mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-12-26 12:50:54 +00:00
Add monitoring roles to requirements.yml
This commit is contained in:
commit
9b52bb2110
31 changed files with 368 additions and 70 deletions
4
.github/workflows/ansible-lint.yml
vendored
4
.github/workflows/ansible-lint.yml
vendored
|
@ -23,10 +23,10 @@ jobs:
|
|||
echo 'collections_paths = ./collections' >> ansible.cfg
|
||||
|
||||
- name: Install role requirements
|
||||
run: ansible-galaxy role install -r ansible/playbooks/requirements.yml
|
||||
run: ansible-galaxy role install -r ansible/roles/requirements.yml
|
||||
|
||||
- name: Install collection requirements
|
||||
run: ansible-galaxy collection install -r ansible/playbooks/requirements.yml
|
||||
run: ansible-galaxy collection install -r ansible/roles/requirements.yml
|
||||
|
||||
- name: Ansible Lint
|
||||
uses: ansible/ansible-lint-action@master
|
||||
|
|
11
ansible/.gitignore
vendored
Normal file
11
ansible/.gitignore
vendored
Normal file
|
@ -0,0 +1,11 @@
|
|||
#keep tmp folder empty
|
||||
tmp/*
|
||||
!tmp/Readme.md
|
||||
|
||||
#keep folder holding public roles empty
|
||||
roles/public/*
|
||||
!roles/public/Readme.md
|
||||
|
||||
#keep fodler holding ansible collections empty
|
||||
collections/*
|
||||
!README.md
|
|
@ -13,19 +13,23 @@ Loosely copied from the CentOS ansible infrastructure.
|
|||
├── ansible.cfg
|
||||
├── files -> playbooks/files
|
||||
├── handlers -> playbooks/handlers
|
||||
├── inventory
|
||||
├── inventories
|
||||
│ ├── production
|
||||
│ | ├── group_vars
|
||||
│ | ├── host_vars
|
||||
│ | hosts
|
||||
│ ├── staging
|
||||
│ ├── devellopment
|
||||
├── pkistore
|
||||
├── playbooks
|
||||
│ ├── files
|
||||
│ ├── group_vars
|
||||
│ ├── host_vars
|
||||
│ ├── handlers
|
||||
│ ├── tasks
|
||||
│ ├── templates
|
||||
│ ├── vars
|
||||
│ └── requirements.yml
|
||||
├── roles
|
||||
├── roles/local
|
||||
│ └── <role-name>
|
||||
| └── requirements.yml
|
||||
├── tasks -> playbooks/tasks
|
||||
├── templates -> playbooks/templates
|
||||
└── vars -> playbooks/vars
|
||||
|
|
|
@ -1 +1,69 @@
|
|||
# Empty
|
||||
[defaults]
