Compare commits
6 Commits
d261f81642
...
0fd05d496e
Author | SHA1 | Date | |
---|---|---|---|
0fd05d496e | |||
023a0d48ba | |||
c687b7a91a | |||
bd4ae36bb6 | |||
b60637c7d9 | |||
479127a5e4 |
@ -28,7 +28,7 @@
|
||||
when: ansible_distribution_major_version is version('11', '>=')
|
||||
template: src=nftables.conf.j2 dest=/etc/nftables.conf owner=root mode=0644
|
||||
notify:
|
||||
- reload nftables
|
||||
- restart nftables
|
||||
|
||||
- name: Create /etc/nftables extra config directory
|
||||
when: ansible_distribution_major_version is version('11', '>=')
|
||||
@ -44,7 +44,7 @@
|
||||
- abuseipdb-ipv4.nft
|
||||
- abuseipdb-ipv6.nft
|
||||
notify:
|
||||
- reload nftables
|
||||
- restart nftables
|
||||
|
||||
- name: Use iptables backend in firewalld
|
||||
when: ansible_distribution_major_version is version('10', '==')
|
||||
|
@ -29,8 +29,7 @@
|
||||
- restart mariadb
|
||||
tags: mariadb
|
||||
|
||||
# 'localhost' needs to be the last item for idempotency, see
|
||||
# https://docs.ansible.com/ansible/latest/mysql_user_module.html
|
||||
# See: https://docs.ansible.com/ansible/latest/collections/community/mysql/mysql_user_module.html
|
||||
- name: Update MariaDB root password for all root accounts
|
||||
mysql_user: name=root host={{ item }} password={{ mariadb_root_password }} login_unix_socket={{ mariadb_login_unix_socket }}
|
||||
loop:
|
||||
@ -42,14 +41,15 @@
|
||||
template: src=.my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600
|
||||
tags: mariadb
|
||||
|
||||
# See: https://docs.ansible.com/ansible/latest/collections/community/mysql/mysql_db_module.html
|
||||
- name: Create MariaDB database(s)
|
||||
mysql_db: db={{ item.name }} state=present encoding=utf8mb4
|
||||
mysql_db: db={{ item.name }} state=present encoding=utf8mb4 login_unix_socket={{ mariadb_login_unix_socket }}
|
||||
loop: "{{ mariadb_databases }}"
|
||||
when: mariadb_databases is defined
|
||||
tags: mariadb
|
||||
|
||||
- name: Create MariaDB user(s)
|
||||
mysql_user: name={{ item.user }} password={{ item.pass }} priv={{ item.name }}.*:ALL host=127.0.0.1 state=present
|
||||
mysql_user: name={{ item.user }} password={{ item.pass }} priv={{ item.name }}.*:ALL host=127.0.0.1 state=present login_unix_socket={{ mariadb_login_unix_socket }}
|
||||
loop: "{{ mariadb_databases }}"
|
||||
when: mariadb_databases is defined
|
||||
tags: mariadb
|
||||
|
@ -20,6 +20,7 @@
|
||||
get_url:
|
||||
url: https://raw.githubusercontent.com/acmesh-official/acme.sh/master/acme.sh
|
||||
dest: "{{ letsencrypt_acme_script }}"
|
||||
mode: 0700
|
||||
|
||||
- name: Prepare Let's Encrypt well-known directory
|
||||
file:
|
||||
@ -53,7 +54,8 @@
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
|
||||
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', '==')
|
||||
when: (ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', '=='))
|
||||
or (ansible_distribution == 'Debian' and ansible_distribution_version is version('11', '=='))
|
||||
tags: letsencrypt
|
||||
|
||||
# vim: set ts=2 sw=2:
|
||||
|
@ -78,7 +78,6 @@
|
||||
|
||||
- name: Configure Let's Encrypt
|
||||
include_tasks: letsencrypt.yml
|
||||
#when: use_letsencrypt is defined and use_letsencrypt
|
||||
tags: letsencrypt
|
||||
|
||||
# vim: set ts=2 sw=2:
|
||||
|
Loading…
Reference in New Issue
Block a user