Merge remote-tracking branch 'refs/remotes/origin/master'
This commit is contained in:
commit
a3b53d6fa6
1 changed files with 176 additions and 166 deletions
|
|
@ -2,12 +2,13 @@
|
||||||
- hosts: alpha
|
- hosts: alpha
|
||||||
become: true
|
become: true
|
||||||
vars_files:
|
vars_files:
|
||||||
- '{{ inventory_dir }}/vars.yml'
|
- "{{ inventory_dir }}/vars.yml"
|
||||||
tags:
|
tags:
|
||||||
- base
|
- base
|
||||||
tasks:
|
tasks:
|
||||||
- name: Upgrade base system to Trixie
|
- name: Upgrade base system to Trixie
|
||||||
tags:
|
tags:
|
||||||
|
- host
|
||||||
- requires_reboot
|
- requires_reboot
|
||||||
block:
|
block:
|
||||||
- name: Update base system packages
|
- name: Update base system packages
|
||||||
|
|
@ -21,8 +22,8 @@
|
||||||
|
|
||||||
- name: Change package sources file to pull from Trixie
|
- name: Change package sources file to pull from Trixie
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: '{{ inventory_dir }}/includes/00-make-base-system/sources.list'
|
src: "{{ inventory_dir }}/includes/00-make-base-system/sources.list"
|
||||||
dest: '{{ etc_apt }}/sources.list'
|
dest: "{{ etc_apt }}/sources.list"
|
||||||
backup: true
|
backup: true
|
||||||
|
|
||||||
- name: Clear and fill local apt cache with Trixie packages
|
- name: Clear and fill local apt cache with Trixie packages
|
||||||
|
|
@ -47,13 +48,22 @@
|
||||||
|
|
||||||
- name: Install necessary software packages
|
- name: Install necessary software packages
|
||||||
tags:
|
tags:
|
||||||
|
- host
|
||||||
- base
|
- base
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name: neovim,python3-pip,python3-pexpect,python3-psycopg2
|
name: neovim,python3-pip,python3-pexpect,python3-psycopg2
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
- name: Generate UTF-8 locales
|
||||||
|
tags:
|
||||||
|
- host
|
||||||
|
- base
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "locale-gen en_US.utf8"
|
||||||
|
|
||||||
- name: Enable and configure the firewall
|
- name: Enable and configure the firewall
|
||||||
tags:
|
tags:
|
||||||
|
- host
|
||||||
- firewall
|
- firewall
|
||||||
block:
|
block:
|
||||||
- name: Install firewalld
|
- name: Install firewalld
|
||||||
|
|
@ -63,20 +73,20 @@
|
||||||
|
|
||||||
- name: Define a firewalld service for CouchDB
|
- name: Define a firewalld service for CouchDB
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: '{{ inventory_dir }}/includes/00-make-base-system/couchdb.xml'
|
src: "{{ inventory_dir }}/includes/00-make-base-system/couchdb.xml"
|
||||||
dest: '{{ etc_firewalld_services }}/couchdb.xml'
|
dest: "{{ etc_firewalld_services }}/couchdb.xml"
|
||||||
|
|
||||||
- name: Reload firewalld
|
- name: Reload firewalld
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: 'firewall-cmd --reload'
|
cmd: "firewall-cmd --reload"
|
||||||
|
|
||||||
- name: Add all of the necessary services to firewalld
|
- name: Add all of the necessary services to firewalld
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: 'firewall-cmd --permanent --add-service=http --add-service=https --add-service=redis --add-service=ssh --add-service=postgresql --add-service=couchdb'
|
cmd: "firewall-cmd --permanent --add-service=http --add-service=https --add-service=redis --add-service=ssh --add-service=postgresql --add-service=couchdb"
|
||||||
|
|
||||||
- name: Reload firewalld to apply service changes
|
- name: Reload firewalld to apply service changes
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: 'firewall-cmd --reload'
|
cmd: "firewall-cmd --reload"
|
||||||
|
|
||||||
- name: Install and set up databases
|
- name: Install and set up databases
|
||||||
tags:
|
tags:
|
||||||
|
|
@ -94,15 +104,15 @@
|
||||||
tags:
|
tags:
|
||||||
- postgres
|
- postgres
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: '{{ inventory_dir }}/includes/00-make-base-system/postgresql.conf'
|
src: "{{ inventory_dir }}/includes/00-make-base-system/postgresql.conf"
|
||||||
dest: '{{ etc_postgres }}/postgresql.conf'
|
dest: "{{ etc_postgres }}/postgresql.conf"
|
||||||
|
|
||||||
- name: Copy Postgres pg_hba file
|
- name: Copy Postgres pg_hba file
|
||||||
tags:
|
tags:
|
||||||
- postgres
|
- postgres
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: '{{ inventory_dir }}/includes/00-make-base-system/pg_hba.conf'
|
src: "{{ inventory_dir }}/includes/00-make-base-system/pg_hba.conf"
|
||||||
dest: '{{ etc_postgres }}/pg_hba.conf'
|
dest: "{{ etc_postgres }}/pg_hba.conf"
|
||||||
|
|
||||||
- name: Restart Postgres
|
- name: Restart Postgres
|
||||||
tags:
|
tags:
|
||||||
|
|
@ -119,7 +129,7 @@
|
||||||
command: 'su -c "createuser -d -P debt_pirate" - postgres'
|
command: 'su -c "createuser -d -P debt_pirate" - postgres'
|
||||||
creates: /root/.dp-user-created
|
creates: /root/.dp-user-created
|
||||||
responses:
|
responses:
|
||||||
'Enter': HRURqlUmtjIy
|
"Enter": HRURqlUmtjIy
|
||||||
|
|
||||||
- name: Create 'db user created' file
|
- name: Create 'db user created' file
|
||||||
tags:
|
tags:
|
||||||
|
|
@ -132,7 +142,7 @@
|
||||||
tags:
|
tags:
|
||||||
- postgres
|
- postgres
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: 'su -c "createdb -E UTF8 -l en_US.UTF-8 -O debt_pirate debt_pirate" - postgres'
|
cmd: 'su -c "createdb -T template0 -E UTF8 -l en_US.UTF-8 -O debt_pirate debt_pirate" - postgres'
|
||||||
creates: /root/.dp-db-created
|
creates: /root/.dp-db-created
|
||||||
|
|
||||||
- name: Create 'db created' file
|
- name: Create 'db created' file
|
||||||
|
|
@ -146,16 +156,16 @@
|
||||||
tags:
|
tags:
|
||||||
- valkey
|
- valkey
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: '{{ inventory_dir }}/includes/00-make-base-system/valkey.conf'
|
src: "{{ inventory_dir }}/includes/00-make-base-system/valkey.conf"
|
||||||
dest: '{{ etc_valkey }}/valkey.conf'
|
dest: "{{ etc_valkey }}/valkey.conf"
|
||||||
backup: true
|
backup: true
|
||||||
|
|
||||||
- name: Copy Valkey acl file to destination
|
- name: Copy Valkey acl file to destination
|
||||||
tags:
|
tags:
|
||||||
- valkey
|
- valkey
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: '{{ inventory_dir }}/includes/00-make-base-system/users.acl'
|
src: "{{ inventory_dir }}/includes/00-make-base-system/users.acl"
|
||||||
dest: '{{ etc_valkey }}/users.acl'
|
dest: "{{ etc_valkey }}/users.acl"
|
||||||
|
|
||||||
- name: Restart Valkey
|
- name: Restart Valkey
|
||||||
tags:
|
tags:
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue