
│ └── templates
│ │ └── tftp.j2
├── types
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── buildtools
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── main.yml
├── ca_certificates
│ ├── vars
│ │ └── main.yml
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── tasks
│ │ └── main.yml
├── cis
│ ├── vars
│ │ └── main.yml
│ ├── tasks
│ │ ├── Ubuntu-20
│ │ │ ├── initial_setup.yml
│ │ │ ├── main.yml
│ │ │ └── assert.yml
│ │ ├── CentOS-8
│ │ │ ├── 2_services
│ │ │ │ └── 2_1_inetd_services.yml
│ │ │ ├── 4_logging_and_auditing
│ │ │ │ └── 4_3_logrotate_configured.yml
│ │ │ ├── 3_network
│ │ │ │ └── 3_6_disable_ipv6.yml
│ │ │ └── 1_initial_setup
│ │ │ │ └── 1_9_updates_installed.yml
│ │ └── assert.yml
│ ├── meta
│ │ ├── preferences.yml
│ │ └── main.yml
│ └── requirements.yml
├── dovecot
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── enpass
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── filesystem
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── vars
│ │ └── main.yml
├── forensics
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── functions
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── hostname
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── keepalived
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── modprobe
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── nginx
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ └── tasks
│ │ └── assert.yml
├── reboot
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── rsyslog
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── software
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── sosreport
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── vars
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── sysstat
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── vars
│ │ └── main.yml
├── systemd
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── tailscale
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── tune2fs
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── tasks
│ │ └── assert.yml
│ └── defaults
│ │ └── main.yml
├── ulimit
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── update
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── upgrade
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── alternatives
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── vars
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── apt_autostart
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ └── tasks
│ │ └── assert.yml
├── apt_repository
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── container_docs
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── docker_compose
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── environment
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── gitlab_runner
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── handlers
│ │ └── main.yml
├── maintenance
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ └── defaults
│ │ └── main.yml
├── mount_options
│ ├── requirements.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── tasks
│ │ └── assert.yml
│ └── handlers
│ │ └── main.yml
├── mysql
│ ├── templates
│ │ └── my.cnf.j2
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── unowned_files
│ ├── requirements.yml
│ └── meta
│ │ └── preferences.yml
├── aide
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── files
│ │ ├── aidecheck.service
│ │ └── aidecheck.timer
│ └── handlers
│ │ └── main.yml
├── ca
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── code
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── core_dependencies
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── meta
│ │ └── preferences.yml
├── dhcpd
│ ├── templates
│ │ └── isc-dhcp-server.j2
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── requirements.yml
├── earlyoom
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── defaults
│ │ └── main.yml
├── luks
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── defaults
│ │ └── main.yml
│ └── handlers
│ │ └── main.yml
├── mate
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── vars
│ │ └── main.yml
├── ntp
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── templates
│ │ └── chrony.conf.j2
├── php
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── swap
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── azure_cli
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── backup
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── cargo
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── defaults
│ │ └── main.yml
├── certbot
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── clamav
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── files
│ │ └── my-clamd.te
├── cntlm
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── docker
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ ├── tasks
│ │ └── assert.yml
│ └── requirements.yml
├── docker_ce
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ ├── tasks
│ │ └── assert.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── dsvpn
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── eclipse
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ └── requirements.yml
├── fail2ban
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── glusterfs
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── files
│ │ ├── my-glusterfsd.te
│ │ └── my-glusterepoll0.te
├── hashicorp
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── haveged
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ ├── templates
│ │ └── custom.conf.j2
│ ├── requirements.yml
│ └── tasks
│ │ └── assert.yml
├── httpd
│ ├── meta
│ │ └── preferences.yml
│ ├── templates
│ │ ├── location.conf.j2
│ │ └── ssl.conf.j2
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── jitsi
│ ├── meta
│ │ ├── preferences.yml
│ │ ├── argument_specs.yml
│ │ └── main.yml
│ └── requirements.yml
├── kernel
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── defaults
│ │ └── main.yml
├── mediawiki
│ └── meta
│ │ └── preferences.yml
├── mitogen
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ ├── requirements.yml
│ └── tasks
│ │ └── assert.yml
├── molecule
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── defaults
│ │ └── main.yml
├── mongodb
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ ├── requirements.yml
│ └── templates
│ │ └── mongod.conf.j2
├── mount
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── nomad
│ ├── meta
│ │ └── preferences.yml
│ ├── handlers
│ │ └── main.yml
│ ├── requirements.yml
│ └── templates
│ │ └── server.hcl.j2
├── openssl
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── openvpn
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── owncloud
│ └── meta
│ │ └── preferences.yml
├── postfix
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── powertop
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── vars
│ │ └── main.yml
├── restore
│ ├── meta
│ │ └── preferences.yml
│ └── vars
│ │ └── main.yml
├── revealmd
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── files
│ │ └── index.md
│ └── vars
│ │ └── main.yml
├── rundeck
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── selinux
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── storage
│ ├── meta
│ │ └── preferences.yml
│ ├── vars
│ │ └── main.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── sysctl
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── vars
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── tasks
│ │ └── assert.yml
├── terraform
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── vars
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── vagrant
│ ├── meta
│ │ └── preferences.yml
│ ├── defaults
│ │ └── main.yml
│ └── requirements.yml
├── vault
│ ├── meta
│ │ └── preferences.yml
│ ├── tasks
│ │ └── package.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── artifactory
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── templates
│ │ └── binarystore.xml.j2
├── bareos_webui
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── cve_2024_3094
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── investigate
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── tasks
│ │ └── main.yml
├── obsproject
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── vars
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── phpmyadmin
│ └── meta
│ │ └── preferences.yml
├── python_pip
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── roundcubemail
│ └── meta
│ │ └── preferences.yml
├── bareos_repository
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── vault_oracle_plugin
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── zabbix_repository
│ ├── meta
│ │ └── preferences.yml
│ └── requirements.yml
├── oracle_instant_client
│ ├── meta
│ │ └── preferences.yml
│ ├── requirements.yml
│ └── handlers
│ │ └── main.yml
├── microsoft_repository_keys
│ ├── meta
│ │ └── preferences.yml
│ ├── vars
│ │ └── main.yml
│ └── requirements.yml
└── haproxy
│ ├── handlers
│ └── main.yml
│ └── meta
│ └── preferences.yml
├── .gitignore
├── meta
└── runtime.yml
├── .yamllint
├── UPDATING.md
├── requirements.yml
└── .github
└── workflows
└── collection.yml
/roles/tfe/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/auditd/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/autofs/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/collectd/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/common/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/consul/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/dnsmasq/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/dryrun/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/facts/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/firewall/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/gitlab/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/harbor/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/jenkins/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/locale/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/logwatch/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/openbao/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/openssh/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/php_fpm/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/podman/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/postgres/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/prosody/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/redis/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/scripts/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/service/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/snmpd/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/squid/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/tigervnc/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/users/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/vsftpd/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/auto_update/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/bareos_dir/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/bareos_fd/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/bareos_sd/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/diskspace/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/logrotate/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/memcached/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/nextcloud/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/nfsserver/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/vault_agent/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/zabbix_agent/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/zabbix_proxy/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/zabbix_server/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/zabbix_web/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/awx_configuration/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/bareos_console/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/cisco_anyconnect/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/collabora_online/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/terraform_agent/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/vault_auditdevice/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/vault_autosnapshot/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .cache
2 | .DS_Store
3 | .icloud
4 |
--------------------------------------------------------------------------------
/roles/update_pip_packages/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/vault_configuration/templates/.gitkeep:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/roles/tomcat/files/dummy.properties:
--------------------------------------------------------------------------------
1 | prop=value
2 |
--------------------------------------------------------------------------------
/meta/runtime.yml:
--------------------------------------------------------------------------------
1 | ---
2 | requires_ansible: '>=2.9.10'
3 |
--------------------------------------------------------------------------------
/roles/dns/files/override.conf:
--------------------------------------------------------------------------------
1 | [Service]
2 | PIDFile=
3 |
--------------------------------------------------------------------------------
/roles/dryrun/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for dryrun
3 |
--------------------------------------------------------------------------------
/roles/vault_snapshot/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for vault_snapshot
3 |
--------------------------------------------------------------------------------
/roles/cisco_anyconnect/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for cisco_anyconnect
3 |
--------------------------------------------------------------------------------
/roles/vault_auditdevice/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for vault_auditdevice
3 |
--------------------------------------------------------------------------------
/roles/vault_initialize/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for vault_initialize
3 |
--------------------------------------------------------------------------------
/roles/vault_autosnapshot/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for vault_autosnapshot
3 |
--------------------------------------------------------------------------------
/roles/bootstrap/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | collections:
3 | - name: community.general
4 |
--------------------------------------------------------------------------------
/roles/cisco_anyconnect/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for cisco_anyconnect
3 |
--------------------------------------------------------------------------------
/roles/git/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for git
3 |
4 | git_packages:
5 | - git
6 |
--------------------------------------------------------------------------------
/roles/vault_auditdevice/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for vault_auditdevice
3 |
--------------------------------------------------------------------------------
/roles/vault_autosnapshot/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for vault_autosnapshot
3 |
--------------------------------------------------------------------------------
/roles/lvm/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for lvm
3 |
4 | lvm_requirements:
5 | - lvm2
6 |
--------------------------------------------------------------------------------
/roles/redis/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for redis
3 |
4 | redis_bind_address: "127.0.0.1"
5 |
--------------------------------------------------------------------------------
/roles/remi/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for remi
3 |
4 | remi_repository_selection: php81
5 |
--------------------------------------------------------------------------------
/roles/subversion/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for subversion
3 |
4 | subversion_path: /tmp
5 |
--------------------------------------------------------------------------------
/roles/virtualbox/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for virtualbox
3 |
4 | virtualbox_version: "6.1"
5 |
--------------------------------------------------------------------------------
/roles/dryrun/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for dryrun
3 |
4 | dryrun_vars_variable: "Some value from vars"
5 |
--------------------------------------------------------------------------------
/roles/npm/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for npm
3 |
4 | npm_registry: "https://registry.npmjs.org/"
5 |
--------------------------------------------------------------------------------
/roles/subversion/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for subversion
3 |
4 | subversion_packages:
5 | - subversion
6 |
--------------------------------------------------------------------------------
/roles/bareos_console/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for bareos_console
3 |
4 | bareos_console_directors: []
5 |
--------------------------------------------------------------------------------
/roles/facts/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for facts
3 |
4 | - name: Setup
5 | ansible.builtin.setup:
6 |
--------------------------------------------------------------------------------
/roles/xrdp/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for xrdp
3 |
4 | xrdp_packages:
5 | - xrdp
6 |
7 | xrdp_service: xrdp
8 |
--------------------------------------------------------------------------------
/roles/zabbix_proxy/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for zabbix_proxy
3 |
4 | zabbix_proxy_package: zabbix-proxy-mysql
5 |
--------------------------------------------------------------------------------
/roles/digitalocean_agent/files/digitalocean-agent.list:
--------------------------------------------------------------------------------
1 | deb https://repos.insights.digitalocean.com/apt/do-agent main main
2 |
--------------------------------------------------------------------------------
/roles/umask/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for umask
3 |
4 | umask: "0022"
5 |
6 | umask_users:
7 | - root
8 |
--------------------------------------------------------------------------------
/roles/at/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/cron/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/debug/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/dryrun/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for dryrun
3 |
4 | dryrun_defaults_variable: "Some value from defaults"
5 |
--------------------------------------------------------------------------------
/roles/epel/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/facts/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/fips/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/git/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/gitea/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/gnome/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/grub/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/java/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/lvm/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/scl/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/snmpd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/spamassassin/templates/spamassassin.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | local5.*; /var/log/spamassassin
3 |
--------------------------------------------------------------------------------
/roles/tftpd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/types/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/umask/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/auditd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/autofs/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/buildtools/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/ca_certificates/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for ca_certificates
3 |
4 | ca_certificates_packages:
5 | - ca-certificates
6 |
--------------------------------------------------------------------------------
/roles/cis/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for cis
3 |
4 | cis_removable_media_partitions:
5 | - /mnt/floppy
6 | - /mnt/cdrom
7 |
--------------------------------------------------------------------------------
/roles/common/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/diskspace/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/dnsmasq/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/dovecot/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/dryrun/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/enpass/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/filesystem/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/forensics/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/functions/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/gitlab/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/hostname/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/keepalived/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/locale/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/memcached/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/modprobe/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/nfsserver/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/nginx/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for nginx
3 |
4 | # The tcp port nginx should listen on.
5 | nginx_port: 80
6 |
--------------------------------------------------------------------------------
/roles/openbao/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/prosody/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/reboot/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/rsyslog/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/scripts/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/service/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/software/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/sosreport/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/subversion/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/sysstat/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/systemd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/tailscale/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/tune2fs/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/ulimit/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/update/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/upgrade/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/vsftpd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/alternatives/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/apt_autostart/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/apt_repository/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/ca_certificates/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/cis/tasks/Ubuntu-20/initial_setup.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Just a debug message.
3 | ansible.builtin.debug:
4 | msg: "Not defined."
