| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 |
- ---
- - hosts: all
- become: true
- tasks:
- # - name: Update Server
- # apt:
- # upgrade: true
- # update-cache: true
- # cache_valid_time: 3600
- - name: Install Core Server Utils
- apt:
- pkg:
- - curl
- - python3
- - ufw
- - samba
- - smbclient
- - cifs-utils
- - apt-transport-https
- - ca-certificates
- - curl
- - software-properties-common
- - python3-pip
- - virtualenv
- - python3-setuptools
- - rsync
- - intel-opencl-icd # Added 1/13/2025 per Jellyfin
- - intel-gpu-tools # Added to monitor Intel QuickSync
- state: present
- # update_cache: true
- cache_valid_time: 3600
- - name: Add Docker GPG apt Key
- apt_key:
- url: https://download.docker.com/linux/ubuntu/gpg
- state: present
- - name: Add Docker Repository
- apt_repository:
- repo: deb https://download.docker.com/linux/ubuntu focal stable
- state: present
- - name: Update apt and install docker-ce
- apt:
- name:
- - docker-ce
- - containerd.io
- - docker-compose
- state: latest
- # update_cache: true
- #
- # - name: Install Docker Containers
- # community.docker.docker_container:
- # name: portainer
- # image: portainer/portainer-ce
- - name: Create Portainer Directory
- file:
- path: /home/mike/docker/portainer
- state: directory
- become_user: mike
- - name: Create UFW directory
- file:
- path: /home/mike/ufw/applications.d
- state: directory
- become_user: mike
- - name: Sync Portainer docker-compose file
- synchronize:
- src: docker-compose.yml
- dest: /home/mike/docker/portainer
- become_user: mike
- - name: Install UFW config files
- synchronize:
- src: TG-portainer
- dest: /home/mike/ufw/applications.d
- become_user: mike
- - name: Move UFW files to proper directory
- command: mv /home/mike/ufw/applications.d/TG-portainer /etc/ufw/applications.d/TG-portainer
- ### Need to change ownership to root ###
- - name: Start Portainer
- docker_compose:
- project_src: /home/mike/docker/portainer
- state: present
- - name: Configure UFW - allow OpenSSH, samba, and TG-portainer
- ufw:
- rule: allow
- name: "{{ item }}"
- with_items:
- - OpenSSH
- - samba
- - TG-portainer
- - name: Configure UFW - delete default allow 22
- ufw:
- rule: allow
- port: 22
- proto: tcp
- delete: yes
- - name: Configure UFW - deny all else
- ufw:
- state: enabled
- policy: deny
|
