mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-06-02 07:16:06 +02:00
52 lines
1.6 KiB
YAML
52 lines
1.6 KiB
YAML
---
|
|
|
|
- name: create ssl cert
|
|
command: certbot certonly --email webmaster@archlinux.org --agree-tos --rsa-key-size 4096 --renew-by-default --webroot -w {{letsencrypt_validation_dir}} -d '{{ mirror_domain }}' creates='/etc/letsencrypt/live/{{ mirror_domain }}/fullchain.pem'
|
|
when: 'mirror_domain is defined'
|
|
|
|
- name: install rsync
|
|
pacman: name=rsync state=present
|
|
|
|
- name: install syncrepo script
|
|
copy: src=syncrepo dest=/usr/local/bin/syncrepo owner=root group=root mode=0755
|
|
|
|
- name: install syncrepo units
|
|
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
|
|
with_items:
|
|
- syncrepo.timer
|
|
- syncrepo.service
|
|
notify:
|
|
- daemon reload
|
|
|
|
- name: install rsyncd config
|
|
copy: src=rsyncd.conf dest=/etc/rsyncd.conf owner=root group=root mode=0644
|
|
|
|
- name: start and enable syncrepo units
|
|
service: name={{ item }} enabled=yes state=started
|
|
with_items:
|
|
- syncrepo.timer
|
|
- rsyncd.socket
|
|
|
|
- name: set local mirror as cachedir
|
|
lineinfile:
|
|
dest: /etc/pacman.conf
|
|
insertafter: '^#CacheDir'
|
|
regexp: '^CacheDir'
|
|
line: 'CacheDir = /var/cache/pacman/pkg/ /srv/ftp/pool/packages/ /srv/ftp/pool/community/'
|
|
|
|
- name: make nginx log dir
|
|
file: path=/var/log/nginx/{{ mirror_domain }} state=directory owner=root group=root mode=0755
|
|
|
|
- name: set up nginx
|
|
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/syncrepo.conf owner=root group=root mode=0644
|
|
notify:
|
|
- reload nginx
|
|
when: 'mirror_domain is defined'
|
|
tags: ['nginx']
|
|
|
|
- name: open firewall holes
|
|
firewalld: service=rsyncd permanent=true state=enabled immediate=yes
|
|
when: configure_firewall
|
|
tags:
|
|
- firewall
|