122 lines
2.5 KiB
YAML
122 lines
2.5 KiB
YAML
- name: Create a pangolin group
|
|
group:
|
|
name: pangolin
|
|
state: present
|
|
gid: 1051
|
|
|
|
- name: Create a pangolin user
|
|
user:
|
|
name: pangolin
|
|
uid: 1051
|
|
group: 1051
|
|
comment: "pangolin user"
|
|
shell: /bin/bash
|
|
state: present
|
|
create_home: yes
|
|
|
|
- name: Permanently enable http service (firewalld)
|
|
ansible.posix.firewalld:
|
|
service: http
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Permanently enable https service (firewalld)
|
|
ansible.posix.firewalld:
|
|
service: https
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Permanently enable wireguard service (firewalld)
|
|
ansible.posix.firewalld:
|
|
service: wireguard
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Permit traffic in default zone on port 21820/udp
|
|
ansible.posix.firewalld:
|
|
port: 21820/udp
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Install epel
|
|
package:
|
|
name: epel-release
|
|
state: present
|
|
|
|
#- name: Install podman
|
|
# package:
|
|
# name: podman
|
|
# state: present
|
|
#
|
|
#- name: Install podman-compose
|
|
# package:
|
|
# name: podman-compose
|
|
# state: present
|
|
#
|
|
#- name: Start and enable podman service
|
|
# service:
|
|
# name: podman
|
|
# state: started
|
|
# enabled: true
|
|
|
|
- name: Create pangolin config and logging directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
mode: 0750
|
|
owner: pangolin
|
|
group: pangolin
|
|
loop:
|
|
- /home/pangolin/config
|
|
- /home/pangolin/config/db
|
|
- /home/pangolin/config/traefik
|
|
- /home/pangolin/config/letsencrypt
|
|
- /home/pangolin/config/logs
|
|
|
|
- name: Create pangolin config
|
|
template:
|
|
src: templates/config.yaml.j2
|
|
dest: /home/pangolin/config/config.yaml
|
|
owner: pangolin
|
|
group: pangolin
|
|
mode: 0600
|
|
|
|
- name: Create traefik config
|
|
template:
|
|
src: templates/traefik_config.yaml.j2
|
|
dest: /home/pangolin/config/traefik/traefik_config.yaml
|
|
owner: pangolin
|
|
group: pangolin
|
|
mode: 0600
|
|
|
|
- name: Create traefik dynamic config
|
|
template:
|
|
src: templates/dynamic_config.yaml.j2
|
|
dest: /home/pangolin/config/traefik/dynamic_config.yaml
|
|
owner: pangolin
|
|
group: pangolin
|
|
mode: 0600
|
|
|
|
- name: Create docker-compose
|
|
template:
|
|
src: templates/docker-compose.yaml.j2
|
|
dest: /home/pangolin/docker-compose.yaml
|
|
owner: pangolin
|
|
group: pangolin
|
|
mode: 0600
|
|
|
|
#- name: Run podman-compose up
|
|
# become: true
|
|
# become_user: pangolin
|
|
# command: podman compose up -d
|
|
# args:
|
|
# chdir: /home/pangolin
|