From 68c01a04cd6268c1dee66678c258cd4c240d5bb1 Mon Sep 17 00:00:00 2001
From: binary <me@rgoncalves.se>
Date: Tue, 30 Jun 2020 19:24:22 +0200
Subject: Cleanup for public release
---
roles/setup_dotfiles/tasks/main.yml | 49 ++++++++
roles/setup_fail2ban/tasks/main.yml | 72 ++++++++++++
roles/setup_firewalld/tasks/main.yml | 15 +++
roles/setup_git/tasks/main.yml | 88 +++++++++++++++
roles/setup_git/templates/gitweb.service | 25 +++++
roles/setup_git/vars/main.yml | 18 +++
roles/setup_hostname/tasks/main.yml | 14 +++
roles/setup_mkdocs/tasks/main.yml | 39 +++++++
roles/setup_mkdocs/templates/mkdocs.service | 24 ++++
roles/setup_mkdocs/vars/main.yml | 17 +++
roles/setup_python/tasks/main.yml | 21 ++++
roles/setup_security/tasks/main.yml | 22 ++++
roles/setup_syncthing/tasks/main.yml | 131 ++++++++++++++++++++++
roles/setup_syncthing/templates/syncthing.service | 25 +++++
roles/setup_syncthing/vars/main.yml | 32 ++++++
roles/update/tasks/main.yml | 27 +++++
16 files changed, 619 insertions(+)
create mode 100644 roles/setup_dotfiles/tasks/main.yml
create mode 100644 roles/setup_fail2ban/tasks/main.yml
create mode 100644 roles/setup_firewalld/tasks/main.yml
create mode 100644 roles/setup_git/tasks/main.yml
create mode 100644 roles/setup_git/templates/gitweb.service
create mode 100644 roles/setup_git/vars/main.yml
create mode 100644 roles/setup_hostname/tasks/main.yml
create mode 100644 roles/setup_mkdocs/tasks/main.yml
create mode 100644 roles/setup_mkdocs/templates/mkdocs.service
create mode 100644 roles/setup_mkdocs/vars/main.yml
create mode 100644 roles/setup_python/tasks/main.yml
create mode 100644 roles/setup_security/tasks/main.yml
create mode 100644 roles/setup_syncthing/tasks/main.yml
create mode 100644 roles/setup_syncthing/templates/syncthing.service
create mode 100644 roles/setup_syncthing/vars/main.yml
create mode 100644 roles/update/tasks/main.yml
(limited to 'roles')
diff --git a/roles/setup_dotfiles/tasks/main.yml b/roles/setup_dotfiles/tasks/main.yml
new file mode 100644
index 0000000..47b73e4
--- /dev/null
+++ b/roles/setup_dotfiles/tasks/main.yml
@@ -0,0 +1,49 @@
+
+# =========================================================================== #
+# __ __ __ _____ __
+# _________ / /__ ____/ /___ / /_/ __(_) /__ _____
+# / ___/ __ \/ / _ \ / __ / __ \/ __/ /_/ / / _ \/ ___/
+# / / / /_/ / / __/ / /_/ / /_/ / /_/ __/ / / __(__ )
+# /_/ \____/_/\___(_) \__,_/\____/\__/_/ /_/_/\___/____/
+#
+# =========================================================================== #
+
+---
+- name: Check installation of zsh
+ package:
+ name: zsh
+ state: present
+
+- name: Check installation of vim
+ package:
+ name: vim
+ state: present
+
+- name: Check installation of tmux
+ package:
+ name: tmux
+ state: present
+
+- name: Copy zshrc configuration file
+ copy:
+ src: zshrc
+ dest: /etc/zshrc
+ owner: root
+ group: root
+ mode: 0644
+
+- name: Copy vimrc configuration file
+ copy:
+ src: vimrc.local
+ dest: /etc/vimrc
+ owner: root
+ group: root
+ mode: 0644
+
+- name: Copy tmux configuration file
+ copy:
+ src: tmux.conf
+ dest: /etc/tmux.conf
+ owner: root
+ group: root
+ mode: 0644
