forked from ISTI-ansible-roles/ansible-roles
140 lines
8.4 KiB
YAML
140 lines
8.4 KiB
YAML
---
|
|
#
|
|
# Use the apt proxy
|
|
#
|
|
use_apt_proxy: False
|
|
apt_proxy_url: "http://apt.research-infrastructures.eu:9999"
|
|
|
|
common_packages:
|
|
- acl
|
|
- zile
|
|
- dstat
|
|
- iotop
|
|
- wget
|
|
- vim-tiny
|
|
- psmisc
|
|
- tcpdump
|
|
- lsof
|
|
- strace
|
|
- rsync
|
|
- multitail
|
|
- unzip
|
|
- htop
|
|
- tree
|
|
- bind9-host
|
|
- bash-completion
|
|
|
|
# Unattended upgrades
|
|
unatt_allowed_origins:
|
|
- '${distro_id}:${distro_codename}-security'
|
|
#unatt_blacklisted:
|
|
# - libc6
|
|
unatt_autofix: "true"
|
|
# When true, the procedure is really slow
|
|
unatt_minimalsteps: "false"
|
|
unatt_install_on_shutdown: "false"
|
|
#unatt_email: sysadmin@isti.cnr.it
|
|
unatt_email_on_error: "false"
|
|
unatt_autoremove: "true"
|
|
unatt_autoreboot: "false"
|
|
unatt_autoreboot_time: "now"
|
|
|
|
#
|
|
# Defaults
|
|
#
|
|
cleanup_base_packages: True
|
|
base_packages_to_remove:
|
|
- ppp
|
|
- at
|
|
|
|
cleanup_x_base_packages: False
|
|
x_base_packages_to_remove:
|
|
- firefox-locale-en
|
|
- x11-common
|
|
|
|
cleanup_nfs_packages: False
|
|
nfs_packages:
|
|
- nfs-common
|
|
- portmap
|
|
|
|
cleanup_rpcbind_packages: False
|
|
rpcbind_packages:
|
|
- rpcbind
|
|
|
|
disable_ipv6: True
|
|
ipv6_sysctl_value: 1
|
|
ipv6_sysctl_file: /etc/sysctl.d/10-ipv6-disable.conf
|
|
|
|
# Install our /etc/resolv.conf
|
|
install_resolvconf: True
|
|
|
|
# Install and configure munin
|
|
configure_munin: True
|
|
|
|
# Manage the root ssh keys
|
|
manage_root_ssh_keys: True
|
|
|
|
cm_pubkey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJN8XR/N4p6FfymWJy7mwR3vbUboC4P+7CgZalflhK5iH0P7c24/zZDY9Y5QIq58IViY7napqZuRkNHnHcvm9mxtSxQ16qe03NulABN5V/ljgR0sQAWz8pwv68LDpR9uBSCbXDdDCUUlS+zOxCHA6s7O7PSFavX4An1Vd/mjwoeR4eLRQXNcKsK2Pu/BZ3TCLmWyi2otnxFiJ8IoKW1CvjxKWmt5BvAvys0dfsdnTSVz9yiUMwN5Oj8cw/jhKqadnkvqTGfGl1ELm9L2V7hT6LM0cIom9oRsQf+JJ6loBe3UUZGaAhY2jmARmZdX3qV9Wh+UtxaWMEAXB9mf/2cK9f jenkins@cm
|
|
andrea_dellamico: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ9n6B+J5S7NPnwjejPC2WrvcRzC07WPnAoQ7ZHZ0Mv9JakyWItswzI3Drz/zI0mCamyuye+9dWz9v/ZRwUfBobVyXuptRaZIwxlMC/KsTZofpp3RHOBTteZ4/VM0VhEeiOHu+GuzNE0fRB2gsusWeMMae2cq4TjVAOMcQmJX496L703Smc14gFrP8y/P9jbC5HquuVnPR29PsW4mHidPmjdKkO7QmDfFAj44pEUGeInYOJe708C03NCpsjHw8AVdAJ6Pf16EOdDH+z8D6CByVO3s8UT0HJ85BRoIy6254/hmYLzyd/eRnCXHS/dke+ivrlA3XxG4+DmqjuJR/Jpfx adellam@semovente