5 |
--------------------------------------------------------------------------------
/roles/consul/templates/service.hcl.j2:
--------------------------------------------------------------------------------
1 | {
2 | "service": {
3 | "name": "{{ item.name }}",
4 | "port": {{ item.port }}
5 | }
6 | }
7 |
--------------------------------------------------------------------------------
/roles/container_docs/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/docker_compose/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/environment/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/gitlab_runner/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/maintenance/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/mount_options/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/mysql/templates/my.cnf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | [client]
4 | user='root'
5 | password='{{ mysql_root_password }}'
6 |
--------------------------------------------------------------------------------
/roles/tigervnc/templates/config:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | session=gnome
3 | geometry=1920x1080
4 | localhost
5 | alwaysshared
6 |
--------------------------------------------------------------------------------
/roles/unowned_files/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/aide/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/at/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/ca/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/cis/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/code/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/core_dependencies/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.general
6 |
--------------------------------------------------------------------------------
/roles/cron/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/dhcpd/templates/isc-dhcp-server.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | INTERFACESv4="{{ dhcpd_ipv4_interface }}"
3 |
4 | INTERFACESv6=""
5 |
--------------------------------------------------------------------------------
/roles/dns/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/earlyoom/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for earlyoom
3 |
4 | earlyoom_requirements:
5 | - git
6 |
7 | earlyoom_service: earlyoom
8 |
--------------------------------------------------------------------------------
/roles/epel/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/fips/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/git/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/grub/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/java/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/luks/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/lvm/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/mate/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/npm/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/ntp/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/php/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/remi/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/scl/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/swap/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/tfe/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/xrdp/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/auditd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/autofs/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/azure_cli/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/backup/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/bareos_fd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/bareos_sd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/bootstrap/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/cargo/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/certbot/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/cis/tasks/Ubuntu-20/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: include initial_setup.yml
3 | ansible.builtin.include_tasks:
4 | file: initial_setup.yml
5 |
--------------------------------------------------------------------------------
/roles/clamav/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/cntlm/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/collectd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/common/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/consul/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/core_dependencies/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for core_dependencies
3 |
4 | - name: Gather facts
5 | ansible.builtin.setup:
6 |
--------------------------------------------------------------------------------
/roles/debug/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/dhcpd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/diskspace/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/dnsmasq/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/docker/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/docker_ce/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/dovecot/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/dryrun/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/dsvpn/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/earlyoom/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/eclipse/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/enpass/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/facts/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/fail2ban/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/firewall/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/forensics/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/functions/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/git/templates/gitconfig.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | [user]
4 | email = {{ git_user_email }}
5 | name = {{ git_user_name }}
6 |
--------------------------------------------------------------------------------
/roles/gitea/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/gitlab/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/glusterfs/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/gnome/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/harbor/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/hashicorp/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/haveged/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/hostname/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/httpd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/jenkins/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/jitsi/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/kernel/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/locale/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/logrotate/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/logwatch/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/mediawiki/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/memcached/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/mitogen/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/modprobe/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/molecule/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/mongodb/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/mount/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/mysql/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/nextcloud/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/nfsserver/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/nginx/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/nomad/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/openssh/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/openssl/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/openvpn/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/owncloud/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/php_fpm/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/podman/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/postfix/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/postgres/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/powertop/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/reboot/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/redis/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/restore/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/revealmd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/rsyslog/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/rundeck/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/scripts/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/selinux/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/service/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/snmpd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/software/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/sosreport/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/squid/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/storage/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/sysctl/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/sysstat/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/systemd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/tailscale/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/terraform/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/tftpd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/tigervnc/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/tomcat/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/tune2fs/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/types/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/ulimit/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/umask/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/update/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/upgrade/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/users/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vagrant/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vault/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vsftpd/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/alternatives/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/apt_autostart/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/apt_repository/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/artifactory/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/auto_update/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/bareos_console/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/bareos_dir/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/bareos_webui/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/buildtools/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/container_docs/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/cve_2024_3094/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/docker_compose/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/environment/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/filesystem/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/gitlab_runner/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/investigate/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/keepalived/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/maintenance/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/mount_options/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/obsproject/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/phpmyadmin/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/python_pip/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/roundcubemail/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/spamassassin/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/storage/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for storage
3 |
4 | storage_requirements:
5 | - parted
6 | - lvm2
7 | - e2fsprogs
8 | - xfsprogs
9 |
--------------------------------------------------------------------------------
/roles/subversion/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/unowned_files/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vault_agent/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/virtualbox/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/zabbix_agent/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/zabbix_proxy/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/zabbix_server/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/zabbix_web/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/awx_configuration/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/bareos_repository/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/ca_certificates/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/cisco_anyconnect/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/collabora_online/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/core_dependencies/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/digitalocean_agent/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/epel/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for epel
3 |
4 | - name: Update package cache
5 | ansible.builtin.package:
6 | update_cache: true
7 |
--------------------------------------------------------------------------------
/roles/haveged/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for haveged
3 |
4 | - name: Daemon reload
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 |
--------------------------------------------------------------------------------
/roles/mount/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: ansible.posix
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/mysql/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.mysql
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/ntp/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.cron
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/selinux/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: ansible.posix
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/storage/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: ansible.posix
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/sysctl/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: ansible.posix
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/terraform_agent/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/update_pip_packages/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vault_auditdevice/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vault_autosnapshot/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vault_configuration/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vault_initialize/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/vault_oracle_plugin/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/zabbix_repository/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/awx_configuration/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: awx.awx
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/collectd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/fail2ban/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/firewall/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: ansible.posix
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/mate/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/nginx/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/openvpn/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/oracle_instant_client/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/podman/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: containers.podman
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/remi/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/xrdp/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for xrdp
3 |
4 | xrdp_configuration:
5 | - option: crypt_level
6 | section: Globals
7 | value: high
8 |
--------------------------------------------------------------------------------
/roles/auto_update/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.cron
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/bareos_repository/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: ansible.posix
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/facts/templates/facts.j2:
--------------------------------------------------------------------------------
1 | {
2 | {% for item in facts %}
3 | "{{ item.key }}": "{{ item.value }}"{% if not loop.last %},{% endif %}
4 |
5 | {% endfor %}
6 | }
7 |
--------------------------------------------------------------------------------
/roles/fips/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for fips
3 |
4 | # A policy to apply, pick from "DEFAULT", "FUTURE", "FIPS" or "LEGACY".
5 | fips_policy: DEFAULT
6 |
--------------------------------------------------------------------------------
/roles/investigate/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/logrotate/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.cron
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/microsoft_repository_keys/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 |
--------------------------------------------------------------------------------
/roles/powertop/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.service
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/cve_2024_3094/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.openssh
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/dns/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/nginx/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for nginx
3 |
4 | - name: Restart nginx
5 | ansible.builtin.service:
6 | name: nginx
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/nomad/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for nomad
3 |
4 | - name: Restart nomad
5 | ansible.builtin.service:
6 | name: nomad
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/squid/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/bareos_sd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.bareos_repository
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/hashicorp/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/jenkins/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for jenkins
3 |
4 | - name: Restart jenkins
5 | ansible.builtin.service:
6 | name: jenkins
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/mitogen/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for mitogen
3 |
4 | # The Ansible configuration to modify for Mitogen.
5 | mitogen_ansible_file: /etc/ansible/ansible.cfg
6 |
--------------------------------------------------------------------------------
/roles/mongodb/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for mongodb
3 |
4 | - name: Restart mongod
5 | ansible.builtin.service:
6 | name: mongod
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/mongodb/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/postfix/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/virtualbox/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/artifactory/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/bareos_console/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.bareos_repository
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/terraform_agent/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/xrdp/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for xrdp
3 |
4 | - name: Restart xrdp
5 | ansible.builtin.service:
6 | name: "{{ xrdp_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/zabbix_repository/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/apt_autostart/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for apt_autostart
3 |
4 | # Should services be managed when installing software using apt?
5 | apt_autostart_state: disabled
6 |
--------------------------------------------------------------------------------
/roles/cisco_anyconnect/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/dhcpd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for dhcpd
3 |
4 | - name: Restart dhcpd
5 | ansible.builtin.service:
6 | name: "{{ dhcpd_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/luks/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | collections:
5 | - name: community.crypto
6 | - name: ansible.posix
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/microsoft_repository_keys/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for microsoft_repository_keys
3 |
4 | microsoft_repository_keys_url: "https://packages.microsoft.com/keys/microsoft.asc"
5 |
--------------------------------------------------------------------------------
/roles/redis/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for redis
3 |
4 | - name: Restart redis
5 | ansible.builtin.service:
6 | name: "{{ redis_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/snmpd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for snmpd
3 |
4 | - name: Restart snmpd
5 | ansible.builtin.service:
6 | name: "{{ snmpd_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/squid/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for squid
3 |
4 | - name: Restart squid
5 | ansible.builtin.service:
6 | name: "{{ squid_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/artifactory/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for artifactory
3 |
4 | - name: Restart artifactory
5 | ansible.builtin.service:
6 | name: artifactory
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/clamav/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | collections:
6 | - name: ansible.posix
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/eclipse/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for eclipse
3 |
4 | - name: Restart eclipse
5 | ansible.builtin.service:
6 | name: "{{ eclipse_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/grub/templates/01_users.j2:
--------------------------------------------------------------------------------
1 | #!/bin/sh -e
2 |
3 | cat << "EOF"
4 | set superusers="{{ grub_user }}"
5 | export superusers
6 | password_pbkdf2 {{ grub_user }} {{ grub_password }}
7 | EOF
8 |
--------------------------------------------------------------------------------
/roles/haveged/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for ansible-role-haveged
3 |
4 | # Set write_wakeup_threshold of daemon interface to nnn bits.
5 | haveged_write_wakeup_threshold: 1024
6 |
--------------------------------------------------------------------------------
/roles/keepalived/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for keepalived
3 |
4 | - name: Restart keepalived
5 | ansible.builtin.service:
6 | name: keepalived
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/microsoft_repository_keys/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/openssh/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for openssh
3 |
4 | - name: Restart openssh
5 | ansible.builtin.service:
6 | name: "{{ openssh_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/openssh/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.selinux
5 | collections:
6 | - name: ansible.posix
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/openvpn/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for openvpn
3 |
4 | - name: Restart openvpn
5 | ansible.builtin.service:
6 | name: "{{ openvpn_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/oracle_instant_client/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: community.general
7 |
--------------------------------------------------------------------------------
/roles/podman/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for podman
3 |
4 | - name: Restart podman
5 | ansible.builtin.service:
6 | name: "{{ podman_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/rsyslog/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for rsyslog
3 |
4 | - name: Restart rsyslog
5 | ansible.builtin.service:
6 | name: "{{ rsyslog_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/spamassassin/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for spamassassin
3 |
4 | # What group and user spamd should run under.
5 | spamassassin_group: spamd
6 | spamassassin_user: spamd
7 |
--------------------------------------------------------------------------------
/roles/swap/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.sysctl
5 | collections:
6 | - name: ansible.posix
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/virtualbox/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for virtualbox
3 |
4 | - name: Run vboxconfig
5 | ansible.builtin.command:
6 | cmd: /sbin/vboxconfig
7 | changed_when: true
8 |
--------------------------------------------------------------------------------
/roles/aide/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.cron
5 | - name: robertdebock.postfix
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/buildtools/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for buildtools
3 |
4 | - name: Install buildtools
5 | ansible.builtin.package:
6 | name: "{{ buildtools_packages }}"
7 | state: present
8 |
--------------------------------------------------------------------------------
/roles/cargo/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/collabora_online/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for collabora_online
3 |
4 | - name: Restart service
5 | ansible.builtin.systemd:
6 | name: coolwsd
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/collectd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for collectd
3 |
4 | - name: Restart collectd
5 | ansible.builtin.service:
6 | name: "{{ collectd_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/fail2ban/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for fail2ban
3 |
4 | - name: Restart fail2ban
5 | ansible.builtin.service:
6 | name: "{{ fail2ban_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/vsftpd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for vsftpd
3 |
4 | - name: Restart vsftpd
5 | ansible.builtin.service:
6 | name: vsftpd
7 | state: restarted
8 | enabled: true
9 |
--------------------------------------------------------------------------------
/roles/zabbix_proxy/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for zabbix_proxy
3 |
4 | - name: Restart zabbix-proxy
5 | ansible.builtin.service:
6 | name: zabbix-proxy
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/aide/files/aidecheck.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Aide Check
3 |
4 | [Service]
5 | Type=simple
6 | ExecStart=/usr/sbin/aide --check
7 |
8 | [Install]
9 | WantedBy=multi-user.target
10 |
--------------------------------------------------------------------------------
/roles/mount/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Run swapon
4 | ansible.builtin.command:
5 | cmd: swapon -a
6 | changed_when: true
7 | when:
8 | - mount_requests | regex_search("swap")
9 |
--------------------------------------------------------------------------------
/roles/npm/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | - name: robertdebock.epel
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/obsproject/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | - name: robertdebock.rpmfusion
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/python_pip/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/tfe/files/fluent-bit.conf:
--------------------------------------------------------------------------------
1 | [OUTPUT]
2 | Name splunk
3 | Match *
4 | Host splunk.example.com
5 | Port 8088
6 | Splunk_Token example-splunk-token
7 |
--------------------------------------------------------------------------------
/roles/users/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | collections:
6 | - name: ansible.posix
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/vault/tasks/package.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: package | Install vault
4 | ansible.builtin.package:
5 | name: "{{ vault_package }}"
6 | notify:
7 | - Daemon reload
8 | - Restart vault
9 |
--------------------------------------------------------------------------------
/roles/bareos_fd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.bareos_repository
5 | collections:
6 | - name: community.crypto
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/bareos_webui/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.bareos_repository
5 | collections:
6 | - name: ansible.posix
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/earlyoom/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.service
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/eclipse/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.java
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/epel/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Ensure that `epel_next`.