diff --git a/roles/setup_fail2ban/tasks/main.yml b/roles/setup_fail2ban/tasks/main.yml
new file mode 100644
index 0000000..b0edb6e
--- /dev/null
+++ b/roles/setup_fail2ban/tasks/main.yml
@@ -0,0 +1,72 @@
+
+# =========================================================================== #
+# __ ____ _ _____ __
+# _________ / /__ / __/___ _(_) /__ \ / /_ ____ _____
+# / ___/ __ \/ / _ \ / /_/ __ `/ / /__/ // __ \/ __ `/ __ \
+# / / / /_/ / / __/ / __/ /_/ / / // __// /_/ / /_/ / / / /
+# /_/ \____/_/\___(_) /_/ \__,_/_/_//____/_.___/\__,_/_/ /_/
+#
+# =========================================================================== #
+
+---
+- name: Check installation of fail2ban
+ package:
+ name: fail2ban
+ state: present
+
+- name: Check existence of fail2ban config file -- jail.local
+ stat:
+ path: /etc/fail2ban/jail.local
+ register: stat_result
+
+- name: Backing up ancient fail2ban config file -- jail.local.backup
+ shell: cp /etc/fail2ban/jail.local /etc/fail2ban/jail.local.backup
+ when: stat_result.stat.exists
+
+- name: Copy fail2ban :: jail.local
+ copy:
+ src: jail.local
+ dest: /etc/fail2ban/
+ owner: root
+ group: root
+ mode: "0644"
+
+- name: Copy fail2ban :: path-defaults.conf
+ copy:
+ src: jail.local
+ dest: /etc/fail2ban/
+ owner: root
+ group: root
+ mode: "0644"
+
+- name: Copy fail2ban :: path-defaults.conf
+ copy:
+ src: jail.local
+ dest: /etc/fail2ban/
+ owner: root
+ group: root
+ mode: "0644"
+
+- name: Copy fail2ban :: jail-sshd.conf
+ copy:
+ src: jail-sshd.conf
+ dest: /etc/fail2ban/jail.d
+ owner: root
+ group: root
+ mode: "0644"
+
+- name: Copy fail2ban :: jail-lighttpd.conf
+ copy:
+ src: jail-lighttpd.conf
+ dest: /etc/fail2ban/jail.d
+ owner: root
+ group: root
+ mode: "0644"
+ when: inventory_hostname in groups["server-web"]
+
+
+- name: Restart fail2ban service
+ systemd:
+ name: fail2ban
+ enabled: yes
+ state: restarted
diff --git a/roles/setup_firewalld/tasks/main.yml b/roles/setup_firewalld/tasks/main.yml
new file mode 100644
index 0000000..62d8240
--- /dev/null
+++ b/roles/setup_firewalld/tasks/main.yml
@@ -0,0 +1,15 @@
+
+# =========================================================================== #
+# __ _____ ____ __
+# _________ / /__ / __(_)_______ _ ______ _/ / /___/ /
+# / ___/ __ \/ / _ \ / /_/ / ___/ _ \ | /| / / __ `/ / / __ /
+# / / / /_/ / / __/ / __/ / / / __/ |/ |/ / /_/ / / / /_/ /
+# /_/ \____/_/\___(_) /_/ /_/_/ \___/|__/|__/\__,_/_/_/\__,_/
+#
+# =========================================================================== #
+
+---
+- name: Check installation of firewalld
+ package:
+ name: firewalld
+ state: present
diff --git a/roles/setup_git/tasks/main.yml b/roles/setup_git/tasks/main.yml
new file mode 100644
index 0000000..2383a7c
--- /dev/null
+++ b/roles/setup_git/tasks/main.yml
@@ -0,0 +1,88 @@
+
+# =========================================================================== #
+# __ _ __
+# _________ / /__ ____ _(_) /_
+# / ___/ __ \/ / _ \ / __ `/ / __/
+# / / / /_/ / / __/ / /_/ / / /_
+# /_/ \____/_/\___(_) \__, /_/\__/
+# /____/
+#
+# =========================================================================== #
+
+---
+- name: Check installation of git
+ package:
+ name: git
+ state: present
+
