import du dossier ansible

roles/common/README.md

@@ -0,0 +1,10 @@
+common
+=========
+
+Update system, install base packages, configure system ...
+
+Role Variables
+--------------
+
+This role just needs to have an email defined in vars 
+

roles/common/defaults/main.yml

@@ -0,0 +1,31 @@
+---
+commonRequirePackages:
+  - htop
+  - vim
+  - man
+  - bash-completion
+  - locales
+  - python-pip
+  - wget
+  - bzip2
+  - lsof
+  - sudo
+  - tree
+  - ccze
+  - vim-common
+  - tmux
+  - curl
+  - git
+  - unzip
+  - ufw
+
+commonDeletePackages:
+  - bind9
+  - telnet
+  - ftp
+
+locales: "fr_FR.UTF-8"
+
+# Timezone
+Area : Europe
+City: Paris

roles/common/tasks/main.yml

@@ -0,0 +1,51 @@
+---
+- name: Update & upgrade system
+  apt:
+    update_cache: yes
+    upgrade: dist
+
+- name: Install common required packages
+  apt:
+    name: "{{ commonRequirePackages }}"
+
+
+- name: Remove useless stuff
+  apt:
+    name: "{{ commonDeletePackages }}"
+    state: absent
+
+- name: Set the hostname
+  hostname:
+    name: "{{ cthostname }}"
+
+- name: Set locales
+  locale_gen:
+    name: "{{ locales }}"
+    state: present
+
+- name: Set the Timezone to {{ Area }}/{{ City }}
+  shell: "ln -sf /usr/share/zoneinfo/{{ Area}}/{{ City }} /etc/localtime"
+
+- name: Fix /etc/hosts removing the old hostname
+  tags:
+    - hosts
+  lineinfile:
+    state: present
+    dest: /etc/hosts
+    line: "{{ ansible_default_ipv4.address }} {{ cthostname }} {{ domain }}"
+    regexp: "^{{ ansible_default_ipv4.address }}"
+
+- name: Allow SSH connexions
+  ufw:
+    rule: limit
+    port: ssh
+    proto: tcp
+
+- name: Set logging off
+  ufw:
+    logging: 'off'
+
+- name: Deny everything and enable UFW
+  ufw:
+    state: enabled
+    policy: deny

roles/mariadb/README.md

@@ -0,0 +1,11 @@
+mariadb
+=========
+
+Install mariaDB 
+
+Role Variables
+--------------
+
+You have to set the default root password in mysqlRootPassword variable, otherwise it's "SuperPassw0rd" by default.
+
+mysqlRootPassword: MySecurePassw0Rd

roles/mariadb/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+mysqlRootPassord: root

roles/mariadb/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: restart mariadb
+  service:
+    name: 'mariadb'
+    state: restarted

roles/mariadb/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+- name: Define MariaDB root password
+  shell: "{{ item }}"
+  with_items:
+    - "echo mysql-server mysql-server/root_password password {{ mysqlRootPassword }} | debconf-set-selections"
+    - "echo mysql-server mysql-server/root_password_again password {{ mysqlRootPassword }} | debconf-set-selections"
+
+- name: Install MariaDB Server
+  apt:
+    name: mariadb-server

roles/mattermost/README.md

@@ -0,0 +1,9 @@
+Install Mattermost
+==================
+
+Make install of Mattermost for Debian Buster.
+
+Postgresql for database.
+
+Install certbot by default, see main.yml in defaults for desactive.
+

roles/mattermost/defaults/main.yml

@@ -0,0 +1,10 @@
+---
+
+requredPackages:
+  - gnupg
+  - curl
+  - sudo
+
+mattermost_version: 5.21.0
+
+mattermost_user: mmuser

roles/mattermost/tasks/main.yml

@@ -0,0 +1,41 @@
+---
+- name: Download binary from MatterMost website
+  get_url:
+    url: https://releases.mattermost.com/{{ mattermost_version }}/mattermost-{{ mattermost_version }}-linux-amd64.tar.gz
+    dest: /tmp/
+
+- name: unpack mattermost archive
+  unarchive:
+    src: /tmp/mattermost-team-{{ mattermost_version }}-linux-amd64.tar.gz
+    dest: /opt/
+    copy: no
+  args:
+    creates: /opt/mattermost/bin/platform
+
+- name: Edit /opt/mattermost/config/config.json
+  lineinfile:
+    dest: /opt/mattermost/config/config.json
+    regexp: '"DriverName": "mysql",'
+    line: '        "DriverName": "postgres",'
+    backrefs: yes
+
+- name: Edit /opt/mattermost/config/config.json
+  lineinfile:
+    dest: /opt/mattermost/config/config.json
+    regexp: '"DataSource":'
+    line: '        "DataSource": "postgres://{{ db_user }}:{{ db_password }}@127.0.0.1:5432/{{ db_name }}?sslmode=disable&connect_timeout=10",'
+    backrefs: yes
+
+- name: Create mattermost user
+  user:
+    name: "{{ mattermost_user }}"
+    system: yes
+    createhome: no
+
+- name: Change mattermost directory permissions
+  file:
+    path: /opt/mattermost
+    state: directory
+    owner: "{{ mattermost_user }}"
+    group: "{{ mattermost_user }}"
+    recurse: yes

roles/nginx/README.md

@@ -0,0 +1,4 @@
+Install Nginx Server
+=======
+
+Install Nginx Server with Certbot plugins if installCertbot is true in defaults directory.

roles/nginx/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+installCertbot: False

roles/nginx/tasks/main.yml

@@ -0,0 +1,9 @@
+---
+- name: Install Nginx
+  apt:
+    name: nginx-full
+
+- name: install Certbot Nginx plugin
+  apt:
+    name: python3-certbot-nginx
+  when: installCertbot == True

roles/postgresql/README.md

@@ -0,0 +1,4 @@
+Install Postresql
+=================
+
+Install postgresql and postegresql-contrib

roles/postgresql/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+
+- name: Install Postresql Server
+  apt:
+    name:
+      - postgresql
+      - postgresql-contrib