4 | ansible.builtin.assert:
5 | quiet: true
6 | that:
7 | - epel_next is defined
8 | - epel_next is bool
9 |
--------------------------------------------------------------------------------
/roles/haveged/templates/custom.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | [Service]
4 | ExecStart=
5 | ExecStart=/usr/sbin/haveged --write {{ haveged_write_wakeup_threshold }} --verbose 1 --Foreground
6 |
--------------------------------------------------------------------------------
/roles/openbao/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for openbao
3 |
4 | - name: Restart OpenBao
5 | ansible.builtin.systemd:
6 | name: openbao
7 | state: restarted
8 | daemon_reload: true
9 |
--------------------------------------------------------------------------------
/roles/oracle_instant_client/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for oracle_instant_client
3 |
4 | - name: Run ldconfig
5 | ansible.builtin.command:
6 | cmd: /sbin/ldconfig
7 | changed_when: true
8 |
--------------------------------------------------------------------------------
/roles/xrdp/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.epel
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/zabbix_web/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for zabbix_web
3 |
4 | - name: Restart httpd
5 | ansible.builtin.service:
6 | name: "{{ zabbix_web_httpd_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/bareos_webui/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for bareos_webui
3 |
4 | - name: Restart httpd
5 | ansible.builtin.service:
6 | name: "{{ bareos_webui_httpd_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/consul/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/httpd/templates/location.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 |
4 | ProxyPass {{ item.backend_url }}
5 | ProxyPassReverse {{ item.backend_url }}
6 |
7 |
--------------------------------------------------------------------------------
/roles/investigate/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for investigate
3 |
4 | - name: Install investigation tools
5 | ansible.builtin.package:
6 | name: "{{ investigate_packages }}"
7 | state: present
8 |
--------------------------------------------------------------------------------
/roles/kernel/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.core_dependencies
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/logwatch/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.postfix
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/nginx/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for nginx
3 |
4 | _nginx_user:
5 | default: nginx
6 | Debian: root
7 |
8 | nginx_user: "{{ _nginx_user[ansible_os_family] | default(_nginx_user['default']) }}"
9 |
--------------------------------------------------------------------------------
/roles/nomad/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/php_fpm/templates/php-fpm.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment(decoration='; ') }}
2 |
3 | include={{ php_fpm_include_directory }}/*.conf
4 |
5 | [global]
6 | pid = {{ php_fpm_pid_directory }}/php-fpm.pid
7 |
--------------------------------------------------------------------------------
/roles/spamassassin/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for spamassassin
3 |
4 | - name: Restart spamassassin
5 | ansible.builtin.service:
6 | name: "{{ spamassassin_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/ca_certificates/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for ca_certificates
3 |
4 | - name: Install ca_certificates
5 | ansible.builtin.package:
6 | name: "{{ ca_certificates_packages }}"
7 | state: present
8 |
--------------------------------------------------------------------------------
/roles/dhcpd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.apt_autostart
4 | - name: robertdebock.bootstrap
5 | - name: robertdebock.core_dependencies
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/gitlab_runner/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for gitlab_runner
3 |
4 | - name: Restart gitlab-runner
5 | ansible.builtin.service:
6 | name: "{{ gitlab_runner_service }}"
7 | state: restarted
8 |
--------------------------------------------------------------------------------
/roles/kernel/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for kernel
3 |
4 | kernel_version: "5.15.5"
5 |
6 | kernel_build_location: /tmp
7 |
8 | kernel_parameters:
9 | - name: CONFIG_SMP
10 | value: y
11 |
--------------------------------------------------------------------------------
/roles/vault_agent/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/aide/files/aidecheck.timer:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Aide check every day at midnight
3 |
4 | [Timer]
5 | OnCalendar=*-*-* 00:00:00
6 | Unit=aidecheck.service
7 |
8 | [Install]
9 | WantedBy=multi-user.target
10 |
--------------------------------------------------------------------------------
/roles/cargo/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for cargo
3 |
4 | # The destination where cargo should be installed.
5 | cargo_prefix: /usr/local
6 |
7 | # Where to drop the downloaded installer.
8 | cargo_tmp: /root
9 |
--------------------------------------------------------------------------------
/roles/cis/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.cron
5 | - name: robertdebock.update
6 | collections:
7 | - name: ansible.posix
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/code/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | - name: robertdebock.microsoft_repository_keys
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/digitalocean_agent/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for digitalocean_agent
3 |
4 | - name: Update apt cache
5 | ansible.builtin.apt:
6 | update_cache: true
7 | when:
8 | - ansible_pkg_mgr == "apt"
9 |
--------------------------------------------------------------------------------
/roles/docker/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for docker
3 |
4 | - name: Change group for docker socket
5 | ansible.builtin.file:
6 | path: "{{ docker_socket }}"
7 | group: docker
8 | mode: "0660"
9 |
--------------------------------------------------------------------------------
/roles/modprobe/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for modprobe
3 |
4 | # You can pass a list of modules to this role to be loaded. For example:
5 | # modprobe_modules:
6 | # - br_netfilter
7 | modprobe_modules: []
8 |
--------------------------------------------------------------------------------
/roles/mount_options/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test mount_options
4 | ansible.builtin.assert:
5 | that:
6 | - mount_options is defined
7 | - mount_options is iterable
8 | quiet: true
9 |
--------------------------------------------------------------------------------
/roles/terraform/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | - name: robertdebock.core_dependencies
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/terraform/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for terraform
3 |
4 | terraform_unarchive_src: "https://{{ terraform_software_mirror }}/terraform/{{ terraform_version }}/terraform_{{ terraform_version }}_linux_amd64.zip"
5 |
--------------------------------------------------------------------------------
/roles/zabbix_agent/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | - name: robertdebock.zabbix_repository
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/zabbix_proxy/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | - name: robertdebock.zabbix_repository
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/bareos_webui/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for bareos_webui
3 |
4 | bareos_webui_configuration:
5 | - section: session
6 | option: timeout
7 | value: 3600
8 |
9 | bareos_webui_directors: []
10 |
--------------------------------------------------------------------------------
/roles/digitalocean_agent/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.apt_autostart
4 | - name: robertdebock.bootstrap
5 | - name: robertdebock.ca_certificates
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/roles/docker/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for docker
3 |
4 | # Add users to the privileged docker group. For example:
5 | # docker_privileged_users:
6 | # - UserA
7 | # - UserB
8 | docker_privileged_users: []
9 |
--------------------------------------------------------------------------------
/roles/haveged/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | - name: robertdebock.sysctl
6 | collections:
7 | - name: ansible.posix
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/selinux/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for selinux
3 |
4 | - name: Reboot
5 | ansible.builtin.reboot:
6 | when:
7 | - selinux_reboot
8 |
9 | - name: Gather facts
10 | ansible.builtin.setup:
11 |
--------------------------------------------------------------------------------
/roles/cntlm/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.service
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/glusterfs/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.apt_autostart
4 | - name: robertdebock.bootstrap
5 | collections:
6 | - name: ansible.posix
7 | - name: gluster.gluster
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/hostname/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for hostname
3 |
4 | - name: Reboot
5 | ansible.builtin.reboot:
6 | when:
7 | - hostname_reboot
8 |
9 | - name: Gather facts
10 | ansible.builtin.setup:
11 |
--------------------------------------------------------------------------------
/roles/logwatch/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for logwatch
3 |
4 | logwatch_packages:
5 | - logwatch
6 |
7 | logwatch_config_directory: /usr/share/logwatch/default.conf
8 |
9 | logwatch_config_file: logwatch.conf
10 |
--------------------------------------------------------------------------------
/roles/ntp/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for ntp
3 |
4 | - name: Restart ntp
5 | ansible.builtin.service:
6 | name: "{{ ntp_service }}"
7 | state: restarted
8 | when:
9 | - ntp_state == "started"
10 |
--------------------------------------------------------------------------------
/roles/cron/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for cron
3 |
4 | - name: Restart cron
5 | ansible.builtin.service:
6 | name: "{{ cron_service }}"
7 | state: restarted
8 | when:
9 | - cron_service | length
10 |
--------------------------------------------------------------------------------
/roles/docker_ce/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for docker_ce
3 |
4 | # Add users to the privileged docker group. For example:
5 | # docker_ce_privileged_users:
6 | # - UserA
7 | # - UserB
8 | docker_ce_privileged_users: []
9 |
--------------------------------------------------------------------------------
/roles/maintenance/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for maintenance
3 |
4 | maintenance_journalctl_vacuum: 10d
5 |
6 | # A list of files that needs to be emptied.
7 | # maintenance_files_to_empty:
8 | # - /tmp/some_file.txt
9 |
--------------------------------------------------------------------------------
/roles/service/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for service
3 |
4 | - name: Gather facts
5 | ansible.builtin.setup:
6 |
7 | - name: Systemctl daemon-reload
8 | ansible.builtin.systemd:
9 | daemon_reload: true
10 |
--------------------------------------------------------------------------------
/roles/swap/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for swap
3 |
4 | - name: Run swapon
5 | ansible.builtin.command:
6 | cmd: swapon
7 | changed_when: true
8 |
9 | - name: Gather facts
10 | ansible.builtin.setup:
11 |
--------------------------------------------------------------------------------
/roles/vault/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | collections:
7 | - name: community.general
8 | - name: ansible.posix
9 |
--------------------------------------------------------------------------------
/roles/vault_oracle_plugin/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.oracle_instant_client
6 | collections:
7 | - name: community.general
8 |
--------------------------------------------------------------------------------
/.yamllint:
--------------------------------------------------------------------------------
1 | ---
2 | extends: default
3 |
4 | rules:
5 | braces:
6 | max-spaces-inside: 1
7 | level: error
8 | brackets:
9 | max-spaces-inside: 1
10 | level: error
11 | line-length: disable
12 | truthy: disable
13 |
--------------------------------------------------------------------------------
/roles/collabora_online/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | - name: robertdebock.users
6 | collections:
7 | - name: ansible.posix
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/fips/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test fips_policy
4 | ansible.builtin.assert:
5 | that:
6 | - fips_policy is defined
7 | - fips_policy in [ "DEFAULT", "FUTURE", "FIPS", "LEGACY" ]
8 | quiet: true
9 |
--------------------------------------------------------------------------------
/roles/haproxy/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for haproxy
3 |
4 | - name: Reboot
5 | ansible.builtin.reboot:
6 |
7 | - name: Restart haproxy
8 | ansible.builtin.service:
9 | name: haproxy
10 | state: restarted
11 |
--------------------------------------------------------------------------------
/roles/jitsi/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.ca_certificates
5 | - name: robertdebock.hostname
6 | - name: robertdebock.prosody
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/molecule/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.python_pip
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/tomcat/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.java
6 | - name: robertdebock.service
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/update/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for update
3 |
4 | - name: Reboot
5 | ansible.builtin.reboot:
6 | when:
7 | - update_reboot
8 | - ansible_connection not in [ "container", "docker", "community.docker.docker" ]
9 |
--------------------------------------------------------------------------------
/roles/aide/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for aide
3 |
4 | - name: Copy new aide database
5 | ansible.builtin.copy:
6 | src: "{{ aide_db_new }}"
7 | dest: "{{ aide_db }}"
8 | mode: "0600"
9 | remote_src: true
10 |
--------------------------------------------------------------------------------
/roles/cis/tasks/CentOS-8/2_services/2_1_inetd_services.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: 2.1.1 Ensure xinetd is not installed (Scored)
3 | ansible.builtin.package:
4 | name: xinetd
5 | state: absent
6 | when:
7 | - cis_xinet_not_installed | bool
8 |
--------------------------------------------------------------------------------
/roles/fips/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for fips
3 |
4 | fips_exit_codes:
5 | - 0 # fips-mode-setup is enabled
6 | - 1 # fips-mode-setup is inconsistent
7 | - 2 # fips-mode-setup is disabled
8 |
9 | fips_disabled_code: 2
10 |
--------------------------------------------------------------------------------
/roles/mitogen/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.epel
6 | - name: robertdebock.python_pip
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/php_fpm/files/my-php-fpm.te:
--------------------------------------------------------------------------------
1 |
2 | module my-php-fpm 1.0;
3 |
4 | require {
5 | type var_log_t;
6 | type httpd_t;
7 | class file open;
8 | }
9 |
10 | #============= httpd_t ==============
11 | allow httpd_t var_log_t:file open;
12 |
--------------------------------------------------------------------------------
/roles/scl/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for scl
3 |
4 | - name: Install centos-release-scl
5 | ansible.builtin.package:
6 | name: centos-release-scl
7 | state: present
8 | when:
9 | - ansible_distribution == "CentOS"
10 |
--------------------------------------------------------------------------------
/roles/tune2fs/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test tune2fs_settings
4 | ansible.builtin.assert:
5 | that:
6 | - tune2fs_settings is iterable
7 | quiet: true
8 | when:
9 | - tune2fs_settings is defined
10 |
--------------------------------------------------------------------------------
/UPDATING.md:
--------------------------------------------------------------------------------
1 | # Updating the roles
2 |
3 | 1. Delete the roles:
4 |
5 | ```shell
6 | rm -Rf roles/*
7 | ```
8 |
9 | 2. Copy the roles in:
10 |
11 | ```shell
12 | ./UPDATING.sh
13 | ```
14 |
15 | 3. Update galaxy.yml
16 |
17 | Bump version.
