diff options
| author | jaseg <code@jaseg.net> | 2019-06-26 16:41:45 +0900 |
|---|---|---|
| committer | jaseg <git@jaseg.net> | 2019-06-26 16:41:45 +0900 |
| commit | 297cfc071e2d3e68dd137139db2c0a2c48611443 (patch) | |
| tree | ecf4b7b8f00fe06d4ba4b87ed6deb5e49dba909b /playbook.yml | |
| parent | a2d4afc7dfe278dacc64b5177ff993267c909685 (diff) | |
| download | infra-297cfc071e2d3e68dd137139db2c0a2c48611443.tar.gz infra-297cfc071e2d3e68dd137139db2c0a2c48611443.tar.bz2 infra-297cfc071e2d3e68dd137139db2c0a2c48611443.zip | |
Misc changes. Move up to fedora 30, add gerbolyze, secure download
Diffstat (limited to 'playbook.yml')
| -rw-r--r-- | playbook.yml | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/playbook.yml b/playbook.yml index 1c694d5..afea884 100644 --- a/playbook.yml +++ b/playbook.yml @@ -12,7 +12,7 @@ - name: Install host requisites dnf: - name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git,iptables-services + name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git,iptables-services,python3-pycryptodomex state: latest - name: Disable password-based root login @@ -28,18 +28,10 @@ state: restarted when: disable_root_pw_ssh is changed - - name: Create iptables firewall config dir - file: - path: /etc/iptables - state: directory - owner: root - group: root - mode: 0775 - - name: Configure iptables firewall service copy: src: iptables.rules - dest: /etc/iptables/iptables.rules + dest: /etc/sysconfig/iptables owner: root group: root mode: 0664 @@ -65,3 +57,6 @@ - name: Setup clippy include_tasks: setup_clippy.yml + + - name: Setup secure download + include_tasks: setup_secure_download.yml |