75 lines
1.7 KiB
YAML
75 lines
1.7 KiB
YAML
---
|
|
- name: Install unzip using apt
|
|
apt: name=unzip state=latest update_cache=yes force_apt_get=yes
|
|
|
|
- name: "NOTSCORED | 3.5.1.6 | PATCH | Ensure firewall rules exist for all open ports"
|
|
ufw:
|
|
rule: allow
|
|
proto: tcp
|
|
port: "{{ item }}"
|
|
loop:
|
|
- '3000'
|
|
- '80'
|
|
- '443'
|
|
- '22'
|
|
|
|
- name: Creates directory structure for rocketchat data
|
|
file:
|
|
path: /home/{{ main_user }}/rocketchat/data
|
|
state: directory
|
|
owner: "{{ main_user }}"
|
|
group: "{{ main_user }}"
|
|
mode: 0775
|
|
|
|
- name: Creates directory structure for nginx data
|
|
file:
|
|
path: /home/{{ main_user }}/rocketchat/nginx
|
|
state: directory
|
|
owner: "{{ main_user }}"
|
|
group: "{{ main_user }}"
|
|
mode: 0775
|
|
|
|
- name: copy docker compose to server
|
|
become_user: "{{ main_user }}"
|
|
copy:
|
|
src: files/docker-compose.yml
|
|
dest: /home/{{ main_user }}/rocketchat/
|
|
|
|
- name: bring down rocketchat docker-compose
|
|
become_user: "{{ main_user }}"
|
|
docker_compose:
|
|
project_src: /home/{{ main_user }}/rocketchat/
|
|
state: absent
|
|
register: __remove_rocketchat
|
|
tags:
|
|
- bring-down
|
|
|
|
- name: update permissions
|
|
file:
|
|
path: /home/{{ main_user }}
|
|
state: directory
|
|
recurse: yes
|
|
owner: "{{ main_user }}"
|
|
group: "{{ main_user }}"
|
|
mode: 0775
|
|
|
|
- name: setup nginx reverse proxy from template
|
|
template:
|
|
src: templates/nginx.conf.j2
|
|
dest: /home/{{ main_user }}/rocketchat/nginx/nginx.conf
|
|
|
|
- name: docker compose up
|
|
become_user: "{{ main_user }}"
|
|
docker_compose:
|
|
project_src: /home/{{ main_user }}/rocketchat/
|
|
state: present
|
|
register: __rocketchat
|
|
|
|
- name: debug docker compose down
|
|
debug:
|
|
var: __remove_rocketchat
|
|
|
|
- name: debug docker compose up debug
|
|
debug:
|
|
var: __rocketchat
|