Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Arch Linux
infrastructure
Commits
b2c4b622
Verified
Commit
b2c4b622
authored
Dec 17, 2016
by
Giancarlo Razzolini
Browse files
roles/security-tracker: Work on the security-tracker role almost complete.
parent
1bc0b279
Changes
8
Hide whitespace changes
Inline
Side-by-side
group_vars/all/security_tracker.yml
0 → 100644
View file @
b2c4b622
$ANSIBLE_VAULT;1.1;AES256
33636363346639663930653961373863633738393731383733613866663933343264306530343464
6539346430383061636562623230373766396362383861300a373563653633636131656332343465
33653863336639666664353963373066656639373666353032643839393264333739366463666531
6466333030336438620a333538613564303335616266643539303630666365396565643232333939
63643632623333356434636533656138626136333034393537646136323663306138613730383138
63636565616639386334616532623233333131666564633933386232393963353066363938393432
66303439373639636666356430363635343436363037623631386136336437343836353863383163
39303931623637646131396331313835393161653465653131366434636465616537636565643261
3330
roles/security_tracker/files/security-tracker-update.service
0 → 100644
View file @
b2c4b622
[Unit]
Description
=
Security Tracker update service
[Service]
Type
=
oneshot
User
=
security
Group
=
security
WorkingDirectory
=
/srv/http/security-tracker
ExecStart
=
/usr/bin/make update
[Install]
WantedBy
=
multi-user.target
roles/security_tracker/files/security-tracker-update.timer
0 → 100644
View file @
b2c4b622
[Unit]
Description=Security Tracker update timer
[Timer]
OnUnitActiveSec=1h
OnBootSec=15min
RandomizedDelaySec=10min
[Install]
WantedBy=timers.target
roles/security_tracker/handlers/main.yml
0 → 100644
View file @
b2c4b622
---
-
name
:
daemon reload
command
:
systemctl daemon-reload
roles/security
-
tracker/tasks/main.yml
→
roles/security
_
tracker/tasks/main.yml
View file @
b2c4b622
...
...
@@ -38,3 +38,23 @@
-
name
:
make nginx log dir
file
:
path=/var/log/nginx/{{ security_tracker_domain }} state=directory owner=http group=log mode=755
-
name
:
copy security-tracker units
copy
:
src="{{ item }}" dest="/etc/systemd/system/{{ item }}" owner=root group=root mode=0644
with_items
:
-
security-tracker-update.timer
-
security-tracker-update.service
notify
:
-
daemon reload
-
name
:
configure security-tracker
template
:
src=20-user.local.conf.j2 dest={{ security_tracker_dir }}/config/20-user.local.conf owner=security group=security mode=0640
-
name
:
deploy security-tracker
template
:
src=security-tracker.ini.j2 dest=/etc/uwsgi/vassals/security-tracker.ini owner=security group=http mode=0644
-
name
:
start and enable security-tracker units
service
:
name="{{ item }}" enabled=yes state=started
with_items
:
-
security-tracker-update.timer
-
security-tracker-update.service
roles/security_tracker/templates/20-user.local.conf.j2
0 → 100644
View file @
b2c4b622
[flask]
secret_key = '{{ security_tracker.secret_key }}'
roles/security
-
tracker/templates/nginx.d.conf.j2
→
roles/security
_
tracker/templates/nginx.d.conf.j2
View file @
b2c4b622
File moved
roles/security
-
tracker/templates/security-tracker.ini.j2
→
roles/security
_
tracker/templates/security-tracker.ini.j2
View file @
b2c4b622
File moved
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment