System Integration Kit. Integrate services and tools by configuring system specific concerns such as users, services, firewalling, log management, reverse proxying and so on. See the usage section for the exhaustive list of configurable concerns. Version 0.1.
- Debian
- Ubuntu
| Name | Value | Description |
|---|---|---|
syskit_apt_proxy |
default None |
Dict {'http': {'hostname', ['directs']}, 'https': {'hostname', ['directs ']}} |
syskit_ferm_rules |
default [] |
List of dict {'name', ['daddr'], ['proto'], ['dport'], 'state': present/absent} |
syskit_logforward |
default {} |
Dict {'tcp': {'address', ['port': 514]}, 'udp': {'address', ['port': 514]}} |
syskit_logrotate_autopurge |
default False |
Boolean. Purge logrotate if no module is defined |
syskit_logrotate_modules |
default [] |
List of dict {'name', 'path', 'size', 'state': present/absent, 'rotate'} |
syskit_nginx_autopurge |
default True |
Boolean. Purge nginx if no site is defined |
syskit_nginx_sites |
default [] |
List of dict {'name', 'state': present/absent, 'enabled': yes/no, 'upstreams', 'servers'}. An upstream is a dict {'name', 'servers'}. A server is a dict {'name', 'port', ['default'], 'tls': [{'crtval', 'keyval'}], 'locations'}. An upstream.server is a dict {'address', 'port', ['weight'], ['max_fails'], ['fail_timeout'], ['backup'], ['down'], ['max_conns'], ['resolve'], ['route'], ['slow_start']}. A location is a dict {['uri'=/], ('root', ['autoindex'=off], ['expires']) or ('proxy_pass', ['client_max_body_size'])} |
syskit_root_pw_locked |
default False |
Boolean. If set, lock root password (recommended) |
syskit_sysv_manifests |
default [] |
List of dict {'uid', 'name', 'argv', 'state': present/absent, 'daemon', ['pidfile'], 'description'} |
syskit_sysv_manifests_path |
var /etc/init.d |
|
syskit_upstart_manifests |
default [] |
List of dict {'uid', 'name', 'argv', 'state': present/absent, 'daemon', 'description'} |
syskit_upstart_manifests_path |
var /etc/init |
|
syskit_users |
default [] |
List of dict {'name', ['home'], ['shell': /bin/bash], 'state': present/absent, ['groups'], 'sudoer': yes/no, 'sshkeys': {'name', 'keyval', 'pubval', 'state': present/absent}…, 'authorized_keys': {'val', 'state': present/absent}…} |
syskit_users_basedir |
var {'macosx': '/Users', 'debian': '/home', 'ubuntu': '/home'} |
To use this role from a playbook,
register its ID in the project requirements.{txt,yml} file.
To add this role as another role dependency,
register its ID in the dependencies list of the role manifest meta/main.yml.
For further details,
please refer to the Ansible documentation at https://docs.ansible.com/playbooks_roles.html.
This role is registered on Galaxy with the ID fclaerho.syskit.
The integration work is typically done at the playbook level:
use 3rd-party roles to provision tools and services then
set syskit_* variables to configure the system concerns.
Configurable concerns:
- Reverse Proxying: create/delete/update vhosts
- Nginx —
syskit_nginx_*
- Nginx —
- Log Management:
- Firewalling: create/delete/update rules
- Ferm —
syskit_ferm_rules
- Ferm —
- Services: create/delete/update manifests
- Users: create/delete/update accounts —
syskit_users - Misc:
- Lock/Unlock the root account —
syskit_root_pw_locked - Configure Apt proxy —
syskit_apt_proxy
- Lock/Unlock the root account —
NOTICE: All private keys *.keyval shall be securely stored via Ansible-vault (or any equivalent.)
Install ansible-universe
and run ansible-universe check to re-generate this distribution.
The following files are generated or updated based on various role assets:
tasks/main.ymlREADME.md
On Galaxy, re-import the repository.