ansible/oopen-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update..

Browse Source
This commit is contained in:
Christoph
2023-06-16 20:43:34 +02:00
parent 9f97d27535
commit 12609c3eda
11 changed files with 260 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
roles/common/files/mailserver/etc/postfix/postfwd.bl-hosts
View File

@ -76,3 +76,4 @@ bell\.net$
beheshtfoundation\.com$
tohochina\.com$
mailer-service\.de$
hunshachang\.com$

4
roles/common/files/mailserver/etc/postfix/postfwd.bl-nets
View File

@ -146,3 +146,7 @@
83.137.158.0/24
# US (u.a. josephraffael.com / auftrag@v-markt-direkt.com)
64.188.4.0/22
# IR (Iran) brute force on SASL Login
46.148.32.0/20
# US
45.15.128.0/22

1
roles/common/files/mailserver/etc/postfix/postfwd.bl-sender
View File

@ -102,3 +102,4 @@ josephraffael\.com$
v-markt-direkt\.com$
mailer-service\.de$
swissad\.biz$
@math-salamanders\.com$

16
roles/common/tasks/apt.yml
View File

@ -93,6 +93,18 @@
- apt-initial-install
- name: (apt.yml) Initial install debian packages (bookworm)
apt:
name: "{{ apt_initial_install_bookworm }}"
state: "{{ apt_install_state }}"
when:
- apt_initial_install_bookworm is defined and apt_initial_install_bookworm|length > 0
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "12"
tags:
- apt-initial-install
- name: (apt.yml) Initial install ubuntu packages (bionic)
apt:
name: "{{ apt_initial_install_bionic }}"
@ -142,14 +154,14 @@
- apt-microcode
- name: (apt.yml) Install CPU microcode (debian buster/bullseye)
- name: (apt.yml) Install CPU microcode (debian buster/bullseye/bookworm)
apt:
name: "{{ microcode_package }}"
state: present
default_release: "{{ ansible_distribution_release }}"
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "10" or ansible_facts['distribution_major_version'] == "11"
- ansible_facts['distribution_major_version'] == "10" or ansible_facts['distribution_major_version'] == "11" or ansible_facts['distribution_major_version'] == "12"
- ansible_facts['processor']|string is search("Intel")
tags:
- apt-initial-install

22
roles/common/templates/etc/apt/sources.list.Debian.j2
View File

@ -3,19 +3,25 @@
deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} main
{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }} main
{% if ansible_facts['distribution_major_version'] | int >= 11 %}
{% if ansible_facts['distribution_major_version'] | int >= 12 %}
deb http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free non-free-firmware
{% elif ansible_facts['distribution_major_version'] | int == 11 %}
deb http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free
{% else %}
deb http://security.debian.org/ {{ ansible_lsb.codename }}/updates main contrib non-free
{% endif %}
{% if not apt_src_enable %}
{% if ansible_facts['distribution_major_version'] | int >= 11 %}
{% if ansible_facts['distribution_major_version'] | int >= 12 %}
#deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free non-free-firmware
{% elif ansible_facts['distribution_major_version'] | int == 11 %}
#deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free
{% else %}
#deb-src http://security.debian.org/ {{ ansible_lsb.codename }}/updates main contrib non-free
{% endif %}
{% else %}
{% if ansible_facts['distribution_major_version'] | int >= 11 %}
{% if ansible_facts['distribution_major_version'] | int >= 12 %}
deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free non-free-firmware
{% elif ansible_facts['distribution_major_version'] | int == 11 %}
deb-src http://security.debian.org/debian-security {{ ansible_lsb.codename }}-security main contrib non-free
{% else %}
deb-src http://security.debian.org/ {{ ansible_lsb.codename }}/updates main contrib non-free
@ -30,15 +36,25 @@ deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }}-updates main
# but have dependencies not in main (possibly packaged for Debian in non-free).
# Non-free contains software that does not comply with the DFSG.
{% if apt_debian_contrib_nonfree_enable %}
{% if ansible_facts['distribution_major_version'] | int >= 12 %}
deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free non-free-firmware
{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free non-free-firmware
{% else %}
deb {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free
{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_lsb.codename }} contrib non-free
{% endif %}
{% endif %}
# # N.B. software from this repository may not have been tested as
# # extensively as that contained in the main release, although it includes
# # newer versions of some applications which may provide useful features.
{% if apt_backports_enable %}
{% if ansible_facts['distribution_major_version'] | int >= 12 %}
deb {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free non-free-firmware
{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free non-free-firmware
{% else %}
deb {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free
{{ '# ' if not apt_src_enable else '' }}deb-src {{ apt_debian_mirror }} {{ ansible_distribution_release }}-backports main contrib non-free
{% endif %}
{% endif %}