18 |
--------------------------------------------------------------------------------
/roles/cis/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Include distribution specific assertions
4 | ansible.builtin.include_tasks:
5 | file: "{{ ansible_distribution ~ '-' ~ ansible_distribution_major_version }}/assert.yml"
6 | run_once: true
7 |
--------------------------------------------------------------------------------
/roles/software/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for software
3 |
4 | # A list of software packages to manage.
5 | # software_packages:
6 | # - name: screen
7 | # - name: tcpdump
8 | # state: absent
9 | software_packages: []
10 |
--------------------------------------------------------------------------------
/roles/update_pip_packages/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | - name: robertdebock.python_pip
6 | - name: robertdebock.buildtools
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/artifactory/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for artifactory
3 |
4 | artifactory_home: /opt/jfrog/artifactory/app/misc/etc
5 | artifactory_logs: /opt/jfrog/artifactory/var/log
6 |
7 | artifactory_package: jfrog-artifactory-{{ artifactory_flavour }}
8 |
--------------------------------------------------------------------------------
/roles/npm/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test npm_registry
4 | ansible.builtin.assert:
5 | that:
6 | - npm_registry is defined
7 | - npm_registry is string
8 | - npm_registry is not none
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/vault_auditdevice/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | - name: robertdebock.vault
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/vault_autosnapshot/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | - name: robertdebock.vault
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/vault_configuration/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | - name: robertdebock.vault
7 | collections:
8 | - name: community.general
9 |
--------------------------------------------------------------------------------
/roles/consul/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for consul
3 |
4 | - name: Restart consul
5 | ansible.builtin.service:
6 | name: consul
7 | state: restarted
8 | when:
9 | - consul_license is defined
10 | - consul_license != ""
11 |
--------------------------------------------------------------------------------
/roles/glusterfs/files/my-glusterfsd.te:
--------------------------------------------------------------------------------
1 |
2 | module my-glusterfsd 1.0;
3 |
4 | require {
5 | type glusterd_t;
6 | class capability dac_override;
7 | }
8 |
9 | #============= glusterd_t ==============
10 | allow glusterd_t self:capability dac_override;
11 |
--------------------------------------------------------------------------------
/roles/memcached/templates/Amazon-memcached.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | PORT="{{ memcached_port }}"
3 | USER="{{ memcached_user }}"
4 | MAXCONN="{{ memcached_maxconn }}"
5 | CACHESIZE="{{ memcached_cachesize }}"
6 | OPTIONS="-l {{ memcached_listenon }}"
7 |
--------------------------------------------------------------------------------
/roles/memcached/templates/CentOS-memcached.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | PORT="{{ memcached_port }}"
3 | USER="{{ memcached_user }}"
4 | MAXCONN="{{ memcached_maxconn }}"
5 | CACHESIZE="{{ memcached_cachesize }}"
6 | OPTIONS="-l {{ memcached_listenon }}"
7 |
--------------------------------------------------------------------------------
/roles/memcached/templates/Fedora-memcached.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | PORT="{{ memcached_port }}"
3 | USER="{{ memcached_user }}"
4 | MAXCONN="{{ memcached_maxconn }}"
5 | CACHESIZE="{{ memcached_cachesize }}"
6 | OPTIONS="-l {{ memcached_listenon }}"
7 |
--------------------------------------------------------------------------------
/roles/memcached/templates/Rocky-memcached.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | PORT="{{ memcached_port }}"
3 | USER="{{ memcached_user }}"
4 | MAXCONN="{{ memcached_maxconn }}"
5 | CACHESIZE="{{ memcached_cachesize }}"
6 | OPTIONS="-l {{ memcached_listenon }}"
7 |
--------------------------------------------------------------------------------
/roles/vault_configuration/templates/vault.env.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | {% if vault_configuration_environment is defined %}
3 | {% for item in vault_configuration_environment %}
4 | {{ item.name }}="{{ item.value }}"
5 | {% endfor %}
6 | {% endif %}
7 |
--------------------------------------------------------------------------------
/roles/docker/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test docker_privileged_users
4 | ansible.builtin.assert:
5 | that:
6 | - docker_privileged_users is iterable
7 | quiet: true
8 | when:
9 | - docker_privileged_users is defined
10 |
--------------------------------------------------------------------------------
/roles/haproxy/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | matrix_overrides:
4 | amazonlinux:
5 | python:
6 | - python:3.9
7 | - python:3.10
8 | fedora:
9 | python:
10 | - python:3.10
11 | ubuntu:
12 | python:
13 | - python:3.10
14 |
--------------------------------------------------------------------------------
/roles/certbot/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for certbot
3 |
4 | - name: Restart certbot_system
5 | ansible.builtin.service:
6 | name: "{{ certbot_system_to_restart }}"
7 | state: restarted
8 | when:
9 | - certbot_system != "standalone"
10 |
--------------------------------------------------------------------------------
/roles/cve_2024_3094/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for cve_2024_3094
3 |
4 | - name: Remove requirements
5 | ansible.builtin.package:
6 | name: "{{ cve_2024_3094_requirements }}"
7 | state: absent
8 | when:
9 | - cve_2024_3094_cleanup
10 |
--------------------------------------------------------------------------------
/roles/glusterfs/files/my-glusterepoll0.te:
--------------------------------------------------------------------------------
1 |
2 | module my-glusterepoll0 1.0;
3 |
4 | require {
5 | type glusterd_t;
6 | type unlabeled_t;
7 | class file map;
8 | }
9 |
10 | #============= glusterd_t ==============
11 | allow glusterd_t unlabeled_t:file map;
12 |
--------------------------------------------------------------------------------
/roles/harbor/files/my_harbor.te:
--------------------------------------------------------------------------------
1 |
2 | module my_harbor 1.0;
3 |
4 | require {
5 | type container_t;
6 | type user_home_t;
7 | class file open;
8 | }
9 |
10 | #============= container_t ==============
11 | allow container_t user_home_t:file open;
--------------------------------------------------------------------------------
/roles/nginx/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test nginx_port
4 | ansible.builtin.assert:
5 | that:
6 | - nginx_port is defined
7 | - nginx_port is number
8 | - nginx_port > 0
9 | - nginx_port < 65536
10 | quiet: true
11 |
--------------------------------------------------------------------------------
/roles/postgres/templates/pg_hba.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | {% for line in postgres_hba_entries %}
4 | {{ line.type }} {{ line.database }} {{ line.user }} {% if line.address is defined %}{{ line.address }}{% endif %} {{ line.method }}
5 | {% endfor %}
6 |
--------------------------------------------------------------------------------
/roles/revealmd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | - name: robertdebock.git
6 | - name: robertdebock.npm
7 | - name: robertdebock.service
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/tune2fs/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | # A list of devices and their settings. Supported settings at the moment:
4 | # - maximum_count_mount
5 | # tune2fs_settings:
6 | # - device: /dev/mapper/system-root
7 | # maximum_count_mount: 1
8 | tune2fs_settings: []
9 |
--------------------------------------------------------------------------------
/roles/upgrade/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for upgrade
3 |
4 | # This role can pickup a list of packages to upgrade when the package is installed:
5 | # upgrade_packages:
6 | # - package
7 | # - screen
8 | # - kernel
9 | upgrade_packages: []
10 |
--------------------------------------------------------------------------------
/roles/vault/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for vault
3 |
4 | - name: Daemon reload
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 |
8 | - name: Restart vault
9 | ansible.builtin.service:
10 | name: vault
11 | state: restarted
12 |
--------------------------------------------------------------------------------
/roles/docker_ce/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test docker_ce_privileged_users
4 | ansible.builtin.assert:
5 | that:
6 | - docker_ce_privileged_users is iterable
7 | quiet: true
8 | when:
9 | - docker_ce_privileged_users is defined
10 |
--------------------------------------------------------------------------------
/roles/memcached/templates/Archlinux-memcached.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | PORT="{{ memcached_port }}"
3 | USER="{{ memcached_user }}"
4 | MAXCONN="{{ memcached_maxconn }}"
5 | CACHESIZE="{{ memcached_cachesize }}"
6 | OPTIONS="-l {{ memcached_listenon }} -o modern"
7 |
--------------------------------------------------------------------------------
/roles/memcached/templates/openSUSE Tumbleweed-memcached.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | PORT="{{ memcached_port }}"
3 | USER="{{ memcached_user }}"
4 | MAXCONN="{{ memcached_maxconn }}"
5 | CACHESIZE="{{ memcached_cachesize }}"
6 | OPTIONS="-l {{ memcached_listenon }}"
7 |
--------------------------------------------------------------------------------
/roles/subversion/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test subversion_path
4 | ansible.builtin.assert:
5 | that:
6 | - subversion_path is defined
7 | - subversion_path is string
8 | - subversion_path is not none
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/vault_snapshot/meta/preferences.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | github_variables_mapping:
4 | - name: secrets.VAULT_LICENSE
5 | variable: VAULT_LICENSE
6 |
7 |
8 | matrix_overrides:
9 | amazonlinux:
10 | python:
11 | - python:3.9
12 | - python:3.10
13 |
--------------------------------------------------------------------------------
/roles/jenkins/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.epel
5 | - name: robertdebock.java
6 | - name: robertdebock.locale
7 | - name: robertdebock.core_dependencies
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/openssl/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.python_pip
7 | collections:
8 | - name: community.crypto
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/redis/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test redis_bind_address
4 | ansible.builtin.assert:
5 | that:
6 | - redis_bind_address is defined
7 | - redis_bind_address is string
8 | - redis_bind_address is not none
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/revealmd/files/index.md:
--------------------------------------------------------------------------------
1 | # Almost there!
2 |
3 | Please call this role with a specific markdown file to present, for example
4 |
5 | ```yaml
6 | revealmd_presentation: my_presentation.md
7 | ```
8 |
9 | You're looking at the default presentation called `index.md`.
10 |
--------------------------------------------------------------------------------
/roles/sosreport/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for sosreport
3 |
4 | sosreport_packages:
5 | - sos
6 |
7 | sosreport_command: sos report --batch --tmp-dir={{ sosreport_remote_location }}
8 |
9 | sosreport_patterns: "sosreport-*-{{ ansible_date_time.date }}-*.tar.xz"
10 |
--------------------------------------------------------------------------------
/roles/tigervnc/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.gnome
6 | - name: robertdebock.users
7 | collections:
8 | - name: ansible.posix
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/vault_oracle_plugin/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for vault_oracle_plugin
3 |
4 | - name: Set capabilities
5 | community.general.capabilities:
6 | path: "{{ vault_plugin_oracle_directory }}/vault-plugin-database-oracle"
7 | capability: "cap_sys_chroot+ep"
8 |
--------------------------------------------------------------------------------
/roles/harbor/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for harbor
3 |
4 | harbor_archive: "https://github.com/goharbor/harbor/releases/download/v{{ harbor_version }}/harbor-{{ harbor_installation_type }}-installer-v{{ harbor_version }}.tgz"
5 |
6 | harbor_unarchive_destination: /home/harbor
7 |
--------------------------------------------------------------------------------
/roles/postgres/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.python_pip
7 | collections:
8 | - name: community.postgresql
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/rundeck/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.common
5 | - name: robertdebock.core_dependencies
6 | - name: robertdebock.java
7 | - name: robertdebock.service
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/sosreport/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for sosreport
3 |
4 | # Where to store the sosreport on the managed node.
5 | sosreport_remote_location: /tmp/sosreport
6 |
7 | # Where to store the sosreport(s) on the controller.
8 | sosreport_local_location: /tmp/sosreports
9 |
--------------------------------------------------------------------------------
/roles/sysctl/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for sysctl
3 |
4 | _sysctl_requirements:
5 | default:
6 | - procps
7 | RedHat:
8 | - procps-ng
9 |
10 | sysctl_requirements: "{{ _sysctl_requirements[ansible_os_family] | default(_sysctl_requirements['default']) }}"
11 |
--------------------------------------------------------------------------------
/roles/virtualbox/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test virtualbox_version
4 | ansible.builtin.assert:
5 | that:
6 | - virtualbox_version is defined
7 | - virtualbox_version is string
8 | - virtualbox_version is not none
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/apt_repository/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for apt_repositories
3 |
4 | # You can add or remove repositories:
5 | # apt_repositories:
6 | # - repo: "ppa:rabbitvcs/ppa"
7 | # - repo: "ppa:something/ppa"
8 | # state: absent
9 |
10 | apt_repositories: []
11 |
--------------------------------------------------------------------------------
/roles/docker/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.core_dependencies
6 | - name: robertdebock.epel
7 | - name: robertdebock.python_pip
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/dovecot/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for dovecot
3 |
4 | # Set the location for the mailbox.
