X-Git-Url: https://git.distorted.org.uk/~mdw/distorted-ansible/blobdiff_plain/5fc6de272c4e1d6b41a8c24b6ff5116548ac12c5..e595500b2ecae78c34678584cee388cf50d53787:/roles/common/tasks/main.yml

diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index a264715..d6258e7 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -9,21 +9,21 @@
 
 - name: fix permissions in /root
   tags: [perms, root-perms]
-  file: name=/root mode=0750 owner=root group=root
+  file: path=/root/ mode=0750 owner=root group=root
 
 ###--------------------------------------------------------------------------
 ### PKI machinery.
 
 - name: install PKI maintenance scripts
   tags: [pki, pki-scripts]
-  copy: src=pki/{{ item }} dest=/etc/cron.daily
+  copy: src=pki/{{ item }} dest=/etc/cron.daily/
   with_items:
     - update-ca-certs
     - check-x509-certs
 
 - name: install common PKI files
   tags: [pki, pki-keys]
-  copy: src=pki/{{ item }} dest=/etc/ca
+  copy: src=pki/{{ item }} dest=/etc/ca/
   with_items:
     - ca.cert
     - dh-param.pem
@@ -37,10 +37,10 @@
 ###--------------------------------------------------------------------------
 ### NTP configuration.
 
-- name: install NTP configuration files
+- name: install NTP client configuration files
   tags: [ntp, ntp-client]
-  copy: src=ntp-client/ntp.conf dest=/etc
-  when: server is not defined or 'ntp' not in server
+  copy: src=ntp-client/ntp.conf dest=/etc/
+  when: ('ntp') not in server |default([])
   notify: restart ntpd
 
 ###--------------------------------------------------------------------------
@@ -48,7 +48,7 @@
 
 - name: install netdb files
   tags: netdb
-  copy: src=netdb/{{ item }} dest=/etc
+  copy: src=netdb/{{ item }} dest=/etc/
   with_items:
     - hosts
     - networks
@@ -59,7 +59,7 @@
 
 - name: install SSH configuration files
   tags: [ssh, ssh-config]
-  copy: src=ssh-config/{{ item }} dest=/etc/ssh
+  copy: src=ssh-config/{{ item }} dest=/etc/ssh/
   notify: restart ssh
   with_items:
     - Makefile
@@ -67,15 +67,19 @@
     - sshd_config.m4
     - moduli
 
+- name: "create root's .ssh/ directory"
+  tags: [ssh, ssh-root]
+  file: path=/root/.ssh/ state=directory mode=0750
+
 - name: install main keys for root SSH access
   tags: [ssh, ssh-root]
   template: src=ssh-root/authkeys.base dest=/root/.ssh/authkeys.base
-  notify: make in /root/.ssh
+  notify: make in /root/.ssh/
 
 - name: install keys for root SSH access
   tags: [ssh, ssh-root]
-  copy: src=ssh-root/{{ item }} dest=/root/.ssh
-  notify: make in /root/.ssh
+  copy: src=ssh-root/{{ item }} dest=/root/.ssh/
+  notify: make in /root/.ssh/
   with_items:
     - Makefile
     - config.m4
@@ -93,7 +97,7 @@
 
 - name: install required backup scripts on non-Debian hosts
   tags: [backup, backup-scripts]
-  copy: src=backup/fshash dest=/usr/local/bin
+  copy: src=backup/fshash dest=/usr/local/bin/
   when: os != 'debian'
 
 ###--------------------------------------------------------------------------
@@ -101,11 +105,11 @@
 
 - name: install sudo configuration
   tags: [sudo]
-  copy: src=sudo/sudoers dest=/etc
+  copy: src=sudo/sudoers dest=/etc/
 
 - name: install common scripts
   tags: [scripts]
-  copy: src=scripts/{{ item }} dest=/usr/local/bin
+  copy: src=scripts/{{ item }} dest=/usr/local/bin/
   with_items:
     - fetch-unpack-archive
     - genx509