luna.yml 1002 Bytes
Newer Older
1
2
3
4
5
6
7
---

- name: setup luna
  hosts: luna.archlinux.org
  remote_user: root
  tasks:
    - name: open firewall holes for services
8
      ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
9
10
11
12
13
14
15
16
17
18
19
      with_items:
        - http
        - https
        - rsyncd
        - smtp
        - git
      when: configure_firewall
      tags:
        - firewall

    - name: open firewall holes for ports
20
      ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
21
22
23
24
25
26
      with_items:
        - 6969/tcp
        - 4949/tcp
      when: configure_firewall
      tags:
        - firewall
Florian Pritz's avatar
Florian Pritz committed
27
28
  roles:
    - nginx
29
    - rspamd
Kristian Klausen's avatar
Kristian Klausen committed
30
    - { role: mariadb, mariadb_query_cache_type: '0', mariadb_innodb_file_per_table: true }
31
    - { role: prometheus_exporters }
32
33
# luna is hosting mailman lists; this postfix role does not cater to this yet
# TODO: make postfix role handle mailman config?
Jelle van der Waa's avatar
Jelle van der Waa committed
34
#    - { role: postfix, tags: ["postfix"], postfix_relayhost: "mail.archlinux.org" }