-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathoracle1.yml
74 lines (69 loc) · 1.44 KB
/
oracle1.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
---
- name: oracle 1 setup
hosts: oracle1
become: true
vars:
swap_file_size_mb: '1024'
certbot_certs:
- domains:
- "video.paperbenni.xyz"
firewall_allowed_tcp_ports:
- "22"
- "25"
- "80"
- "443"
- "25565"
- "42695"
- "3000"
- "64738"
- "8008"
- "8085"
- "8080"
- "8096"
- "8888"
- "9005"
- "1935"
- "19132"
- "8000"
- "8443"
firewall_allowed_udp_ports:
- "64738"
- "1935"
- "25565"
- "19132"
firewall_flush_rules_and_chains: true
vars_files:
- vars/basics.yml
- secrets.yml
pre_tasks:
roles:
- ubuntu
- grog.sudo
- geerlingguy.pip
- geerlingguy.firewall
- geerlingguy.certbot
- geerlingguy.security
- geerlingguy.nginx
- geerlingguy.swap
- geerlingguy.docker
- earlyoom
tasks:
# TODO: replace with caddy
- name: Ensure docroot exists
file:
path: "{{ nginx_docroot }}"
state: directory
- name: copy nginx server config
template:
src: templates/nginx.conf.j2
dest: /etc/nginx/nginx.conf
mode: 0644
notify: restart nginx
- name: copy nginx site
template:
src: templates/https-letsencrypt.conf.j2
dest: /etc/nginx/sites-enabled/https-letsencrypt.conf
mode: 0644
notify: restart nginx
handlers:
- import_tasks: handlers/basics.yml