dnutiu/ansible-playbooks
dnutiu/ansible-playbooks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update peertube playbook: add firewall instructions

Browse source
This commit is contained in:
Denis-Cosmin Nutiu 2025-02-05 20:27:48 +02:00
parent 429bbc528f
commit b11989497b
2 changed files with 70 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
peertube-server/playbook.yaml
View file

@ -7,25 +7,31 @@
tasks: tasks:
# Create necessary directories. # Create necessary directories.
#
- name: "Create directories"
block:
- name: Create PeerTube data directory - name: Create PeerTube data directory
ansible.builtin.file: ansible.builtin.file:
path: "/{{ peertube.data_directory }}" path: "/{{ peertube.data_directory }}"
state: directory state: directory
mode: '0755' mode: "0755"
ignore_errors: true ignore_errors: true
- name: Create PeerTube config directory - name: Create PeerTube config directory
ansible.builtin.file: ansible.builtin.file:
path: "/{{ peertube.config_directory }}" path: "/{{ peertube.config_directory }}"
state: directory state: directory
mode: '0754' mode: "0754"
ignore_errors: true ignore_errors: true
- name: Create PostgresSQL directory - name: Create PostgresSQL directory
ansible.builtin.file: ansible.builtin.file:
path: "/{{ postgres.postgres_directory }}" path: "/{{ postgres.postgres_directory }}"
state: directory state: directory
mode: '0754' mode: "0754"
ignore_errors: true ignore_errors: true
# Ensure dependencies are installed # Ensure dependencies are installed
#
- name: "Install dependencies"
block:
- name: Ensure Podman is installed - name: Ensure Podman is installed
ansible.builtin.package: ansible.builtin.package:
name: podman name: podman
@ -39,6 +45,9 @@
name: container-selinux name: container-selinux
state: present state: present
# Pull docker images # Pull docker images
#
- name: "Pull container images"
block:
- name: Pull PeerTube image - name: Pull PeerTube image
containers.podman.podman_image: containers.podman.podman_image:
name: "{{ peertube.image_name }}" name: "{{ peertube.image_name }}"
@ -51,16 +60,26 @@
containers.podman.podman_image: containers.podman.podman_image:
name: "{{ redis.image_name }}" name: "{{ redis.image_name }}"
state: present state: present
# Load SELinux policies
- name: Add firewall ports - name: Add firewall ports
block: block:
- name: Create a firewalld service file (if it doesn't exist) - name: Create firewalld service
ansible.posix.firewalld: ansible.builtin.copy:
src: ./templates/firewall/peertube.xml src: ./templates/firewall/peertube.xml
dest: /etc/firewalld/services/peertube.xml dest: /etc/firewalld/services/peertube.xml
mode: "0644"
notify:
- reload firewalld
- name: Enable firewalld service
ansible.posix.firewalld:
service: peertube
state: enabled state: enabled
notify: reload firewalld permanent: true
immediate: true
offline: true
notify:
- reload firewalld
handlers: handlers:
- name: reload firewalld - name: reload firewalld
ansible.posix.firewalld: ansible.builtin.service:
name: firewalld
state: reloaded state: reloaded

6
peertube-server/templates/firewall/peertube.xml
View file

@ -2,6 +2,6 @@
<service> <service>
<short>PeerTube Service</short> <short>PeerTube Service</short>
<description>PeerTube is a federated video sharing platform.</description> <description>PeerTube is a federated video sharing platform.</description>
<port protocol="tcp" port="{{ 1935 }}" /> <port protocol="tcp" port="1935" />
<port protocol="tcp" port="{{ 9000 }}" /> <port protocol="tcp" port="9000" />
</service> </service>