diff options
-rw-r--r-- | inventory/host_vars/sk-cloudia/coturn.yml | 2 | ||||
-rwxr-xr-x | roles/apps/coturn/contrib/turn-create-time-limited-user.sh | 15 | ||||
-rw-r--r-- | roles/core/base/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/core/sshd/tasks/main.yml | 4 | ||||
-rw-r--r-- | roles/installer/debian/preseed/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/reboot-and-wait/tasks/main.yml | 2 |
6 files changed, 18 insertions, 9 deletions
diff --git a/inventory/host_vars/sk-cloudia/coturn.yml b/inventory/host_vars/sk-cloudia/coturn.yml index c45bb145..43dc2d3c 100644 --- a/inventory/host_vars/sk-cloudia/coturn.yml +++ b/inventory/host_vars/sk-cloudia/coturn.yml @@ -1,7 +1,7 @@ --- coturn_base_path: /srv/storage/coturn -coturn_version: 4.5.1.2 +coturn_version: 4.5.1.3 coturn_realm: elev8.at coturn_hostnames: - stun.elev8.at diff --git a/roles/apps/coturn/contrib/turn-create-time-limited-user.sh b/roles/apps/coturn/contrib/turn-create-time-limited-user.sh new file mode 100755 index 00000000..0d4947fc --- /dev/null +++ b/roles/apps/coturn/contrib/turn-create-time-limited-user.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +if [ -z "$1" ]; then + echo "Usage: $0 <expiry-seconds>" + exit 1 +fi + + +secret="{{ coturn_auth_secret }}" + +time=$(date +%s) +username=$(( $time + $1 )) + +echo username: "$username" +echo password: $(echo -n "$username" | openssl dgst -binary -sha1 -hmac "$secret" | openssl base64) diff --git a/roles/core/base/tasks/main.yml b/roles/core/base/tasks/main.yml index 5484a3a6..73d85993 100644 --- a/roles/core/base/tasks/main.yml +++ b/roles/core/base/tasks/main.yml @@ -17,8 +17,6 @@ line: "startup_message off" dest: /etc/screenrc mode: 0644 - tags: - - screen - name: install htop config (1/2) loop: diff --git a/roles/core/sshd/tasks/main.yml b/roles/core/sshd/tasks/main.yml index ef0e9a81..f07bef54 100644 --- a/roles/core/sshd/tasks/main.yml +++ b/roles/core/sshd/tasks/main.yml @@ -27,7 +27,7 @@ notify: restart ssh - name: limit allowed users - when: not sshd_allow_any_user + when: not sshd_allow_any_user | bool lineinfile: dest: /etc/ssh/sshd_config regexp: "^AllowUsers\\s" @@ -35,7 +35,7 @@ notify: restart ssh - name: allow any user - when: sshd_allow_any_user + when: sshd_allow_any_user | bool lineinfile: dest: /etc/ssh/sshd_config regexp: "^AllowUsers\\s" diff --git a/roles/installer/debian/preseed/tasks/main.yml b/roles/installer/debian/preseed/tasks/main.yml index 599d9ddb..2934ca1b 100644 --- a/roles/installer/debian/preseed/tasks/main.yml +++ b/roles/installer/debian/preseed/tasks/main.yml @@ -53,5 +53,3 @@ etc/systemd/ etc/systemd/network/ etc/systemd/network/90-namepolicy.link - tags: - - skip_ansible_lint diff --git a/roles/reboot-and-wait/tasks/main.yml b/roles/reboot-and-wait/tasks/main.yml index 18ae2703..e648f0af 100644 --- a/roles/reboot-and-wait/tasks/main.yml +++ b/roles/reboot-and-wait/tasks/main.yml @@ -3,8 +3,6 @@ async: 1 poll: 0 ignore_errors: true - tags: - - skip_ansible_lint - name: waiting for host to come back wait_for_connection: |