blob: b45498a3c4b74a10da64b8ad2f98de2ff3527dcd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
- include: vpn.yml
- name: Install squid proxy server
apt: pkg=squid3
- name: See if we need debian's updated squid3
# the trusty version of squid3 is terribly broken and won't support
# on disk caches:
# http://www.mail-archive.com/squid-users@lists.squid-cache.org/msg01171.html
shell: "dpkg --compare-versions `dpkg -s squid3 | grep Version | cut -d: -f2` lt 3.4"
register: squid_ver
ignore_errors: true
changed_when: false
- name: Install fixed version of squid3
shell: "apt-get install -y libnettle4 libdb5.1 && curl -o /tmp/squid3_common.deb http://ftp.de.debian.org/debian/pool/main/s/squid3/squid3-common_3.4.8-5~bpo70+1_all.deb && curl -o /tmp/squid3.deb http://ftp.de.debian.org/debian/pool/main/s/squid3/squid3_3.4.8-5~bpo70+1_amd64.deb && dpkg -i /tmp/squid3_common.deb /tmp/squid3.deb && rm /tmp/squid3.deb /tmp/squid3_common.deb"
when: squid_ver.rc == 0
- name: Configure squid proxy server
lineinfile: dest=/etc/squid3/squid.conf backup=yes
insertafter="^# INSERT YOUR OWN RULE\(S\) HERE"
line="include /etc/squid3/colo.conf"
- name: Copy colo overrides for squid
copy: src=colo-squid.conf
dest=/etc/squid3/colo.conf
owner=root group=root mode=0644
notify:
- reload squid
- name: Copy iptables NAT rules (NOTE - does not enable them)
copy: src=iptables
dest=/etc/rc.aus-colo-nat
owner=root
group=root
mode=0655
- name: Enable iptables rules at start-up
lineinfile: 'dest=/etc/rc.local
line="/etc/rc.aus-colo-nat #ADDED BY ANSIBLE"
regexp="^\/etc\/rc.aus-colo-nat #ADDED BY ANSIBLE"
insertbefore="exit 0"'
- name: Set up network interfaces
copy: src=router-interfaces
dest=/etc/network/interfaces
owner=root
group=root
mode=0644
- name: Set up hosts file
template: src=hosts.j2
dest=/etc/hosts
owner=root
group=root
mode=0644
- name: Install dnsmasq
action: apt pkg=dnsmasq
- name: Configure dnsmas.d
template: src=router-dnsmasq.j2
dest=/etc/dnsmasq.d/aus-colo
owner=root
group=root
mode=0644
notify:
- reload dnsmasq
tags:
- dnsmasq
- name: Install pdu_power script
action: copy src=pdu_power
dest=/usr/local/bin/pdu_power
owner=root
group=root
mode=755
tags:
- pdu_power
- name: Install pdu_power configuration
action: template src=pdu_power.conf.j2
dest=/etc/pdu_power.conf
owner=root
group=root
mode=440
tags:
- pdu_power
- colo_user
- name: Configure pdu_power sudoers
action: copy src=pdu_power.sudoers
dest=/etc/sudoers.d/pdu_power
owner=root
group=root
mode=440
tags:
- pdu_power
|