mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-18 08:06:16 +01:00
Code Issues
keycloak-password-reset-time
infrastructure/roles/quassel/tasks/main.yml
Evangelos Foutras d480317909
Add ansible.builtin qualification to become_method 
ansible-lint 6.19.0 started complaining about this:

   schema[tasks]: 'become_method' must be one of the currently available
   values: ansible.builtin.runas, ansible.builtin.su,
           ansible.builtin.sudo, ansible.netcommon.enable,
           community.general.doas, community.general.dzdo,
           community.general.ksu, community.general.machinectl,
           community.general.pbrun, community.general.pfexec,
           community.general.pmrun, community.general.sesu,
           community.general.sudosu, containers.podman.podman_unshare
2023-09-22 23:38:23 +03:00

71 lines
1.9 KiB
YAML
Raw Permalink Blame History

- name: Install quassel
pacman: name=quassel-core,python-pexpect state=present
- name: Add quassel postgres db
postgresql_db: db=quassel
become: true
become_user: postgres
become_method: ansible.builtin.su
- name: Add quassel postgres user
postgresql_user: db=quassel name=quassel password={{ vault_postgres_users.quassel }} encrypted=true
become: true
become_user: postgres
become_method: ansible.builtin.su
- name: Initialize quassel
become: true
become_user: quassel
become_method: ansible.builtin.sudo
expect:
command: quasselcore --configdir=/var/lib/quassel --select-backend=PostgreSQL
responses:
Username: ''
Password:
- '{{ vault_postgres_users.quassel }}'
- ''
- ''
- ''
Hostname: ''
Port: ''
Database: ''
creates: /var/lib/quassel/quasselcore.conf
- name: Create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ quassel_domain }}"]
- name: Install quassel cert renewal hook
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/quassel owner=root group=root mode=0755
- name: Install quassel units
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
with_items:
- clean-quassel.timer
- clean-quassel.service
notify:
- Daemon reload
- name: Add quassel.service.d dir
file: state=directory path=/etc/systemd/system/quassel.service.d owner=root group=root mode=0755
- name: Install quassel.service snippet
copy: src=quassel.service.d dest=/etc/systemd/system/quassel.service.d/local.conf owner=root group=root mode=0644
- name: Start and enable quassel
service: name={{ item }} enabled=yes state=started
with_items:
- quassel.service
- clean-quassel.timer
- name: Open firewall holes
ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
with_items:
- quassel
- ident
when: configure_firewall
tags:
- firewall
View Git Blame Copy Permalink