mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-11-12 10:00:23 +01:00
5492d6793a
Useful for mail.archlinux.org where this setting doesn't matter since we force the SSH command to passwd and zsh was removed as part of the tools cleanup effort recently (stops shadow.service from complaining about zsh missing).
22 lines
744 B
YAML
22 lines
744 B
YAML
- name: setup mail.archlinux.org
|
|
hosts: mail.archlinux.org
|
|
remote_user: root
|
|
roles:
|
|
- { role: common }
|
|
- { role: sshd }
|
|
- { role: root_ssh }
|
|
- { role: borg_client, tags: ['borg'] }
|
|
- { role: certbot }
|
|
- { role: nginx }
|
|
- { role: mta_sts }
|
|
- { role: postfix, tags: ['mail'] }
|
|
- { role: dovecot }
|
|
- { role: rspamd, rspamd_dkim_domain: archlinux.org, tags: ["mail"] }
|
|
- { role: unbound, unbound_port: 5353, tags: ["mail"] }
|
|
- { role: postfwd, tags: ['mail'] }
|
|
- { role: archusers, shell_override: '/bin/bash', archusers_ssh_options: 'command="/usr/bin/passwd",restrict,pty' }
|
|
- { role: fail2ban }
|
|
- { role: prometheus_exporters }
|
|
- { role: promtail }
|
|
- { role: wireguard }
|