diff --git a/roles/ansible_host/tasks/main.yml b/roles/ansible_host/tasks/main.yml index 9b4167a..94720c0 100644 --- a/roles/ansible_host/tasks/main.yml +++ b/roles/ansible_host/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: install ansible packages +- name: Install packages ansible.builtin.package: name: "{{ item }}" state: installed @@ -7,10 +7,10 @@ - ansible - ansible-collection-ansible-posix - ansible-collection-community-general - - python3-dns # required for lookup('dig', 'hostname') + - python3-dns # required for lookup('dig', 'hostname') - python38-netaddr # required by iptables role -- name: create private directory and force permissions +- name: Create private directory and force permissions ansible.builtin.file: path: /export/private owner: root @@ -18,26 +18,27 @@ mode: 0700 state: directory -- name: link private directory +- name: Link private directory ansible.builtin.file: - src: "/export/private" - dest: "/srv/private" + src: /export/private + dest: /srv/private owner: root group: "{{ ansible_wheel }}" state: link follow: false -- name: allow http server to access /srv/ansible +- name: Allow http server to access /srv/ansible community.general.sefcontext: path: /srv/ansible(/.*)? setype: httpd_sys_content_t + - name: clone ansible repository ansible.builtin.git: dest: /srv/ansible repo: https://git.foo.sh/ansible.git update: false -- name: link facts to nginx +- name: Link facts to nginx ansible.builtin.file: src: "/srv/ansible/facts" dest: "/srv/web/{{ inventory_hostname }}/facts" @@ -46,7 +47,7 @@ state: link follow: false -- name: create nginx conf +- name: Create nginx conf ansible.builtin.copy: src: nginx.conf dest: /etc/nginx/conf.d/{{ inventory_hostname }}/ansible.conf @@ -55,7 +56,7 @@ group: "{{ ansible_wheel }}" notify: restart nginx -- name: add custom .bashrc for root +- name: Add custom .bashrc for root ansible.builtin.copy: dest: /root/.bashrc src: root-bashrc.sh