commit d0ecf1d2c8c961aab73207e48a14d355e2dc4914 Author: root Date: Sun Sep 4 16:11:49 2022 +0200 v220904 diff --git a/files/default_grub.patch.jessie b/files/default_grub.patch.jessie new file mode 100644 index 0000000..d68ee11 --- /dev/null +++ b/files/default_grub.patch.jessie @@ -0,0 +1,20 @@ +--- grub.ori 2017-09-18 01:04:28.265436361 +0200 ++++ grub 2017-09-18 01:04:50.625436003 +0200 +@@ -6,7 +6,7 @@ + GRUB_DEFAULT=0 + GRUB_TIMEOUT=5 + GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` +-GRUB_CMDLINE_LINUX_DEFAULT="quiet" ++GRUB_CMDLINE_LINUX_DEFAULT="" + GRUB_CMDLINE_LINUX="" + + # Uncomment to enable BadRAM filtering, modify to suit your needs +@@ -15,7 +15,7 @@ + #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" + + # Uncomment to disable graphical terminal (grub-pc only) +-#GRUB_TERMINAL=console ++GRUB_TERMINAL=console + + # The resolution used on graphical terminal + # note that you can use only modes which your graphic card supports via VBE diff --git a/files/default_grub.patch.stretch b/files/default_grub.patch.stretch new file mode 100644 index 0000000..dfdaa55 --- /dev/null +++ b/files/default_grub.patch.stretch @@ -0,0 +1,21 @@ +--- grub.ori 2017-09-18 01:04:28.265436361 +0200 ++++ grub 2017-09-18 01:04:50.625436003 +0200 +@@ -6,7 +6,7 @@ + GRUB_DEFAULT=0 + GRUB_TIMEOUT=5 + GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` +-GRUB_CMDLINE_LINUX_DEFAULT="quiet" +-GRUB_CMDLINE_LINUX="" ++GRUB_CMDLINE_LINUX_DEFAULT="" ++GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0" + + # Uncomment to enable BadRAM filtering, modify to suit your needs +@@ -15,7 +15,7 @@ + #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" + + # Uncomment to disable graphical terminal (grub-pc only) +-#GRUB_TERMINAL=console ++GRUB_TERMINAL=console + + # The resolution used on graphical terminal + # note that you can use only modes which your graphic card supports via VBE diff --git a/files/ntp.conf.patch.jessie b/files/ntp.conf.patch.jessie new file mode 100644 index 0000000..2f91d8c --- /dev/null +++ b/files/ntp.conf.patch.jessie @@ -0,0 +1,14 @@ +--- ntp.conf.ori 2017-09-18 01:26:51.409414891 +0200 ++++ ntp.conf 2017-09-18 01:27:24.501414362 +0200 +@@ -18,10 +18,7 @@ + # pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will + # pick a different set every time it starts up. Please consider joining the + # pool: +-server 0.debian.pool.ntp.org iburst +-server 1.debian.pool.ntp.org iburst +-server 2.debian.pool.ntp.org iburst +-server 3.debian.pool.ntp.org iburst ++server 10.93.163.98 iburst + + + # Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for diff --git a/files/ntp.conf.patch.stretch b/files/ntp.conf.patch.stretch new file mode 100644 index 0000000..a94fcbb --- /dev/null +++ b/files/ntp.conf.patch.stretch @@ -0,0 +1,19 @@ +--- ntp.conf.ori 2017-08-08 22:44:37.000000000 +0200 ++++ ntp.conf 2018-01-30 03:01:54.819979694 +0100 +@@ -17,10 +17,12 @@ + # pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will + # pick a different set every time it starts up. Please consider joining the + # pool: +-pool 0.debian.pool.ntp.org iburst +-pool 1.debian.pool.ntp.org iburst +-pool 2.debian.pool.ntp.org iburst +-pool 3.debian.pool.ntp.org iburst ++#pool 0.debian.pool.ntp.org iburst ++#pool 1.debian.pool.ntp.org iburst ++#pool 2.debian.pool.ntp.org iburst ++#pool 3.debian.pool.ntp.org iburst ++ ++server 10.93.163.98 iburst + + + # Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for diff --git a/files/pf6_1_all.deb b/files/pf6_1_all.deb new file mode 100644 index 0000000..24bc802 Binary files /dev/null and b/files/pf6_1_all.deb differ diff --git a/files/postfix_master.cf.patch.bullseye b/files/postfix_master.cf.patch.bullseye new file mode 100644 index 0000000..407036f --- /dev/null +++ b/files/postfix_master.cf.patch.bullseye @@ -0,0 +1,58 @@ +--- master.cf.ori 2021-08-20 02:16:35.192277663 +0200 ++++ master.cf 2021-08-20 02:25:29.161747244 +0200 +@@ -9,7 +9,8 @@ + # service type private unpriv chroot wakeup maxproc command + args + # (yes) (yes) (no) (never) (100) + # ========================================================================== +-smtp inet n - y - - smtpd ++#smtp inet n - y - - smtpd ++localhost:smtp inet n - y - - smtpd + #smtp inet n - y - 1 postscreen + #smtpd pass - - y - - smtpd + #dnsblog unix - - y - 0 dnsblog +@@ -81,45 +82,3 @@ + maildrop unix - n n - - pipe + flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient} + # +-# ==================================================================== +-# +-# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +-# +-# Specify in cyrus.conf: +-# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +-# +-# Specify in main.cf one or more of the following: +-# mailbox_transport = lmtp:inet:localhost +-# virtual_transport = lmtp:inet:localhost +-# +-# ==================================================================== +-# +-# Cyrus 2.1.5 (Amos Gouaux) +-# Also specify in main.cf: cyrus_destination_recipient_limit=1 +-# +-#cyrus unix - n n - - pipe +-# flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +-# +-# ==================================================================== +-# Old example of delivery via Cyrus. +-# +-#old-cyrus unix - n n - - pipe +-# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +-# +-# ==================================================================== +-# +-# See the Postfix UUCP_README file for configuration details. +-# +-uucp unix - n n - - pipe +- flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +-# +-# Other external delivery methods. +-# +-ifmail unix - n n - - pipe +- flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +-bsmtp unix - n n - - pipe +- flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient +-scalemail-backend unix - n n - 2 pipe +- flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} +-mailman unix - n n - - pipe +- flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} diff --git a/files/postfix_master.cf.patch.jessie b/files/postfix_master.cf.patch.jessie new file mode 100644 index 0000000..e5034fe --- /dev/null +++ b/files/postfix_master.cf.patch.jessie @@ -0,0 +1,59 @@ +--- master.cf.ori 2017-09-18 01:30:54.865410999 +0200 ++++ master.cf 2017-09-18 01:31:42.905410232 +0200 +@@ -9,7 +9,7 @@ + # service type private unpriv chroot wakeup maxproc command + args + # (yes) (yes) (yes) (never) (100) + # ========================================================================== +-smtp inet n - - - - smtpd ++localhost:smtp inet n - - - - smtpd + #smtp inet n - - - 1 postscreen + #smtpd pass - - - - - smtpd + #dnsblog unix - - - - 0 dnsblog +@@ -78,47 +78,4 @@ + maildrop unix - n n - - pipe + flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} + # +-# ==================================================================== +-# +-# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +-# +-# Specify in cyrus.conf: +-# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +-# +-# Specify in main.cf one or more of the following: +-# mailbox_transport = lmtp:inet:localhost +-# virtual_transport = lmtp:inet:localhost +-# +-# ==================================================================== +-# +-# Cyrus 2.1.5 (Amos Gouaux) +-# Also specify in main.cf: cyrus_destination_recipient_limit=1 +-# +-#cyrus unix - n n - - pipe +-# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +-# +-# ==================================================================== +-# Old example of delivery via Cyrus. +-# +-#old-cyrus unix - n n - - pipe +-# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +-# +-# ==================================================================== +-# +-# See the Postfix UUCP_README file for configuration details. +-# +-uucp unix - n n - - pipe +- flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +-# +-# Other external delivery methods. +-# +-ifmail unix - n n - - pipe +- flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +-bsmtp unix - n n - - pipe +- flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient +-scalemail-backend unix - n n - 2 pipe +- flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} +-mailman unix - n n - - pipe +- flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py +- ${nexthop} ${user} + diff --git a/files/postfix_master.cf.patch.stretch b/files/postfix_master.cf.patch.stretch new file mode 100644 index 0000000..bc6263f --- /dev/null +++ b/files/postfix_master.cf.patch.stretch @@ -0,0 +1,60 @@ +--- master.cf.ori 2018-01-30 03:12:29.079969555 +0100 ++++ master.cf 2018-01-30 03:13:27.699968618 +0100 +@@ -9,7 +9,8 @@ + # service type private unpriv chroot wakeup maxproc command + args + # (yes) (yes) (no) (never) (100) + # ========================================================================== +-smtp inet n - y - - smtpd ++#smtp inet n - y - - smtpd ++localhost:smtp inet n - y - - smtpd + #smtp inet n - y - 1 postscreen + #smtpd pass - - y - - smtpd + #dnsblog unix - - y - 0 dnsblog +@@ -78,47 +79,3 @@ + maildrop unix - n n - - pipe + flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} + # +-# ==================================================================== +-# +-# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +-# +-# Specify in cyrus.conf: +-# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +-# +-# Specify in main.cf one or more of the following: +-# mailbox_transport = lmtp:inet:localhost +-# virtual_transport = lmtp:inet:localhost +-# +-# ==================================================================== +-# +-# Cyrus 2.1.5 (Amos Gouaux) +-# Also specify in main.cf: cyrus_destination_recipient_limit=1 +-# +-#cyrus unix - n n - - pipe +-# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +-# +-# ==================================================================== +-# Old example of delivery via Cyrus. +-# +-#old-cyrus unix - n n - - pipe +-# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +-# +-# ==================================================================== +-# +-# See the Postfix UUCP_README file for configuration details. +-# +-uucp unix - n n - - pipe +- flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +-# +-# Other external delivery methods. +-# +-ifmail unix - n n - - pipe +- flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +-bsmtp unix - n n - - pipe +- flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient +-scalemail-backend unix - n n - 2 pipe +- flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} +-mailman unix - n n - - pipe +- flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py +- ${nexthop} ${user} +- diff --git a/files/sources.list.bullseye b/files/sources.list.bullseye new file mode 100644 index 0000000..34bc41e --- /dev/null +++ b/files/sources.list.bullseye @@ -0,0 +1,9 @@ +deb http://deb.debian.org/debian/ bullseye main contrib non-free +deb-src http://deb.debian.org/debian/ bullseye main contrib non-free + +deb http://deb.debian.org/debian-security/ bullseye-security main contrib non-free +deb-src http://deb.debian.org/debian-security/ bullseye-security main contrib non-free + +deb http://deb.debian.org/debian/ bullseye-updates main contrib non-free +deb-src http://deb.debian.org/debian/ bullseye-updates main contrib non-free + diff --git a/files/sources.list.buster b/files/sources.list.buster new file mode 100644 index 0000000..495a732 --- /dev/null +++ b/files/sources.list.buster @@ -0,0 +1,12 @@ +deb http://deb.debian.org/debian buster main contrib non-free +deb-src http://deb.debian.org/debian buster main contrib non-free + +deb http://deb.debian.org/debian-security/ buster/updates main contrib non-free +deb-src http://deb.debian.org/debian-security/ buster/updates main contrib non-free + +deb http://deb.debian.org/debian buster-updates main contrib non-free +deb-src http://deb.debian.org/debian buster-updates main contrib non-free + +#deb http://deb.debian.org/debian buster-backports main contrib non-free +#deb-src http://deb.debian.org/debian buster-backports main contrib non-free + diff --git a/files/sources.list.jessie b/files/sources.list.jessie new file mode 100644 index 0000000..49e0941 --- /dev/null +++ b/files/sources.list.jessie @@ -0,0 +1,11 @@ +deb http://archive.debian.org/debian/ jessie main contrib non-free +#deb-src http://httpredir.debian.org/debian/ jessie main contrib non-free + +deb http://security.debian.org/ jessie/updates main contrib non-free +#deb-src http://security.debian.org/ jessie/updates main contrib non-free + +# jessie-updates, previously known as 'volatile' +#deb http://httpredir.debian.org/debian/ jessie-updates main contrib non-free +#deb-src http://httpredir.debian.org/debian/ jessie-updates main contrib non-free + +deb http://archive.debian.org/debian/ jessie-backports main diff --git a/files/sources.list.stretch b/files/sources.list.stretch new file mode 100644 index 0000000..5474b52 --- /dev/null +++ b/files/sources.list.stretch @@ -0,0 +1,9 @@ +deb http://httpredir.debian.org/debian/ stretch main contrib non-free +deb-src http://httpredir.debian.org/debian/ stretch main contrib non-free + + +deb http://security.debian.org/debian-security stretch/updates main contrib non-free +deb-src http://security.debian.org/debian-security stretch/updates main contrib non-free + + +# deb http://httpredir.debian.org/debian/ stretch-backports main diff --git a/files/sysstat_minutely.patch b/files/sysstat_minutely.patch new file mode 100644 index 0000000..c5bef8f --- /dev/null +++ b/files/sysstat_minutely.patch @@ -0,0 +1,13 @@ +--- sysstat.ori 2017-09-18 00:57:17.685443243 +0200 ++++ sysstat 2017-09-18 00:57:32.997442999 +0200 +@@ -2,8 +2,8 @@ + # script is located + PATH=/usr/lib/sysstat:/usr/sbin:/usr/sbin:/usr/bin:/sbin:/bin + +-# Activity reports every 10 minutes everyday +-5-55/10 * * * * root command -v debian-sa1 > /dev/null && debian-sa1 1 1 ++# Activity reports ++* * * * * root command -v debian-sa1 > /dev/null && debian-sa1 1 1 + + # Additional run at 23:59 to rotate the statistics file + 59 23 * * * root command -v debian-sa1 > /dev/null && debian-sa1 60 2 diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..f2539a0 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,334 @@ +--- +- name: /tmp bind mount in fstab + lineinfile: + dest: /etc/fstab + line: '/var/tmp /tmp none bind 0 0' + register: fstab_tmp + +- name: mount /tmp + shell: 'mv /tmp/ /old-tmp; mkdir /tmp; mount /tmp; mv /old-tmp /tmp' + when: fstab_tmp.changed + +- name: apt.conf proxy + lineinfile: + dest: /etc/apt/apt.conf + regexp: '^Acquire::http::Proxy' + line: 'Acquire::http::Proxy "{{ aptproxy }}";' + create: yes + when: + - aptproxy is defined + +- name: remove nano + tags: apt + apt: + name: nano + state: absent + purge: yes + +- name: apt sources.list jessie + tags: apt + copy: + src: sources.list.jessie + dest: /etc/apt/sources.list + when: + - ansible_distribution_major_version == "8" + +- name: apt sources.list stretch + tags: apt + copy: + src: sources.list.stretch + dest: /etc/apt/sources.list + when: + - ansible_distribution_major_version == "9" + +- name: apt sources.list buster + tags: apt + copy: + src: sources.list.buster + dest: /etc/apt/sources.list + when: + - ansible_distribution_major_version == "10" + +- name: apt sources.list bullseye + tags: apt + copy: + src: sources.list.bullseye + dest: /etc/apt/sources.list + when: + - ansible_distribution_major_version == "11" + +- name: apt.conf allow unauthenticated jessie + tags: apt + lineinfile: + dest: /etc/apt/apt.conf + regexp: '^APT::Get::AllowUnauthenticated' + line: 'APT::Get::AllowUnauthenticated "1";' + create: yes + when: + - ansible_distribution_major_version == "8" + +- name: apt.conf allow expired jessie + tags: apt + lineinfile: + dest: /etc/apt/apt.conf + regexp: '^Acquire::Check-Valid-Until' + line: 'Acquire::Check-Valid-Until "0";' + create: yes + when: + - ansible_distribution_major_version == "8" + +- name: apt update + tags: apt + apt: + update_cache: yes + +- name: install packages + tags: apt + apt: + name: aptitude + state: present + +- name: apt full-upgrade + tags: apt + apt: + upgrade: full + +- name: install packages + tags: apt + apt: + name: "{{ item }}" + state: present + with_items: + - bind9-host + - bzip2 + - curl + #- dnsutils + #- bind9-dnsutils + - bind9utils + - file + - git + #- heirloom-mailx + - bsd-mailx + - iotop + - libpam-systemd + - locales + - lsof + - make + - mc + - mlocate + - mtr-tiny + - ngrep + - ntp + - ntpdate + - openssl + - parted + - patch + - postfix + - psmisc + - pwgen + - rename + - rsync + - screen + - strace + - subversion + - sysstat + - tcpdump + - telnet + - unzip + - vim + - w3m + - xz-utils + - zip + - libfile-slurp-perl + - libjson-perl + - net-tools + - man + +- name: open-vm-tools + apt: + name: open-vm-tools + state: present + purge: yes + tags: + - vmware + - apt + +- name: remove install user + user: + name: install + state: absent + force: yes + +- name: remove install user's home directory + file: + path: /home/install + state: absent + +- name: "remove our key from root's authorized_keys" + authorized_key: + user: root + state: absent + key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWZi5nTI6zo3+cgGx5l163pEQXJ3aUyerqbHfQl9p8aB2bbe+vQl+Uc2Vrv8fvytAZizjPIIYdW5RqFAXrbNP+OpyFAONNZpX0omB8HLoHzOnmWpaCjMZp9XAdvWPknWFWWkwR5G5rbP5+dKeREzl4cAvW4GauEjaK4kUJF3K2HumVF6U3bzyDwnI+7h0zEbHddSOwAP1Opzla+WSdF+ZsiMdcVZE/mFxzd8sv1ZoO36sVZ1vItEAcols4qEAfwW8Gk/UjXI1XFRD1UrksAUxAc4ypu5oBVWtjMa429ZrCRbH2iU+TPbuUSXHJQMgTqsUgHrS9XkuS3EdbPA/aDMD1jhoYz2zyfAoCGdEBOuATlaoCOpOeSc9XIsasdVNwvtX2LCTlQe+LLOQzKiLaHEr/QmnLs8es8b68wtDlFIA2QAXYIfs8l+gBv3t3BIw7VPbMe8nb6hbTHFObDlVCyvXO2/6ZkOfRMgswFsQnGAqciowPxsjVer+I5hEBCMHgb6pxcUECxcxsc9P/w/z9LxGts9Ozyq55jzWMwvnFdarkzpMfWtt3QX7XG5B8OD4ghuMkX60GgvT7v1E7yTI/JtwXrsAc6jl1Qo4+TDdEYuBXe/LqyQzQ7GD1OoGRHIKCWyAQ9JiHcbUYX9p+vafXf0l1jelSg3O+cU+q+oZdGP178w== root@kavics' + +- name: copy pf6 package + tags: pf6 + copy: + src: pf6_1_all.deb + dest: /tmp + +- name: install pf6 package + tags: pf6 + apt: + deb: /tmp/pf6_1_all.deb + +- name: sysstat enable + tags: sysstat + lineinfile: + dest: /etc/default/sysstat + regexp: "^ENABLED=" + line: 'ENABLED="true"' + +- name: sysstat every minute + tags: sysstat + patch: + src: sysstat_minutely.patch + dest: /etc/cron.d/sysstat + +- name: grub defaults, jessie + tags: grub + patch: + src: default_grub.patch.jessie + dest: /etc/default/grub + when: + - ansible_distribution_major_version == "8" + +- name: grub defaults, stretch+ + tags: grub + patch: + src: default_grub.patch.stretch + dest: /etc/default/grub + when: + - ansible_distribution_major_version|int() >= 9 + +- name: update-grub + tags: grub + command: update-grub + +- name: edit locale.gen + tags: locales + replace: + dest: /etc/locale.gen + regexp: '^#\s*(hu_HU|en_US)' + replace: '\1' + +- name: run locale-gen + tags: locales + command: locale-gen + +#- name: ntp.conf jessie +# tags: ntp +# patch: +# src: ntp.conf.patch.jessie +# dest: /etc/ntp.conf +# when: +# - ansible_distribution_major_version == "8" +# +#- name: ntp.conf stretch +# tags: ntp +# patch: +# src: ntp.conf.patch.stretch +# dest: /etc/ntp.conf +# when: +# - ansible_distribution_major_version|int() >= 9 + +- name: ntp.conf remove factory ntp servers + tags: ntp + lineinfile: + dest: /etc/ntp.conf + regexp: '^(pool|server)\s' + state: absent + +- name: ntp.conf set ntp server + tags: ntp + lineinfile: + dest: /etc/ntp.conf + regexp: '^(pool|server)\s' + line: "server {{ ntp }} iburst" + insertafter: '^# pool:' + +- name: ntp.conf stretch+ remove limited + tags: ntp + replace: + path: /etc/ntp.conf + regexp: "noquery limited" + replace: "noquery" + when: + - ansible_distribution_major_version|int() >= 9 + + +- name: postfix master.cf jessie + tags: postfix + patch: + src: postfix_master.cf.patch.jessie + dest: /etc/postfix/master.cf + when: + - ansible_distribution_major_version == "8" + +- name: postfix master.cf stretch-buster + tags: postfix + patch: + src: postfix_master.cf.patch.stretch + dest: /etc/postfix/master.cf + when: + - (ansible_distribution_major_version|int() == 9) or + (ansible_distribution_major_version|int() == 10) + +- name: postfix master.cf bullseye + tags: postfix + patch: + src: postfix_master.cf.patch.bullseye + dest: /etc/postfix/master.cf + when: + - ansible_distribution_major_version|int() == 11 + +- name: postfix relay + tags: postfix + lineinfile: + dest: /etc/postfix/main.cf + regexp: '^relayhost\s' + line: "relayhost = mail-out.i.hwstudio.hu" + +- name: pvresize /dev/sdb + tags: + - lvm + - vmware + command: 'pvresize /dev/sdb' + +- name: /data in fstab + tags: lvm + lineinfile: + dest: /etc/fstab + line: '/dev/mapper/vg00-data /data ext4 defaults 0 2' + register: fstab_data + +- name: create /dev/vg00/data + tags: lvm + lvol: + vg: vg00 + lv: data + size: "{{ datasize | default('50%FREE') }}" + when: fstab_data.changed + +- name: ext4 filesystem on /dev/vg00/data + tags: lvm + filesystem: + dev: /dev/vg00/data + fstype: ext4 + when: fstab_data.changed + +- name: mount /data + tags: lvm + shell: 'mkdir -p /data && mount /data' + when: fstab_data.changed + +# vim: set tabstop=2 shiftwidth=2 expandtab smarttab: