crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

[re2o-firewall] Added role to install re2o firewall service

certbot_on_virtu
_benjamin 2020-01-19 10:39:46 +01:00
parent fb49bc2394
commit a5614ab30c
3 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
re2o.yml
View File

@ -46,3 +46,8 @@
- hosts: odlyd.adm.crans.org,dhcp.adm.crans.org
roles:
- re2o-dhcp
# Deploy re2o firewall on servers
- hosts: gulp.adm.crans.org,odlyd.adm.crans.org,ipv6-zayo.adm.crans.org,zamok.adm.crans.org,routeur.adm.crans.org
roles:
- re2o-firewall

37
roles/re2o-firewall/tasks/main.yml 100644
View File

@ -0,0 +1,37 @@
---
- name: Create re2o-firewall directory
file:
path: /var/local/re2o-services/firewall
state: directory
mode: '2775'
owner: root
group: nounou
- name: Set ACL for re2o-firewall directory
acl:
path: /var/local/re2o-services/firewall
default: yes
entity: nounou
etype: group
permissions: rwx
state: query
- name: Clone re2o-firewall repository
git:
repo: 'http://gitlab.adm.crans.org/nounous/re2o-firewall.git'
dest: /var/local/re2o-services/firewall
version: crans
umask: '002'
- name: Create symbolic link to configuration
file:
src: /var/local/re2o-services/config.ini
dest: /var/local/re2o-services/firewall/config.ini
owner: root
group: root
state: link
- name: Deploy cron for re2o-firewall
template:
src: cron.d/re2o-services-firewall.j2
dest: /etc/cron.d/re2o-services-firewall

3
roles/re2o-firewall/templates/cron.d/re2o-services-firewall.j2 100644
View File

@ -0,0 +1,3 @@
# {{ ansible_managed }}
*/2 * * * * root /usr/bin/python3 /var/local/re2o-services/firewall/main.py
@reboot root /usr/bin/python3 /var/local/re2o-services/firewall/main.py --force