-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsystem_administration.yml
executable file
·68 lines (55 loc) · 1.49 KB
/
system_administration.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#!/usr/bin/env ansible-playbook
- hosts: all
handlers:
- name: Restart OpenSSH Server service
become: yes
service:
name: "sshd"
state: restarted
listen: Restart firewall
- name: Restart nftables service
become: yes
service:
name: "nftables"
state: restarted
- name: Restart docker service
become: yes
service:
name: "docker"
state: restarted
listen: Restart firewall
tasks:
- include_tasks: tasks/packages.yml
- include_tasks: tasks/opensshd.yml
vars:
openssh_moduli_minimum: 3071
- include_tasks: tasks/nftables.yml
- include_tasks: tasks/docker.yml
- include_tasks: tasks/app_management.yml
vars:
app_name: "traefik"
app_src: files/apps/traefik/
app_env: |
ACME_EMAIL={{ domain_name_acme_email }}
- include_tasks: tasks/monitoring.yml
- include_tasks: tasks/app_management.yml
vars:
app_name: "{{ outer_item.name }}"
app_src: "{{ outer_item.src }}"
app_env: "{{ outer_item.env | default('') }}"
loop: "{{ apps }}"
loop_control:
loop_var: "outer_item"
- name: Cleanup docker images/network/…
become: yes
docker_prune:
containers: yes
images: yes
images_filters:
dangling: false
networks: yes
volumes: yes
builder_cache: yes
- hosts: backup
tasks:
- include_tasks: tasks/backup.yml