forked from sandervanvugt/rhce8-live
-
Notifications
You must be signed in to change notification settings - Fork 0
/
lab7.yml
60 lines (57 loc) · 1.3 KB
/
lab7.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
---
- name: install vsftpd
hosts: ansible2.example.com
tasks:
- name: get basic vsftpd operational
yum:
name: vsftpd
state: installed
- name: start and enable vsftpd
service:
name: vsftpd
enabled: yes
state: started
- name: open port in firewall
firewalld:
service: ftp
permanent: yes
immediate: yes
state: enabled
- name: configure VSFTPD using a template
hosts: ansible2.example.com
vars:
anonymous_enable: yes
local_enable: yes
write_enable: yes
anon_upload_enable: yes
tasks:
- name: use template to copy FTP config
template:
src: vsftpd.j2
dest: /etc/vsftpd/vsftpd.conf
- name: configure vsftpd permissions and selinux
hosts: ansible2.example.com
tasks:
- name: install required selinux tools
yum:
name: policycoreutils-python-utils
state: present
- name: set permissions
file:
path: /var/ftp/pub
mode: '0777'
- name: set selinux boolean
seboolean:
name: ftpd_anon_write
state: yes
persistent: yes
- name: manage selinux settings
sefcontext:
target: /var/ftp/pub
setype: public_content_rw_t
state: present
notify:
- run restorecon
handlers:
- name: run restorecon
command: restorecon -vR /var/ftp/pub