- name: fix permissions in /root
tags: [perms, root-perms]
- file: name=/root mode=0750 owner=root group=root
+ file: path=/root/ mode=0750 owner=root group=root
###--------------------------------------------------------------------------
### PKI machinery.
- name: install PKI maintenance scripts
tags: [pki, pki-scripts]
- copy: src=pki/{{ item }} dest=/etc/cron.daily
+ copy: src=pki/{{ item }} dest=/etc/cron.daily/
with_items:
- update-ca-certs
- check-x509-certs
- name: install common PKI files
tags: [pki, pki-keys]
- copy: src=pki/{{ item }} dest=/etc/ca
+ copy: src=pki/{{ item }} dest=/etc/ca/
with_items:
- ca.cert
- dh-param.pem
###--------------------------------------------------------------------------
### NTP configuration.
-- name: install NTP configuration files
+- name: install NTP client configuration files
tags: [ntp, ntp-client]
- copy: src=ntp-client/ntp.conf dest=/etc
- when: server is not defined or 'ntp' not in server
+ copy: src=ntp-client/ntp.conf dest=/etc/
+ when: ('ntp') not in server |default([])
notify: restart ntpd
###--------------------------------------------------------------------------
- name: install netdb files
tags: netdb
- copy: src=netdb/{{ item }} dest=/etc
+ copy: src=netdb/{{ item }} dest=/etc/
with_items:
- hosts
- networks
- name: install SSH configuration files
tags: [ssh, ssh-config]
- copy: src=ssh-config/{{ item }} dest=/etc/ssh
+ copy: src=ssh-config/{{ item }} dest=/etc/ssh/
notify: restart ssh
with_items:
- Makefile
- name: install main keys for root SSH access
tags: [ssh, ssh-root]
template: src=ssh-root/authkeys.base dest=/root/.ssh/authkeys.base
- notify: make in /root/.ssh
+ notify: make in /root/.ssh/
- name: install keys for root SSH access
tags: [ssh, ssh-root]
- copy: src=ssh-root/{{ item }} dest=/root/.ssh
- notify: make in /root/.ssh
+ copy: src=ssh-root/{{ item }} dest=/root/.ssh/
+ notify: make in /root/.ssh/
with_items:
- Makefile
- config.m4
- name: install required backup scripts on non-Debian hosts
tags: [backup, backup-scripts]
- copy: src=backup/fshash dest=/usr/local/bin
+ copy: src=backup/fshash dest=/usr/local/bin/
when: os != 'debian'
###--------------------------------------------------------------------------
- name: install sudo configuration
tags: [sudo]
- copy: src=sudo/sudoers dest=/etc
+ copy: src=sudo/sudoers dest=/etc/
- name: install common scripts
tags: [scripts]
- copy: src=scripts/{{ item }} dest=/usr/local/bin
+ copy: src=scripts/{{ item }} dest=/usr/local/bin/
with_items:
- fetch-unpack-archive
- genx509