diff --git a/roles/deploy-web/tasks/blacklist.yml b/roles/deploy-web/tasks/blacklist.yml new file mode 100644 index 0000000..dbaaee8 --- /dev/null +++ b/roles/deploy-web/tasks/blacklist.yml @@ -0,0 +1,24 @@ +# tasks file for stats script + +- name: Copy blacklist script + copy: + src: "{{ item }}.sh" + dest: "/usr/local/bin/sentinel/{{ item }}.sh" + mode: "0555" + with_items: + - blacklist + - refill_blacklist + vars: + ansible_become: yes + ansible_become_method: sudo + ansible_become_password: "{{ sudo_password }}" + +- name: Crontab blacklist + ansible.builtin.cron: + name: "blacklist script" + minute: "*/5" + job: "bash /usr/local/bin/sentinel/blacklist.sh" + vars: + ansible_become: yes + ansible_become_method: sudo + ansible_become_password: "{{ sudo_password }}" diff --git a/roles/deploy-web/tasks/configure.yml b/roles/deploy-web/tasks/configure.yml index 754855a..d9f1a42 100644 --- a/roles/deploy-web/tasks/configure.yml +++ b/roles/deploy-web/tasks/configure.yml @@ -1,3 +1,17 @@ +- name: Create sentinel directory + file: + state: directory + path: "{{ item }}/sentinel" + with_items: + - /usr/local/bin + - /etc + vars: + ansible_become: yes + ansible_become_method: sudo + ansible_become_password: "{{ sudo_password }}" + tags: [ "configure", "stats", "blacklist", "supervision"] + + - name: Deploy stats script import_tasks: stats.yml tags: [ "configure", "stats"] diff --git a/roles/deploy-web/tasks/stats.yml b/roles/deploy-web/tasks/stats.yml index ae6904f..e743a76 100644 --- a/roles/deploy-web/tasks/stats.yml +++ b/roles/deploy-web/tasks/stats.yml @@ -1,22 +1,10 @@ # tasks file for stats script -- name: Create sentinel directory - file: - state: directory - path: "{{ item }}/sentinel" - with_items: - - /usr/local/bin - - /etc - vars: - ansible_become: yes - ansible_become_method: sudo - ansible_become_password: "{{ sudo_password }}" - - name: Template virtualhost template: src: virtualhost.j2 dest: /etc/sentinel/virtualhost - mode: "0755" + mode: "0444" vars: ansible_become: yes ansible_become_method: sudo @@ -26,17 +14,17 @@ template: src: getinfo_day.sh.j2 dest: /usr/local/bin/sentinel/getinfo_day.sh - mode: "0755" + mode: "0555" vars: ansible_become: yes ansible_become_method: sudo ansible_become_password: "{{ sudo_password }}" -- name: Template getinfo month and week script +- name: Copy getinfo month and week script copy: src: "getinfo_{{ item }}.sh.j2" dest: "/usr/local/bin/sentinel/getinfo_{{ item }}.sh" - mode: "0755" + mode: "0555" with_items: - week - month @@ -78,5 +66,4 @@ vars: ansible_become: yes ansible_become_method: sudo - ansible_become_password: "{{ sudo_password }}" - + ansible_become_password: "{{ sudo_password }}" \ No newline at end of file diff --git a/roles/deploy-web/tasks/supervision.yml b/roles/deploy-web/tasks/supervision.yml new file mode 100644 index 0000000..8d6928b --- /dev/null +++ b/roles/deploy-web/tasks/supervision.yml @@ -0,0 +1,21 @@ +# tasks file for stats script + +- name: Copy check_ssl script + copy: + src: "check_ssl.sh" + dest: "/usr/local/bin/sentinel/check_ssl.sh" + mode: "0555" + vars: + ansible_become: yes + ansible_become_method: sudo + ansible_become_password: "{{ sudo_password }}" + +- name: Crontab blacklist + ansible.builtin.cron: + name: "check ssl script" + minute: "*/30" + job: "bash /usr/local/bin/sentinel/check_ssl.sh" + vars: + ansible_become: yes + ansible_become_method: sudo + ansible_become_password: "{{ sudo_password }}"