|
||||
|
||||
########################################
|
||||
# Display settings
|
||||
########################################
|
||||
|
||||
# Output display
|
||||
force_color = 1
|
||||
nocows = True
|
||||
|
||||
|
||||
# Note: http://docs.ansible.com/ansible/intro_configuration.html#ansible-managed
|
||||
ansible_managed = Ansible managed
|
||||
#ansible_managed = Ansible managed - {file} on {host}
|
||||
|
||||
|
||||
# Warn when ansible think it is better to use module.
|
||||
# Note: http://docs.ansible.com/ansible/intro_configuration.html#id88
|
||||
command_warnings = True
|
||||
|
||||
# Enable this to debug tasks calls
|
||||
display_args_to_stdout = False
|
||||
display_skipped_hosts = false
|
||||
|
||||
########################################
|
||||
# Playbook settings
|
||||
########################################
|
||||
|
||||
|
||||
# Default strategy
|
||||
strategy = free
|
||||
|
||||
# Number of hosts processed in parallel
|
||||
forks = 20
|
||||
|
||||
|
||||
########################################
|
||||
# Behaviour settings
|
||||
########################################
|
||||
|
||||
|
||||
# Make role variables private
|
||||
retry_files_enabled = True
|
||||
|
||||
# Fact options
|
||||
gathering = smart
|
||||
#gathering = !all
|
||||
#gathering = smart,network,hardware,virtual,ohai,facter
|
||||
#gathering = network,!hardware,virtual,!ohai,!facter
|
||||
|
||||
# facts caching
|
||||
#fact_caching_connection = tmp/facts_cache
|
||||
#fact_caching = json
|
||||
fact_caching = memory
|
||||
fact_caching_timeout = 1800
|
||||
|
||||
# Enable or disable logs
|
||||
# Note put to false in prod
|
||||
no_log = False
|
||||
|
||||
|
||||
########################################
|
||||
# Common destinations
|
||||
########################################
|
||||
|
||||
log_path = tmp/ansible.log
|
||||
known_hosts = tmp/known_hosts
|
||||
roles_path = roles/local:roles/public
|
||||
collections_paths = collections
|
||||
|
|
1
ansible/collections/Readme.md
Normal file
1
ansible/collections/Readme.md
Normal file
|
@ -0,0 +1 @@
|
|||
Leave empty, this is a placeholder folder for ansible collections
|
0
ansible/inventories/production/group_vars/ipa/main.yml
Normal file
0
ansible/inventories/production/group_vars/ipa/main.yml
Normal file
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
|
||||
ipaclient_domain = rockylinux.org
|
||||
ipaclient_realm = ROCKYLINUX.ORG
|
||||
ipaadmin_principal = admin
|
||||
ipaclient_no_ntp = true
|
||||
ipaclient_mkhomedir = true
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
|
||||
ipaadmin_principal = admin
|
||||
ipaclient_no_ntp = true
|
||||
ipaclient_mkhomedir = true
|
||||
ipaserver_realm = ROCKYLINUX.ORG
|
||||
ipaserver_hostname = ipa002.rockylinux.org
|
||||
ipareplica_domain = rockylinux.org
|
||||
ipareplica_auto_forwarders = true
|
||||
ipareplica_setup_firewalld = true
|
||||
ipareplica_setup_ca = true
|
||||
ipareplica_setup_kra = true
|
||||
ipareplica_setup_dns = true
|
||||
ipa_dns_master = 10.100.1.110
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
|
||||
ipaserver_domain = rockylinux.org
|
||||
ipaserver_realm = ROCKYLINUX.ORG
|
||||
ipaserver_setup_dns = true
|
||||
ipaserver_setup_kra = true
|
||||
ipaserver_auto_forwarders = true
|
||||
ipaserver_no_host_dns = true
|
||||
ipaserver_hostname = ipa001.rockylinux.org
|
||||
ipaserver_allow_zone_overlap = true
|
||||
ipaserver_setup_firewalld = true
|
||||
ipaclient_no_ntp = true
|
||||
ipaclient_mkhomedir = true
|
||||
ipaserver_reverse_zones = ["1.100.10.in-addr.arpa."]