+- name: Check installation of lighttpd
+ package:
+ name: lighttpd
+ state: present
+
+- name: Check installation of libcgi
+ package:
+ name: libcgi-pm-perl
+ state: present
+
+- name: Check installation of gamin
+ package:
+ name: gamin
+ state: present
+
+- name: Add group git
+ user:
+ name: "{{ git_group }}"
+ state: present
+
+- name: Add user git
+ user:
+ name: "{{ git_user }}"
+ comment: "{{ git_user_comment }}"
+ group: "{{ git_group }}"
+
+- name: Set up multiple authorized keys
+ authorized_key:
+ user: "{{ git_user }}"
+ state: present
+ key: "{{ item }}"
+ with_file:
+ - "{{ playbook_dir }}/files/public_keys/WS-bentonite"
+ - "{{ playbook_dir }}/files/public_keys/LP-graphite"
+
+- name: Create git directory
+ file:
+ path: "{{ git_directory_path }}"
+ state: directory
+ owner: "{{ git_user }}"
+ group: "{{ git_group }}"
+ mode: 0755
+ recurse: True
+
+- name: Create default gitweb directory
+ file:
+ path: "{{ git_directory_path }}/{{ git_gitweb_default_repository }}"
+ state: directory
+ owner: "{{ git_user }}"
+ group: "{{ git_group }}"
+ mode: 0755
+
+- name: Init gitweb repository
+ command: git init "{{ git_directory_path }}/{{ git_gitweb_default_repository }}"
+ become_user: "{{ git_user }}"
+
+- name: Copy gitweb systemd unit
+ template:
+ src: "{{ git_gitweb_unit }}.service"
+ dest: "{{ g_systemd_unit_directory }}"
+ owner: root
+ group: root
+ mode: 0644
+
+- name: Start gitweb systemd unit
+ systemd:
+ name: "{{ git_gitweb_unit }}"
+ state: restarted
+ daemon_reload: yes
+ enabled: yes
+
diff --git a/roles/setup_git/templates/gitweb.service b/roles/setup_git/templates/gitweb.service
new file mode 100644
index 0000000..12e1eb4
--- /dev/null
+++ b/roles/setup_git/templates/gitweb.service
@@ -0,0 +1,25 @@
+
+# =========================================================================== #
+# _ __ _ __
+# __ ______ (_) /_ ____ _(_) /_
+# / / / / __ \/ / __/ / __ `/ / __/
+# / /_/ / / / / / /__ / /_/ / / /_
+# \__,_/_/ /_/_/\__(_) \__, /_/\__/
+# /____/
+#
+# =========================================================================== #
+
+[Unit]
+Description=Gitweb interface for git repositories
+
+[Service]
+Type=forking
+User={{ git_user }}
+Group={{ git_group }}
+WorkingDirectory={{ git_directory_path }}/{{ git_gitweb_default_repository }}
+ExecStart=/usr/bin/git instaweb --port={{ g_port_gitweb_gui }}
+ExecStop=/bin/kill -s HUP $MAINPID
+RuntimeDirectoryMode=0700
+
+[Install]
+WantedBy=default.target
diff --git a/roles/setup_git/vars/main.yml b/roles/setup_git/vars/main.yml
new file mode 100644
index 0000000..74983b0
--- /dev/null
+++ b/roles/setup_git/vars/main.yml
@@ -0,0 +1,18 @@
+
+# =========================================================================== #
+# _ __
+# _ ______ __________ ____ _(_) /_
+# | | / / __ `/ ___/ ___/ / __ `/ / __/
+# | |/ / /_/ / / (__ ) / /_/ / / /_
+# |___/\__,_/_/ /____(_) \__, /_/\__/
+# /____/
+#
+# =========================================================================== #
+
+---
+git_user: git
+git_user_comment: handles git repositories and gitweb service
+git_group: git
+git_gitweb_unit: gitweb
+git_gitweb_default_repository: __default
+git_directory_path: /srv/git
