aboutsummaryrefslogtreecommitdiff
path: root/gerboweb/deploy/playbook.yml
diff options
context:
space:
mode:
Diffstat (limited to 'gerboweb/deploy/playbook.yml')
-rw-r--r--gerboweb/deploy/playbook.yml166
1 files changed, 0 insertions, 166 deletions
diff --git a/gerboweb/deploy/playbook.yml b/gerboweb/deploy/playbook.yml
deleted file mode 100644
index a34e8fe..0000000
--- a/gerboweb/deploy/playbook.yml
+++ /dev/null
@@ -1,166 +0,0 @@
-- name: DNS setup
- hosts: localhost
- tags: dns
- module_defaults:
- inwx:
- username: "{{lookup('ini', 'user section=inwx file=credentials.ini')}}"
- password: "{{lookup('ini', 'pass section=inwx file=credentials.ini')}}"
- vars:
- subdomains:
- - git.jaseg.net
- - git.jaseg.de
- - blog.jaseg.net
- - blog.jaseg.de
- - kochbuch.jaseg.net
- - gerbolyze.jaseg.net
- - tracespace.jaseg.net
- - openjscad.jaseg.net
- - pogojig.jaseg.net
- - automation.jaseg.de
- - dyndns.jaseg.de
- fastmail_domains:
- - jaseg.net
- - jaseg.de
- tasks:
- - name: Gather wendelstein facts
- setup:
- delegate_to: wendelstein
- delegate_facts: True
-
- - name: Setup DNS
- include_tasks: dns.yml
-
-
-- name: Wendelstein setup
- hosts: wendelstein
- tasks:
- - name: Set hostname
- tags: setup
- hostname:
- name: wendelstein.jaseg.net
-
- - name: Install common admin tools
- tags: setup
- dnf:
- name: htop,tmux,fish,mosh,neovim,sqlite
- state: latest
-
- - name: Install host requisites
- tags: setup
- dnf:
- name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,python3-libselinux,git,iptables-services,python3-pycryptodomex,zip,python3-uwsgidecorators,nsd
- state: latest
-
- - name: Disable password-based root login
- tags: setup
- lineinfile:
- path: /etc/ssh/sshd_config
- regexp: '^PermitRootLogin'
- line: 'PermitRootLogin without-password'
- register: disable_root_pw_ssh
-
- - name: Restart sshd
- tags: setup
- systemd:
- name: sshd
- state: restarted
- when: disable_root_pw_ssh is changed
-
- - name: Configure iptables firewall service
- tags: setup
- copy:
- src: iptables.rules
- dest: /etc/sysconfig/iptables
- owner: root
- group: root
- mode: 0664
-
- - name: Enable iptables firewall service
- tags: setup
- systemd:
- name: iptables
- enabled: yes
- state: started
-
- - name: Create containers
- tags: setup
- include_tasks:
- file: setup_containers.yml
- apply:
- tags: setup
- vars:
- containers:
- - gerboweb
- - clippy
- - pogojig
-
- - name: Setup web server
- tags: www
- include_tasks:
- file: setup_webserver.yml
- apply:
- tags: www
-
- - name: Setup gerboweb
- tags: gerboweb
- include_tasks:
- file: setup_gerboweb.yml
- apply:
- tags: gerboweb
-
- - name: Setup clippy
- tags: clippy
- include_tasks:
- file: setup_clippy.yml
- apply:
- tags: clippy
-
- - name: Setup secure download
- tags: secure-download
- include_tasks:
- file: setup_secure_download.yml
- apply:
- tags: secure-download
-
- - name: Setup tracespace
- tags: pogojig
- include_tasks:
- file: setup_tracespace.yml
- apply:
- tags: pogojig
-
- - name: Setup openjscad
- tags: pogojig
- include_tasks:
- file: setup_openjscad.yml
- apply:
- tags: pogojig
-
- - name: Setup pogojig
- tags: pogojig
- include_tasks:
- file: setup_pogojig.yml
- apply:
- tags: pogojig
-
- - name: Setup notification proxy
- tags: notification-proxy
- include_tasks:
- file: setup_notification_proxy.yml
- apply:
- tags:
- notification-proxy
-
- - name: Setup semi-public git server
- tags: git
- include_tasks:
- file: setup_git.yml
- apply:
- tags: git
-
- - name: Setup private DynDNS service
- tags: dyndns
- include_tasks:
- file: setup_dyndns.yml
- apply:
- tags: dyndns