|
|
tommaso_piccioli: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzcHuDU7PgJwz34AsVG0E2+ZRx17ZKW1uDEGABNk3Z60/c9LTwWKPj6kcIRy6RzFJI5X+IgPJnYouXVmJsIWjVL8IRk8fP1ffJC6Fyf6H7+fCxu/Wwed5OoOCvKeZ0bEmJ1tlXFM6+EnxKqLCvz3fsNy8e4WKMnpS1hT8K6YB7PMjt60S3wOaxds1Lv4NmmgnfGM5uZFYrZCx1/GJCzNSh7AEEEUIVQ1B8xmXbet7whNiwDmiOnXSlt38dkIYT8kNMuRCj/r9wPr7FmoUCOFzUVXTcnuYagKyURrZ8QDyHbK6XQLYXgvCz/lWoErGFbDqpmBHHyvKSeLPxYfJpWJ70w== tom@tom
|
|
backup_agent: ssh-dss AAAAB3NzaC1kc3MAAACBANBn5i7oJd12+GAeDVSAiPqCxcCDzWe41g3Vy/LhbYKwG0smPNJRfvyf7lKWkgolJfMJZrk7bBVhJoApkV7vkFkrSPueyRC+/ohjafpOsmxRYiOaSrDZ2c9TbGFVZTh23pUXoDPp2Z0N8l471b9Mx/nqgtflCV+IVICcDZbUhcCTAAAAFQC+fmfljTFllCMKsgrSJcQAtiIT/QAAAIEAvrsLfmQzHQjt4G5FhcPVbvP87KUsDh0xksCfMRP6bQBz/3mcnt7V5/MLll/CZMiOWjRK3ww9zCYHprUwQtAZSllFWiGUKw1tDvf1ZQGESYP/vvWwcpPZpVsRHlhRtuMsQchSRxw03yYOqEEa2akWzQlvaZ4CWWym931mZg6zY4AAAACAG/l8dU/QEMK1JP3rDV0kZYvcxjUC9Mxw5ScTyVqVnxDL75ssX9HiQamsiTk0dYNyl8qkB38FfkB4LhEb8FkHs4toN+nTNPPlLqhpYMs+anwyNy32LnXAVP02VJ2+3exwGe0b5vtIFpj+j8s7YZMHN5x6d4xhZ9oq5M2pJN6M48E= root@dlibbackup
|
|
monja_dariva: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuQJvgDc8lQB+EArajGPEirRuYxGcInfiM3uRS0P5Dhqch6cuNdMFFjCoQVFL2Dvs7QNSRm8mvnPLWOCYLEFPBdXlA63w+n3VWoVOs0lUgQM77/axetd/K8BCkJlcA/exvVxLtzc5k8hN1k3OJY/Npi2Xa4WyEMV6t7+vYK3MXPjFBy4Y/aLWZvHcCn0zUbeB8T8PJ2S8taCIOMzemUzjGs3c0f4y6oaJx1gPw31PCahkaVS4ZLSt+0y3DRaGiXjyzgbQPf1whBOT4SSiX3SgdMvxA/Fzz2sSAn9PNfKq+/vygn7qDB79qzBhOXs36dPuwmsqggxIZasGUT/YfRp5Cw== monja@pc-monja
|
|
|
|
old_marko_mikulicic: ssh-dss AAAAB3NzaC1kc3MAAACBAO/KjuevegLjP3SXeZAdmHySuOjlNWllsuurdzes9HwF7HBEtFAuSE7vBeNcpfsdUytq92JUBAwNk9VwxNnnyVgeznFQ7ocGBh0Yfu4j9EXiWVA7vO8xZ9kqjl+HwUELrR1a8d4mngXgNQ1OAm+i3vvpBA6b4CV2L2hrEsPL5LPVAAAAFQD0VroYiG13uOsHCJaVyWH6V7w4twAAAIA4moWcTj36r+FpJYHH3c+QGC8XgPi6mwsqJexJ3sZRfEDAuDTgB5UyLJStY5EE2pChVpACx8KDlONcyuCdA8HIDC+RAJ03tY//UR2Ndg1y0yH8BnpjFM9Ow5JcoWzz9clC4GD0zGA90aiQd37I3JfPoTTEjLvJegg/C8GtlLtB+AAAAIEAgHwTzFLfZ0Q5tDK/kxeKa/x52O4ZfOXBTOYQZy5A6+ohoOOIKuEYmUOxh9ovE38St2+Q+1CgGnhBA79Y2pBdzpvY6VwKdcQBtyZSsJ7ghMTpksdNwZkZ3rIDgMi0yeBUl9qe339dXzV77uM/Q8Tx0UhSHTEIpyu1WZ8d/AAqrCQ= marko
|
|
|
|
root_ssh_keys:
|
|
- '{{ cm_pubkey }}'
|
|