diff --git a/roles/setup_hostname/tasks/main.yml b/roles/setup_hostname/tasks/main.yml
new file mode 100644
index 0000000..326e047
--- /dev/null
+++ b/roles/setup_hostname/tasks/main.yml
@@ -0,0 +1,14 @@
+
+# =========================================================================== #
+# __ __ __
+# _________ / /__ / /_ ____ _____/ /_____ ____ _____ ___ ___
+# / ___/ __ \/ / _ \ / __ \/ __ \/ ___/ __/ __ \/ __ `/ __ `__ \/ _ \
+# / / / /_/ / / __/ / / / / /_/ (__ ) /_/ / / / /_/ / / / / / / __/
+# /_/ \____/_/\___(_) /_/ /_/\____/____/\__/_/ /_/\__,_/_/ /_/ /_/\___/
+#
+# =========================================================================== #
+
+---
+- name: Syncrhonize host hostname with config hostname
+ hostname:
+ name: "{{ inventory_hostname }}"
diff --git a/roles/setup_mkdocs/tasks/main.yml b/roles/setup_mkdocs/tasks/main.yml
new file mode 100644
index 0000000..83ed41b
--- /dev/null
+++ b/roles/setup_mkdocs/tasks/main.yml
@@ -0,0 +1,39 @@
+
+# =========================================================================== #
+# __ __ __
+# _________ / /__ ____ ___ / /______/ /___ __________
+# / ___/ __ \/ / _ \ / __ `__ \/ //_/ __ / __ \/ ___/ ___/
+# / / / /_/ / / __/ / / / / / / ,< / /_/ / /_/ / /__(__ )
+# /_/ \____/_/\___(_) /_/ /_/ /_/_/|_|\__,_/\____/\___/____/
+#
+# =========================================================================== #
+
+---
+- name: Check mkdocs-material install
+ pip:
+ name: mkdocs-material
+
+- name: Check mkdocs mermaid plugin install
+ pip:
+ name: mkdocs-mermaid2-plugin
+
+- name: Add user mkdocs
+ user:
+ name: "{{ mkdocs_user }}"
+ comment: "{{ mkdocs_user_comment }}"
+
+- name: Copy syncthing systemd unit
+ template:
+ src: "{{ mkdocs_daemon_unit }}.service"
+ dest: "{{ g_systemd_unit_directory }}"
+ owner: root
+ group: root
+ mode: 0644
+
+- name: Start and enable syncthing systemd unit
+ systemd:
+ name: "{{ mkdocs_daemon_unit }}"
+ state: restarted
+ daemon_reload: yes
+ enabled: yes
+
diff --git a/roles/setup_mkdocs/templates/mkdocs.service b/roles/setup_mkdocs/templates/mkdocs.service
new file mode 100644
index 0000000..0befc0d
--- /dev/null
+++ b/roles/setup_mkdocs/templates/mkdocs.service
@@ -0,0 +1,24 @@
+
+# =========================================================================== #
+# _ __ __ __ _
+# __ ______ (_) /_ _______ ______ _____/ /_/ /_ (_)___ ____ _
+# / / / / __ \/ / __/ / ___/ / / / __ \/ ___/ __/ __ \/ / __ \/ __ `/
+# / /_/ / / / / / /__ (__ ) /_/ / / / / /__/ /_/ / / / / / / / /_/ /
+# \__,_/_/ /_/_/\__(_) /____/\__, /_/ /_/\___/\__/_/ /_/_/_/ /_/\__, /
+# /____/ /____/
+#
+# =========================================================================== #
+
+[Unit]
+Description=Webserver for markdown documentation
+
+[Service]
+Type=simple
+User={{ mkdocs_user }}
+WorkingDirectory={{ mkdocs_files_directory }}
+ExecStart=mkdocs serve --dev-addr {{g_ip_mkdocs_gui}}:{{g_port_mkdocs_gui }}
+ExecStop=/bin/kill -s HUP $MAINPID
+RuntimeDirectoryMode=0700
+
+[Install]
+WantedBy=default.target
diff --git a/roles/setup_mkdocs/vars/main.yml b/roles/setup_mkdocs/vars/main.yml
new file mode 100644
index 0000000..418df91
--- /dev/null
