Skip to content

Commit

Permalink
Updates playbooks with new OSSEC role logic
Browse files Browse the repository at this point in the history 
We've consolidated the "ossec-agent" and "ossec-server" roles into
"ossec", and excised the postfix logic from the "ossec-server" role into
a discrete "postfix" role. Playbooks must have these updated
accordingly.

We're nearly at the point where we can standardize on a single playbook
for prod and staging. Onward!

(cherry picked from commit 77af2f2)
  • Loading branch information
@redshiftzero
Conor Schaefer authored and redshiftzero committed Jan 26, 2018
1 parent 478a9a0 commit 8690efe
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 6 deletions.
13 changes: 10 additions & 3 deletions install_files/ansible-base/securedrop-prod.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,23 @@
- { role: tor-hidden-services, tags: tor }
become: yes

- name: Configure SecureDrop Monitor Server.
- name: Configure mailing utilities.
hosts: securedrop_monitor_server
roles:
- { role: ossec-server, tags: [ ossec, ossec_server ] }
- role: postfix
tags: postfix
become: yes

- name: Configure OSSEC.
hosts: securedrop
roles:
- role: ossec
tags: ossec
become: yes

- name: Configure SecureDrop Application Server.
hosts: securedrop_application_server
roles:
- { role: ossec-agent, tags: [ ossec, ossec_agent ] }
- { role: app, tags: app }
become: yes

Expand Down
13 changes: 10 additions & 3 deletions install_files/ansible-base/securedrop-staging.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,16 +31,23 @@
when: install_local_packages }
become: yes

- name: Configure OSSEC manager.
- name: Configure mailing utilities.
hosts: mon-staging
roles:
- { role: ossec-server, tags: [ ossec, ossec_server ] }
- role: postfix
tags: postfix
become: yes

- name: Configure OSSEC.
hosts: staging
roles:
- role: ossec
tags: ossec
become: yes

- name: Configure SecureDrop Application Server.
hosts: app-staging
roles:
- { role: ossec-agent, tags: [ ossec, ossec_agent ] }
- { role: app, tags: app }
- { role: app-test, tags: app-test }
become: yes
Expand Down

0 comments on commit 8690efe

Please sign in to comment.