- '{{ andrea_dellamico }}'
|
|
- '{{ tommaso_piccioli }}'
|
|
- '{{ backup_agent }}'
|
|
- '{{ monja_dariva }}'
|
|
|
|
obsolete_root_ssh_keys:
|
|
- '{{ old_marko_mikulicic }}'
|
|
|
|
#
|
|
# debian/ubuntu distributions controllers
|
|
#
|
|
has_default_grub: "'{{ ansible_distribution }}' == 'Debian' and '{{ ansible_distribution_version }}' != 'lenny/sid' and {{ ansible_lsb['major_release'] }} >= 6"
|
|
|
|
has_htop: "'{{ ansible_distribution }}' == 'Ubuntu' and ({{ ansible_distribution_version }} == 10.10 or {{ ansible_distribution_version }} == 11.04 or {{ ansible_distribution_version }} == 12.04)"
|
|
|
|
has_apt: "('{{ ansible_distribution }}' == 'Debian' or '{{ ansible_distribution }}' == 'Ubuntu') and '{{ ansible_distribution_version }}' != 'lenny/sid' and '{{ ansible_lsb['major_release'] }}' >= 5"
|
|
|
|
is_debian: "'{{ ansible_distribution }}' == 'Debian'"
|
|
#is_debian7: "'{{ ansible_distribution }}' == 'Debian' and {{ ansible_lsb['major_release'] }} == 7"
|
|
is_debian7: "'{{ ansible_distribution_release }}' == 'wheezy'"
|
|
is_debian6: "('{{ ansible_distribution }}' == 'Debian' and {{ ansible_lsb['major_release'] }} == 6)"
|
|
is_debian5: "'{{ ansible_distribution }}' == 'Debian' and '{{ ansible_distribution_version }}' != 'lenny/sid' and {{ ansible_lsb['major_release'] }} == 5"
|
|
is_debian4: "'{{ ansible_distribution }}' == 'Debian' and '{{ ansible_distribution_version }}' != 'lenny/sid' and {{ ansible_lsb['major_release'] }} == 4"
|
|
is_not_debian6: "'{{ ansible_distribution }}' == 'Debian' and '{{ ansible_distribution_version }}' != 'lenny/sid' and {{ ansible_lsb['major_release'] }} != 6"
|
|
is_debian_less_than6: "'{{ ansible_distribution }}' == 'Debian' and '{{ ansible_distribution_version }}' != 'lenny/sid' and {{ ansible_lsb['major_release'] }} < 6"
|
|
is_not_debian_less_than_6: "('{{ ansible_distribution }}' != 'Debian') or (('{{ ansible_distribution }}' == 'Debian' or '{{ ansible_distribution }}' == 'Ubuntu') and '{{ ansible_distribution_version }}' != 'lenny/sid' and {{ ansible_lsb['major_release'] }} >= 6)"
|
|
|
|
is_hardy: "'{{ ansible_distribution_release }}' == 'hardy'"
|
|
is_broken_hardy_lts: "'{{ ansible_distribution }}'== 'Debian' and '{{ ansible_distribution_release }}' == 'NA'"
|
|
is_jaunty: "'{{ ansible_distribution_release }}' == 'jaunty'"
|
|
