diff --git a/ansible/runonce/db.yml b/ansible/runonce/db.yml index 186adaa08..5c2602bb2 100644 --- a/ansible/runonce/db.yml +++ b/ansible/runonce/db.yml @@ -86,6 +86,7 @@ packages: - curl - git + - rsync-- - mariadb-server - memcached-- - libmemcached diff --git a/ansible/runonce/docker-registry.yml b/ansible/runonce/docker-registry.yml index c2674774f..14c97f738 100755 --- a/ansible/runonce/docker-registry.yml +++ b/ansible/runonce/docker-registry.yml @@ -3,6 +3,7 @@ - name: "Setup docker registry on an OpenBSD server (standalone)" hosts: all become_method: doas + gather_facts: no vars_prompt: - name: "registry_user" prompt: "1/5. User to run the registry as?" @@ -37,14 +38,17 @@ rcctl: - { name: 'supervisord', state: "enable" } packages: + - ansible - go - supervisor - py3-setuptools + - git + - rsync-- tasks: - name: Install packages - openbsd_pkg: - name: "{{packages}}" + raw: pkg_add {{item}} + with_items: "{{packages}}" - name: Add users user: @@ -95,7 +99,7 @@ - name: Configure supervisor registry service community.general.ini_file: - path: /etc/conf + path: /etc/supervisord.d/registry.ini section: "program:registry" option: "{{item.key}}" value: "{{item.value}}" diff --git a/ansible/runonce/docker-servers.yml b/ansible/runonce/docker-servers.yml index 535e74d19..06bdfb31b 100644 --- a/ansible/runonce/docker-servers.yml +++ b/ansible/runonce/docker-servers.yml @@ -37,8 +37,9 @@ - name: Configure resolv.conf copy: - content: "nameserver 10.0.0.254\n" + content: "{{resolvconf}}\n" dest: /etc/resolv.conf + when: resolvconf is defined - name: Allow release-info to change for APT repositories when: ansible_facts['distribution'] == 'Debian' @@ -120,11 +121,11 @@ pkg: "{{post_apt}}" when: post_apt is defined and post_apt|length > 0 - - name: Install pip packages - no_log: "{{DEBUG|default(true)}}" - pip: name="{{item.name}}" version="{{item.version|default(omit)}}" state="{{item.state}}" - with_items: "{{pip}}" - when: pip is defined +# - name: Install pip packages +# no_log: "{{DEBUG|default(true)}}" +# pip: name="{{item.name}}" version="{{item.version|default(omit)}}" state="{{item.state}}" +# with_items: "{{pip}}" +# when: pip is defined - name: Check if we're working with cloud-init ansible.builtin.stat: diff --git a/ansible/runonce/mui.yml b/ansible/runonce/mui.yml index 5cffb8f46..4e66735a4 100644 --- a/ansible/runonce/mui.yml +++ b/ansible/runonce/mui.yml @@ -87,6 +87,7 @@ packages: - curl - git + - rsync-- - memcached-- - libmemcached - py3-mysqlclient @@ -298,7 +299,7 @@ - name: "Create moderatorUI config/db.php" copy: - content: " 'yii\\db\\Connection', 'dsn' => 'mysql:host={{db_ip}};dbname=echoCTF', 'username' => 'moderatorUI', 'password' => 'moderatorUI', 'charset' => 'utf8'];\n" + content: " 'yii\\db\\Connection', 'dsn' => 'mysql:host={{db_ip}};dbname=echoCTF', 'username' => 'moderatorUI', 'password' => 'moderatorUI', 'charset' => 'utf8mb4'];\n" dest: "/home/moderatorUI/{{domain_name}}/backend/config/db.php" mode: '0444' tags: diff --git a/ansible/runonce/pui.yml b/ansible/runonce/pui.yml index dce55e871..bd1f9141d 100644 --- a/ansible/runonce/pui.yml +++ b/ansible/runonce/pui.yml @@ -96,6 +96,7 @@ - automake%1.16 - curl - git + - rsync-- - libmemcached - libtool - memcached-- @@ -418,6 +419,11 @@ - { section: Session, option: "session.save_path", value: "{{db_ip}}:11211"} - { section: Session, option: "session.gc_maxlifetime", value: "43200" } - { section: Session, option: "session.use_strict_mode", value: "1" } + - { section: opcache, option: "opcache.enable", value: "1" } + - { section: opcache, option: "opcache.memory_consumption", value: "128" } + - { section: opcache, option: "opcache.validate_timestamps", value: "0" } + - { section: opcache, option: "opcache.revalidate_freq", value: "2" } + - { section: opcache, option: "opcache.revalidate_path", value: "0" } - name: copy nginx rc.d into participant command: cp /etc/rc.d/nginx "/etc/rc.d/{{item}}" diff --git a/ansible/runonce/vpngw.yml b/ansible/runonce/vpngw.yml index 9e57a1850..3eadf310d 100644 --- a/ansible/runonce/vpngw.yml +++ b/ansible/runonce/vpngw.yml @@ -48,6 +48,7 @@ - automake%1.16 - curl - git + - rsync-- - libmemcached - memcached-- - libtool @@ -67,6 +68,7 @@ - go - p5-Net-Pcap - p5-NetPacket + - gnuwatch vars_prompt: - name: "myname" prompt: "1/16. System hostname?" diff --git a/ansible/templates/docker-server-advanced.yml b/ansible/templates/docker-server-advanced.yml index 43507b45c..3540478bf 100644 --- a/ansible/templates/docker-server-advanced.yml +++ b/ansible/templates/docker-server-advanced.yml @@ -44,12 +44,14 @@ pre_apt: - gnupg2 - software-properties-common - rdate + - python3-requests + - python3-docker post_apt: - docker-ce -pip: - - { name: "docker", version: "*", state: "present" } +#pip: +# - { name: "docker", version: "*", state: "present" } #sync: # - { src: "../files/docker/build", dst: "/opt" } diff --git a/ansible/templates/unbound.conf.j2 b/ansible/templates/unbound.conf.j2 index 5b9914191..e118ef7ed 100644 --- a/ansible/templates/unbound.conf.j2 +++ b/ansible/templates/unbound.conf.j2 @@ -8,7 +8,7 @@ interface: {{bind.ip}} access-control: 0.0.0.0/0 allow do-ip6: no -pidfile: "/var/unbound/var/run/unbound.pid" +pidfile: "/var/run/unbound.pid" hide-identity: yes hide-version: yes