65b00c8840
- Enable ufw and by default deny incoming traffic - in other roles: if ufw (role) is enabled, then allow necessary ports
53 lines
1,017 B
JSON
53 lines
1,017 B
JSON
[
|
|
{
|
|
"name": "packages",
|
|
"become": true,
|
|
"ansible.builtin.apt": {
|
|
"update_cache": true,
|
|
"pkg": [
|
|
"mumble-server"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"name": "configuration",
|
|
"become": true,
|
|
"ansible.builtin.template": {
|
|
"src": "mumble-server.ini.j2",
|
|
"dest": "/etc/mumble-server.ini",
|
|
"group": "mumble-server"
|
|
}
|
|
},
|
|
{
|
|
"name": "admin account",
|
|
"become": true,
|
|
"ansible.builtin.command": {
|
|
"cmd": "murmurd -ini /etc/mumble-server.ini -supw {{var_murmur_admin_password}}"
|
|
}
|
|
},
|
|
{
|
|
"name": "Check wether enabling UFW would be considered a changed",
|
|
"check_mode": true,
|
|
"community.general.ufw": {
|
|
"state": "enabled",
|
|
"register": "ufw_enable_check"
|
|
}
|
|
},
|
|
{
|
|
"name": "Allow port in ufw",
|
|
"community.general.ufw": {
|
|
"rule": "allow",
|
|
"port": "{{ var_murmur_port }}",
|
|
"proto": "tcp"
|
|
},
|
|
"when": "not ufw_enable_check.changed"
|
|
},
|
|
{
|
|
"name": "service",
|
|
"become": true,
|
|
"ansible.builtin.systemd_service": {
|
|
"state": "restarted",
|
|
"name": "mumble-server"
|
|
}
|
|
}
|
|
]
|