[fix] setup logwatch for debian and ubuntu

2024-11-11 15:51:03 +00:00 · 2017-08-29 12:40:26 +05:30 · 2017-08-29 12:40:26 +05:30 · 2525503429
commit 2525503429
parent 2e6ca1613d
8 changed files with 57 additions and 20 deletions
--- a/playbooks/production/files/nginx.conf
+++ b/playbooks/production/files/nginx.conf
@ -1,4 +1,4 @@
-user  nginx;
+user {{ nginx_user }};
 worker_processes  auto;
 worker_rlimit_nofile 65535;

--- a/playbooks/production/includes/setup_inputrc.yml
+++ b/playbooks/production/includes/setup_inputrc.yml
@ -0,0 +1,12 @@
+---
+- hosts: localhost
+  tasks:
+  - name: insert/update inputrc for history
+    blockinfile:
+      dest: "/home/{{ ansible_user_id }}/.inputrc"
+      create: yes
+      block: |
+        ## arrow up
+        "\e[A":history-search-backward
+        ## arrow down
+        "\e[B":history-search-forward
--- a/playbooks/production/install.yml
+++ b/playbooks/production/install.yml
@ -8,7 +8,7 @@
    become: yes
    become_user: root
    vars:
-      - nginx_conf_file: ../files/nginx.conf
+      - nginx_conf_file: files/nginx.conf
    roles:
      - locale
      - swap
@ -26,16 +26,13 @@

      - name: Start NTPD
        service: name=ntpd state=started
+        when: ansible_distribution == 'CentOS'

-      - name: insert/update inputrc for history
-        blockinfile:
-          dest: "/home/{{ ansible_user_id }}/.inputrc"
-          create: yes
-          block: |
-            ## arrow up
-            "\e[A":history-search-backward
-            ## arrow down
-            "\e[B":history-search-forward
+      - name: Start NTPD
+        service: name=ntp state=started
+        when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+
+  - include: includes/setup_inputrc.yml

  # Setup Bench for production environment
  - include: includes/setup_bench_production.yml
--- a/playbooks/production/roles/fail2ban/tasks/main.yml
+++ b/playbooks/production/roles/fail2ban/tasks/main.yml
@ -1,6 +1,11 @@
 ---
 - name: Install fail2ban
  yum: name=fail2ban state=present
+  when: ansible_distribution == 'CentOS'
+
+- name: Install fail2ban
+  apt: name=fail2ban state=present
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'

 - name: Enable fail2ban
  service: name=fail2ban enabled=yes
--- a/playbooks/production/roles/frappe_selinux/tasks/main.yml
+++ b/playbooks/production/roles/frappe_selinux/tasks/main.yml
@ -6,24 +6,26 @@
    - selinux-policy-devel
  when: ansible_distribution == 'CentOS'

- name: Install SELinux for Ubuntu
-  apt: name={{ item }} state=present
-  with_items:
-   - selinux
-   - selinux-policy-dev
-  when: ansible_distribution == 'Ubuntu'
+# - name: Install SELinux for Ubuntu
+#   apt: name={{ item }} state=present
+#   with_items:
+#    - selinux
+#    - selinux-policy-dev
+#   when: ansible_distribution == 'Ubuntu'

 - name: Check enabled SELinux modules
  shell: semanage module -l
  register: enabled_modules
+  when: ansible_distribution == 'CentOS'

 - name: Copy frappe_selinux policy
  copy: src=frappe_selinux.te dest=/root/frappe_selinux.te
  register: dest_frappe_selinux_te
+  when: ansible_distribution == 'CentOS'

 - name: Compile frappe_selinux policy
  shell: "make -f /usr/share/selinux/devel/Makefile frappe_selinux.pp && semodule -i frappe_selinux.pp"
  args:
    chdir: /root/
-  when: "enabled_modules.stdout.find('frappe_selinux') == -1 or dest_frappe_selinux_te.changed" 
+  when: "ansible_distribution == 'CentOS' and enabled_modules.stdout.find('frappe_selinux') == -1 or dest_frappe_selinux_te.changed"

--- a/playbooks/production/roles/logwatch/tasks/main.yml
+++ b/playbooks/production/roles/logwatch/tasks/main.yml
@ -1,6 +1,12 @@
 ---
 - name: Install logwatch
  yum: name=logwatch state=present
+  when: ansible_distribution == 'CentOS'
+
+- name: Install logwatch on Ubuntu or Debian
+  apt: name=logwatch state=present
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'

 - name: Copy logwatch config
-  template: src=logwatch.conf.j2 dest=/etc/logwatch/conf/logwatch.conf backup=yes
+  template: src=logwatch.conf.j2 dest=/etc/logwatch/conf/logwatch.conf backup=yes
+  when: admin_emails is defined
--- a/playbooks/production/roles/nginx/tasks/main.yml
+++ b/playbooks/production/roles/nginx/tasks/main.yml
@ -18,6 +18,7 @@
 # Replace default nginx config with nginx template
 - name: Rename default nginx.conf to nginx.conf.old
  command: mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old
+  when: ansible_os_family == 'Debian'

 # Nginx setup.
 - name: Copy nginx configuration in place.
--- a/playbooks/production/roles/ntpd/tasks/main.yml
+++ b/playbooks/production/roles/ntpd/tasks/main.yml
@ -4,6 +4,20 @@
  with_items:
    - ntp
    - ntpdate
+  when: ansible_distribution == 'CentOS'

 - name: enable ntpd
-  service: name=ntpd enabled=yes state=started
+  service: name=ntpd enabled=yes state=started
+  when: ansible_distribution == 'CentOS'
+
+- name: Install ntpd
+  apt: name="{{item}}" state=installed
+  with_items:
+    - ntp
+    - ntpdate
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+
+- name: enable ntpd
+  service: name=ntp enabled=yes state=started
+  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
+