80 lines
2.3 KiB
YAML
80 lines
2.3 KiB
YAML
- name: Update default SELinux contexts
|
|
community.general.sefcontext:
|
|
target: "{{ item.target }}"
|
|
setype: "container_file_t"
|
|
selevel: "{{ item.selevel }}"
|
|
state: present
|
|
loop:
|
|
- target: "{{ elementweb_install_dir }}/config.json"
|
|
selevel: "{{ elementweb_selinux_level }}"
|
|
become: true
|
|
notify: "elementweb selinux context changed"
|
|
|
|
- name: Create elementweb directories.
|
|
ansible.builtin.file:
|
|
path: "{{ elementweb_install_dir }}"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0700"
|
|
state: directory
|
|
become: true
|
|
|
|
- name: Stat elementweb config file.
|
|
ansible.builtin.stat:
|
|
path: "{{ elementweb_install_dir }}/config.json"
|
|
become: true
|
|
register: elementweb_stat_config
|
|
|
|
- name: Add caddy config file.
|
|
block:
|
|
- name: Check caddy config dir.
|
|
ansible.builtin.stat:
|
|
path: "{{ caddy_install_dir }}/config"
|
|
become: true
|
|
register: caddy_stat_config_dir
|
|
|
|
- name: Template caddy config for elementweb.
|
|
ansible.builtin.template:
|
|
src: elementweb.caddy.j2
|
|
dest: "{{ caddy_install_dir }}/config/elementweb.caddy"
|
|
mode: "0600"
|
|
setype: "container_file_t"
|
|
selevel: "{{ caddy_selinux_level }}"
|
|
owner: "{{ caddy_stat_config_dir.stat.uid }}"
|
|
group: "{{ caddy_stat_config_dir.stat.gid }}"
|
|
notify: "caddy config changed"
|
|
become: true
|
|
|
|
- name: Create elementweb container file.
|
|
ansible.builtin.template:
|
|
src: elementweb.container.j2
|
|
dest: /etc/containers/systemd/elementweb.container
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0644"
|
|
become: true
|
|
notify: "elementweb service changed"
|
|
|
|
- name: Create elementweb config file.
|
|
ansible.builtin.template:
|
|
src: config.json.j2
|
|
dest: "{{ elementweb_install_dir }}/config.json"
|
|
setype: "container_file_t"
|
|
selevel: "{{ elementweb_selinux_level }}"
|
|
owner: "{{ elementweb_stat_config.stat.uid | default('root') }}"
|
|
group: "{{ elementweb_stat_config.stat.gid | default('root') }}"
|
|
mode: "0644"
|
|
become: true
|
|
|
|
- name: Flush handlers
|
|
ansible.builtin.meta: flush_handlers
|
|
|
|
- name: Ensure elementweb services are started and enabled.
|
|
ansible.builtin.systemd:
|
|
state: started
|
|
enabled: true
|
|
name: "{{ item }}"
|
|
daemon_reload: true
|
|
loop:
|
|
- elementweb.service
|
|
become: true
|