|
24
ansible/inventories/production/hosts.ini
Normal file
24
ansible/inventories/production/hosts.ini
Normal file
|
@ -0,0 +1,24 @@
|
|||
# Generic inventory hosts
|
||||
[kvm]
|
||||
kvm001 ansible_host=10.100.2.110
|
||||
kvm002 ansible_host=10.100.2.111
|
||||
kvm003 ansible_host=10.100.2.112
|
||||
|
||||
[ipa:children]
|
||||
ipaserver
|
||||
ipareplicas
|
||||
ipaclients
|
||||
|
||||
[ipsilon]
|
||||
idp001 ansible_host=10.100.x.x
|
||||
|
||||
# Playbook and role specific inventory hosts and groups
|
||||
[ipaserver]
|
||||
ipa001 ansible_host=10.100.1.110
|
||||
|
||||
[ipareplicas]
|
||||
ipa002 ansible_host=10.100.1.111
|
||||
|
||||
[ipaclients]
|
||||
build-a-box ansible_host=10.100.1.112
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
# Placeholder
|
||||
[ipsilon]
|
||||
idp.rockylinux.org
|
|
@ -1,48 +0,0 @@
|
|||
[ipaservers]
|
||||
ipa001.rockylinux.org ansible_host=10.100.1.110
|
||||
ipa002.rockylinux.org ansible_host=10.100.1.111
|
||||
|
||||
[ipaserver]
|
||||
ipa001.rockylinux.org ansible_host=10.100.1.110
|
||||
|
||||
[ipaserver:vars]
|
||||
ipaserver_domain=rockylinux.org
|
||||
ipaserver_realm=ROCKYLINUX.ORG
|
||||
ipaserver_setup_dns=true
|
||||
ipaserver_setup_kra=true
|
||||
ipaserver_auto_forwarders=true
|
||||
ipaserver_no_host_dns=true
|
||||
ipaserver_hostname=ipa001.rockylinux.org
|
||||
ipaserver_allow_zone_overlap=true
|
||||
ipaserver_setup_firewalld=true
|
||||
ipaclient_no_ntp=true
|
||||
ipaclient_mkhomedir=true
|
||||
ipaserver_reverse_zones=["1.100.10.in-addr.arpa."]
|
||||
|
||||
[ipareplicas]
|
||||
ipa002.rockylinux.org ansible_host=10.100.1.111
|
||||
|
||||
[ipareplicas:vars]
|
||||
ipaadmin_principal=admin
|
||||
ipaclient_no_ntp=true
|
||||
ipaclient_mkhomedir=true
|
||||
ipaserver_realm=ROCKYLINUX.ORG
|
||||
ipaserver_hostname=ipa002.rockylinux.org
|
||||
ipareplica_domain=rockylinux.org
|
||||
ipareplica_auto_forwarders=true
|
||||
ipareplica_setup_firewalld=true
|
||||
ipareplica_setup_ca=true
|
||||
ipareplica_setup_kra=true
|
||||
ipareplica_setup_dns=true
|
||||
ipa_dns_master=10.100.1.110
|
||||
|
||||
# This is for example purposes - it is likely we'll use "all" instead of
|
||||
# putting everything under an ipaclient
|
||||
[ipaclients]
|
||||
build-a-box.rockylinux.org ansible_host=10.100.1.112
|
||||
|
||||
[ipaclients:vars]
|
||||
ipaclient_domain=rockylinux.org
|
||||
ipaadmin_principal=admin
|
||||
ipaclient_no_ntp=true
|
||||
ipaclient_mkhomedir=true
|
|
@ -1,4 +0,0 @@
|
|||
[kvmhosts]
|
||||
kvm001.rockylinux.org ansible_host=10.100.2.110
|
||||
kvm002.rockylinux.org ansible_host=10.100.2.111
|
||||
kvm003.rockylinux.org ansible_host=10.100.2.112
|
|
@ -0,0 +1 @@
|
|||
RedHat-8-system-auth
|
|
@ -0,0 +1,40 @@
|
|||
{imply "with-smartcard" if "with-smartcard-required"}
|
||||
auth required pam_env.so
|
||||
auth required pam_faildelay.so delay=2000000
|
||||
auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900 {include if "with-faillock"}
|
||||
auth [success=1 default=ignore] pam_succeed_if.so service notin login:gdm:xdm:kdm:xscreensaver:gnome-screensaver:kscreensaver quiet use_uid {include if "with-smartcard-required"}
|
||||
auth [success=done ignore=ignore default=die] pam_sss.so require_cert_auth ignore_authinfo_unavail {include if "with-smartcard-required"}
|
||||
auth sufficient pam_fprintd.so {include if "with-fingerprint"}
|
||||
auth sufficient pam_u2f.so cue {include if "with-pam-u2f"}
|
||||
