74 lines
1.8 KiB
YAML
74 lines
1.8 KiB
YAML
---
|
|
- name: Create group
|
|
ansible.builtin.group:
|
|
name: rocketchat
|
|
|
|
- name: Create user
|
|
ansible.builtin.user:
|
|
name: rocketchat
|
|
comment: Podman Rocket.Chat
|
|
group: rocketchat
|
|
shell: /sbin/nologin
|
|
|
|
- name: Enable user lingering
|
|
ansible.builtin.command:
|
|
argv:
|
|
- loginctl
|
|
- enable-linger
|
|
- rocketchat
|
|
creates: /var/lib/systemd/linger/rocketchat
|
|
|
|
- name: Generate combined certificate/private key file contents
|
|
ansible.builtin.command:
|
|
argv:
|
|
- /bin/cat
|
|
- "{{ tls_certs }}/{{ inventory_hostname }}.crt"
|
|
- "{{ tls_private }}/{{ inventory_hostname }}.key"
|
|
changed_when: false
|
|
check_mode: false
|
|
register: rocketchat_cert_key
|
|
|
|
- name: Create combined certificate/private key file
|
|
ansible.builtin.copy:
|
|
dest: "{{ tls_private }}/rocketchat.pem"
|
|
content: "{{ rocketchat_cert_key.stdout }}"
|
|
mode: "0640"
|
|
owner: root
|
|
group: rocketchat
|
|
notify: Restart rocketchat
|
|
|
|
- name: Create service config
|
|
ansible.builtin.template:
|
|
dest: /etc/sysconfig/rocketchat-container
|
|
src: rocketchat-container.sysconfig.j2
|
|
mode: "0600"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
notify: Restart rocketchat
|
|
|
|
- name: Create service file
|
|
ansible.builtin.template:
|
|
dest: /etc/systemd/system/rocketchat-container.service
|
|
src: rocketchat-container.service.j2
|
|
mode: "0644"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
notify: Restart rocketchat
|
|
|
|
- name: Enable service
|
|
ansible.builtin.service:
|
|
name: rocketchat-container
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Copy nginx config
|
|
ansible.builtin.copy:
|
|
dest: /etc/nginx/conf.d/{{ inventory_hostname }}/rocketchat-container.conf
|
|
content: |
|
|
location /rocketchat/ {
|
|
proxy_pass http://127.0.0.1:8008/;
|
|
}
|
|
mode: "0644"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
notify: Restart nginx
|