+++ b/roles/setup_mkdocs/vars/main.yml
@@ -0,0 +1,17 @@
+
+# =========================================================================== #
+# __ __
+# _ ______ ___________ ____ ___ / /______/ /___ __________
+# | | / / __ `/ ___/ ___/ / __ `__ \/ //_/ __ / __ \/ ___/ ___/
+# | |/ / /_/ / / (__ ) / / / / / / ,< / /_/ / /_/ / /__(__ )
+# |___/\__,_/_/ /____(_) /_/ /_/ /_/_/|_|\__,_/\____/\___/____/
+#
+# =========================================================================== #
+
+---
+mkdocs_user: mkdocs
+mkdocs_user_comment: webserver hosting documentation in markdown
+mkdocs_group: null
+mkdocs_daemon_unit: mkdocs
+
+mkdocs_files_directory: /srv/git/infrastructure-docs
diff --git a/roles/setup_python/tasks/main.yml b/roles/setup_python/tasks/main.yml
new file mode 100644
index 0000000..033981d
--- /dev/null
+++ b/roles/setup_python/tasks/main.yml
@@ -0,0 +1,21 @@
+
+# =========================================================================== #
+# __ __ __
+# _________ / /__ ____ __ __/ /_/ /_ ____ ____
+# / ___/ __ \/ / _ \ / __ \/ / / / __/ __ \/ __ \/ __ \
+# / / / /_/ / / __/ / /_/ / /_/ / /_/ / / / /_/ / / / /
+# /_/ \____/_/\___(_) / .___/\__, /\__/_/ /_/\____/_/ /_/
+# /_/ /____/
+#
+# =========================================================================== #
+
+---
+- name: Check installation of python3-pip
+ package:
+ name: python3-pip
+ state: present
+
+- name: Check installation of lxml
+ package:
+ name: python-lxml
+ state: present
diff --git a/roles/setup_security/tasks/main.yml b/roles/setup_security/tasks/main.yml
new file mode 100644
index 0000000..7d29cf5
--- /dev/null
+++ b/roles/setup_security/tasks/main.yml
@@ -0,0 +1,22 @@
+
+# =========================================================================== #
+# __ _ __
+# _________ / /__ ________ _______ _______(_) /___ __
+# / ___/ __ \/ / _ \ / ___/ _ \/ ___/ / / / ___/ / __/ / / /
+# / / / /_/ / / __/ (__ ) __/ /__/ /_/ / / / / /_/ /_/ /
+# /_/ \____/_/\___(_) /____/\___/\___/\__,_/_/ /_/\__/\__, /
+# /____/
+#
+# =========================================================================== #
+
+---
+- name: Remove default user pi
+ user:
+ name: pi
+ state: absent
+ remove: yes
+
+- name: Remove default group pi
+ group:
+ name: pi
+ state: absent
diff --git a/roles/setup_syncthing/tasks/main.yml b/roles/setup_syncthing/tasks/main.yml
new file mode 100644
index 0000000..431f27f
--- /dev/null
+++ b/roles/setup_syncthing/tasks/main.yml
@@ -0,0 +1,131 @@
+
+# =========================================================================== #
+# __ __ __ _
+# _________ / /__ _______ ______ _____/ /_/ /_ (_)___ ____ _
+# / ___/ __ \/ / _ \ / ___/ / / / __ \/ ___/ __/ __ \/ / __ \/ __ `/
+# / / / /_/ / / __/ (__ ) /_/ / / / / /__/ /_/ / / / / / / / /_/ /
+# /_/ \____/_/\___(_) /____/\__, /_/ /_/\___/\__/_/ /_/_/_/ /_/\__, /
+# /____/ /____/
+#
+# =========================================================================== #
+
+---
+- name: Add group syncthing
+ group:
+ name: "{{ syncthing_user }}"
+ state: present
+
+- name: Add user syncthing
+ user:
+ name: "{{ syncthing_user }}"
+ comment: "{{ syncthing_group }}"
+ group: "{{ syncthing_group }}"
+
