diff options
author | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2021-08-19 19:38:05 +0200 |
---|---|---|
committer | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2021-08-19 19:38:05 +0200 |
commit | ca5364cd55bc866d131d476ecd3bf86f36e9e587 (patch) | |
tree | a546a04b5bce30a2522cade6ab41db2d7e2a680a | |
parent | 92855a5194e78568bce13696e82242f7790dbfcb (diff) | |
download | infrastructure-ca5364cd55bc866d131d476ecd3bf86f36e9e587.tar.gz |
baserock_ostree/instance-config.yml: to ubuntu
-rw-r--r-- | baserock_ostree/instance-config.yml | 76 |
1 files changed, 61 insertions, 15 deletions
diff --git a/baserock_ostree/instance-config.yml b/baserock_ostree/instance-config.yml index 6363500e..89ff4c94 100644 --- a/baserock_ostree/instance-config.yml +++ b/baserock_ostree/instance-config.yml @@ -12,18 +12,25 @@ - import_tasks: ../tasks/create-data-volume.yml vars: lv_name: ostree - lv_size: 290g + lv_size: 90g mountpoint: /srv # This should perhaps have been called ostree-cache - name: ostree user - user: name=ostree + user: + name: ostree - name: ostree-releases user - user: name=ostree-releases + user: + name: ostree-releases - name: data directory - file: mode=0755 owner=ostree group=ostree path=/srv/ostree/ state=directory + file: + mode: 0755 + owner: ostree + group: ostree + path: /srv/ostree/ + state: directory - name: cache repository command: ostree init --repo=/srv/ostree/cache --mode=archive-z2 @@ -32,7 +39,12 @@ creates: /srv/ostree/cache/config - name: releases directory - file: mode=0755 owner=ostree-releases group=ostree-releases path=/srv/ostree/releases state=directory + file: + mode: 0755 + owner: ostree-releases + group: ostree-releases + path: /srv/ostree/releases + state: directory - name: releases repository command: ostree init --repo=/srv/ostree/releases --mode=archive-z2 @@ -46,27 +58,57 @@ dest: /etc/lighttpd/lighttpd.conf - name: restart lighttpd server - service: name=lighttpd enabled=yes state=restarted + service: + name: lighttpd + enabled: yes + state: restarted - name: sshd configuration for ostree user -- header - lineinfile: state="present" line="Match user ostree" path=/etc/ssh/sshd_config + lineinfile: + state: "present" + line: "Match user ostree" + path: /etc/ssh/sshd_config - name: sshd configuration for ostree user -- force command - lineinfile: state="present" line=" ForceCommand bst-artifact-receive --pull-url https://ostree.baserock.org/cache/ --verbose /srv/ostree/cache" insertafter="Match user ostree$" path=/etc/ssh/sshd_config + lineinfile: + state: "present" + line: " ForceCommand bst-artifact-receive --pull-url https://ostree.baserock.org/cache/ --verbose /srv/ostree/cache" + insertafter: "Match user ostree$" + path: /etc/ssh/sshd_config - name: sshd configuration for ostree user -- disable password auth - lineinfile: state="present" line=" PasswordAuthentication no" insertafter="Match user ostree$" path=/etc/ssh/sshd_config + lineinfile: + state: "present" + line: " PasswordAuthentication no" + insertafter: "Match user ostree$" + path: /etc/ssh/sshd_config - name: sshd configuration for ostree-releases user -- header - lineinfile: state="present" line="Match user ostree-releases" path=/etc/ssh/sshd_config + lineinfile: + state: "present" + line: "Match user ostree-releases" + path: /etc/ssh/sshd_config - name: sshd configuration for ostree-releases user -- force command - lineinfile: state="present" line=" ForceCommand ostree-receive -v --repo /srv/ostree/releases" insertafter="Match user ostree-releases$" path=/etc/ssh/sshd_config + lineinfile: + state: "present" + line: " ForceCommand ostree-receive -v --repo /srv/ostree/releases" + insertafter: "Match user ostree-releases$" + path: /etc/ssh/sshd_config - name: sshd configuration for ostree-releases user -- disable password auth - lineinfile: state="present" line=" PasswordAuthentication no" insertafter="Match user ostree-releases$" path=/etc/ssh/sshd_config + lineinfile: + state: "present" + line: " PasswordAuthentication no" + insertafter: "Match user ostree-releases$" + path: /etc/ssh/sshd_config - name: restart sshd server - service: name=sshd enabled=yes state=restarted + service: + name: sshd + enabled: yes + state: restarted - name: install systemd units - copy: src=./{{item}} dest=/{{item}} + copy: + src: ./{{item}} + dest: /{{item}} with_items: - etc/systemd/system/ostree-update-summary-cache.service - etc/systemd/system/ostree-update-summary-cache.timer @@ -74,7 +116,11 @@ - etc/systemd/system/ostree-update-summary-releases.timer - name: enable systemd units - systemd: name={{item}} enabled=yes daemon_reload=yes state=started + systemd: + name: "{{item}}" + enabled: yes + daemon_reload: yes + state: started with_items: - ostree-update-summary-cache.service - ostree-update-summary-cache.timer |