add roles

part18-package-manager/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

part18-package-manager/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for part18-package-manager

part18-package-manager/files/05proxy

@@ -0,0 +1,2 @@
+Acquire::http::proxy "http://172.20.20.20:3128";
+Acquire::https::proxy "http://172.20.20.20:3128";

part18-package-manager/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for part18-package-manager

part18-package-manager/meta/main.yml

@@ -0,0 +1,18 @@
+galaxy_info:
+  author: Hamid Jahadi
+  description: Install & Update Packages (APT)
+  company: Neshan
+
+
+  license: GPL-2.0-or-later
+
+  min_ansible_version: "2.1"
+
+  platforms:
+   - name: Ubuntu
+   - name: Debian
+
+  galaxy_tags: 
+    - apt-pkg
+
+allow_duplicates: true

part18-package-manager/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+# tasks file for part18-package-manager
+- name: Set apt proxy config
+  copy:
+    src: 05proxy
+    dest: /etc/apt/apt.conf.d/05proxy
+    mode: 0644
+  when:
+    - (ansible_distribution|string == 'Ubuntu' or ansible_distribution|string == 'Debian')
+
+- name: Installing APT pkgs
+  apt:
+    force: yes
+    autoremove: yes
+    pkg: "{{ item }}"
+  with_items: "{{ pkgs_list }}"
+  when:
+    - (ansible_distribution|string == 'Ubuntu' or ansible_distribution|string == 'Debian')
+    - action == "install"
+
+- name: Update and Upgrade APT pkgs
+  apt:
+    update_cache: true
+    upgrade: true
+    dpkg_options: 'force-confold,force-confdef'
+    autoremove: true
+  when:
+    - (ansible_distribution|string == 'Ubuntu') or (ansible_distribution|string == 'Debian')
+    - action == "update"

part18-package-manager/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

part18-package-manager/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - part18-package-manager

part18-package-manager/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for part18-package-manager

part19-config-sysctl/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

part19-config-sysctl/defaults/main.yml

@@ -0,0 +1,80 @@
+---
+public:
+  net.ipv4.ip_local_port_range: 1024 65535
+  net.ipv4.ip_forward: 0
+  net.core.somaxconn: 65535
+  net.core.netdev_max_backlog: 65535
+  net.ipv4.tcp_mem: 3480768 4641024 6961536
+  net.ipv4.tcp_rmem: 4096 87380 2097152
+  net.ipv4.tcp_wmem: 4096 87380 2097152
+  net.core.rmem_default: 31457280
+  net.core.wmem_default: 31457280
+  net.core.rmem_max: 134217728
+  net.core.wmem_max: 134217728
+  net.core.optmem_max: 25165824
+  fs.file-max: 25165824
+  fs.nr_open:  25165824
+  vm.swappiness: 10
+  vm.vfs_cache_pressure: 50
+
+kuber:
+  net.bridge.bridge-nf-call-iptables: 1
+  net.bridge.bridge-nf-call-ip6tables: 1
+  net.ipv4.ip_forward: 1
+  vm.swappiness: 0
+  vm.overcommit_memory: 0
+  net.core.netdev_max_backlog: 65535
+  net.ipv4.tcp_max_syn_backlog: 65535
+  net.core.somaxconn: 65535
+  net.ipv4.tcp_rmem: 4096 87380 2097152
+  net.ipv4.tcp_wmem: 4096 87380 2097152
+  net.ipv4.tcp_mem: 3480768 4641024 26777216
+  net.ipv4.ip_local_port_range: 1024 65535
+  net.core.rmem_default: 31457280
+  net.core.wmem_default: 31457280
+  net.core.optmem_max: 25165824
+
+haproxy:
+  net.core.netdev_max_backlog: 65535
+  net.ipv4.tcp_max_syn_backlog: 65535
+  net.core.somaxconn: 65535
+  net.ipv4.tcp_syn_retries: 1
+  net.ipv4.tcp_fin_timeout: 15
+  kernel.threads-max: 3261780
+  fs.file-max: 10000000
+  fs.nr_open: 10000000
+  net.ipv4.tcp_window_scaling: 1
+  net.core.rmem_max: 134217728
+  net.core.wmem_max: 134217728
+  net.ipv4.tcp_rmem: 4096 87380 2097152
+  net.ipv4.tcp_wmem: 4096 87380 2097152
+  net.ipv4.conf.all.accept_redirects: 0
+  net.ipv4.conf.all.secure_redirects: 0
+  net.ipv4.conf.all.send_redirects: 0
+  net.ipv4.conf.lo.accept_source_route: 0
+  net.ipv4.conf.default.accept_source_route: 0
+  net.ipv4.tcp_max_orphans: 500000
+  net.ipv4.tcp_keepalive_time: 30
+  net.ipv4.tcp_keepalive_intvl: 15
+  net.ipv4.tcp_keepalive_probes: 5
+  net.ipv4.tcp_synack_retries: 2
+  net.ipv4.tcp_mem: 3480768 4641024 26777216
+  net.ipv4.tcp_orphan_retries: 1
+  net.ipv4.tcp_syncookies: 1
+  net.ipv4.tcp_timestamps: 1
+  net.ipv4.tcp_sack: 1
+  net.ipv4.tcp_congestion_control: htcp
+  net.ipv4.tcp_no_metrics_save: 1
+  net.ipv4.route.flush: 1
+  net.ipv4.ip_local_port_range: 1024 65535
+  net.ipv4.tcp_tw_reuse: 1
+  net.ipv4.tcp_max_tw_buckets: 1440000
+  net.ipv4.tcp_rfc1337: 1
+  net.ipv4.icmp_echo_ignore_broadcasts: 1
+  net.ipv4.icmp_echo_ignore_all: 0
+  net.ipv4.icmp_ignore_bogus_error_responses: 1
+  net.ipv4.tcp_retries2: 6
+  net.ipv4.tcp_retries1: 3
+  net.core.rmem_default: 31457280
+  net.core.wmem_default: 31457280
+  net.core.optmem_max: 25165824

