diff options
Diffstat (limited to 'gerboweb/deploy/playbook.yml')
| -rw-r--r-- | gerboweb/deploy/playbook.yml | 166 |
1 files changed, 0 insertions, 166 deletions
diff --git a/gerboweb/deploy/playbook.yml b/gerboweb/deploy/playbook.yml deleted file mode 100644 index a34e8fe..0000000 --- a/gerboweb/deploy/playbook.yml +++ /dev/null @@ -1,166 +0,0 @@ -- name: DNS setup - hosts: localhost - tags: dns - module_defaults: - inwx: - username: "{{lookup('ini', 'user section=inwx file=credentials.ini')}}" - password: "{{lookup('ini', 'pass section=inwx file=credentials.ini')}}" - vars: - subdomains: - - git.jaseg.net - - git.jaseg.de - - blog.jaseg.net - - blog.jaseg.de - - kochbuch.jaseg.net - - gerbolyze.jaseg.net - - tracespace.jaseg.net - - openjscad.jaseg.net - - pogojig.jaseg.net - - automation.jaseg.de - - dyndns.jaseg.de - fastmail_domains: - - jaseg.net - - jaseg.de - tasks: - - name: Gather wendelstein facts - setup: - delegate_to: wendelstein - delegate_facts: True - - - name: Setup DNS - include_tasks: dns.yml - - -- name: Wendelstein setup - hosts: wendelstein - tasks: - - name: Set hostname - tags: setup - hostname: - name: wendelstein.jaseg.net - - - name: Install common admin tools - tags: setup - dnf: - name: htop,tmux,fish,mosh,neovim,sqlite - state: latest - - - name: Install host requisites - tags: setup - dnf: - name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,python3-libselinux,git,iptables-services,python3-pycryptodomex,zip,python3-uwsgidecorators,nsd - state: latest - - - name: Disable password-based root login - tags: setup - lineinfile: - path: /etc/ssh/sshd_config - regexp: '^PermitRootLogin' - line: 'PermitRootLogin without-password' - register: disable_root_pw_ssh - - - name: Restart sshd - tags: setup - systemd: - name: sshd - state: restarted - when: disable_root_pw_ssh is changed - - - name: Configure iptables firewall service - tags: setup - copy: - src: iptables.rules - dest: /etc/sysconfig/iptables - owner: root - group: root - mode: 0664 - - - name: Enable iptables firewall service - tags: setup - systemd: - name: iptables - enabled: yes - state: started - - - name: Create containers - tags: setup - include_tasks: - file: setup_containers.yml - apply: - tags: setup - vars: - containers: - - gerboweb - - clippy - - pogojig - - - name: Setup web server - tags: www - include_tasks: - file: setup_webserver.yml - apply: - tags: www - - - name: Setup gerboweb - tags: gerboweb - include_tasks: - file: setup_gerboweb.yml - apply: - tags: gerboweb - - - name: Setup clippy - tags: clippy - include_tasks: - file: setup_clippy.yml - apply: - tags: clippy - - - name: Setup secure download - tags: secure-download - include_tasks: - file: setup_secure_download.yml - apply: - tags: secure-download - - - name: Setup tracespace - tags: pogojig - include_tasks: - file: setup_tracespace.yml - apply: - tags: pogojig - - - name: Setup openjscad - tags: pogojig - include_tasks: - file: setup_openjscad.yml - apply: - tags: pogojig - - - name: Setup pogojig - tags: pogojig - include_tasks: - file: setup_pogojig.yml - apply: - tags: pogojig - - - name: Setup notification proxy - tags: notification-proxy - include_tasks: - file: setup_notification_proxy.yml - apply: - tags: - notification-proxy - - - name: Setup semi-public git server - tags: git - include_tasks: - file: setup_git.yml - apply: - tags: git - - - name: Setup private DynDNS service - tags: dyndns - include_tasks: - file: setup_dyndns.yml - apply: - tags: dyndns |