emdee/libvirt_cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add

Browse Source
This commit is contained in:
emdee
2024-01-04 14:53:42 +00:00
parent e1c072cf16
commit 346682eedb
31 changed files with 12094 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
roles/toxcore/tasks/users.yml
View File

@@ -7,6 +7,133 @@
verbosity: 1
msg: "toxcore users.yml LOOP_USER_F={{LOOP_USER_F[0]}}"
- block:
# https://stackoverflow.com/questions/13114268/passing-ciphers-to-libcurl-through-git
# https://git-scm.com/docs/git-config#git-config-httpsslCipherList
- name: ~/.gitconfig TEST_SSL_GIT_CIPHERLIST
ini_file:
path: "{{ item.dest }}"
create: yes
section: "http"
option: "sslCipherList"
value: "{{ TEST_SSL_GIT_CIPHERLIST|join(' ') }}"
when:
- TEST_SSL_GIT_CIPHERLIST|default([])|length > 0
with_items:
- {dest: "{{USER_HOME}}/.gitconfig", owner: "{{ LOOP_USER }}", group: "{{ BOX_ALSO_GROUP }}" }
# https://stackoverflow.com/questions/48938019/git-pull-push-unable-to-access-https-ssl-routines-seem-to-be-down
# git config http.sslVersion tlsv1.2
- name: ~/.gitconfig TEST_SSL_GIT_SSLVERSION
ini_file:
path: "{{ item.dest }}"
create: yes
section: "http"
option: "sslVersion"
value: "{{ TEST_SSL_GIT_SSLVERSION }}"
when:
- TEST_SSL_GIT_SSLVERSION|default('') != ''
with_items:
- { dest: "{{USER_HOME}}/.gitconfig", owner: "{{ LOOP_USER }}", group: "{{ BOX_ALSO_GROUP }}" }
# https://stackoverflow.com/questions/21181231/server-certificate-verification-failed-cafile-etc-ssl-certs-ca-certificates-c
- name: ~/.gitconfig with proxy http
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if HTTP_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy http"
block: |
[http]
# https sic
proxy = http://{{HTTPS_PROXYHOST}}:{{HTTPS_PROXYPORT}}
sslCAinfo = /usr/local/etc/ssl/cacert-testforge.pem
# http sic
sslverify = true
# sslversion = {{"tlsv1.3" if BOX_TLS_VERSION == "1.3" else "tlsv1.2"}}
when:
- HTTPS_PROXYHOST != '' and HTTPS_PROXYPORT != ''
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
- name: git config --global http.sslverify "true"
shell: |
git config --global --list | grep -q http.sslverify.true || \
git config --global http.sslverify "true"
git config --global --list | grep -q https.sslverify.true || \
git config --global https.sslverify "true"
exit 0
- name: git config --global http.sslversion tlsv1.3
shell: |
# GIT_CURL_VERBOSE=1
git config --global --list | \
grep -q http.sslversion.tlsv1.{{BOX_TLS_VERSION}} || \
git config --global http.sslversion tlsv1.{{BOX_TLS_VERSION}}
exit 0
when:
- BOX_TLS_VERSION == "1.3"
- false
- name: ~/.gitconfig with proxy https
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if HTTPS_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy https"
block: |
[https]
proxy = http://{{HTTPS_PROXYHOST}}:{{HTTPS_PROXYPORT}}
sslCAinfo = {{PLAY_CA_CERT}}
# http sic
sslverify = true
sslversion = {{"tlsv1.3" if BOX_TLS_VERSION == "1.3" else "tlsv1.2"}}
when:
- true
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
- name: ~/.gitconfig with proxy core
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if HTTP_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy core"
block: |
[core]
gitproxy = /usr/local/bin/gitproxy.bash
when:
- true
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
- name: ~/.gitconfig with proxy socks
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if SOCKS_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy socks"
block: |
[socks]
proxy = {{SOCKS_PROXYTYPE}}://{{SOCKS_PROXYHOST}}:{{SOCKS_PROXYPORT}}
when:
- true
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
when:
- "LOOP_USER != 'portage'"
- block:
- name: /etc/sysconfig/docker