diff --git a/roles/caddy/files/Caddyfile b/roles/caddy/files/Caddyfile index fdb27ea..8d16237 100644 --- a/roles/caddy/files/Caddyfile +++ b/roles/caddy/files/Caddyfile @@ -8,9 +8,7 @@ # this machine's public IP, then replace ":80" below with your # domain name. -media.roosens.me { - reverse_proxy localhost:8096 -} +import *.Caddyfile # Refer to the Caddy docs for more information: # https://caddyserver.com/docs/caddyfile diff --git a/roles/caddy/handlers/main.yml b/roles/caddy/handlers/main.yml index ddf490e..860dc15 100644 --- a/roles/caddy/handlers/main.yml +++ b/roles/caddy/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: reload-caddy +- name: caddy-reload service: name: caddy state: reloaded diff --git a/roles/caddy/tasks/main.yml b/roles/caddy/tasks/main.yml index f3eb347..ddbcacd 100644 --- a/roles/caddy/tasks/main.yml +++ b/roles/caddy/tasks/main.yml @@ -25,7 +25,7 @@ owner: root group: root mode: '644' - notify: reload-caddy + notify: caddy-reload - name: Ensure Caddy service is running & enabled service: diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index efe7bbf..bb1ea27 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,10 +1,13 @@ -- name: Install packages +- name: Ensure common packages are installed apt: name: # Needed for handling GPG keys for repositories - debian-keyring - debian-archive-keyring - apt-transport-https + - ca-certificates + - lsb-release + - gnupg # Easy to edit files - vim @@ -16,9 +19,24 @@ # Disk monitoring - smartmontools + + # Periodic tasks + - cron state: present -- name: Install Vim config +- name: Ensure cron service is enabled + service: + name: cron + state: started + enabled: true + +- name: Ensure fail2ban service is enabled + service: + name: fail2ban + state: started + enabled: true + +- name: Ensure Vim config is present get_url: url: 'https://r8r.be/vim' dest: '{{ item.dest }}' @@ -30,9 +48,3 @@ dest: "/home/debian/.vimrc" - user: root dest: "/root/.vimrc" - -- name: Enable fail2ban - service: - name: fail2ban - state: started - enabled: true diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index b37a479..5e2ae80 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -9,15 +9,6 @@ - runc state: absent -- name: Install Docker PPA dependencies. - apt: - name: - - apt-transport-https - - ca-certificates - - gnupg - - lsb-release - state: present - - name: Add Docker GPG key. apt_key: url: https://download.docker.com/linux/ubuntu/gpg @@ -50,4 +41,4 @@ name: Prune the Docker system. hour: 4 minute: 0 - job: docker system prune -f + job: docker system prune -af diff --git a/roles/jellyfin/files/jellyfin.Caddyfile b/roles/jellyfin/files/jellyfin.Caddyfile new file mode 100644 index 0000000..d803d5e --- /dev/null +++ b/roles/jellyfin/files/jellyfin.Caddyfile @@ -0,0 +1,3 @@ +media.roosens.me { + reverse_proxy localhost:8096 +} diff --git a/roles/jellyfin/meta/main.yml b/roles/jellyfin/meta/main.yml new file mode 100644 index 0000000..1dbd0f6 --- /dev/null +++ b/roles/jellyfin/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - role: caddy diff --git a/roles/jellyfin/tasks/main.yml b/roles/jellyfin/tasks/main.yml index 48b969b..7ac1304 100644 --- a/roles/jellyfin/tasks/main.yml +++ b/roles/jellyfin/tasks/main.yml @@ -50,3 +50,11 @@ state: started enabled: true +- name: Ensure Jellyfin Caddyfile is present + copy: + src: 'jellyfin.Caddyfile' + dest: '/etc/caddy/jellyfin.Caddyfile' + owner: root + group: root + mode: '0644' + notify: caddy-reload diff --git a/roles/samba/handlers/main.yml b/roles/samba/handlers/main.yml index 48e1e38..ccde2aa 100644 --- a/roles/samba/handlers/main.yml +++ b/roles/samba/handlers/main.yml @@ -7,4 +7,4 @@ - name: smbpasswd-lambroek shell: cmd: "smbpasswd -sa lambroek" - stdin: "{{ lambroek_password }}\n{{ lambroek_password }}" + stdin: "{{ lambroek_password }}\n{{ lambroek_password }}\n"