linting

digitalocean.yml

@@ -1,3 +1,4 @@
+# vim:ft=ansible:
 - name: Configure the server and install required software
   hosts: localhost
 
@@ -50,27 +51,27 @@
     private: no
 
   - name: "dns_enabled"
-    prompt: "Do you want to install a local DNS resolver to block ads while surfing? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want to install a local DNS resolver to block ads while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "proxy_enabled"
-    prompt: "Do you want to install a proxy to block ads and decrease traffic usage while surfing? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want to install an HTTP proxy to block ads and decrease traffic usage while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "auditd_enabled"
-    prompt: "Do you want to use auditd ? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want to use auditd for security monitoring (see config.cfg)? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "ssh_tunneling_enabled"
-    prompt: "Do you want to use SSH tunneling ? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want each user to have their own account for SSH tunneling? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "easyrsa_p12_export_password"
-    prompt: "Enter the password for p12 certificates:\n"
+    prompt: "Enter a password for p12 certificates:\n"
     default: "vpn"
     private: yes
 
@@ -131,10 +132,10 @@
     - common
     - security
     - vpn
-    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "Y" } 
-    - { role: dns_adblocking, when: dns_enabled is defined and dns_enabled == "Y" }
-    - { role: logging, when: auditd_enabled is defined and auditd_enabled == 'Y' }
-    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "Y" } 
+    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "y" }
+    - { role: dns_adblocking, when: dns_enabled is defined and dns_enabled == "y" }
+    - { role: logging, when: auditd_enabled is defined and auditd_enabled == "y" }
+    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "y" }
 
   handlers:
     - name: reload eth0

ec2.yml

@@ -21,7 +21,6 @@
       "11": "sa-east-1"
 
   vars_prompt:
-
   - name: "aws_access_key"
     prompt: "Enter your aws_access_key (http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSGettingStartedGuide/AWSCredentials.html):\n"
     private: yes
@@ -58,27 +57,27 @@
     private: no
 
   - name: "dns_enabled"
-      prompt: "Do you want to install a local DNS resolver to block ads while surfing? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want to install a local DNS resolver to block ads while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "proxy_enabled"
-      prompt: "Do you want to install a proxy to block ads and decrease traffic usage while surfing? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want to install an HTTP proxy to block ads and decrease traffic usage while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "auditd_enabled"
-      prompt: "Do you want to use auditd ? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want to use auditd for security monitoring (see config.cfg)? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "ssh_tunneling_enabled"
-      prompt: "Do you want to use SSH tunneling ? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want each user to have their own account for SSH tunneling? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "easyrsa_p12_export_password"
-      prompt: "Enter the password for p12 certificates:\n"
+    prompt: "Enter a password for p12 certificates:\n"
     default: "vpn"
     private: yes
 
@@ -102,7 +101,7 @@
     - common
     - security
     - vpn
-    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "Y" }
-    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "Y" }
-    - { role: logging, when: auditd_enabled is defined and auditd_enabled == 'Y' }
-    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "Y" }     
+    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "y" }
+    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "y" }
+    - { role: logging, when: auditd_enabled is defined and auditd_enabled == "y" }
+    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "y" }

gce.yml

@@ -1,3 +1,4 @@
+# vim:ft=ansible:
 - name: Configure the server and install required software
   hosts: localhost
   gather_facts: false
@@ -54,27 +55,27 @@
     private: no
 
   - name: "dns_enabled"
-    prompt: "Do you want to install a local DNS resolver to block ads while surfing? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want to install a local DNS resolver to block ads while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "proxy_enabled"
-    prompt: "Do you want to install a proxy to block ads and decrease traffic usage while surfing? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want to install an HTTP proxy to block ads and decrease traffic usage while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "auditd_enabled"
-    prompt: "Do you want to use auditd ? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want to use auditd for security monitoring (see config.cfg)? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "ssh_tunneling_enabled"
-    prompt: "Do you want to use SSH tunneling ? (Y or N):\n"
-    default: "Y"
+    prompt: "Do you want each user to have their own account for SSH tunneling? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "easyrsa_p12_export_password"
-    prompt: "Enter the password for p12 certificates:\n"
+    prompt: "Enter a password for p12 certificates:\n"
     default: "vpn"
     private: yes
 
@@ -98,7 +99,7 @@
     - common
     - security
     - vpn
-    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "Y" }
-    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "Y" }
-    - { role: logging, when: auditd_enabled is defined and auditd_enabled == 'Y' }
-    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "Y" }     
+    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "y" }
+    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "y" }
+    - { role: logging, when: auditd_enabled is defined and auditd_enabled == "y" }
+    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "y" }

non-cloud.yml

@@ -1,9 +1,10 @@
+# vim:ft=ansible:
 - hosts: localhost
   gather_facts: False
   vars_files:
     - config.cfg
-  vars_prompt:
 
+  vars_prompt:
   - name: "server_ip"
     prompt: "Enter IP address of your server: (use localhost for local installation)\n"
     default: localhost
@@ -15,32 +16,32 @@
     private: no
 
   - name: "dns_enabled"
-      prompt: "Do you want to install a local DNS resolver to block ads while surfing? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want to install a local DNS resolver to block ads while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "proxy_enabled"
-      prompt: "Do you want to install a proxy to block ads and decrease traffic usage while surfing? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want to install an HTTP proxy to block ads and decrease traffic usage while surfing? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "auditd_enabled"
-      prompt: "Do you want to use auditd ? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want to use auditd for security monitoring (see config.cfg)? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "ssh_tunneling_enabled"
-      prompt: "Do you want to use SSH tunneling ? (Y or N):\n"
-      default: "Y"
+    prompt: "Do you want each user to have their own account for SSH tunneling? (y/n):\n"
+    default: "y"
     private: no
 
   - name: "easyrsa_p12_export_password"
-      prompt: "Enter the password for p12 certificates:\n"
+    prompt: "Enter a password for p12 certificates:\n"
     default: "vpn"
     private: yes
       
   - name: "IP_subject"
-      prompt: "Enter public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)\n"
+    prompt: "Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)\n"
     private: no
 
   tasks:
@@ -76,7 +77,7 @@
     - common
     - security
     - vpn
-    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "Y" }
-    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "Y" }
-    - { role: logging, when: auditd_enabled is defined and auditd_enabled == 'Y' }
-    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "Y" }     
+    - { role: proxy, when: proxy_enabled is defined and proxy_enabled == "y" }
+    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "y" }
+    - { role: logging, when: auditd_enabled is defined and auditd_enabled == "y" }
+    - { role: ssh_tunneling, when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "y" }

roles/dns_adblocking/tasks/main.yml

@@ -10,7 +10,7 @@
     - restart dnsmasq
 
 - name: The dnsmasq directory created
-  file: dest=/var/lib/dnsmasq state=directory mode=755 owner=dnsmasq group=nogroup
+  file: dest=/var/lib/dnsmasq state=directory mode=0755 owner=dnsmasq group=nogroup
 
 - name: Enforce the dnsmasq AppArmor policy
   shell: aa-enforce usr.sbin.dnsmasq

roles/vpn/handlers/main.yml

@@ -1,6 +1,11 @@
 - name: restart strongswan
+<<<<<<< Updated upstream
   service: name=strongswan state=restarted
   
+=======
+  service: name=strongswan state=restartedo
+
+>>>>>>> Stashed changes
 - name: daemon-reload
   shell: systemctl daemon-reload