-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathbox_bootstrap.yml
More file actions
52 lines (47 loc) · 1.49 KB
/
box_bootstrap.yml
File metadata and controls
52 lines (47 loc) · 1.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
---
- hosts: www
gather_facts: False
pre_tasks:
- debug: msg="Pre tasks section"
- name: ANSIBLE PYTHON | install python 2
raw: test -e /usr/bin/python || (apt -qqy update && apt install -qy python-minimal)
become: yes
- name: UNPRIVILEGED USERS | Get acl dependency (ansible unprivileged user operations magic)
apt: pkg="acl"
become: yes
- name: gather facts
setup:
vars_files:
- ./box_vars.yml
roles:
- {
role: "sa-box-bootstrap",
deploy_user: "{{my_deploy_user}}",
deploy_user_authorized_keys: "{{my_deploy_authorized_keys}}",
ufw_rules_allow: "{{custom_ports_allow}}",
ufw_rules_allow_from_hosts: "{{custom_ufw_rules_allow_from_hosts}}"
}
- {
role: "sa-vpn-pptp",
pptp_vpn_users: "{{custom_pptp_vpn_users}}",
firewall_used: "ufw",
when: option_jumpbox_pptp
}
- {
role: "sa-vpn-openvpn",
openvpn_vpn_users: "{{custom_openvpn_vpn_users}}",
firewall_used: "ufw",
when: option_jumpbox_openvpn
}
- {
role: "sa-vpn-softether",
softether_vpn_users: "{{custom_softether_vpn_users}}",
softether_ipsec_presharedkey: "{{custom_softether_ipsec_presharedkey}}",
firewall_used: "ufw",
when: option_jumpbox_softether
}
- {
role: "sa-port-knock",
knock_ports: "{{custom_knock_ports}}",
when: option_jumpbox_port_knock
}