bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

minor fixes, updated graylog, persistent iptables rules

Browse Source
This commit is contained in:
Bastian de Byl
2022-05-07 21:34:14 -04:00
parent 34f2988a05
commit dc4aca06ec
6 changed files with 16 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/podman/tasks/container-awsddns.yml
View File

@@ -5,7 +5,7 @@
diff: false diff: false
containers.podman.podman_container: containers.podman.podman_container:
name: awsddns name: awsddns
image: docker.io/bdebyl/awsddns image: docker.io/bdebyl/awsddns:1.0.10
recreate: false recreate: false
restart: true restart: true
restart_policy: on-failure restart_policy: on-failure

5
ansible/roles/podman/tasks/container-drone.yml
View File

@@ -27,11 +27,10 @@
restart_policy: on-failure restart_policy: on-failure
log_driver: journald log_driver: journald
env: env:
DRONE_LOGS_DEBUG: "true" DRONE_LOGS_DEBUG: "false"
DRONE_RPC_DEBUG: "true" DRONE_RPC_DEBUG: "false"
DRONE_GITHUB_CLIENT_ID: "{{ drone_gh_client_id }}" DRONE_GITHUB_CLIENT_ID: "{{ drone_gh_client_id }}"
DRONE_GITHUB_CLIENT_SECRET: "{{ drone_gh_client_sec }}" DRONE_GITHUB_CLIENT_SECRET: "{{ drone_gh_client_sec }}"
DRONE_GIT_ALWAYS_AUTH: "true"
DRONE_RPC_SECRET: "{{ drone_rpc_secret }}" DRONE_RPC_SECRET: "{{ drone_rpc_secret }}"
DRONE_SERVER_HOST: "{{ ci_server_name }}" DRONE_SERVER_HOST: "{{ ci_server_name }}"
DRONE_SERVER_PROTO: "{{ drone_server_proto }}" DRONE_SERVER_PROTO: "{{ drone_server_proto }}"

4
ansible/roles/podman/tasks/container-graylog.yml
View File

@@ -96,8 +96,8 @@
become_user: "{{ podman_user }}" become_user: "{{ podman_user }}"
containers.podman.podman_container: containers.podman.podman_container:
name: graylog name: graylog
image: docker.io/graylog/graylog:4.2 image: docker.io/graylog/graylog:4.2.9
recreate: false recreate: true
restart: true restart: true
restart_policy: on-failure restart_policy: on-failure
sysctl: sysctl:

2
ansible/roles/podman/tasks/container-partkeepr.yml
View File

@@ -4,7 +4,7 @@
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
owner: "{{ podman_user }}" owner: "{{ podman_subuid.stdout }}"
group: "{{ podman_user }}" group: "{{ podman_user }}"
mode: 0755 mode: 0755
notify: restorecon podman notify: restorecon podman

9
ansible/roles/podman/tasks/container-pihole.yml
View File

@@ -70,3 +70,12 @@
tags: tags:
- pihole - pihole
- firewall - firewall
- name: Save state of iptables for IPv4
become: true
community.general.iptables_state:
state: saved
path: /etc/sysconfig/iptables
tags:
- pihole
- firewall

2
ansible/roles/podman/templates/nginx/sites/home.bdebyl.net.conf.j2
View File

@@ -10,7 +10,7 @@ server {
listen 80 default_server; listen 80 default_server;
server_name {{ home_server_name }}; server_name {{ home_server_name }};
if ($whitelisted = 1) { if ($whitelisted = 1) {
return 302 http://{{ ansible_default_ipv4.address }}; return 302 http://pi.bdebyl.net;
} }
if ($whitelisted = 0) { if ($whitelisted = 0) {