Compare commits
No commits in common. "67191fd3632bbfaff306025d30a7b68b7cf28fd9" and "4066320bfda7d0351dc8c3eeac50e45a6464bcc9" have entirely different histories.
67191fd363
...
4066320bfd
4 changed files with 24 additions and 40 deletions
|
@ -3,12 +3,10 @@
|
||||||
ansible playbook for solanum that supports hosts running debian or alpine
|
ansible playbook for solanum that supports hosts running debian or alpine
|
||||||
|
|
||||||
## setup
|
## setup
|
||||||
- add new host to your ansible hosts file
|
- add new host to your hosts file
|
||||||
- run `solanum.yml` on new host to compile solanum
|
- run `solanum.yml` on new host to compile solanum
|
||||||
- (optional) add your ssh key to ircd user
|
|
||||||
- (optional) add your `ssl.pem` and `ssl.key` to `/home/ircd/ircd/etc/`. you probably want to make a cronjob for acme to automatically do this when the cert expires. make sure to `openssl dhparam -out dh.pem 2048` in `/home/ircd/ircd/etc/` to make safe dh parameters!
|
- (optional) add your `ssl.pem` and `ssl.key` to `/home/ircd/ircd/etc/`. you probably want to make a cronjob for acme to automatically do this when the cert expires. make sure to `openssl dhparam -out dh.pem 2048` in `/home/ircd/ircd/etc/` to make safe dh parameters!
|
||||||
- run `config.yml` on the whole network
|
- run config.yml on the whole network
|
||||||
- run `enable.yml` on new host to enable and install the service file
|
|
||||||
- repeat steps periodically for network maintainance
|
- repeat steps periodically for network maintainance
|
||||||
|
|
||||||
## hosts ini
|
## hosts ini
|
||||||
|
|
25
config.yml
25
config.yml
|
@ -1,5 +1,5 @@
|
||||||
- hosts: all
|
- hosts: all
|
||||||
remote_user: ircd
|
remote_user: root
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: check for ssl cert
|
- name: check for ssl cert
|
||||||
|
@ -27,7 +27,26 @@
|
||||||
src: challenge/
|
src: challenge/
|
||||||
dest: /home/ircd/ircd/challenge/
|
dest: /home/ircd/ircd/challenge/
|
||||||
|
|
||||||
- name: reload solanum
|
- name: create openrc service
|
||||||
command: killall -1 solanum
|
template:
|
||||||
|
src: openrc.j2
|
||||||
|
dest: /etc/init.d/solanum
|
||||||
|
mode: 0755
|
||||||
|
when: ansible_distribution == 'Alpine'
|
||||||
|
|
||||||
|
- name: create systemd service
|
||||||
|
template:
|
||||||
|
src: systemd.j2
|
||||||
|
dest: /etc/systemd/system/solanum.service
|
||||||
|
mode: 0755
|
||||||
|
when: ansible_distribution == 'Debian'
|
||||||
|
|
||||||
|
- name: enable service
|
||||||
|
service:
|
||||||
|
name: solanum
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: reload solanum
|
||||||
|
command: killall -1 solanum
|
||||||
|
|
25
enable.yml
25
enable.yml
|
@ -1,25 +0,0 @@
|
||||||
- hosts: all
|
|
||||||
remote_user: root
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
- name: create openrc service
|
|
||||||
template:
|
|
||||||
src: openrc.j2
|
|
||||||
dest: /etc/init.d/solanum
|
|
||||||
mode: 0755
|
|
||||||
when: ansible_distribution == 'Alpine'
|
|
||||||
|
|
||||||
- name: create systemd service
|
|
||||||
template:
|
|
||||||
src: systemd.j2
|
|
||||||
dest: /etc/systemd/system/solanum.service
|
|
||||||
mode: 0755
|
|
||||||
when: ansible_distribution == 'Debian'
|
|
||||||
|
|
||||||
- name: enable service
|
|
||||||
service:
|
|
||||||
name: solanum
|
|
||||||
state: started
|
|
||||||
enabled: yes
|
|
||||||
ignore_errors: yes
|
|
||||||
|
|
|
@ -59,11 +59,3 @@
|
||||||
become: yes
|
become: yes
|
||||||
become_user: ircd
|
become_user: ircd
|
||||||
|
|
||||||
- name: ensure etc directory
|
|
||||||
file:
|
|
||||||
path: /home/ircd/ircd/etc
|
|
||||||
state: directory
|
|
||||||
mode: '0755'
|
|
||||||
become: yes
|
|
||||||
become_user: ircd
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue