pizza1: add postfix & tor configs; install knot by def

2024-01-12 16:08:08 +05:30 · 2024-01-12 16:08:08 +05:30 · de4f301d71
commit de4f301d71
parent 37299d6946
3 changed files with 47 additions and 0 deletions
--- a/all/playbook.yaml
+++ b/all/playbook.yaml
@ -15,6 +15,15 @@
      ansible.builtin.apt_repository:
        repo: deb http://deb.debian.org/debian bookworm-backports main contrib
        state: present
+    - name: Get Knot GPG keys
+      ansible.builtin.get_url:
+        url: https://deb.knot-dns.cz/apt.gpg
+        dest: /usr/share/keyrings/knot.gpg
+        mode: '0644'
+    - name: Enable knot repo
+      ansible.builtin.apt_repository:
+        repo: deb [signed-by=/usr/share/keyrings/knot.gpg] https://deb.knot-dns.cz/knot-latest/ bookworm main
+        state: present
    - name: Install Required Programs / APT
      ansible.builtin.apt:
        name:
--- a/pizza1/playbook.yaml
+++ b/pizza1/playbook.yaml
@ -0,0 +1,36 @@
+---
+- name: Pizza-1 specific stuff
+  hosts: pizza1
+  vars_files:
+    - ./vars.yaml
+  tasks:
+    - name: Install stuff
+      ansible.builtin.apt:
+        name:
+          - postfix
+          - postfix-pgsql
+          - tor
+          - knot
+          - knot-dnsutils
+          - knot-module-geoip
+    - name: Setup postfix configs
+      ansible.builtin.copy:
+        src: ./configs/postfix
+        target: /etc/postfix
+        mode: preserve
+    - name: Restart postfix
+      ansible.builtin.service:
+        name: postfix
+        enabled: true
+        state: restarted
+    - name: Setup torrc
+      ansible.builtin.copy:
+        src: ./configs/tor/torrc
+        target: /etc/tor/torrc
+        mode: preserve
+    # You gotta copy pjsfsvc manually though
+    - name: Restart tor
+      ansible.builtin.service:
+        name: tor
+        enabled: true
+        state: restarted
--- a/pizza1/tor/torrc
+++ b/pizza1/tor/torrc
@ -0,0 +1,2 @@
+HiddenServiceDir /var/lib/tor/pjsfsvc/
+HiddenServicePort 80 127.0.0.1:80