5 | dovecot_mailbox_location: "mbox:~/mail:INBOX=/var/spool/mail/%u"
6 |
7 | # Grant access to these supplementary groups for mail processes.
8 | dovecot_mail_access_groups: mail
9 |
--------------------------------------------------------------------------------
/roles/hostname/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for hostname
3 |
4 | # The hostname to set. By default whatever the inventory is set to.
5 | hostname: "{{ inventory_hostname_short }}"
6 |
7 | # Should the machine be rebooted when the hostname is changed?
8 | hostname_reboot: true
9 |
--------------------------------------------------------------------------------
/roles/mitogen/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test mitogen_ansible_file
4 | ansible.builtin.assert:
5 | that:
6 | - mitogen_ansible_file is defined
7 | - mitogen_ansible_file is string
8 | - mitogen_ansible_file is not none
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/sysstat/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for sysstat
3 |
4 | sysstat_packages:
5 | - sysstat
6 |
7 | _sysstat_service:
8 | default: sysstat
9 | Alpine: []
10 |
11 | sysstat_service: "{{ _sysstat_service[ansible_os_family] | default(_sysstat_service['default']) }}"
12 |
--------------------------------------------------------------------------------
/roles/tfe/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.docker_ce
6 | - name: robertdebock.docker_compose
7 | collections:
8 | - name: community.docker
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/users/templates/cron.allow.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | {% if users is defined %}
3 | {% for user in users %}
4 | {% if user.cron_allow is defined %}
5 | {% if user.cron_allow %}
6 | {{ user.name }}
7 | {% endif %}
8 | {% endif %}
9 | {% endfor %}
10 | {% endif %}
11 |
--------------------------------------------------------------------------------
/roles/vagrant/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for vagrant
3 |
4 | # The version of vagrant to install. See https://releases.hashicorp.com/vagrant/ .
5 | vagrant_version: "2.2.19"
6 |
7 | # The location to unpack the .tar.xz, if applicable.
8 | vagrant_unarchive_dest: /usr/local/bin
9 |
--------------------------------------------------------------------------------
/roles/vagrant/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.core_dependencies
6 | - name: robertdebock.epel
7 | - name: robertdebock.python_pip
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/clamav/files/my-clamd.te:
--------------------------------------------------------------------------------
1 |
2 | module my-clamd 1.0;
3 |
4 | require {
5 | type antivirus_t;
6 | type amavisd_send_port_t;
7 | class tcp_socket name_bind;
8 | }
9 |
10 | #============= antivirus_t ==============
11 | allow antivirus_t amavisd_send_port_t:tcp_socket name_bind;
12 |
--------------------------------------------------------------------------------
/roles/docker_ce/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.core_dependencies
6 | - name: robertdebock.epel
7 | - name: robertdebock.python_pip
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/filesystem/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for filesystem
3 |
4 | _filesytem_requirements:
5 | default:
6 | - e2fsprogs
7 | - util-linux
8 |
9 | filesystem_requirements: "{{ _filesytem_requirements[ansible_os_family] | default(_filesytem_requirements['default']) }}"
10 |
--------------------------------------------------------------------------------
/roles/mount_options/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for mount_options
3 |
4 | - name: Remount filesystems
5 | ansible.posix.mount:
6 | path: "{{ item.path }}"
7 | state: remounted
8 | loop: "{{ mount_options }}"
9 | loop_control:
10 | label: "{{ item.path }}"
11 |
--------------------------------------------------------------------------------
/roles/spamassassin/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.cron
6 | - name: robertdebock.logrotate
7 | - name: robertdebock.rsyslog
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/vault_agent/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for vault_agent
3 |
4 | - name: Reload systemd
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 |
8 | - name: Restart vault agent
9 | ansible.builtin.service:
10 | name: vault-agent
11 | state: restarted
12 |
--------------------------------------------------------------------------------
/roles/zabbix_server/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for zabbix_server
3 |
4 | # The details to connect to the database.
5 | zabbix_server_database_name: zabbix
6 | zabbix_server_database_user: zabbix
7 | zabbix_server_database_password: zabbix
8 | zabbix_server_database_host: localhost
9 |
--------------------------------------------------------------------------------
/roles/auto_update/templates/automatic.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | [commands]
3 | upgrade_type = {{ auto_update_update_cmd }}
4 | random_sleep = {{ auto_update_random_sleep }}
5 | download_updates = {{ auto_update_download_updates }}
6 | apply_updates = {{ auto_update_apply_updates }}
7 |
--------------------------------------------------------------------------------
/roles/azure_cli/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.microsoft_repository_keys
7 | - name: robertdebock.python_pip
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/docker_ce/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for docker_ce
3 |
4 | - name: Restart docker_ce
5 | ansible.builtin.service:
6 | name: "{{ docker_ce_service }}"
7 | state: restarted
8 |
9 | - name: Apt update cache
10 | ansible.builtin.apt:
11 | update_cache: true
12 |
--------------------------------------------------------------------------------
/roles/dsvpn/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.ca_certificates
6 | - name: robertdebock.core_dependencies
7 | - name: robertdebock.service
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/artifactory/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for artifactory
3 |
4 | # The location where Artifactory should store data.
5 | artifactory_file_store_dir: /data
6 |
7 | # The type of installation of artifactory.
8 | # Choose from "oss", "jcr" or "cpp-ce".
9 | artifactory_flavour: oss
10 |
--------------------------------------------------------------------------------
/roles/dryrun/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test dryrun_defaults_variable
4 | ansible.builtin.assert:
5 | that:
6 | - dryrun_defaults_variable is defined
7 | - dryrun_defaults_variable is string
8 | - dryrun_defaults_variable is not none
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/gitea/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for gitea
3 |
4 | # Specify the version of gitea to install, see https://dl.gitea.com/gitea/ for available versions.
5 | gitea_version: "1.21.7"
6 |
7 | # Specify the path where gitea should be installed.
8 | gitea_installation_path: "/usr/local/bin"
9 |
--------------------------------------------------------------------------------
/roles/redis/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.apt_autostart
4 | - name: robertdebock.bootstrap
5 | - name: robertdebock.epel
6 | - name: robertdebock.sysctl
7 | - name: robertdebock.grub
8 | collections:
9 | - name: ansible.posix
10 | - name: community.general
11 |
--------------------------------------------------------------------------------
/roles/revealmd/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for revealmd
3 |
4 | _revealmd_path:
5 | default: /usr/bin
6 | RedHat: /usr/local/bin
7 | Suse: /usr/local/bin
8 | Debian: /usr/local/bin
9 |
10 | revealmd_path: "{{ _revealmd_path[ansible_os_family] | default(_revealmd_path['default']) }}"
11 |
--------------------------------------------------------------------------------
/roles/apt_autostart/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test apt_autostart_state
4 | ansible.builtin.assert:
5 | that:
6 | - apt_autostart_state is defined
7 | - apt_autostart_state is string
8 | - apt_autostart_state in [ "disabled", "enabled" ]
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/at/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for at
3 |
4 | - name: Install at software
5 | ansible.builtin.package:
6 | name: at
7 | state: present
8 |
9 | - name: Start and enable at software
10 | ansible.builtin.service:
11 | name: atd
12 | state: started
13 | enabled: true
14 |
--------------------------------------------------------------------------------
/roles/locale/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for locale
3 |
4 | - name: Localectl set-locale
5 | ansible.builtin.command:
6 | cmd: "{{ locale_notify_command }}"
7 | changed_when: true
8 | when:
9 | - ansible_connection not in [ "container", "docker", "community.docker.docker" ]
10 |
--------------------------------------------------------------------------------
/roles/nfsserver/templates/exports.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | {% for export in nfsserver_exports %}
4 | {{ export.share }} {% for host in export.hosts %}{{ host.name }}({% for option in host.options %}{{ option }}{% if not loop.last %},{% endif %}{% endfor %}) {% endfor %}
5 |
6 | {% endfor %}
7 |
--------------------------------------------------------------------------------
/roles/terraform_agent/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handler file for terraform_agent
3 |
4 | - name: Restart the Terraform Agent
5 | ansible.builtin.service:
6 | name: tfc-agent
7 | state: restarted
8 | when:
9 | - terraform_agent_token is defined
10 | - terraform_agent_token != ""
11 |
--------------------------------------------------------------------------------
/roles/tomcat/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for tomcat
3 |
4 | - name: Systemctl daemon-reload
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 |
8 | - name: Restart tomcat instance
9 | ansible.builtin.service:
10 | name: "{{ instance_name }}"
11 | state: restarted
12 |
--------------------------------------------------------------------------------
/roles/vault_snapshot/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.hashicorp
6 | - name: robertdebock.vault
7 | - name: robertdebock.vault_configuration
8 | collections:
9 | - name: community.general
10 |
--------------------------------------------------------------------------------
/roles/autofs/templates/map.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | {% for directory in item.directories %}
3 | {{ directory.path }} {% if directory.options is defined %}-{% for option in directory.options %}{{ option }}{% if not loop.last %},{% endif %}{% endfor %} {% endif %}{{ directory.server }}
4 | {% endfor %}
5 |
--------------------------------------------------------------------------------
/roles/cron/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for cron
3 |
4 | # The shell to use for running cronjobs.
5 | cron_shell: /bin/bash
6 |
7 | # The path to set for running jobs.
8 | cron_path: /sbin:/bin:/usr/sbin:/usr/bin
9 |
10 | # The address where mails should be sent to.
11 | cron_mailto: root
12 |
--------------------------------------------------------------------------------
/roles/nfsserver/tasks/assert_host.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert_host | Test item in share.hosts.host
4 | ansible.builtin.assert:
5 | that:
6 | - host.name is defined
7 | - host.name | length > 0
8 | - host.options is defined
9 | - host.options is iterable
10 | quiet: true
11 |
--------------------------------------------------------------------------------
/roles/tigervnc/templates/xstartup:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | {{ ansible_managed | comment }}
4 |
5 | [ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
6 |
7 | [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
8 |
9 | vncconfig -iconic &
10 |
11 | dbus-launch --exit-with-session {{ tigervnc_desktop_session }} &
12 |
--------------------------------------------------------------------------------
/roles/users/templates/sudo.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | {% if user.sudo_options is iterable and user.sudo_options is not string %}
3 | {% for sudo_option in user.sudo_options %}
4 | {{ user.name }} {{ sudo_option }}
5 | {% endfor %}
6 | {% else %}
7 | {{ user.name }} {{ user.sudo_options }}
8 | {% endif %}
9 |
--------------------------------------------------------------------------------
/roles/cis/tasks/CentOS-8/4_logging_and_auditing/4_3_logrotate_configured.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: 4.2.3 Ensure permissions on all logfiles are configured (Scored)
4 | ansible.builtin.debug:
5 | msg: "You can define the policy, there is no sane default documented."
6 | when:
7 | - cis_logrotate_configured | bool
8 |
--------------------------------------------------------------------------------
/roles/haveged/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test haveged_write_wakeup_threshold
4 | ansible.builtin.assert:
5 | that:
6 | - haveged_write_wakeup_threshold is defined
7 | - haveged_write_wakeup_threshold is number
8 | - haveged_write_wakeup_threshold > 0
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/scripts/templates/script.sh.j2:
--------------------------------------------------------------------------------
1 | #!{{ scripts_shell }}
2 |
3 | {{ ansible_managed | comment }}
4 |
5 | cd {{ item.directory }}
6 | while true ; do
7 | {% for line in item.lines %}
8 | {{ line }}
9 | {% endfor %}
10 | {% if item.sleep is defined %}
11 | sleep {{ item.sleep }}
12 | {% endif %}
13 | done
14 |
--------------------------------------------------------------------------------
/roles/bareos_sd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for bareos_sd
3 |
4 | - name: Check configuration
5 | ansible.builtin.command: "/usr/sbin/bareos-sd --test-config"
6 | changed_when: false
7 |
8 | - name: Restart bareos-sd
9 | ansible.builtin.service:
10 | name: bareos-sd
11 | state: restarted
12 |
--------------------------------------------------------------------------------
/roles/dns/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for dns
3 |
4 | - name: Restart dns
5 | ansible.builtin.service:
6 | name: "{{ dns_service }}"
7 | state: restarted
8 |
9 | - name: Rndc reload
10 | ansible.builtin.command:
11 | cmd: rndc reload
12 | failed_when: false
13 | changed_when: true
14 |
--------------------------------------------------------------------------------
/roles/rundeck/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for rundeck
3 |
4 | - name: Systemd daemon reload
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 | notify:
8 | - Restart rundeck
9 |
10 | - name: Restart rundeck
11 | ansible.builtin.service:
12 | name: rundeck
13 | state: restarted
14 |
--------------------------------------------------------------------------------
/roles/squid/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for squid
3 |
4 | # The port squid is listening on.
