74 lines
2.0 KiB
YAML
74 lines
2.0 KiB
YAML
---
|
||
# The home-server project produces a multi-purpose setup using Ansible.
|
||
# Copyright © 2018–2023 Y. Gablin, under the GPL-3.0-or-later license.
|
||
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
|
||
|
||
- name: initialize the ddclient software
|
||
include_role:
|
||
name: ddclient.inc
|
||
|
||
- name: prepare to override systemd settings
|
||
file:
|
||
path: '/etc/systemd/system/ddclient@henet.service.d'
|
||
state: directory
|
||
mode: 0755
|
||
|
||
- name: systemd settings for he.net
|
||
copy:
|
||
content: |
|
||
[Service]
|
||
CapabilityBoundingSet=CAP_AUDIT_WRITE CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_SYS_CHROOT
|
||
PrivateTmp=yes
|
||
PrivateDevices=yes
|
||
ProtectSystem=yes
|
||
ProtectHome=yes
|
||
NoNewPrivileges=yes
|
||
dest: '/etc/systemd/system/ddclient@henet.service.d/secure-{{nickname}}.conf'
|
||
mode: 0644
|
||
notify:
|
||
- restart ddclient@henet.service
|
||
|
||
- name: ddclient settings for he.net
|
||
copy:
|
||
content: |
|
||
use=web
|
||
web=http://checkip.dns.he.net/
|
||
server=dyn.dns.he.net
|
||
login=your_login
|
||
password=your_password
|
||
postscript=/etc/ddclient/henet_post.sh
|
||
example.org
|
||
dest: /etc/ddclient/henet.conf
|
||
mode: 0644
|
||
notify:
|
||
- restart ddclient@henet.service
|
||
|
||
- name: post-update script for he.net
|
||
copy:
|
||
content: |
|
||
#!/usr/bin/env bash
|
||
# $1: new IP address
|
||
if [ -f /etc/conf.d/iodined ]; then
|
||
sed -i "s/^IODINE_EXT_IP=.*/IODINE_EXT_IP='$1'/" /etc/conf.d/iodined
|
||
etc_stop_local 'IP update on dns.he.net'
|
||
systemctl restart iodined.service
|
||
fi
|
||
dest: /etc/ddclient/henet_post.sh
|
||
mode: 0755
|
||
notify:
|
||
- restart ddclient@henet.service
|
||
|
||
- name: enable ddclient@henet.service
|
||
systemd:
|
||
daemon_reload: true
|
||
name: ddclient@henet.service
|
||
enabled: true
|
||
|
||
### LOCAL COMMIT ⇒ ###
|
||
- name: commit local changes
|
||
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=local.yml
|
||
vars:
|
||
msg: ddclient@henet
|
||
### ⇐ LOCAL COMMIT ###
|
||
- meta: flush_handlers
|