is_quantal: "'{{ ansible_distribution_release }}' == 'quantal'"
|
|
is_natty: "'{{ ansible_distribution_release }}' == 'natty'"
|
|
is_precise: "'{{ ansible_distribution_release }}' == 'precise'"
|
|
is_trusty: "'{{ ansible_distribution_release }}' == 'trusty'"
|
|
is_ubuntu: "'{{ ansible_distribution }}' == 'Ubuntu'"
|
|
is_not_precise: "('{{ ansible_distribution }}' == 'Ubuntu' and {{ ansible_distribution_version }} != 12.04) or '{{ ansible_distribution }}' == 'Debian'"
|
|
is_not_trusty: "('{{ ansible_distribution }}' == 'Ubuntu' and {{ ansible_distribution_version }} != 14.04) or '{{ ansible_distribution }}' == 'Debian'"
|
|
is_not_ubuntu_less_than_precise: "('{{ ansible_distribution }}' == 'Ubuntu') and ({{ ansible_lsb['major_release'] }} >= 12)"
|
|
is_ubuntu_less_than_precise: "('{{ ansible_distribution }}' == 'Ubuntu') and ({{ ansible_lsb['major_release'] }} < 12)"
|
|
is_ubuntu_less_than_trusty: "('{{ ansible_distribution }}' == 'Ubuntu') and ({{ ansible_lsb['major_release'] }} < 14)"
|
|
# Ubuntu < 10.04 or Debian 4
|
|
is_ubuntu_between_8_and_9_and_is_debian_4: "('{{ ansible_distribution }}' == 'Ubuntu' and ({{ ansible_distribution_version }} == 8.04 or {{ ansible_distribution_version }} == 8.10 or {{ ansible_distribution_version }} == 9.04)) or ({{ is_debian4 }})"
|
|
#is_ubuntu_between_8_and_9_or_is_debian_4: "('{{ ansible_distribution }}' == 'Ubuntu') and ({{ ansible_lsb['major_release'] }} < 12) or ({{ is_debian4 }})"
|
|
is_ubuntu_between_8_and_9_or_is_debian_4: "'{{ is_ubuntu_between_8_and_9_and_is_debian_4 }}'"
|
|
# Ubuntu between 10.04 and 11.04
|
|
is_ubuntu_between_10_04_and_11_04: "'{{ ansible_distribution }}' == 'Ubuntu' and ({{ ansible_distribution_version }} == 10.04 or {{ ansible_distribution_version }} == 10.10 or {{ ansible_distribution_version }} == 11.04)"
|
|
# Ubuntu between 10.04 and 11.04, or Debian 6
|
|
is_ubuntu_between_10_04_and_11_04_and_is_debian_6: "({{ is_ubuntu_between_10_04_and_11_04 }} or {{ is_debian6 }})"
|
|
# Debian >=6
|
|
is_debian_greater_than_5: "'{{ ansible_distribution }}' == 'Debian' and '{{ ansible_distribution_version }}' != 'lenny/sid' and {{ ansible_lsb['major_release'] }} >= 6"
|
|
|
|
is_trusty_or_debian7: "('{{ ansible_distribution_release }}' == 'trusty') or ('{{ ansible_distribution_release }}' == 'wheezy')"
|
|
|