5 | squid_port: 3128
6 |
7 | # The directory where (and how) to cache.
8 | squid_cache_dir: ufs /var/spool/squid 100 16 256
9 |
10 | # Location of squid's log file
11 | squid_access_log: /var/log/squid/access.log
12 |
--------------------------------------------------------------------------------
/roles/terraform/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for terraform
3 |
4 | # The version of Terraform to install.
5 | terraform_version: "1.0.11"
6 |
7 | # Where to place the binary.
8 | terraform_destination: /usr/local/bin
9 |
10 | # Terraform binary mirror:
11 | terraform_software_mirror: releases.hashicorp.com
12 |
--------------------------------------------------------------------------------
/roles/users/templates/sudo_group.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | {% if group.sudo_options is iterable and group.sudo_options is not string %}
3 | {% for sudo_option in group.sudo_options %}
4 | %{{ group.name }} {{ sudo_option }}
5 | {% endfor %}
6 | {% else %}
7 | %{{ group.name }} {{ group.sudo_options }}
8 | {% endif %}
9 |
--------------------------------------------------------------------------------
/roles/dnsmasq/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for dnsmasq
3 |
4 | - name: Test dnsmasq configuration
5 | ansible.builtin.command:
6 | cmd: dnsmasq --test
7 | changed_when: true
8 |
9 | - name: Restart dnsmasq
10 | ansible.builtin.service:
11 | name: "{{ dnsmasq_service }}"
12 | state: restarted
13 |
--------------------------------------------------------------------------------
/roles/keepalived/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for keepalived
3 |
4 | _keepalived_packages:
5 | default:
6 | - keepalived
7 | Alpine:
8 | - keepalived
9 | - keepalived-sample-config
10 |
11 | keepalived_packages: "{{ _keepalived_packages[ansible_os_family] | default(_keepalived_packages['default']) }}"
12 |
--------------------------------------------------------------------------------
/roles/tigervnc/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for tigervnc
3 |
4 | - name: Systemctl daemon-reload
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 |
8 | - name: Restart tigervnc
9 | ansible.builtin.systemd:
10 | name: "{{ tigervnc_service }}"
11 | state: restarted
12 | daemon_reload: true
13 |
--------------------------------------------------------------------------------
/roles/earlyoom/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for earlyoom
3 |
4 | earlyoom_version: v1.6
5 | earlyoom_clone_destination: /tmp/earlyoom
6 | earlyoom_installation_destination: /usr/bin
7 |
8 | earlyoom_minimum_memory_percent: 10
9 | earlyoom_minimum_swap_percent: 5
10 | earlyoom_memory_report_interval: 60 # in seconds
11 |
--------------------------------------------------------------------------------
/roles/memcached/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for memcached
3 |
4 | - name: Systemctl daemon-reload
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 | notify:
8 | - Restart memcached
9 |
10 | - name: Restart memcached
11 | ansible.builtin.service:
12 | name: memcached
13 | state: restarted
14 |
--------------------------------------------------------------------------------
/roles/obsproject/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for obsproject
3 |
4 | _obsproject_requirements:
5 | default: []
6 | Debian:
7 | - ffmpeg
8 |
9 | obsproject_requirements: "{{ _obsproject_requirements[ansible_os_family] | default(_obsproject_requirements['default']) }}"
10 |
11 | obsproject_package:
12 | - obs-studio
13 |
--------------------------------------------------------------------------------
/roles/autofs/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for autofs
3 |
4 | _autofs_requirements:
5 | default: []
6 | Debian:
7 | - procps
8 |
9 | autofs_requirements: "{{ _autofs_requirements[ansible_os_family] | default(_autofs_requirements['default']) }}"
10 |
11 | autofs_packages:
12 | - autofs
13 |
14 | autofs_service: autofs
15 |
--------------------------------------------------------------------------------
/roles/obsproject/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for obsproject
3 |
4 | - name: Install requirements
5 | ansible.builtin.package:
6 | name: "{{ obsproject_requirements }}"
7 | state: present
8 |
9 | - name: Install obsproject
10 | ansible.builtin.package:
11 | name: "{{ obsproject_package }}"
12 | state: present
13 |
--------------------------------------------------------------------------------
/roles/restore/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for restore
3 |
4 | _restore_mysql_socket:
5 | default: /var/run/mysql/mysql.sock
6 | Debian: /var/run/mysqld/mysqld.sock
7 | RedHat: /var/lib/mysql/mysql.sock
8 |
9 | restore_mysql_socket: "{{ _restore_mysql_socket[ansible_os_family] | default(_restore_mysql_socket['default']) }}"
10 |
--------------------------------------------------------------------------------
/roles/tftpd/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for tftpd
3 |
4 | - name: Install tftpd
5 | ansible.builtin.package:
6 | name: "{{ tftpd_packages }}"
7 | state: present
8 |
9 | - name: Start and enable tftpd
10 | ansible.builtin.service:
11 | name: "{{ tftpd_service }}"
12 | state: started
13 | enabled: true
14 |
--------------------------------------------------------------------------------
/roles/update_pip_packages/tasks/package.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: package | Update package {{ package.key }}
4 | ansible.builtin.pip:
5 | name: "{{ package.key }}"
6 | state: latest # noqa package-latest
7 | environment:
8 | path: "/bin:/usr/local/bin"
9 | when:
10 | - package.key not in update_pip_package_ignore
11 |
--------------------------------------------------------------------------------
/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | collections:
3 | - name: ansible.posix
4 | - name: awx.awx
5 | - name: community.crypto
6 | - name: community.docker
7 | - name: community.general
8 | - name: community.mysql
9 | - name: community.postgresql
10 | - name: community.zabbix
11 | - name: containers.podman
12 | - name: gluster.gluster
13 |
--------------------------------------------------------------------------------
/roles/bareos_fd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for bareos_fd
3 |
4 | - name: Check configuration
5 | ansible.builtin.command: "/usr/sbin/bareos-fd --test-config"
6 | changed_when: false
7 |
8 | - name: Restart bareos-filedaemon
9 | ansible.builtin.service:
10 | name: "{{ bareos_fd_service }}"
11 | state: restarted
12 |
--------------------------------------------------------------------------------
/roles/modprobe/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for modprobe
3 |
4 | _modprobe_requirements:
5 | default: []
6 | RedHat:
7 | - kmod
8 | Debian:
9 | - kmod
10 | Suse:
11 | - module-init-tools
12 |
13 | modprobe_requirements: "{{ _modprobe_requirements[ansible_os_family] | default(_modprobe_requirements['default']) }}"
14 |
--------------------------------------------------------------------------------
/roles/sysctl/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for sysctl
3 |
4 | # Verify token value with the sysctl command and set with -w if necessary
5 | sysctl_set: true
6 |
7 | # if yes, performs a /sbin/sysctl -p if the sysctl_file is updated.
8 | # If no, does not reload sysctl even if the sysctl_file is updated
9 | sysctl_reload: true
10 |
--------------------------------------------------------------------------------
/roles/vault_initialize/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.bootstrap
5 | - name: robertdebock.core_dependencies
6 | - name: robertdebock.hashicorp
7 | - name: robertdebock.vault
8 | - name: robertdebock.vault_configuration
9 | collections:
10 | - name: community.general
11 |
--------------------------------------------------------------------------------
/roles/vault_oracle_plugin/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for vault_oracle_plugin
3 |
4 | # The path where to install this plugin.
5 | vault_plugin_oracle_directory: /opt/vault/plugins
6 |
7 | # The version of the plugin to install. See https://releases.hashicorp.com/vault-plugin-database-oracle/ .
8 | vault_plugin_oracle_version: 0.9.0
9 |
--------------------------------------------------------------------------------
/roles/cis/tasks/CentOS-8/3_network/3_6_disable_ipv6.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: 3.6 Disable IPv6 (Not Scored)
3 | ansible.builtin.replace:
4 | path: /boot/grub2/grubenv
5 | regexp: '^kernelopts="((:?(?!ipv6\.disable=1).)*?)"$'
6 | replace: 'kernelopts="\1 ipv6.disable=1"'
7 | mode: "0600"
8 | when:
9 | - cis_disable_ipv6 | bool
10 |
--------------------------------------------------------------------------------
/roles/molecule/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for molecule
3 |
4 | # If you need to give extra options to pip, use `molecule_extra_args`. For
5 | # example:
6 | # molecule_extra_args: "--user"
7 | molecule_extra_args: ""
8 |
9 | # A list of plugins to install. (Can be empty.)
10 | molecule_plugins:
11 | - molecule-plugins[docker]
12 |
--------------------------------------------------------------------------------
/roles/autofs/templates/template.autofs.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | {{ item.mountpoint }} /etc/auto.{{ item.name | default(item.mountpoint) | regex_replace('^/', '') | regex_replace('/', autofs_slash_replace_char) }} {% if item.options is defined %}{% for option in item.options %}{{ option }}{% if not loop.last %} {% endif %}{% endfor %} {% endif %}
3 |
--------------------------------------------------------------------------------
/roles/gitlab/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for gitlab
3 |
4 | - name: Run gitlab-ctl reconfigure
5 | ansible.builtin.command:
6 | cmd: gitlab-ctl reconfigure
7 | changed_when: true
8 |
9 | - name: Uninstall ruby
10 | ansible.builtin.package:
11 | name: ruby
12 | state: absent
13 | when:
14 | - gitlab_cleanup_ruby
15 |
--------------------------------------------------------------------------------
/roles/snmpd/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for snmpd
3 |
4 | _snmpd_packages:
5 | default:
6 | - snmpd
7 | Alpine:
8 | - net-snmp
9 | RedHat:
10 | - net-snmp
11 | Suse:
12 | - net-snmp
13 |
14 | snmpd_packages: "{{ _snmpd_packages[ansible_os_family] | default(_snmpd_packages['default']) }}"
15 |
16 | snmpd_service: snmpd
17 |
--------------------------------------------------------------------------------
/roles/vault_oracle_plugin/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for vault_oracle_plugin
3 |
4 | _vault_plugin_oracle_requirements:
5 | default:
6 | - libcap
7 | Debian:
8 | - libcap2-bin
9 | vault_plugin_oracle_requirements: "{{ _vault_plugin_oracle_requirements[ansible_os_family] | default(_vault_plugin_oracle_requirements['default']) }}"
10 |
--------------------------------------------------------------------------------
/roles/bootstrap/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for bootstrap
3 |
4 | # Do you want to wait for the host to be available?
5 | bootstrap_wait_for_host: false
6 |
7 | # The number of seconds you want to wait during connection test before failing.
8 | bootstrap_timeout: 3
9 |
10 | # Tell the role to "become" or not.
11 | bootstrap_become: true
12 |
--------------------------------------------------------------------------------
/roles/openvpn/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for openvpn
3 |
4 | # You can setup both a client and a server using this role.
5 | # Use `server` or `client` for `openvpn_role`.
6 |
7 | openvpn_role: server
8 |
9 | # If you are configuring a client, setup these variables:
10 | # openvpn_role: client
11 | # openvpn_client_server: vpn.example.com
12 |
--------------------------------------------------------------------------------
/roles/remi/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test remi_repository_selection
4 | ansible.builtin.assert:
5 | that:
6 | - remi_repository_selection is defined
7 | - remi_repository_selection is string
8 | - remi_repository_selection in [ "php54", "php70", "php71", "php72", "php73", "php74", "php81" ]
9 | quiet: true
10 |
--------------------------------------------------------------------------------
/roles/update_pip_packages/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for update_pip_packages
3 |
4 | _update_pip_packages_requirements:
5 | default:
6 | - which
7 | Debian:
8 | - debianutils
9 |
10 | update_pip_packages_requirements: "{{ _update_pip_packages_requirements[ansible_os_family] | default(_update_pip_packages_requirements['default']) }}"
11 |
--------------------------------------------------------------------------------
/roles/alternatives/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for alternatives
3 |
4 | _alternatives_packages:
5 | default:
6 | - alternatives
7 | Alpine:
8 | - dpkg
9 | Debian:
10 | - dpkg
11 | RedHat:
12 | - chkconfig
13 |
14 | alternatives_packages: "{{ _alternatives_packages[ansible_os_family] | default(_alternatives_packages['default']) }}"
15 |
--------------------------------------------------------------------------------
/roles/ca/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.httpd
7 | - name: robertdebock.openssl
8 | - name: robertdebock.python_pip
9 | collections:
10 | - name: ansible.posix
11 | - name: community.crypto
12 | - name: community.general
13 |
--------------------------------------------------------------------------------
/roles/common/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for common
3 |
4 | - name: Gather facts
5 | ansible.builtin.setup:
6 | become: false
7 |
8 | - name: Reload network manager
9 | ansible.builtin.service:
10 | name: NetworkManager
11 | state: reloaded
12 |
13 | - name: Reboot
14 | ansible.builtin.reboot:
15 | when:
16 | - common_reboot
17 |
--------------------------------------------------------------------------------
/roles/httpd/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.openssl
7 | - name: robertdebock.python_pip
8 | - name: robertdebock.selinux
9 | collections:
10 | - name: ansible.posix
11 | - name: community.crypto
12 | - name: community.general
13 |
--------------------------------------------------------------------------------
/roles/jenkins/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for jenkins
3 |
4 | # What tcp port Jenkins should listen to.