+- name: Create syncthing bin directory
+ file:
+ path: "{{ syncthing_bin_directory }}"
+ state: directory
+ owner: "{{ syncthing_user }}"
+ group: "{{ syncthing_group }}"
+ mode: 0755
+ recurse: True
+
+- name: Create syncthing sync directory
+ file:
+ path: "{{ syncthing_files_directory }}"
+ state: directory
+ owner: "{{ syncthing_user }}"
+ group: "{{ syncthing_group }}"
+ mode: 0755
+ recurse: True
+
+- name: Download and extract syncthing archive
+ become_user: syncthing
+ unarchive:
+ src: "{{ syncthing_download_url }}/{{ syncthing_version }}/syncthing-{{ syncthing_os }}-{{ syncthing_architecture }}-{{ syncthing_version }}.tar.gz"
+ dest: "{{ syncthing_download_directory }}"
+ remote_src: yes
+
+- name: Copy syncthing bin
+ copy:
+ src: "{{ syncthing_download_directory }}/syncthing-{{ syncthing_os }}-{{ syncthing_architecture }}-{{ syncthing_version }}/syncthing"
+ remote_src: yes
+ dest: "{{ syncthing_bin_directory }}"
+ owner: "{{ syncthing_user }}"
+ group: "{{ syncthing_group }}"
+ mode: 0744
+
+- name: Copy syncthing systemd unit
+ template:
+ src: "{{ syncthing_daemon_unit }}.service"
+ dest: "{{ g_systemd_unit_directory }}"
+ owner: root
+ group: root
+ mode: 0644
+
+- name: Start syncthing systemd unit
+ systemd:
+ name: "{{ syncthing_daemon_unit }}"
+ state: restarted
+ daemon_reload: yes
+
+- name: Stop syncthing systemd unit
+ systemd:
+ name: "{{ syncthing_daemon_unit }}"
+ state: stopped
+
+- name: Config networking
+ xml:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ xpath: /configuration/gui/address
+ value: "0.0.0.0:{{ g_port_syncthing_gui }}"
+
+- name: Config clear directory path
+ xml:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ xpath: "/configuration/folder/@path"
+ state: present
+
+- name: Config directory path
+ replace:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ regexp: "path=\"\""
+ replace: "path=\"{{ syncthing_files_directory }}\""
+
+- name: Config disable relay
+ xml:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ xpath: /configuration/options/relaysEnabled
+ value: "{{ syncthing_b_relays }}"
+
+- name: Config disable global announcements
+ xml:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ xpath: /configuration/options/globalAnnounceEnabled
+ value: "{{ syncthing_b_global_announcements }}"
+
+- name: Config disable nat
+ xml:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ xpath: /configuration/options/natEnabled
+ value: "{{ syncthing_b_nat }}"
+
+- name: Config disable crash reporting
+ xml:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ xpath: /configuration/options/crashReportingEnabled
+ value: "{{ syncthing_b_crash_reporting }}"
+
+- name: Config disable browser autostart
+ xml:
+ path: "{{ syncthing_config_directory }}/config.xml"
+ xpath: /configuration/options/startBrowser
+ value: "{{ syncthing_b_start_browser }}"
+
+- name: Start and enable syncthing systemd unit
+ systemd:
+ name: "{{ syncthing_daemon_unit }}"
+ state: restarted
+ daemon_reload: yes
+ enabled: yes
+
diff --git a/roles/setup_syncthing/templates/syncthing.service b/roles/setup_syncthing/templates/syncthing.service
new file mode 100644
index 0000000..fe4c429
--- /dev/null