auth required pam_u2f.so cue nouserok {include if "with-pam-u2f-2fa"}
|
||||
auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid >= 1000 quiet
|
||||
auth [default=1 ignore=ignore success=ok] pam_localuser.so {exclude if "with-smartcard"}
|
||||
auth [default=2 ignore=ignore success=ok] pam_localuser.so {include if "with-smartcard"}
|
||||
auth [success=done authinfo_unavail=ignore ignore=ignore default=die] pam_sss.so try_cert_auth {include if "with-smartcard"}
|
||||
auth sufficient pam_unix.so {if not "without-nullok":nullok} try_first_pass
|
||||
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
|
||||
auth sufficient pam_sss.so forward_pass
|
||||
auth required pam_faillock.so authfail audit deny=5 unlock_time=900 fail_interval=900 {include if "with-faillock"}
|
||||
auth required pam_deny.so
|
||||
|
||||
account required pam_access.so {include if "with-pamaccess"}
|
||||
account required pam_faillock.so {include if "with-faillock"}
|
||||
account required pam_unix.so
|
||||
account sufficient pam_localuser.so
|
||||
account sufficient pam_succeed_if.so uid < 1000 quiet
|
||||
account [default=bad success=ok user_unknown=ignore] pam_sss.so
|
||||
account required pam_permit.so
|
||||
|
||||
password requisite pam_pwquality.so try_first_pass local_users_only minlen=14 dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1 retry=3
|
||||
password requisite pam_pwhistory.so use_authok remember=5
|
||||
password sufficient pam_unix.so sha512 shadow {if not "without-nullok":nullok} try_first_pass use_authtok
|
||||
password sufficient pam_sss.so use_authtok
|
||||
password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
-session optional pam_systemd.so
|
||||
session optional pam_oddjob_mkhomedir.so umask=0077 {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
session required pam_unix.so
|
||||
session optional pam_sss.so
|
1
ansible/playbooks/files/etc/pam.d/CentOS-7-system-auth-ac
Symbolic link
1
ansible/playbooks/files/etc/pam.d/CentOS-7-system-auth-ac
Symbolic link
|
@ -0,0 +1 @@
|
|||
RedHat-7-system-auth-ac
|
34
ansible/playbooks/files/etc/pam.d/RedHat-7-system-auth-ac
Normal file
34
ansible/playbooks/files/etc/pam.d/RedHat-7-system-auth-ac
Normal file
|
@ -0,0 +1,34 @@
|
|||
#%PAM-1.0
|
||||
# This file is auto-generated.
|
||||
# User changes will be destroyed the next time authconfig is run.
|
||||
auth required pam_env.so
|
||||
auth required pam_faildelay.so delay=2000000
|
||||
auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900
|
||||
auth [default=1 success=ok] pam_localuser.so
|
||||
auth [success=done ignore=ignore default=bad] pam_unix.so nullok try_first_pass
|
||||
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
|
||||
auth sufficient pam_sss.so forward_pass
|
||||
auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900
|
||||
auth required pam_deny.so
|
||||
|
||||
account required pam_faillock.so
|
||||
account required pam_unix.so
|
||||
account sufficient pam_localuser.so
|
||||
account sufficient pam_succeed_if.so uid < 1000 quiet
|
||||
account [default=bad success=ok user_unknown=ignore] pam_sss.so
|
||||
account required pam_permit.so
|
||||
|
||||
password requisite pam_pwquality.so try_first_pass minlen=14 dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1 local_users_only retry=3
|
||||
password requisite pam_pwhistory.so use_authok remember=5
|
||||
password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok
|
||||
password sufficient pam_sss.so use_authtok
|
||||
password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
-session optional pam_systemd.so
|
||||
session optional pam_oddjob_mkhomedir.so umask=0077
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
session required pam_unix.so
|
||||
session optional pam_sss.so
|
||||
|
52
ansible/playbooks/init-rocky-ansible-host.yml
Normal file
52
ansible/playbooks/init-rocky-ansible-host.yml
Normal file
|
@ -0,0 +1,52 @@
|
|||
---
|
||||
|
||||
- hosts: localhost
|
||||
connection: local
|
||||
vars:
|
||||
force_purge: true
|
||||
roles_installation_dir: roles/public
|
||||
collection_installation_dir: collections
|
||||
installation_prefix: ../
|
||||
pre_tasks:
|
||||
# example prepare ansible box for execution
|
||||
# - name: install required pip modules on the host running ansible
|
||||
# pip:
|
||||
# name:
|
||||
# - jmespath
|
||||
# - netaddr
|
||||
# - python-consul
|
||||
# - pyvmomi
|
||||
# - python-ldap
|
||||
# - twine
|
||||
|
||||
- name: Remove existing public roles
|
||||
file:
|
||||
path: "{{ installation_prefix }}{{ roles_installation_dir }}"
|
||||
state: absent
|
||||
when: force_purge | bool
|
||||
|
||||
- name: Install all public roles
|
||||
command: >
|
||||
ansible-galaxy role install
|
||||
{{ ( force_purge | bool ) | ternary('--force','') }}
|
||||
--role-file {{ installation_prefix }}roles/requirements.yml
|
||||
--roles-path {{ installation_prefix }}{{ roles_installation_dir }}
|
||||
|
||||
- name: Install needed collections
|
||||
command: >
|
||||
ansible-galaxy collection install
|
||||
{{ ( force_purge | bool ) | ternary('--force-with-deps','') }}
|
||||
-r {{ installation_prefix }}roles/requirements.yml
|
||||
-p {{ installation_prefix }}{{ collection_installation_dir }}
|
||||
|
||||
- name: cleanup old ssh known_hosts - remove
|
||||
file:
|
||||
path: "../tmp/known_hosts"
|
||||
state: absent
|
||||
mode: "0644"
|
||||
|
||||
- name: cleanup old ssh known_hosts - blank
|
||||
file:
|
||||
path: "../tmp/known_hosts"
|
||||
state: touch
|
||||
mode: "0644"
|
|
@ -3,7 +3,7 @@
|
|||
# Created: @SherifNagy
|
||||
# Modified to current standards: @nazunalika
|
||||
- name: Configure KVM host
|
||||
hosts: kvmhosts
|
||||
hosts: kvm
|
||||
become: true
|
||||
|
||||
pre_tasks:
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
- name: Configure harden settings
|
||||
include: tasks/harden.yml
|
||||
|
||||
- name: Configure PAM and SSSD
|
||||
- name: Configure PAM
|
||||
include: tasks/authentication.yml
|
||||
|
||||
post_tasks:
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
# Configures an IPA client for the Rocky infrastructure
|
||||
# Variables are in inventory/ipainventory
|
||||
|
||||
- name: Configure IPA client
|
||||
hosts: ipaclients
|
||||
become: true
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
# Creates an IPA replica
|
||||
# Variables are in inventory/ipainventory
|
||||
|
||||
- name: Configure IPA server
|
||||
hosts: ipareplicas
|
||||
become: true
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
# Creates the first server for an IPA infrastructure
|
||||
# Variables for the infrastructure are in inventory/ipainventory
|
||||
# Recommended specs for the IPA systems, that scale based on number of objects:
|
||||
# CPU: 2 cores
|
||||
# Memory: 4GB
|
||||
|
@ -44,7 +43,7 @@
|
|||
- reload_networkmanager
|
||||
|
||||
roles:
|
||||
- role: ipaserver
|
||||
- role: freeipa.ansible_freeipa.ipaserver
|
||||
state: present
|
||||
|
||||
post_tasks:
