Fedora Remix maintained by the Rochester Institute of Technology (RIT) Linux Users Group, targeted at users new to Linux and RIT students, faculty, and staff
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

82 lines
1.8 KiB

---
- hosts: 127.0.0.1
tasks:
- name: Install packages
dnf: name="{{ item }}" state=present
become: true
with_items:
- nginx
- jenkins
- mock
- git
- openssh-server
- pungi
- rpm-sign
- certbot
- fedora-packager
- fedpkg
- fail2ban
- fail2ban-server
- iptables
- dnf-automatic
- mosh
- vim
- python-firewall
# need to get anaconda install class for TigerOS possibly
#- letsencrypt
- name: Allow HTTPS (nginx)
firewalld:
service: https
permanent: true
state: enabled
- name: Allow HTTP (nginx)
firewalld:
service: http
permanent: true
state: enabled
- name: Allow SSH access
firewalld:
service: ssh
permanent: true
state: enabled
- name: Allow 8080 (Jenkins)
firewalld:
port: 8080/tcp
permanent: true
state: enabled
- name: Allow Cockpit
firewalld:
service: cockpit
permanent: true
state: enabled
- name: Enable nginx service
systemd:
name: nginx
enabled: yes
state: started
- name: Enable Jenkins service
systemd:
name: jenkins
enabled: yes
state: started
- name: Enable Cockpit service
systemd:
name: cockpit
enabled: yes
state: started
- name: Enable sshd (openssh-server) service
systemd:
name: sshd
enabled: yes
state: started
- name: Enable fail2ban service
systemd:
name: fail2ban
enabled: yes
state: started
- name: Reload Firewall
command: firewall-cmd --reload
become: true
- name: Update packages
command: dnf update
become: true