45 lines
1.1 KiB
YAML
45 lines
1.1 KiB
YAML
- name: Gerbolyze container setup playbook
|
|
hosts: wendelstein
|
|
tasks:
|
|
- name: Set hostname
|
|
hostname:
|
|
name: wendelstein.jaseg.net
|
|
|
|
- name: Install common admin tools
|
|
dnf:
|
|
name: htop,tmux,fish,mosh,neovim,sqlite
|
|
state: latest
|
|
|
|
- name: Install host requisites
|
|
dnf:
|
|
name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git
|
|
state: latest
|
|
|
|
- name: Disable password-based root login
|
|
lineinfile:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: '^PermitRootLogin'
|
|
line: 'PermitRootLogin without-password'
|
|
register: disable_root_pw_ssh
|
|
|
|
- name: Restart sshd
|
|
systemd:
|
|
name: sshd
|
|
state: restarted
|
|
when: disable_root_pw_ssh is changed
|
|
|
|
- name: Create containers
|
|
include_tasks: setup_containers.yml
|
|
vars:
|
|
containers:
|
|
- gerboweb
|
|
- clippy
|
|
|
|
- name: Setup web server
|
|
include_tasks: setup_webserver.yml
|
|
|
|
- name: Setup gerboweb
|
|
include_tasks: setup_gerboweb.yml
|
|
|
|
- name: Setup clippy
|
|
include_tasks: setup_clippy.yml
|