ansible-playbooks/sabre-dav/playbook.yaml

- name: Install Baïkal server
  hosts: nuculabs
  become: true
  become_method: sudo
  vars_files:
    - variables.yaml
  tasks:
    # Create necessary directories.
    - name: "Create directories"
      block:
        - name: Create base directory
          ansible.builtin.file:
            path: "{{ baikal.base_directory }}"
            state: directory
            mode: "0755"
          ignore_errors: true
        - name: Create data directory
          ansible.builtin.file:
            path: "{{ baikal.base_directory }}/{{ baikal.data_directory }}"
            state: directory
            mode: "0755"
          ignore_errors: true
        - name: Create extensions directory
          ansible.builtin.file:
            path: "{{ baikal.base_directory }}/{{ baikal.config_directory }}"
            state: directory
            mode: "0755"
          ignore_errors: true
    - name: Setup Container
      block:
        - name: Ensure Podman is installed
          ansible.builtin.package:
            name: podman
            state: present
        - name: Pull image
          containers.podman.podman_image:
            name: "{{ baikal.container_image }}"
            state: present
        - name: "Copy container"
          ansible.builtin.template:
            src: ./templates/container/baikal.container.j2
            dest: /etc/containers/systemd/baikal.container
            mode: "0644"
        - name: Reload systemd
          ansible.builtin.command:
            cmd: systemctl daemon-reload
        - name: Stop service
          ansible.builtin.systemd_service:
            name: baikal.service
            state: stopped
            enabled: true
        - name: Enable service
          ansible.builtin.systemd_service:
            name: baikal.service
            state: started
            enabled: true
    - name: Setup firewall
      block:
        - name: Create firewalld service
          ansible.builtin.template:
            src: ./templates/firewall/baikal.xml.j2
            dest: /etc/firewalld/services/baikal.xml
            mode: "0644"
        - name: Reload firewalld
          ansible.builtin.command:
            argv:
              - firewall-cmd
              - --reload
        - name: Enable firewalld service
          ansible.posix.firewalld:
            service: baikal
            state: enabled
            permanent: true
            immediate: true
            offline: true
      when: setup_firewall
implement baikal Reviewed-on: https://forge.nuculabs.dev/dnutiu/ansible-playbooks/pulls/1 Co-authored-by: Denis Nutiu <dnutiu@nuculabs.dev> Co-committed-by: Denis Nutiu <dnutiu@nuculabs.dev> 2025-02-22 18:23:55 +00:00			`- name: Install Baïkal server`
			`hosts: nuculabs`
			`become: true`
			`become_method: sudo`
			`vars_files:`
			`- variables.yaml`
			`tasks:`
			`# Create necessary directories.`
			`- name: "Create directories"`
			`block:`
			`- name: Create base directory`
			`ansible.builtin.file:`
			`path: "{{ baikal.base_directory }}"`
			`state: directory`
			`mode: "0755"`
			`ignore_errors: true`
			`- name: Create data directory`
			`ansible.builtin.file:`
			`path: "{{ baikal.base_directory }}/{{ baikal.data_directory }}"`
			`state: directory`
			`mode: "0755"`
			`ignore_errors: true`
			`- name: Create extensions directory`
			`ansible.builtin.file:`
			`path: "{{ baikal.base_directory }}/{{ baikal.config_directory }}"`
			`state: directory`
			`mode: "0755"`
			`ignore_errors: true`
			`- name: Setup Container`
			`block:`
			`- name: Ensure Podman is installed`
			`ansible.builtin.package:`
			`name: podman`
			`state: present`
			`- name: Pull image`
			`containers.podman.podman_image:`
			`name: "{{ baikal.container_image }}"`
			`state: present`
			`- name: "Copy container"`
			`ansible.builtin.template:`
			`src: ./templates/container/baikal.container.j2`
			`dest: /etc/containers/systemd/baikal.container`
			`mode: "0644"`
			`- name: Reload systemd`
			`ansible.builtin.command:`
			`cmd: systemctl daemon-reload`
			`- name: Stop service`
			`ansible.builtin.systemd_service:`
			`name: baikal.service`
			`state: stopped`
			`enabled: true`
			`- name: Enable service`
			`ansible.builtin.systemd_service:`
			`name: baikal.service`
			`state: started`
			`enabled: true`
			`- name: Setup firewall`
			`block:`
			`- name: Create firewalld service`
			`ansible.builtin.template:`
			`src: ./templates/firewall/baikal.xml.j2`
			`dest: /etc/firewalld/services/baikal.xml`
			`mode: "0644"`
			`- name: Reload firewalld`
			`ansible.builtin.command:`
			`argv:`
			`- firewall-cmd`
			`- --reload`
			`- name: Enable firewalld service`
			`ansible.posix.firewalld:`
			`service: baikal`
			`state: enabled`
			`permanent: true`
			`immediate: true`
			`offline: true`
			`when: setup_firewall`