ptoal/toallab-automation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
e26093a8483f13d0c594219ab7311abe67b409db
toallab-automation/roles/sage905.mineos/tasks/main.yml
Patrick Toal e26093a848 Enable enumeration
2019-07-26 14:28:02 -04:00

159 lines
4.2 KiB
YAML
Executable File
Raw Blame History

---
# tasks file for sage905.mineos
- name: Install Development Tools
become: true
yum: name="@Development tools" state=present
when: ansible_os_family == 'RedHat'
- name: Install MineOS Dependencies
become: true
yum:
name: ['bind-utils', 'screen',
'git', 'wget', 'java-1.8.0-openjdk-headless.x86_64', 'openssl', 'openssl-devel', 'rsync', 'rdiff-backup', 'pam-devel']
state: present
enablerepo: epel
when: ansible_os_family == 'RedHat'
- name: enable LDAP enumeration in SSSD
ini_file:
section: domain/idm.toal.ca
path: /etc/sssd/sssd.conf
value: enumerate=yes
state: present
backup: yes # not required. Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
create: no
# - name: Create minecraft group
# become: true
# group: name=minecraft state=present system=yes
# - name: Create minecraft user
# become: true
# user:
# name: minecraft
# comment: "Minecraft Server"
# createhome: yes
# system: yes
# groups: minecraft
# home: /var/games/minecraft
# shell: /bin/bash
# state: present
- name: Create Directories
become: true
file:
name: "{{ item.name }}"
state: "{{ item.state }}"
owner: "{{ item.owner }}"
group: "{{ item.group }}"
mode: "{{ item.mode }}"
loop:
- {name: /usr/games/minecraft, state: directory, owner: minecraft, group: minecraft, mode: "0755"}
- {name: /var/games/minecraft, state: directory, owner: minecraft, group: minecraft, mode: "0755"}
- name: Allow group to access minecraft directory
become: true
file: name=/var/games/minecraft group=minecraft mode=0775
- name: Clone mineos git repo
become: true
become_user: minecraft
git:
repo: "{{ mineos_repo }}"
version: "{{ mineos_version }}"
dest: "/usr/games/minecraft"
update: "{{ mineos_keep_updated }}"
notify: Restart mineos
- name: Set git core.filemode setting
become: true
become_user: minecraft
ini_file:
dest: /usr/games/minecraft/.git/config
section: core
option: filemode
value: false
- name: Set file permissions
become: true
file: name=/usr/games/minecraft/{{ item }} owner=minecraft group=minecraft mode=0775
with_items:
- service.js
- mineos_console.js
- generate-sslcert.sh
- webui.js
- name: Give minecraft group access to server dir
become: true
file: name=/var/games/minecraft/servers owner=minecraft group=minecraft mode=0775 state=directory
- name: Generate self-signed certs
become: true
command: /usr/games/minecraft/generate-sslcert.sh
args:
chdir: /usr/games/minecraft
creates: /etc/ssl/certs/mineos.key
notify: Restart mineos
- name: Get new nan
npm:
name: nan
global: true
state: present
production: true
version: "2.14.0"
- name: Get Node Modules
become: true
become_user: minecraft
npm:
path: /usr/games/minecraft
state: present
production: true
notify: Restart mineos
- name: Install PAM Module for MineOS Authentication
become: true
become_user: minecraft
npm:
name: authenticate-pam
path: /usr/games/minecraft
state: present
production: true
notify: Restart mineos
- name: Link to executable
become: true
file: src=/usr/games/minecraft/mineos_console.js dest=/usr/local/bin/mineos state=link
notify: Restart mineos
- name: Install mineos config from distribution
become: true
template: src=mineos.conf dest=/etc/mineos.conf owner=root mode=0644
notify: Restart mineos
- name: Install upstart config (RHEL <= 6)
become: true
copy: src=upstart_conf dest=/etc/init/mineos.conf
notify:
- Reload initctl
- Restart mineos
when: ansible_distribution == "Amazon" or (ansible_os_family == "RedHat" and ansible_distribution_major_version <= "6")
- name: Link systemd config (RHEL 7)
become: true
file: src=/usr/games/minecraft/init/systemd_conf dest=/etc/systemd/system/mineos.service state=link
notify: Restart mineos
when: (ansible_os_family == "RedHat" or ansible and ansible_distribution_major_version == "7")
- name: Open firewall
firewalld:
state: enabled
zone: public
service: https
immediate: yes
permanent: true
Reference in New Issue View Git Blame Copy Permalink