ansible/oopen-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update..

Browse Source
This commit is contained in:
Christoph 2023-05-04 10:49:24 +02:00
parent d604f3508e
commit 5eab9a63c8
3 changed files with 51 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
group_vars/all/main.yml
View File

@ -44,6 +44,16 @@ locales:
- en_US.UTF-8 - en_US.UTF-8
- de_DE.UTF-8 - de_DE.UTF-8
#copy_plain_files_security_limits: []
copy_plain_files_security_limits:
# /etc/security/limits.d/*.conf
#
- name: 90-user-NOFILE.conf
src_path: etc/security/limits.d/90-user-NOFILE.conf
dest_path: /etc/security/limits.d/90-user-NOFILE.conf
#copy_plain_files_systemd: [] #copy_plain_files_systemd: []
copy_plain_files_systemd: copy_plain_files_systemd:

3
roles/common/files/etc/security/limits.d/90-user-NOFILE.conf Normal file
View File

@ -0,0 +1,3 @@
@staff hard nofile 1048576
root hard nofile 1048576

40
roles/common/tasks/basic.yml
View File

@ -27,6 +27,42 @@
- symlink-sh - symlink-sh
# ----------
# security limit (maybe DEPRECATED see systemd settings)
# ----------
- name: (basic.yml) Ensure directory '/etc/security/limits.d' exists
file:
path: /etc/security/limits.d
state: directory
mode: 0755
group: root
owner: root
when:
- inventory_hostname not in groups['lxc_guest'] or inventory_hostname in groups['lxc_host']
- copy_plain_files_systemd is defined
- copy_plain_files_systemd|length > 0
tags:
- systemd-config
- name: (basic.yml) Ensure files /etc/security/limits.d/*.conf exists
copy:
src: '{{ item.src_path }}'
dest: '{{ item.dest_path }}'
owner: root
group: root
mode: '0644'
loop: "{{ copy_plain_files_security_limits }}"
loop_control:
label: 'dest: {{ item.name }}'
when:
- inventory_hostname not in groups['lxc_guest'] or inventory_hostname in groups['lxc_host']
- copy_plain_files_systemd is defined
- copy_plain_files_systemd|length > 0
tags:
- systemd-config
# ---------- # ----------
# systemd stuff # systemd stuff
# ---------- # ----------
@ -39,7 +75,7 @@
group: root group: root
owner: root owner: root
when: when:
- inventory_hostname not in groups['lxc_guest'] - inventory_hostname not in groups['lxc_guest'] or inventory_hostname in groups['lxc_host']
- copy_plain_files_systemd is defined - copy_plain_files_systemd is defined
- copy_plain_files_systemd|length > 0 - copy_plain_files_systemd|length > 0
tags: tags:
@ -56,7 +92,7 @@
loop_control: loop_control:
label: 'dest: {{ item.name }}' label: 'dest: {{ item.name }}'
when: when:
- inventory_hostname not in groups['lxc_guest'] - inventory_hostname not in groups['lxc_guest'] or inventory_hostname in groups['lxc_host']
- copy_plain_files_systemd is defined - copy_plain_files_systemd is defined
- copy_plain_files_systemd|length > 0 - copy_plain_files_systemd|length > 0
tags: tags: