Browse Source

add new configurations files

master
Jörg Thalheim 6 years ago
parent
commit
309456d19f
  1. 2
      roles/common/files/locale.conf
  2. 34
      roles/common/files/logind.conf
  3. 2
      roles/common/files/resolv.conf
  4. 1
      roles/common/files/whois.conf
  5. 19
      roles/common/tasks/main.yml
  6. 2
      roles/container/files/vimrc
  7. 150
      roles/php/templates/php.ini.j2

2
roles/common/templates/locale.conf.j2 → roles/common/files/locale.conf

@ -1,4 +1,4 @@
# {{ ansible_managed }}
# managed by ansible
#
LANG="de_DE.UTF-8"
LC_MESSAGES="en_DK.UTF-8"

34
roles/common/files/logind.conf

@ -0,0 +1,34 @@
# managed by ansible
#
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# You can override the directives in this file by creating files in
# /etc/systemd/logind.conf.d/*.conf.
#
# See logind.conf(5) for details
[Login]
#NAutoVTs=6
#ReserveVT=6
#KillUserProcesses=no
#KillOnlyUsers=
#KillExcludeUsers=root
#InhibitDelayMaxSec=5
#HandlePowerKey=poweroff
#HandleSuspendKey=suspend
#HandleHibernateKey=hibernate
#HandleLidSwitch=suspend
#HandleLidSwitchDocked=ignore
#PowerKeyIgnoreInhibited=no
#SuspendKeyIgnoreInhibited=no
#HibernateKeyIgnoreInhibited=no
#LidSwitchIgnoreInhibited=yes
#IdleAction=ignore
#IdleActionSec=30min
#RuntimeDirectorySize=10%
#RemoveIPC=yes

2
roles/common/templates/resolv.conf.j2 → roles/common/files/resolv.conf

@ -1,4 +1,4 @@
# {{ ansible_managed }}
# managed by ansible
#
# /etc/resolv.conf
#

1
roles/common/templates/whois.conf → roles/common/files/whois.conf

@ -1,3 +1,4 @@
# managed by ansible
\.dn42$ whois.dn42
\-DN42$ whois.dn42
# dn42 range 64512-65534

19
roles/common/tasks/main.yml

@ -1,7 +1,3 @@
- name: resolv.conf
template: src=resolv.conf.j2 dest=/etc/resolv.conf mode=0644 backup=yes
- name: locale.conf
template: src=locale.conf.j2 dest=/etc/locale.conf mode=0644 backup=yes
- name: update pacman cache
pacman: update_cache=yes
- name: install essential packages
@ -14,8 +10,19 @@
- git
- sudo
- ca-certificates-dn42
- name: /etc/hosts
template: src=hosts.j2 dest=/etc/hosts mode=0644 backup=yes
- locale_gen: name=de_DE.UTF-8 state=present
- locale_gen: name=en_DK.UTF-8 state=present
- command: /usr/bin/timedatectl set-timezone UTC
- name: common configuration
template: src={{ item.from }}.j2 dest={{ item.to }} mode=0644 backup=no
with_items:
- { from: hosts, to: /etc/hosts }
- name: common configuration
copy: src={{ item.from }} dest={{ item.to }}
with_items:
- { from: locale.conf, to: /etc/locale.conf }
- { from: whois.conf, to: /etc/whois.conf }
- { from: resolv.conf, to: /etc/resolv.conf }
- { from: logind.conf, to: /etc/systemd/system/logind.conf }

2
roles/container/files/vimrc

@ -1,4 +1,4 @@
" {{ ansible_managed }}
" managed by ansible
set nocompatible " be iMproved
filetype off " required!
let mapleader="," " change the leader to be a comma vs slash

150
roles/php/templates/php.ini.j2

@ -78,9 +78,9 @@
; compatibility with older or less security conscience applications. We
; recommending using the production ini in production and testing environments.
; php.ini-development is very similar to its production variant, except it's
; much more verbose when it comes to errors. We recommending using the
; development version only in development environments as errors shown to
; php.ini-development is very similar to its production variant, except it is
; much more verbose when it comes to errors. We recommend using the
; development version only in development environments, as errors shown to
; application users can inadvertently leak otherwise secure information.
; This is php.ini-production INI file.
@ -293,20 +293,17 @@ serialize_precision = 17
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; or per-virtualhost web server configuration file.
; http://php.net/open-basedir
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/
; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; It receives a comma-delimited list of function names.
; http://php.net/disable-functions
disable_functions =
; This directive allows you to disable certain classes for security reasons.
; It receives a comma-delimited list of class names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; It receives a comma-delimited list of class names.
; http://php.net/disable-classes
disable_classes =
@ -423,7 +420,7 @@ memory_limit = 128M
; E_NOTICE - run-time notices (these are warnings which often result
; from a bug in your code, but it's possible that it was
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; relying on the fact it is automatically initialized to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
@ -456,8 +453,8 @@ error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
; it could be very dangerous in production environments. Depending on the code
; which is triggering the error, sensitive information could potentially leak
; out of your application such as database usernames and passwords or worse.
; It's recommended that errors be logged on production servers rather than
; having the errors sent to STDOUT.
; For production environments, we recommend logging errors rather than
; sending them to STDOUT.
; Possible Values:
; Off = Do not display any errors
; stderr = Display errors to STDERR (affects only CGI/CLI binaries!)
@ -471,8 +468,8 @@ display_errors = Off
; The display of errors which occur during PHP's startup sequence are handled
; separately from display_errors. PHP's default behavior is to suppress those
; errors from clients. Turning the display of startup errors on can be useful in
; debugging configuration problems. But, it's strongly recommended that you
; leave this setting off on production servers.
; debugging configuration problems. We strongly recommend you
; set this to 'off' for production servers.
; Default Value: Off
; Development Value: On
; Production Value: Off
@ -611,13 +608,13 @@ html_errors = On
; http://php.net/variables-order
variables_order = "GPCS"
; This directive determines which super global data (G,P,C,E & S) should
; be registered into the super global array REQUEST. If so, it also determines
; the order in which that data is registered. The values for this directive are
; specified in the same manner as the variables_order directive, EXCEPT one.
; Leaving this value empty will cause PHP to use the value set in the
; variables_order directive. It does not mean it will leave the super globals
; array REQUEST empty.
; This directive determines which super global data (G,P & C) should be
; registered into the super global array REQUEST. If so, it also determines
; the order in which that data is registered. The values for this directive
; are specified in the same manner as the variables_order directive,
; EXCEPT one. Leaving this value empty will cause PHP to use the value set
; in the variables_order directive. It does not mean it will leave the super
; globals array REQUEST empty.
; Default Value: None
; Development Value: "GP"
; Production Value: "GP"
@ -678,15 +675,33 @@ auto_append_file =
; http://php.net/default-mimetype
default_mimetype = "text/html"
; PHP's default character set is set to empty.
; PHP's default character set is set to UTF-8.
; http://php.net/default-charset
;default_charset = "UTF-8"
default_charset = "UTF-8"
; PHP internal character encoding is set to empty.
; If empty, default_charset is used.
; http://php.net/internal-encoding
;internal_encoding =
; PHP input character encoding is set to empty.
; If empty, default_charset is used.
; http://php.net/input-encoding
;input_encoding =
; PHP output character encoding is set to empty.
; If empty, default_charset is used.
; mbstring or iconv output handler is used.
; See also output_buffer.
; http://php.net/output-encoding
;output_encoding =
; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is
; to disable this feature. If post reading is disabled through
; enable_post_data_reading, $HTTP_RAW_POST_DATA is *NOT* populated.
; to disable this feature and it will be removed in a future version.
; If post reading is disabled through enable_post_data_reading,
; $HTTP_RAW_POST_DATA is *NOT* populated.
; http://php.net/always-populate-raw-post-data
;always_populate_raw_post_data = On
;always_populate_raw_post_data = -1
;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
@ -770,8 +785,8 @@ enable_dl = Off
;fastcgi.logging = 0
; cgi.rfc2616_headers configuration option tells PHP what type of headers to
; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
; is supported by Apache. When this option is set to 1 PHP will send
; use when sending HTTP response code. If set to 0, PHP sends Status: header that
