moved ddns, partkeepr, hass to podman, selinux

ansible/roles/common/defaults/main.yml

@@ -1,12 +1,21 @@
 ---
-deps: [cronie, docker, fail2ban, git, logrotate, python-docker, tmux, weechat]
+deps:
+  [
+    cockpit-podman,
+    cronie,
+    docker,
+    fail2ban,
+    fail2ban-selinux,
+    git,
+    logrotate,
+    podman,
+    python-docker,
+  ]
 
 fail2ban_jails: [sshd.local, nginx.local]
 
 services:
-  - cronie
+  - crond
   - docker
   - fail2ban
-  - iptables
-  - nginx
   - systemd-timesyncd

ansible/roles/common/files/fail2ban/jails/nginx.local

@@ -7,13 +7,13 @@ bantime = 1w
 maxretry = 8
 ignoreip  = 127.0.0.1/32 192.168.1.0/24
 
-[nginx-http-auth]
-enabled = true
-port = http,https
-logpath = %(nginx_error_log)s
-bantime = 2w
-maxretry = 5
-ignoreip  = 127.0.0.1/32 192.168.1.0/24
+#[nginx-http-auth]
+#enabled = true
+#port = http,https
+#logpath = %(nginx_error_log)s
+#bantime = 2w
+#maxretry = 5
+#ignoreip  = 127.0.0.1/32 192.168.1.0/24
 
 [nginx-botsearch]
 enabled = true

ansible/roles/common/tasks/deps.yml

@@ -1,7 +1,7 @@
 ---
 - name: install common dependencies
   become: true
-  community.general.pacman:
+  ansible.builtin.package:
     name: "{{ deps }}"
     state: present
   tags: deps

ansible/roles/common/tasks/main.yml

@@ -2,3 +2,18 @@
 - import_tasks: deps.yml
 - import_tasks: security.yml
 - import_tasks: service.yml
+
+- name: create the docker group
+  become: true
+  ansible.builtin.group:
+    name: docker
+    state: present
+  tags: common
+
+- name: add default user to docker group
+  become: true
+  ansible.builtin.user:
+    name: "{{ ansible_user }}"
+    groups: docker
+    append: true
+  tags: common