5 | jenkins_port: 8080
6 |
7 | # What address Jenkins should bind to.
8 | jenkins_listen_address: "0.0.0.0"
9 |
10 | # The version of Jenkins to install. Not specifying a version, will install the latest available.
11 | # jenkins_version: "2.399.1"
12 |
--------------------------------------------------------------------------------
/roles/jitsi/meta/argument_specs.yml:
--------------------------------------------------------------------------------
1 | ---
2 | argument_specs:
3 | main:
4 | short_description: "Jitsi installation."
5 | options:
6 | jitsi_release:
7 | type: "str"
8 | required: true
9 | description: "The type of release to install."
10 | choices:
11 | - stable
12 | - testing
13 | - nightly
14 |
--------------------------------------------------------------------------------
/roles/luks/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for luks
3 |
4 | # The state of luks devices if not mentioned specifically.
5 | luks_default_state: opened
6 |
7 | # A list of devices to encrypt.
8 | luks_devices: []
9 |
10 | # For example:
11 | # luks_devices:
12 | # - device: /dev/loop0
13 | # name: luksdisk0
14 | # keyfile: /etc/luksdisk0.keyfile
15 |
--------------------------------------------------------------------------------
/roles/memcached/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for memcached
3 |
4 | # The tcp port memcached should listen on.
5 | memcached_port: 11211
6 |
7 | # The address memcached should bind on.
8 | memcached_listenon: "127.0.0.1"
9 |
10 | # The maximum connections memcached.
11 | memcached_maxconn: 1024
12 |
13 | # The cachesize.
14 | memcached_cachesize: 64
15 |
--------------------------------------------------------------------------------
/roles/rsyslog/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for rsyslog
3 |
4 | rsyslog_packages:
5 | - rsyslog
6 |
7 | rsyslog_service: rsyslog
8 |
9 | _rsyslog_work_directory:
10 | default: /var/lib/rsyslog
11 | Debian: /var/spool/rsyslog
12 |
13 | rsyslog_work_directory: "{{ _rsyslog_work_directory[ansible_os_family] | default(_rsyslog_work_directory['default']) }}"
14 |
--------------------------------------------------------------------------------
/roles/diskspace/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for diskspace
3 |
4 | # You can pass a list of mountpoint and their minimum required space of inodes.
5 | # diskspace_mounts:
6 | # - name: /
7 | # megabytes_available: 64
8 | # - name: /var
9 | # gigabytes_available: 4
10 | # - name: /home
11 | # inodes_available: 65536
12 | diskspace_mounts: []
13 |
--------------------------------------------------------------------------------
/roles/terraform_agent/templates/tfc-agent.env.j2:
--------------------------------------------------------------------------------
1 | TFC_ADDRESS="{{ terraform_agent_terraform_enterprise_address }}"
2 | TFC_AGENT_TOKEN="{{ terraform_agent_token }}"
3 | TFC_AGENT_NAME="{{ terraform_agent_name }}"
4 | TFC_AGENT_LOG_LEVEL="{{ terraform_agent_log_level }}"
5 | TFC_AGENT_DATA_DIR="{{ terraform_agent_data_dir }}"
6 | TFC_AGENT_CACHE_DIR="{{ terraform_agent_cache_dir }}"
7 |
--------------------------------------------------------------------------------
/roles/backup/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.mysql
5 | - name: robertdebock.buildtools
6 | - name: robertdebock.epel
7 | - name: robertdebock.python_pip
8 | - name: robertdebock.postgres
9 | collections:
10 | - name: community.postgresql
11 | - name: community.mysql
12 | - name: community.general
13 |
--------------------------------------------------------------------------------
/roles/diskspace/meta/argument_specs.yml:
--------------------------------------------------------------------------------
1 | ---
2 | argument_specs:
3 | main:
4 | short_description: "Test for sufficient diskspace and/or inodes."
5 | options:
6 | diskspace_mounts:
7 | type: "list"
8 | required: true
9 | description: "A list of `name`s and one or more `megabytes_available`, `gigabytes_available` and/or `inodes_available`."
10 |
--------------------------------------------------------------------------------
/roles/nextcloud/templates/nextcloud.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | Alias /nextcloud "{{ nextcloud_destination }}/nextcloud"
3 |
4 |
5 | Require all granted
6 | AllowOverride All
7 | Options FollowSymlinks MultiViews
8 |
9 |
10 | Dav off
11 |
12 |
13 |
14 |
--------------------------------------------------------------------------------
/roles/ntp/templates/chrony.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | driftfile /var/lib/chrony/drift
4 |
5 | makestep 1.0 3
6 |
7 | keyfile /etc/chrony.keys
8 |
9 | logdir /var/log/chrony
10 |
11 | dumponexit
12 | dumpdir /var/run/chrony
13 |
14 | bindaddress 127.0.0.1
15 |
16 | {% for ntp_server in ntp_pool %}
17 | pool {{ ntp_server.name }}
18 | {% endfor %}
19 |
--------------------------------------------------------------------------------
/roles/podman/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for podman
3 |
4 | # You can modify the `storage.conf` file using this list.
5 | # podman_storage:
6 | # - option: driver
7 | # value: overlay
8 | # section: storage
9 | podman_storage: []
10 |
11 | # You can start docker as a specific user other than "root".
12 | # podman_user: my_user
13 | podman_user: ""
14 |
--------------------------------------------------------------------------------
/roles/artifactory/templates/binarystore.xml.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment('xml') }}
2 |
3 |
4 |
5 |
6 |
7 |
8 | {{ artifactory_file_store_dir }}
9 |
10 |
11 |
--------------------------------------------------------------------------------
/roles/cis/tasks/CentOS-8/1_initial_setup/1_9_updates_installed.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: 1.9 Ensure updates, patches, and additional security software are installed (Not Scored)
3 | ansible.builtin.package:
4 | name: "*"
5 | state: latest # noqa package-latest In this case, latest is desired.
6 | notify:
7 | - reboot
8 | when:
9 | - cis_updates_installed | bool
10 |
--------------------------------------------------------------------------------
/roles/digitalocean_agent/files/digitalocean-agent.repo:
--------------------------------------------------------------------------------
1 | [digitalocean-agent]
2 | name=DigitalOcean agent
3 | baseurl=https://repos.insights.digitalocean.com/yum/do-agent/$basearch
4 | enabled=1
5 | gpgkey=https://repos.insights.digitalocean.com/sonar-agent.asc
6 | gpgcheck=1
7 | repo_gpgcheck=0
8 | sslverify=0
9 | sslcacert=/etc/pki/tls/certs/ca-bundle.crt
10 | metadata_expire=300
11 |
--------------------------------------------------------------------------------
/roles/grub/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for grub
3 |
4 | - name: Update grub
5 | ansible.builtin.command:
6 | cmd: "{{ grub_update_grub_command }}"
7 | changed_when: true
8 | when:
9 | - ansible_connection not in [ "container", "docker", "community.docker.docker" ]
10 | notify:
11 | - Reboot
12 |
13 | - name: Reboot
14 | ansible.builtin.reboot:
15 |
--------------------------------------------------------------------------------
/roles/mate/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for mate
3 |
4 | _mate_packages:
5 | Debian:
6 | - mate-desktop-environment
7 | RedHat:
8 | - "@mate-desktop"
9 | - NetworkManager
10 | Suse:
11 | - patterns-mate-mate
12 |
13 | mate_packages: "{{ _mate_packages[ansible_os_family] }}"
14 |
15 | mate_exclude: "{{ ansible_distribution | lower }}-release-matecompiz"
16 |
--------------------------------------------------------------------------------
/roles/cve_2024_3094/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for cve_2024_3094
3 |
4 | # If requirements are installed, would you like to remove them after this role ran?
5 | cve_2024_3094_cleanup: true
6 |
7 | # Where to look for `sshd`, a list of paths.
8 | cve_2024_3094_sshd_paths:
9 | - /usr/bin
10 | - /usr/sbin
11 | - /usr/local/bin
12 | - /usr/local/sbin
13 |
--------------------------------------------------------------------------------
/roles/httpd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for httpd
3 |
4 | - name: Test httpd configuration validity
5 | ansible.builtin.command:
6 | cmd: "{{ httpd_binary }} -t"
7 | changed_when: false
8 | when:
9 | - ansible_os_family != "Suse"
10 |
11 | - name: Restart httpd
12 | ansible.builtin.service:
13 | name: "{{ httpd_service }}"
14 | state: restarted
15 |
--------------------------------------------------------------------------------
/roles/mongodb/templates/mongod.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | storage:
4 | dbPath: {{ mongodb_dbpath }}
5 |
6 | systemLog:
7 | destination: file
8 | logAppend: true
9 | path: {{ mongodb_systemlog_path }}
10 |
11 | net:
12 | port: {{ mongodb_port }}
13 | bindIp: {{ mongodb_bindip }}
14 |
15 | processManagement:
16 | timeZoneInfo: /usr/share/zoneinfo
17 |
--------------------------------------------------------------------------------
/roles/tigervnc/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for tigervnc
3 |
4 | _tigervnc_packages:
5 | default:
6 | - tigervnc-server
7 | Debian:
8 | - tigervnc-standalone-server
9 | - tigervnc-xorg-extension
10 |
11 | tigervnc_packages: "{{ _tigervnc_packages[ansible_os_family] | default(_tigervnc_packages['default']) }}"
12 |
13 | tigervnc_service: "vncserver@:1.service"
14 |
--------------------------------------------------------------------------------
/roles/users/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for users
3 |
4 | # The location to store ssh keys for user
5 | users_ssh_key_directory: ssh_keys
6 |
7 | # The default shell if not overwritten.
8 | users_shell: /bin/bash
9 |
10 | # manage cron permissions via /etc/cron.allow
11 | users_cron_allow: true
12 |
13 | # should homedirectories be created?
14 | users_create_home: true
15 |
--------------------------------------------------------------------------------
/roles/bareos_dir/templates/catalog.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | {% if item.enabled is defined and item.enabled or item.enabled is not defined %}
4 | Catalog {
5 | Name = {{ item.name }}
6 | dbname = "{{ item.dbname }}"
7 | dbuser = "{{ item.dbuser }}"
8 | dbpassword = "{{ item.dbpassword }}"
9 | }
10 | {% else %}
11 | # This file is not enabled.
12 | {% endif %}
13 |
--------------------------------------------------------------------------------
/roles/functions/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for functions
3 |
4 | functions_strings:
5 | - "A regular line."
6 | - "CAPITALS ONLY"
7 | - "lowercase only"
8 | - " Extra spaces. "
9 | - "A line with the word new and old."
10 | - "A line with integers. 1, 2 & 3."
11 |
12 | functions_integers:
13 | - 0
14 | - 1
15 | - 1.4
16 | - 1.5
17 | - 1.6
18 | - 2.0
19 |
--------------------------------------------------------------------------------
/roles/harbor/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.core_dependencies
5 | - name: robertdebock.buildtools
6 | - name: robertdebock.epel
7 | - name: robertdebock.python_pip
8 | - name: robertdebock.docker
9 | - name: robertdebock.docker_compose
10 | - name: robertdebock.selinux
11 | collections:
12 | - name: community.general
13 |
--------------------------------------------------------------------------------
/roles/php/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.httpd
7 | - name: robertdebock.openssl
8 | - name: robertdebock.python_pip
9 | - name: robertdebock.scl
10 | collections:
11 | - name: ansible.posix
12 | - name: community.crypto
13 | - name: community.general
14 |
--------------------------------------------------------------------------------
/roles/sysctl/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test sysctl_set
4 | ansible.builtin.assert:
5 | that:
6 | - sysctl_set is defined
7 | - sysctl_set is boolean
8 | quiet: true
9 |
10 | - name: assert | Test sysctl_reload
11 | ansible.builtin.assert:
12 | that:
13 | - sysctl_reload is defined
14 | - sysctl_reload is boolean
15 | quiet: true
16 |
--------------------------------------------------------------------------------
/roles/tftpd/templates/tftp.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 | service tftp
3 | {
4 | socket_type = dgram
5 | protocol = udp
6 | wait = yes
7 | user = root
8 | server = /usr/sbin/in.tftpd
9 | server_args = -s {{ tftpd_tftproot }}
10 | disable = no
11 | per_source = 11
12 | cps = 100 2
13 | flags = IPv4
14 | }
15 |
--------------------------------------------------------------------------------
/.github/workflows/collection.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | name: Build and Deploy Collection
4 |
5 | on:
6 | push:
7 |
8 | jobs:
9 | deploy:
10 | runs-on: "Ubuntu-20.04"
11 | steps:
12 | - uses: actions/checkout@v3
13 | - name: Deploy Ansible Galaxy Collection
14 | uses: artis3n/ansible_galaxy_collection@v2
15 | with:
16 | api_key: '${{ secrets.GALAXY_API_KEY }}'
17 |
--------------------------------------------------------------------------------
/roles/jitsi/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: robertdebock
4 | role_name: jitsi
5 | description: Install and configure jitsi on your system.
6 | license: Apache-2.0
7 | company: none
8 | min_ansible_version: "2.12"
9 |
10 | platforms:
11 | - name: Debian
12 | versions:
13 | - bullseye
14 |
15 | galaxy_tags:
16 | - jitsi
17 |
18 | dependencies: []
19 |
--------------------------------------------------------------------------------
/roles/luks/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for luks
3 |
4 | - name: Set permissions on keyfile
5 | ansible.builtin.file:
6 | path: "{{ item.keyfile }}"
7 | owner: root
8 | group: root
9 | mode: "0400"
10 | loop: "{{ luks_devices }}"
11 | loop_control:
12 | label: "{{ item.keyfile }}"
13 | when:
14 | - luks_devices is defined
15 | - item.keyfile is defined
16 |
--------------------------------------------------------------------------------
/roles/remi/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for remi
3 |
4 | - name: Reset php stream
5 | ansible.builtin.command:
6 | cmd: dnf --assumeyes module reset php
7 | changed_when: true
8 | when:
9 | - ansible_pkg_mgr in [ "dnf", "dnf5" ]
10 |
11 | - name: Enable repository
12 | ansible.builtin.command:
13 | cmd: "{{ remi_enable_repository_command }}"
14 | changed_when: true
15 |
--------------------------------------------------------------------------------
/roles/remi/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: robertdebock
4 | role_name: remi
5 | description: Install and enable remi yum repositories on your system.
6 | license: Apache-2.0
7 | company: none
8 | min_ansible_version: "2.12"
9 |
10 | platforms:
11 | - name: EL
12 | versions:
13 | - "9"
14 |
15 | galaxy_tags:
16 | - remi
17 |
18 | dependencies: []
19 |
--------------------------------------------------------------------------------
/roles/storage/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for storage
3 |
4 | - name: Reload systemd
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 | when:
8 | - ansible_service_mgr == 'systemd'
9 |
10 | - name: Run vgscan --mknodes
11 | ansible.builtin.command:
12 | cmd: vgscan --mknodes
13 | changed_when: true
14 |
15 | - name: Refresh facts
16 | ansible.builtin.setup:
17 |
--------------------------------------------------------------------------------
/roles/vault_configuration/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for vault_configuration
3 |
4 | - name: Reload systemd
5 | ansible.builtin.systemd:
6 | daemon_reload: true
7 |
8 | - name: Reload Vault
9 | ansible.builtin.service:
10 | name: vault
11 | state: reloaded
12 |
13 | - name: Restart Vault
14 | ansible.builtin.service:
15 | name: vault
16 | state: restarted
17 |
--------------------------------------------------------------------------------
/roles/dsvpn/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for dsvpn
3 |
4 | - name: Restart dsvpn-server
5 | ansible.builtin.service:
6 | name: "dsvpn-server"
7 | state: restarted
8 | when:
9 | - dsvpn_role == "server"
10 |
11 | - name: Restart dsvpn-client
12 | ansible.builtin.service:
13 | name: "dsvpn-client"
14 | state: restarted
15 | when:
16 | - dsvpn_role == "client"
17 |
--------------------------------------------------------------------------------
/roles/httpd/templates/ssl.conf.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | LoadModule ssl_module {{ httpd_modules_path}}/mod_ssl.so
4 |
5 | Listen {{ httpd_ssl_port }}
6 |
7 | ServerName {{ httpd_ssl_servername }}
8 | SSLEngine on
9 | SSLCertificateFile "{{ httpd_openssl_crt }}"
10 | SSLCertificateKeyFile "{{ httpd_openssl_key }}"
11 |
12 |
--------------------------------------------------------------------------------
/roles/nomad/templates/server.hcl.j2:
--------------------------------------------------------------------------------
1 | {{ ansible_managed | comment }}
2 |
3 | data_dir = "{{ nomad_server_data_dir }}"
4 | bind_addr = "{{ nomad_server_bind_addr }}"
5 | log_level = "{{ nomad_server_log_level }}"
6 |
7 | # Enable the server
8 | server {
9 | enabled = true
10 |
11 | # Self-elect, should be 3 or 5 for production
12 | bootstrap_expect = {{ nomad_server_bootstrap_expect }}
13 | }
14 |
--------------------------------------------------------------------------------
/roles/php_fpm/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | roles:
3 | - name: robertdebock.bootstrap
4 | - name: robertdebock.buildtools
5 | - name: robertdebock.epel
6 | - name: robertdebock.openssl
7 | - name: robertdebock.python_pip
8 | - name: robertdebock.selinux
9 | - name: robertdebock.httpd
10 | collections:
11 | - name: ansible.posix
12 | - name: community.crypto
13 | - name: community.general
14 |
--------------------------------------------------------------------------------
/roles/podman/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for podman
3 |
4 | podman_packages:
5 | - podman
6 |
7 | podman_configuration_files:
8 | containers: /etc/containers/containers.conf
9 | mounts: /usr/share/containers/mounts.conf
10 | policy: /etc/containers/policy.json
11 | registries: /etc/containers/registries.conf
12 | storage: /etc/containers/storage.conf
13 |
14 | podman_service: podman
15 |
--------------------------------------------------------------------------------
/roles/umask/tasks/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: assert | Test umask
4 | ansible.builtin.assert:
5 | that:
6 | - umask is defined
7 | - umask is string
8 | - umask is not none
9 | quiet: true
10 |
11 | - name: assert | Test umask_users
12 | ansible.builtin.assert:
13 | that:
14 | - umask_users is defined
15 | - umask_users is iterable
16 | quiet: true
17 |
--------------------------------------------------------------------------------
/roles/powertop/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for powertop
3 |
4 | _powertop_packages:
5 | default:
6 | - powertop
7 |
8 | powertop_packages: "{{ _powertop_packages[ansible_distribution] | default(_powertop_packages['default']) }}"
9 |
10 | _powertop_service:
11 | default: powertop
12 |
13 | powertop_service: "{{ _powertop_service[ansible_distribution] | default(_powertop_service['default']) }}"
14 |
--------------------------------------------------------------------------------
/roles/xrdp/files/45-allow-colord:
--------------------------------------------------------------------------------
1 | [Allow Colord all Users]
2 | Identity=unix-user:*
3 | Action=org.freedesktop.color-manager.create-device;org.freedesktop.color-manager.create-profile;org.freedesktop.color-manager.delete-device;org.freedesktop.color-manager.delete-profile;org.freedesktop.color-manager.modify-device;org.freedesktop.color-manager.modify-profile
4 | ResultAny=no
5 | ResultInactive=no
6 | ResultActive=yes
7 |
--------------------------------------------------------------------------------
/roles/dovecot/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for dovecot
3 |
4 | _dovecot_packages:
5 | default:
6 | - dovecot
7 | Alpine:
8 | - dovecot
9 | - dovecot-pop3d
10 | Debian:
11 | - dovecot-core
12 | - dovecot-imapd
13 | - dovecot-pop3d
14 |
15 | dovecot_packages: "{{ _dovecot_packages[ansible_os_family] | default(_dovecot_packages['default']) }}"
16 |
17 | dovecot_service: dovecot
18 |
--------------------------------------------------------------------------------
/roles/cis/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: robertdebock
4 | role_name: cis
5 | description: Apply and/or check recommendations from the CIS benchmarks.
6 | license: Apache-2.0
7 | company: none
8 | min_ansible_version: "2.12"
9 |
10 | platforms:
11 | - name: EL
12 | versions:
13 | - "9"
14 |
15 | galaxy_tags:
16 | - cis
17 | - security
18 |
19 | dependencies: []
20 |
--------------------------------------------------------------------------------
/roles/swap/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for swap
3 |
4 | # Set the swappiness, 60 is default for Fedora 31.
5 | swap_swappiness: 60
6 |
7 | # A list of swap files to add. The list must container **path** (an absolute path to a file) and **size** (an integer in megabytes).
8 | # swap_files:
9 | # - path: /my.swap
10 | # size: 1024
11 |
12 | # You can disable swap if required.
13 | swap_enabled: true
14 |
--------------------------------------------------------------------------------
/roles/certbot/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for certbot
3 |
4 | # The certbot can configure either "apache", "haproxy", "nginx" or run "standalone".
5 | certbot_system: apache
6 |
7 | # You can have multiple domains, as a list to request a certificate for.
8 | certbot_domains:
9 | - "{{ ansible_fqdn }}"
10 |
11 | # An email-addres is required to register.
12 | certbot_email: your_email_address@example.com
13 |
--------------------------------------------------------------------------------
/roles/diskspace/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # tasks file for diskspace
3 |
4 | - name: Import assert.yml
5 | ansible.builtin.import_tasks:
6 | file: assert.yml
7 | run_once: true
8 | delegate_to: localhost
9 |
10 | - name: Include mount.yml
11 | ansible.builtin.include_tasks:
12 | file: mount.yml
13 | loop: "{{ diskspace_mounts }}"
14 | loop_control:
15 | label: "{{ mount.name }}"
16 | loop_var: mount
17 |
--------------------------------------------------------------------------------
/roles/firewall/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for firewall
3 |
4 | - name: Reload firewall
5 | ansible.builtin.service:
6 | name: "{{ firewall_service }}"
7 | state: reloaded
8 | when:
9 | - ansible_connection not in [ "container", "docker", "community.docker.docker" ]
10 |
11 | - name: Reload firewalld
12 | ansible.builtin.command:
13 | cmd: firewall-cmd --reload
14 | changed_when: true
15 |
--------------------------------------------------------------------------------
/roles/tfe/files/terraform-enterprise.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Terraform Enterprise Service
3 | Requires=docker.service
4 | After=docker.service network.target
5 |
6 | [Service]
7 | Type=oneshot
8 | RemainAfterExit=yes
9 | WorkingDirectory=/etc/terraform-enterprise
10 | ExecStart=/usr/bin/docker compose up -d
11 | ExecStop=/usr/bin/docker compose down
12 | TimeoutStartSec=0
13 | [Install]
14 | WantedBy=multi-user.target
15 |
--------------------------------------------------------------------------------
/roles/tomcat/tasks/lib.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: lib | Deploy lib
4 | ansible.builtin.get_url:
5 | url: "{{ lib.url }}"
6 | dest: "{{ tomcat_directory }}//{{ instance.name }}/lib/"
7 | mode: "0755"
8 | owner: "{{ instance.user | default(tomcat_user) }}"
9 | group: "{{ instance.group | default(tomcat_group) }}"
10 | when:
11 | - lib.url is defined
12 | notify:
13 | - Restart tomcat instance
14 |
--------------------------------------------------------------------------------
/roles/alternatives/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for alternatives
3 |
4 | # This is an example of how to use python3.7 on a system that has both
5 | # python 2.7 and python 3.7.
6 | # alternatives_list:
7 | # - name: python
8 | # link: /usr/bin/python2.7
9 | # path: /usr/bin/python
10 | # - name: python
11 | # link: /usr/bin/python3.7
12 | # path: /usr/bin/python
13 |
14 | alternatives_list: []
15 |
--------------------------------------------------------------------------------
/roles/autofs/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for autofs
3 |
4 | - name: Restart autofs
5 | ansible.builtin.service:
6 | name: "{{ autofs_service }}"
7 | state: restarted
8 | when:
9 | - autofs_service_state == "started"
10 |
11 | - name: Reload autofs
12 | ansible.builtin.service:
13 | name: "{{ autofs_service }}"
14 | state: reloaded
15 | when:
16 | - autofs_service_state == "started"
17 |
--------------------------------------------------------------------------------
/roles/cis/tasks/Ubuntu-20/assert.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Do nothing
4 | ansible.builtin.wait_for:
5 |
6 | # - name: Test if cis_X is set correctly
7 | # assert:
8 | # that:
9 | # - cis_X is defined
10 | # - cis_X is iterable
11 | # - cis_X is iterable
12 | # - cis_X is number
13 | # - cis_X | int >= 0
14 | # - cis_X is boolean
15 | # - cis_X in ["a", "b"]
16 | # quiet: yes
17 |
--------------------------------------------------------------------------------
/roles/common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # defaults file for common
3 |
4 | # The selected hostname.
5 | common_hostname: "{{ inventory_hostname }}"
6 |
7 | # A list of nameservers to configure.
8 | # common_nameservers:
9 | # - 1.1.1.1
10 | # - 1.0.0.1
11 |
12 | # Fill /etc/hosts with all hosts in the play.
13 | common_hosts: "{{ groups.all }}"
14 |
15 | # Do you want to reboot on a hostname change?
16 | common_reboot: true
17 |
--------------------------------------------------------------------------------
/roles/dsvpn/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for dsvpn
3 |
4 | _dsvpn_requirements:
5 | default:
6 | - kmod
7 | Debian:
8 | - kmod
9 | - iproute2
10 | RedHat:
11 | - kmod
12 | - iproute
13 |
14 | dsvpn_requirements: "{{ _dsvpn_requirements[ansible_os_family] | default(_dsvpn_requirements['default']) }}"
15 |
16 | dsvpn_release_url: "https://github.com/jedisct1/dsvpn/archive/{{ dsvpn_version }}.tar.gz"
17 |
--------------------------------------------------------------------------------