From 297cfc071e2d3e68dd137139db2c0a2c48611443 Mon Sep 17 00:00:00 2001
From: jaseg <code@jaseg.net>
Date: Wed, 26 Jun 2019 16:41:45 +0900
Subject: Misc changes. Move up to fedora 30, add gerbolyze, secure download

---
 playbook.yml | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

(limited to 'playbook.yml')

diff --git a/playbook.yml b/playbook.yml
index 1c694d5..afea884 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -12,7 +12,7 @@
 
     - name: Install host requisites
       dnf:
-          name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git,iptables-services
+          name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git,iptables-services,python3-pycryptodomex
           state: latest
 
     - name: Disable password-based root login
@@ -28,18 +28,10 @@
           state: restarted
       when: disable_root_pw_ssh is changed
 
-    - name: Create iptables firewall config dir
-      file:
-        path: /etc/iptables
-        state: directory
-        owner: root
-        group: root
-        mode: 0775
-
     - name: Configure iptables firewall service
       copy:
         src: iptables.rules
-        dest: /etc/iptables/iptables.rules
+        dest: /etc/sysconfig/iptables
         owner: root
         group: root
         mode: 0664
@@ -65,3 +57,6 @@
 
     - name: Setup clippy
       include_tasks: setup_clippy.yml
+
+    - name: Setup secure download
+      include_tasks: setup_secure_download.yml
-- 
cgit