|
||||
|
|
|
@ -1,3 +1,65 @@
|
|||
---
|
||||
# Configures PAM and SSSD post-ipa client installation. It is recommended that
|
||||
# that we use a custom authselect profile and build it out from there.
|
||||
- name: Enterprise Linux 7 PAM Configuration
|
||||
copy:
|
||||
src: "etc/pam.d/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth-ac"
|
||||
dest: "{{ item }}"
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
with_items:
|
||||
- /etc/pam.d/system-auth-ac
|
||||
- /etc/pam.d/password-auth-ac
|
||||
when:
|
||||
- ansible_facts['os_family'] == 'RedHat'
|
||||
- ansible_facts['distribution_major_version'] == '7'
|
||||
|
||||
- name: Enterprise Linux 8 PAM Configuration
|
||||
when:
|
||||
- ansible_facts['os_family'] == 'RedHat'
|
||||
- ansible_facts['distribution_major_version'] == '8'
|
||||
block:
|
||||
- name: Ensure Custom Profile is removed
|
||||
file:
|
||||
state: absent
|
||||
path: /etc/authselect/custom/sssd-rocky
|
||||
|
||||
- name: Create custom authselect profile based on sssd
|
||||
command: >
|
||||
/usr/bin/authselect create-profile sssd-rocky
|
||||
--base-on sssd
|
||||
--symlink-dconf
|
||||
--symlink-meta
|
||||
--symlink=postlogin
|
||||
--symlink=smartcard-auth
|
||||
--symlink=fingerprint-auth
|
||||
|
||||
- name: Override system-auth and password-auth
|
||||
copy:
|
||||
src: "etc/authselect/custom/sssd-aoc/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth"
|
||||
dest: "{{ item }}"
|
||||
mode: '0644'
|
||||
owner: root
|
||||
group: root
|
||||
with_items:
|
||||
- /etc/authselect/custom/sssd-aoc/system-auth
|
||||
- /etc/authselect/custom/sssd-aoc/password-auth
|
||||
|
||||
- name: Select New Profile
|
||||
command: >
|
||||
/usr/bin/authselect select custom/sssd-aoc
|
||||
without-nullok
|
||||
with-faillock
|
||||
with-mkhomedir
|
||||
with-sudo
|
||||
--force
|
||||
|
||||
- name: Apply new settings
|
||||
command: /usr/bin/authselect apply-changes
|
||||
|
||||
- name: Enable oddjobd
|
||||
service:
|
||||
name: oddjobd
|
||||
state: started
|
||||
enabled: yes
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
- "ipaserver.yml"
|
||||
when: "'ipaservers' in group_names"
|
||||
when: "'ipaserver' in group_names"
|
||||
|
||||
- name: Check if system is EFI
|
||||
stat:
|
||||
|
|
|
@ -6,6 +6,7 @@ bin_sudo: /usr/bin/sudo
|
|||
kernel_boot_options: audit=1
|
||||
grub_config_path_link: /etc/grub2.cfg
|
||||
grub_config_path_efi: /etc/grub2-efi.cfg
|
||||
ipatype: client
|
||||
|
||||
# Removing TFTP for now because there will likely be tftp/pxe servers
|
||||
remove_packages:
|
||||
|
|
1
ansible/roles/local/Readme.md
Normal file
1
ansible/roles/local/Readme.md
Normal file
|
@ -0,0 +1 @@
|
|||
Put all local roles here
|
1
ansible/roles/public/Readme.md
Normal file
1
ansible/roles/public/Readme.md
Normal file
|
@ -0,0 +1 @@
|
|||
Do not put any roles here, This is a placeholder for public roles installed via galaxy
|
13
ansible/roles/requirements.yml
Normal file
13
ansible/roles/requirements.yml
Normal file
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
|
||||
roles:
|
||||
- name: geerlingguy.mysql
|
||||
# monitoring
|
||||
- name: cloudalchemy.node-exporter
|
||||
- name: cloudalchemy.prometheus
|
||||
|
||||
collections:
|
||||
# freeipa
|
||||
- name: freeipa.ansible_freeipa
|
||||
version: 0.3.1
|
||||
- name: community.general
|
4
ansible/ssh_config
Normal file
4
ansible/ssh_config
Normal file
|
@ -0,0 +1,4 @@
|
|||
ControlMaster auto
|
||||
ControlPersist 30m
|
||||
UserKnownHostsFile tmp/known_hosts
|
||||
HashKnownHosts no
|
1
ansible/tmp/Readme.md
Normal file
1
ansible/tmp/Readme.md
Normal file
|
@ -0,0 +1 @@
|
|||
Keep folder empty
|
Loading…
Reference in a new issue