diff --git a/LICENSE.txt b/LICENSE.txt
index 38c6bf23b1163a62b464155a95401d90348e3ff3..ee4c95e0b73a3681aa80f3de24fba84d3d1ed71a 100644
--- a/LICENSE.txt
+++ b/LICENSE.txt
@@ -1,6 +1,6 @@
The MIT License (MIT)
-Copyright (c) [year] [fullname]
+Copyright (c) 2016 Adar Nimrod
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
diff --git a/README.rst b/README.rst
index 8890449ef8fc015be45718962193afd774b43fbb..d8bfe7d4a602edeec5c4a4323dd2a6dae50bfc36 100644
--- a/README.rst
+++ b/README.rst
@@ -87,7 +87,6 @@ TODO
- Implement:
- collectd_agent.
- - init (via module).
- ldap_login (with pam_mkhomedir).
- ssh_ca.
- syslog_forwarding.
@@ -96,4 +95,3 @@ TODO
- Document.
- Create a module to add a TLS certificate to store for both Debian-based and
OpenBSD.
-- Create a module to detect the init system.
diff --git a/tasks/add_tls_cert.yml b/tasks/add_tls_cert.yml
index edc2c40416ebf80ec4e3dcea18f6a6d6c7ee269b..a559cab453b4537f436170e167e7f75a11f63174 100644
--- a/tasks/add_tls_cert.yml
+++ b/tasks/add_tls_cert.yml
@@ -21,7 +21,7 @@
src: '{{ item }}'
dest: '{{ cert_dir[ansible_os_family] }}/{{ item|basename }}.crt'
owner: root
- group: '{{ root_group[ansible_os_family] }}'
- mode: '0644'
+ group: 0
+ mode: 0o0644
notify:
- Update CA store
diff --git a/tasks/backports.yml b/tasks/backports.yml
index 9320af2211bcc3e31e332778ebb338e03eeca91a..4f9687c433eaa7a20e3bd254a398bff5372ec1fe 100644
--- a/tasks/backports.yml
+++ b/tasks/backports.yml
@@ -21,4 +21,4 @@
dest: /etc/apt/preferences.d/backports
owner: root
group: root
- mode: '0644'
+ mode: 0o0644
diff --git a/tasks/collectd_agent.yml b/tasks/collectd_agent.yml
index 31eb7fa7fec5cc81e56ca8b3a5dbfe4f5c1afe5d..34ace24392bb006796cb4b28b7f454cd6afe2a10 100644
--- a/tasks/collectd_agent.yml
+++ b/tasks/collectd_agent.yml
@@ -23,8 +23,8 @@
file:
path: /etc/collectd/collectd.conf.d/
owner: root
- group: '{{ root_group[ansible_os_family] }}'
- mode: '0755'
+ group: 0
+ mode: 0o0755
state: directory
- name: Gather Collectd facts
@@ -35,8 +35,8 @@
src: collectd.conf
dest: /etc/collectd/collectd.conf
owner: root
- group: '{{ root_group[ansible_os_family] }}'
- mode: '0644'
+ group: 0
+ mode: 0o0644
notify:
- Restart Collectd
@@ -47,8 +47,8 @@
src: '{{ item }}'
dest: /etc/collectd/collectd.conf.d/
owner: root
- group: '{{ root_group[ansible_os_family] }}'
- mode: '0644'
+ group: 0
+ mode: 0o0644
notify:
- Restart Collectd
diff --git a/tasks/init.yml b/tasks/init.yml
deleted file mode 100644
index d451d5af2efbec5fde23874ef25c42270ccef637..0000000000000000000000000000000000000000
--- a/tasks/init.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-
-- name: Assert
- assert:
- that: ansible_os_family == 'Debian'
-
-- name: Find which package provided init
- command: /usr/bin/dpkg -S /sbin/init
- register: common_which_init
- changed_when: false
-
-- name: Register which init is used
- set_fact:
- ansible_init: '{{ debian_init[common_which_init["stdout"].split(":")[0]] }}'
diff --git a/tasks/main.yml b/tasks/main.yml
index 85e298a6cdaea5a18ea48bf2ed2beafd4f5f6453..ab40a3295b88c87f1dd931a63c17dd237f092233 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -11,9 +11,6 @@
assert:
that: ansible_os_family in [ 'Debian', 'OpenBSD' ]
-- include: init.yml
- when: ansible_os_family == 'Debian' and not common_role_finished is defined
-
- include: backports.yml
when: backports|default(False) and ansible_os_family == 'Debian' and not common_role_finished is defined
diff --git a/tasks/ntp.yml b/tasks/ntp.yml
index ec0b9a66998e354e34a95b95d76e1f88fd567f6e..f46d1ac19e356f9628b5622ff164534d3f50e663 100644
--- a/tasks/ntp.yml
+++ b/tasks/ntp.yml
@@ -5,7 +5,7 @@
that: ansible_os_family in [ 'Debian', 'OpenBSD' ]
- include: ntpd.yml
- when: ansible_os_family == 'OpenBSD' or not ansible_init == 'systemd'
+ when: ansible_service_mgr in [ ]
- include: systemd-timesyncd.yml
- when: ansible_os_family == 'Debian' and ansible_init == 'systemd'
+ when: ansible_service_mgr == 'systemd'
diff --git a/tasks/ntpd.yml b/tasks/ntpd.yml
index 511575d93f60d65324cd7468497bce4805366c1a..b98385e28a445edab7aa38b4d4ec1180b989fc24 100644
--- a/tasks/ntpd.yml
+++ b/tasks/ntpd.yml
@@ -16,8 +16,8 @@
src: ntpd.conf.j2
dest: '{{ ntpd_conf[ansible_os_family] }}'
owner: root
- group: '{{ root_group[ansible_os_family] }}'
- mode: '0644'
+ group: 0
+ mode: 0o0644
notify:
- Restart ntpd
diff --git a/tasks/syslog_forward.yml b/tasks/syslog_forward.yml
index a4c82456c0030d9db6470c138860df6151c8a2c2..b7f88d99e0b55a02c502f00e178701383d256325 100644
--- a/tasks/syslog_forward.yml
+++ b/tasks/syslog_forward.yml
@@ -19,7 +19,7 @@
dest: /etc/rsyslog.d/forwarding.conf.j2
owner: root
group: root
- mode: '0644'
+ mode: 0o0644
notify:
- Restart rsyslog
diff --git a/tasks/tls_cert_Debian.yml b/tasks/tls_cert_Debian.yml
index 0f69208e6e3b3951bffce1747cfd087bac155fbe..b236e535646fa5204596ab592c112df5799c69a8 100644
--- a/tasks/tls_cert_Debian.yml
+++ b/tasks/tls_cert_Debian.yml
@@ -32,15 +32,15 @@
with_items:
- src: '{{ tls_key }}'
dest: '{{ tls_key_path }}'
- mode: '0640'
+ mode: 0o0640
group: ssl-cert
- src: '{{ tls_cert }}'
dest: '/usr/local/share/ca-certificates/{{ tls_cert|basename }}.crt'
- mode: '0644'
+ mode: 0o0644
group: root
- src: '{{ tls_ca_cert }}'
dest: '/usr/local/share/ca-certificates/{{ tls_ca_cert|basename }}.crt'
- mode: '0644'
+ mode: 0o0644
group: root
- name: Update certificate authority store
diff --git a/tasks/tls_cert_OpenBSD.yml b/tasks/tls_cert_OpenBSD.yml
index 99310b64bb98fb3f0a6e9bf3e17e52588b9eeb52..109f73c5f9c2684d5ec5b0840474c36f25308f05 100644
--- a/tasks/tls_cert_OpenBSD.yml
+++ b/tasks/tls_cert_OpenBSD.yml
@@ -12,10 +12,10 @@
- name: Create TLS keys and certs directories
with_items:
- name: certs
- mode: '0755'
+ mode: 0o0755
group: wheel
- name: private
- mode: '0750'
+ mode: 0o0750
group: ssl-cert
file:
path: '/etc/ssl/{{ item.name }}'
@@ -30,7 +30,7 @@
dest: /etc/ssl/certs/ca-certificates.pem
owner: root
group: wheel
- mode: '0644'
+ mode: 0o0644
- name: Copy update-ca-certifcates script
copy:
@@ -38,7 +38,7 @@
dest: /usr/local/sbin/update-ca-certificates
owner: root
group: wheel
- mode: '0755'
+ mode: 0o0755
- stat:
path: /etc/ssl/private/ssl-cert-snakeoil.key
@@ -84,7 +84,7 @@
dest: '{{ item.dest }}'
owner: root
group: wheel
- mode: '0644'
+ mode: 0o0644
register: tls_copy
- name: Update certificate authority store
diff --git a/tasks/unattended_upgrades.yml b/tasks/unattended_upgrades.yml
index e4ff77708917d2a0c745cfa61e7e12495b3231f3..64bf623ef9595bb1202c97324c7a1af7bd2a5903 100644
--- a/tasks/unattended_upgrades.yml
+++ b/tasks/unattended_upgrades.yml
@@ -25,14 +25,14 @@
create: yes
owner: root
group: root
- mode: '0644'
+ mode: 0o0644
- dest: /etc/apt/apt.conf.d/20auto-upgrades
line: 'APT::Periodic::Unattended-Upgrade "1";'
regexp: '^APT::Periodic::Unattended-Upgrade'
create: yes
owner: root
group: root
- mode: '0644'
+ mode: 0o0644
lineinfile:
dest: '{{ item.dest }}'
line: '{{ item.line }}'
diff --git a/vars/main.yml b/vars/main.yml
index f8fc46b7036daffe502c44bc54b0fec2026b6796..5926400077439b89a1f1d4d33309b0b9d9e66d0d 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -15,11 +15,6 @@ backports_repo:
precise: http://archive.ubuntu.com/ubuntu precise-backports main universe multiverse
trusty: http://archive.ubuntu.com/ubuntu trusty-backports main universe multiverse
-debian_init:
- 'systemd-sysv': systemd
- upstart: upstart
- sysvinit: sysv
-
sudoers_location:
FreeBSD: '/usr/local/etc/sudoers'
Debian: '/etc/sudoers'
@@ -47,9 +42,6 @@ update_ca_certificates:
ssh_daemon:
OpenBSD: sshd
Debian: ssh
-root_group:
- OpenBSD: wheel
- Debian: root
cert_dir:
OpenBSD: /etc/ssl/certs
Debian: /usr/local/share/ca-certificates