50 lines
1.0 KiB
YAML
50 lines
1.0 KiB
YAML
---
|
|
- name: Install firewall dependencies
|
|
apt:
|
|
update_cache: true
|
|
install_recommends: false
|
|
name:
|
|
- python3-iso8601
|
|
- python3-jinja2
|
|
- python3-ldap
|
|
register: apt_result
|
|
retries: 3
|
|
until: apt_result is succeeded
|
|
|
|
- name: Create firewall directory
|
|
file:
|
|
path: /var/local/firewall
|
|
state: directory
|
|
mode: '2775'
|
|
owner: root
|
|
group: _nounou
|
|
|
|
- name: Set ACL for firewall directory
|
|
acl:
|
|
path: /var/local/firewall
|
|
default: true
|
|
entity: _nounou
|
|
etype: group
|
|
permissions: rwx
|
|
state: query
|
|
|
|
- name: Clone firewall repository
|
|
git:
|
|
repo: 'http://gitlab.adm.crans.org/nounous/firewall.git'
|
|
version: "{{ firewall.version }}"
|
|
dest: /var/local/firewall
|
|
umask: '002'
|
|
|
|
- name: Deploy re2o config
|
|
template:
|
|
src: firewall/re2o-config.ini.j2
|
|
dest: /var/local/firewall/re2o-config.ini
|
|
mode: 0600
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Deploy cron for firewall
|
|
template:
|
|
src: cron.d/firewall.j2
|
|
dest: /etc/cron.d/firewall
|