- Added name and date to license.

- Removed init detection, already present in Ansible, removed reference in
  tasks.
- Removed root_group var, use gid 0.
- State file mode as octal number instead of string.

LICENSE.txt

 The MIT License (MIT)
 
-Copyright (c) [year] [fullname]
+Copyright (c) 2016 Adar Nimrod
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.rst

@@ -87,7 +87,6 @@ TODO
 
 - Implement:
   - collectd_agent.
-  - init (via module).
   - ldap_login (with pam_mkhomedir).
   - ssh_ca.
   - syslog_forwarding.
@@ -96,4 +95,3 @@ TODO
 - Document.
 - Create a module to add a TLS certificate to store for both Debian-based and
   OpenBSD.
-- Create a module to detect the init system.

tasks/add_tls_cert.yml

@@ -21,7 +21,7 @@
     src: '{{ item }}'
     dest: '{{ cert_dir[ansible_os_family] }}/{{ item|basename }}.crt'
     owner: root
-    group: '{{ root_group[ansible_os_family] }}'
-    mode: '0644'
+    group: 0
+    mode: 0o0644
   notify:
   - Update CA store

tasks/backports.yml

@@ -21,4 +21,4 @@
     dest: /etc/apt/preferences.d/backports
     owner: root
     group: root
-    mode: '0644'
+    mode: 0o0644

tasks/collectd_agent.yml

@@ -23,8 +23,8 @@
   file:
     path: /etc/collectd/collectd.conf.d/
     owner: root
-    group: '{{ root_group[ansible_os_family] }}'
-    mode: '0755'
+    group: 0
+    mode: 0o0755
     state: directory
 
 - name: Gather Collectd facts
@@ -35,8 +35,8 @@
     src: collectd.conf
     dest: /etc/collectd/collectd.conf
     owner: root
-    group: '{{ root_group[ansible_os_family] }}'
-    mode: '0644'
+    group: 0
+    mode: 0o0644
   notify:
   - Restart Collectd
 
@@ -47,8 +47,8 @@
     src: '{{ item }}'
     dest: /etc/collectd/collectd.conf.d/
     owner: root
-    group: '{{ root_group[ansible_os_family] }}'
-    mode: '0644'
+    group: 0
+    mode: 0o0644
   notify:
   - Restart Collectd
 

tasks/init.yml

----
-
-- name: Assert
-  assert:
-    that: ansible_os_family == 'Debian'
-
-- name: Find which package provided init
-  command: /usr/bin/dpkg -S /sbin/init
-  register: common_which_init
-  changed_when: false
-
-- name: Register which init is used
-  set_fact:
-    ansible_init: '{{ debian_init[common_which_init["stdout"].split(":")[0]] }}'

tasks/main.yml

@@ -11,9 +11,6 @@
   assert:
     that: ansible_os_family in [ 'Debian', 'OpenBSD' ]
 
-- include: init.yml
-  when: ansible_os_family == 'Debian' and not common_role_finished is defined
-
 - include: backports.yml
   when: backports|default(False) and ansible_os_family == 'Debian' and not common_role_finished is defined
 

tasks/ntp.yml

@@ -5,7 +5,7 @@
     that: ansible_os_family in [ 'Debian', 'OpenBSD' ]
 
 - include: ntpd.yml
-  when: ansible_os_family == 'OpenBSD' or  not ansible_init == 'systemd'
+  when: ansible_service_mgr in [ ]
 
 - include: systemd-timesyncd.yml
-  when: ansible_os_family == 'Debian' and ansible_init == 'systemd'
+  when: ansible_service_mgr == 'systemd'

tasks/ntpd.yml

@@ -16,8 +16,8 @@
     src: ntpd.conf.j2
     dest: '{{ ntpd_conf[ansible_os_family] }}'
     owner: root
-    group: '{{ root_group[ansible_os_family] }}'
-    mode: '0644'
+    group: 0
+    mode: 0o0644
   notify:
   - Restart ntpd
 

tasks/syslog_forward.yml

@@ -19,7 +19,7 @@
     dest: /etc/rsyslog.d/forwarding.conf.j2
     owner: root
     group: root
-    mode: '0644'
+    mode: 0o0644
   notify:
   - Restart rsyslog
 

tasks/tls_cert_Debian.yml

@@ -32,15 +32,15 @@
   with_items:
     - src: '{{ tls_key }}'
       dest: '{{ tls_key_path }}'
-      mode: '0640'
+      mode: 0o0640
       group: ssl-cert
     - src: '{{ tls_cert }}'
       dest: '/usr/local/share/ca-certificates/{{ tls_cert|basename }}.crt'
-      mode: '0644'
+      mode: 0o0644
       group: root
     - src: '{{ tls_ca_cert }}'
       dest: '/usr/local/share/ca-certificates/{{ tls_ca_cert|basename }}.crt'
-      mode: '0644'
+      mode: 0o0644
       group: root
 
 - name: Update certificate authority store

tasks/tls_cert_OpenBSD.yml

@@ -12,10 +12,10 @@
 - name: Create TLS keys and certs directories
   with_items:
   - name: certs
-    mode: '0755'
+    mode: 0o0755
     group: wheel
   - name: private
-    mode: '0750'
+    mode: 0o0750
     group: ssl-cert
   file:
     path: '/etc/ssl/{{ item.name }}'
@@ -30,7 +30,7 @@
     dest: /etc/ssl/certs/ca-certificates.pem
     owner: root
     group: wheel
-    mode: '0644'
+    mode: 0o0644
 
 - name: Copy update-ca-certifcates script
   copy:
@@ -38,7 +38,7 @@
     dest: /usr/local/sbin/update-ca-certificates
     owner: root
     group: wheel
-    mode: '0755'
+    mode: 0o0755
 
 - stat:
     path: /etc/ssl/private/ssl-cert-snakeoil.key
@@ -84,7 +84,7 @@
     dest: '{{ item.dest }}'
     owner: root
     group: wheel
-    mode: '0644'
+    mode: 0o0644
   register: tls_copy
 
 - name: Update certificate authority store

tasks/unattended_upgrades.yml

@@ -25,14 +25,14 @@
     create: yes
     owner: root
     group: root
-    mode: '0644'
+    mode: 0o0644
   - dest: /etc/apt/apt.conf.d/20auto-upgrades
     line: 'APT::Periodic::Unattended-Upgrade "1";'
     regexp: '^APT::Periodic::Unattended-Upgrade'
     create: yes
     owner: root
     group: root
-    mode: '0644'
+    mode: 0o0644
   lineinfile:
     dest: '{{ item.dest }}'
     line: '{{ item.line }}'

vars/main.yml

@@ -15,11 +15,6 @@ backports_repo:
   precise: http://archive.ubuntu.com/ubuntu precise-backports main universe multiverse
   trusty: http://archive.ubuntu.com/ubuntu trusty-backports main universe multiverse
 
-debian_init:
-  'systemd-sysv': systemd
-  upstart: upstart
-  sysvinit: sysv
-
 sudoers_location:
     FreeBSD: '/usr/local/etc/sudoers'
     Debian: '/etc/sudoers'
@@ -47,9 +42,6 @@ update_ca_certificates:
 ssh_daemon:
     OpenBSD: sshd
     Debian: ssh
-root_group:
-    OpenBSD: wheel
-    Debian: root
 cert_dir:
     OpenBSD: /etc/ssl/certs
     Debian: /usr/local/share/ca-certificates