part19-config-sysctl/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for part19-config-sysctl

part19-config-sysctl/meta/main.yml

@@ -0,0 +1,23 @@
+galaxy_info:
+  author: Hamid Jahadi
+  description: Config Sysctl 
+  company: Neshan
+
+
+  license: GPL-2.0-or-later
+
+  min_ansible_version: "2.1"
+
+  platforms:
+   - name: Ubuntu
+   - name: Debian
+   - name: Fedora
+   - name: GenericLinux
+
+  galaxy_tags: 
+    - sysctl_config
+
+
+
+
+

part19-config-sysctl/tasks/main.yml

@@ -0,0 +1,12 @@
+---
+# tasks file for part19-config-sysctl
+- name: Set sysctl configuration
+  sysctl:
+    name: "{{ item.key }}"
+    value: "{{ item.value }}"
+    sysctl_file: /etc/sysctl.d/00-perf-config.conf
+    state: present
+    sysctl_set: yes
+    reload: yes
+    ignoreerrors: yes
+  loop: "{{ lookup('dict', vars[selected_config] ) }}"

part19-config-sysctl/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

part19-config-sysctl/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - part19-config-sysctl

part19-config-sysctl/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for part19-config-sysctl

part20-config-pg-hba/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

part20-config-pg-hba/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for part20-config-pg-hba

part20-config-pg-hba/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for part20-config-pg-hba

part20-config-pg-hba/meta/main.yml

@@ -0,0 +1,19 @@
+galaxy_info:
+  author: Hamid Jahadi
+  description: Configure pg_hba.conf For Access Managment
+  company: Neshan
+
+
+  license: GPL-2.0-or-later
+
+  min_ansible_version: "2.1"
+
+  platforms:
+   - name: Ubuntu
+   - name: Debian
+
+  galaxy_tags: 
+    - postgres
+    - pg-hba
+
+allow_duplicates: true

part20-config-pg-hba/tasks/main.yml

@@ -0,0 +1,21 @@
+---
+# tasks file for part20-config-pg-hba
+- name: Add pg_hba Rule
+  postgresql_pg_hba:
+    dest: "{{config_path}}"
+    contype: host
+    order: dus
+    databases: all
+    users: all
+    source: "{{source_ip}}"
+    netmask: 255.255.255.255
+    method: md5
+  delegate_to: "{{server_ip}}"
+  register: svc_control
+
+- name: Reload PostgreSQL Service
+  service:
+    name: postgresql@{{pg_version}}-main.service
+    state: reloaded
+  delegate_to: "{{ server_ip }}"
+  when: svc_control.changed

part20-config-pg-hba/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

part20-config-pg-hba/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - part20-config-pg-hba

part20-config-pg-hba/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for part20-config-pg-hba