; is supported by Apache. When this option is set to 1, PHP will send
; RFC2616 compliant header.
; Default is zero.
; http://php.net/cgi.rfc2616-headers
@ -935,9 +950,22 @@ date.timezone = UTC
;filter.default_flags =
[iconv]
;iconv.input_encoding = ISO-8859-1
;iconv.internal_encoding = ISO-8859-1
;iconv.output_encoding = ISO-8859-1
; Use of this INI entry is deprecated, use global input_encoding instead.
; If empty, default_charset or input_encoding or iconv.input_encoding is used.
; The precedence is: default_charset < intput_encoding < iconv.input_encoding
;iconv.input_encoding =
; Use of this INI entry is deprecated, use global internal_encoding instead.
; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
;iconv.internal_encoding =
; Use of this INI entry is deprecated, use global output_encoding instead.
; If empty, default_charset or output_encoding or iconv.output_encoding is used.
; The precedence is: default_charset < output_encoding < iconv.output_encoding
; To use an output encoding conversion, iconv's output handler must be set
; otherwise output encoding conversion cannot be performed.
;iconv.output_encoding =
[intl]
;intl.default_locale =
@ -1373,9 +1401,9 @@ session.save_handler = files
;
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
; store the session data in those directories. This is useful if
; your OS has problems with many files in one directory, and is
; a more efficient layout for servers that handle many sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
@ -1410,7 +1438,7 @@ session.use_cookies = 1
; This option forces PHP to fetch and use a cookie for storing and maintaining
; the session id. We encourage this operation as it's very helpful in combating
; session hijacking when not specifying and managing your own session id. It is
; not the end all be all of session hijacking defense, but it's a good start.
; not the be-all and end-all of session hijacking defense, but it's a good start.
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1
@ -1510,7 +1538,7 @@ session.cache_limiter = nocache
session.cache_expire = 180
; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use of trans sid may risk your users' security.
; Use this option with caution.
; - User may send URL contains active session ID
; to other person via. email/irc/etc.
@ -1700,23 +1728,34 @@ mssql.secure_connection = Off
[mbstring]
; language for internal character representation.
; This affects mb_send_mail() and mbstrig.detect_order.
; http://php.net/mbstring.language
;mbstring.language = Japanese
; Use of this INI entry is deprecated, use global internal_encoding instead.
; internal/script encoding.
; Some encoding cannot work as internal encoding.
; (e.g. SJIS, BIG5, ISO-2022-*)
; http://php.net/mbstring.internal-encoding
;mbstring.internal_encoding = UTF-8
; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*)
; If empty, default_charset or internal_encoding or iconv.internal_encoding is used.
; The precedence is: default_charset < internal_encoding < iconv.internal_encoding
;mbstring.internal_encoding =
; Use of this INI entry is deprecated, use global input_encoding instead.
; http input encoding.
; mbstring.encoding_traslation = On is needed to use this setting.
; If empty, default_charset or input_encoding or mbstring.input is used.
; The precedence is: default_charset < intput_encoding < mbsting.http_input
; http://php.net/mbstring.http-input
;mbstring.http_input = UTF-8
; http output encoding. mb_output_handler must be
; registered as output buffer to function
;mbstring.http_input =
; Use of this INI entry is deprecated, use global output_encoding instead.
; http output encoding.
; mb_output_handler must be registered as output buffer to function.
; If empty, default_charset or output_encoding or mbstring.http_output is used.
; The precedence is: default_charset < output_encoding < mbstring.http_output
; To use an output encoding conversion, mbstring's output handler must be set
; otherwise output encoding conversion cannot be performed.
; http://php.net/mbstring.http-output
;mbstring.http_output = pass
;mbstring.http_output =
; enable automatic encoding translation according to
; mbstring.internal_encoding setting. Input chars are
@ -1727,7 +1766,7 @@ mssql.secure_connection = Off
;mbstring.encoding_translation = Off
; automatic encoding detection order.
; auto means
; "auto" detect order is changed according to mbstring.language
; http://php.net/mbstring.detect-order
;mbstring.detect_order = auto
@ -1748,6 +1787,7 @@ mssql.secure_connection = Off
;mbstring.func_overload = 0
; enable strict encoding detection.
; Default: Off
;mbstring.strict_detection = On
; This directive specifies the regex pattern of content types for which mb_output_handler()
@ -1937,6 +1977,24 @@ opcache.enable=1
; absolute path.
;curl.cainfo =
[openssl]
; The location of a Certificate Authority (CA) file on the local filesystem
; to use when verifying the identity of SSL/TLS peers. Most users should
; not specify a value for this directive as PHP will attempt to use the
; OS-managed cert stores in its absence. If specified, this value may still
; be overridden on a per-stream basis via the "cafile" SSL stream context
; option.
;openssl.cafile=
; If openssl.cafile is not specified or if the CA file is not found, the
; directory pointed to by openssl.capath is searched for a suitable
; certificate. This value must be a correctly hashed certificate directory.
; Most users should not specify a value for this directive as PHP will
; attempt to use the OS-managed cert stores in its absence. If specified,
; this value may still be overridden on a per-stream basis via the "capath"
; SSL stream context option.
;openssl.capath=
; Local Variables:
; tab-width: 4
; End:
Loading…
Cancel
Save