+++ b/roles/setup_syncthing/templates/syncthing.service
@@ -0,0 +1,25 @@
+
+# =========================================================================== #
+# _ __ __ __ _
+# __ ______ (_) /_ _______ ______ _____/ /_/ /_ (_)___ ____ _
+# / / / / __ \/ / __/ / ___/ / / / __ \/ ___/ __/ __ \/ / __ \/ __ `/
+# / /_/ / / / / / /__ (__ ) /_/ / / / / /__/ /_/ / / / / / / / /_/ /
+# \__,_/_/ /_/_/\__(_) /____/\__, /_/ /_/\___/\__/_/ /_/_/_/ /_/\__, /
+# /____/ /____/
+#
+# =========================================================================== #
+
+[Unit]
+Description=Synchronization service for files
+
+[Service]
+Type=simple
+User={{ syncthing_user }}
+Group={{ syncthing_group }}
+WorkingDirectory={{ syncthing_files_directory }}
+ExecStart={{ syncthing_bin_directory }}/syncthing
+ExecStop=/bin/kill -s HUP $MAINPID
+RuntimeDirectoryMode=0700
+
+[Install]
+WantedBy=default.target
diff --git a/roles/setup_syncthing/vars/main.yml b/roles/setup_syncthing/vars/main.yml
new file mode 100644
index 0000000..16eb97f
--- /dev/null
+++ b/roles/setup_syncthing/vars/main.yml
@@ -0,0 +1,32 @@
+
+# =========================================================================== #
+# __ __ _
+# _ ______ ___________ _______ ______ _____/ /_/ /_ (_)___ ____ _
+# | | / / __ `/ ___/ ___/ / ___/ / / / __ \/ ___/ __/ __ \/ / __ \/ __ `/
+# | |/ / /_/ / / (__ ) (__ ) /_/ / / / / /__/ /_/ / / / / / / / /_/ /
+# |___/\__,_/_/ /____(_) /____/\__, /_/ /_/\___/\__/_/ /_/_/_/ /_/\__, /
+# /____/ /____/
+#
+# =========================================================================== #
+
+---
+syncthing_user: syncthing
+syncthing_user_comment: handles syncthing service
+syncthing_group: syncthing
+syncthing_daemon_unit: syncthing
+
+syncthing_os: linux
+syncthing_version: v1.6.1
+syncthing_architecture: arm
+syncthing_download_url: https://github.com/syncthing/syncthing/releases/download
+
+syncthing_download_directory: /tmp
+syncthing_bin_directory: /opt/syncthing
+syncthing_files_directory: /srv/sync
+syncthing_config_directory: "/home/{{ syncthing_user }}/.config/syncthing"
+
+syncthing_b_nat: "false"
+syncthing_b_relays: "false"
+syncthing_b_start_browser: "false"
+syncthing_b_crash_reporting: "false"
+syncthing_b_global_announcements: "false"
diff --git a/roles/update/tasks/main.yml b/roles/update/tasks/main.yml
new file mode 100644
index 0000000..558807e
--- /dev/null
+++ b/roles/update/tasks/main.yml
@@ -0,0 +1,27 @@
+
+# =========================================================================== #
+# __ __ __
+# _________ / /__ __ ______ ____/ /___ _/ /____
+# / ___/ __ \/ / _ \ / / / / __ \/ __ / __ `/ __/ _ \
+# / / / /_/ / / __/ / /_/ / /_/ / /_/ / /_/ / /_/ __/
+# /_/ \____/_/\___(_) \__,_/ .___/\__,_/\__,_/\__/\___/
+# /_/
+# =========================================================================== #
+
+---
+- name: Upgrading CentOs packages
+ dnf:
+ name: "*"
+ state: latest
+ when: ansible_distribution == "CentOs"
+
+- name: Updating Debian packages
+ apt:
+ update_cache: yes
+ when: ansible_distribution == "Debian"
+
+- name: Upgrading Debian packages to latest
+ apt:
+ upgrade: dist
+ when: ansible_distribution == "Debian"
+
--
cgit v1.2.3