libreddit-loadbalance-demo/ansible/playbook.yml

# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
#
# SPDX-License-Identifier: AGPL-3.0-or-later

---
- name: Install and enable firewall
  hosts: all
  remote_user: atm
  pre_tasks:
    - name: Ensure all VMs are reachable
      ansible.builtin.ping:

  tasks:
    - name: Update all packages
      become: true
      ansible.builtin.apt:
        update_cache: true
        upgrade: safe

    - name: Install git, zip, nginx, wget, curl & other utils
      become: true
      ansible.builtin.apt:
        update_cache: true
        pkg:
          - git
          - wget
          - curl
          - gpg
          - ca-certificates
          - ntp
          - zip
          - python3-pip
          - virtualenv
          - ufw
          - python3-setuptools


    - name: Set logging
      become: true
      community.general.ufw:
        logging: "on"

    - name: Allow port 22 and enable UFW
      become: true
      community.general.ufw:
        state: enabled
        rule: allow
        proto: tcp
        port: "22"


    - name: Enable and start ufw service
      become: true
      ansible.builtin.service:
        name: ufw
        enabled: true
        state: started

    - name: Enable and start ufw service
      become: true
      ansible.builtin.service:
        name: ntp
        enabled: true
        state: started
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>`
			`#`
			`# SPDX-License-Identifier: AGPL-3.0-or-later`

			`---`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30			`- name: Install and enable firewall`
			`hosts: all`
			`remote_user: atm`
			`pre_tasks:`
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`- name: Ensure all VMs are reachable`
			`ansible.builtin.ping:`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30
			`tasks:`
			`- name: Update all packages`
			`become: true`
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`ansible.builtin.apt:`
			`update_cache: true`
			`upgrade: safe`

			`- name: Install git, zip, nginx, wget, curl & other utils`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30			`become: true`
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`ansible.builtin.apt:`
			`update_cache: true`
			`pkg:`
			`- git`
			`- wget`
			`- curl`
			`- gpg`
			`- ca-certificates`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30			`- ntp`
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`- zip`
			`- python3-pip`
			`- virtualenv`
			`- ufw`
			`- python3-setuptools`


			`- name: Set logging`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30			`become: true`
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`community.general.ufw:`
			`logging: "on"`

			`- name: Allow port 22 and enable UFW`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30			`become: true`
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`community.general.ufw:`
			`state: enabled`
			`rule: allow`
			`proto: tcp`
			`port: "22"`


			`- name: Enable and start ufw service`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30			`become: true`
feat: deploy loadbalanced libreddit instance 2023-07-16 17:28:34 +05:30			`ansible.builtin.service:`
			`name: ufw`
			`enabled: true`
			`state: started`
fix: use sudo instead of root 2023-07-20 13:42:30 +05:30
			`- name: Enable and start ufw service`
			`become: true`
			`ansible.builtin.service:`
			`name: ntp`
			`enabled: true`
			`state: started`