98 lines
1.8 KiB
YAML
98 lines
1.8 KiB
YAML
- name: ensure unifi group exists
|
|
group:
|
|
name: unifi
|
|
gid: 911
|
|
system: true
|
|
state: present
|
|
tags:
|
|
- user
|
|
- group
|
|
- name: ensure unifi user exists
|
|
user:
|
|
name: unifi
|
|
uid: 911
|
|
group: unifi
|
|
home: /var/lib/unifi
|
|
createhome: false
|
|
system: true
|
|
state: present
|
|
tags:
|
|
- user
|
|
|
|
- name: ensure containers subuid is configured
|
|
lineinfile:
|
|
path: /etc/subuid
|
|
create: true
|
|
line: containers:39290640:1048576
|
|
tags:
|
|
- user
|
|
- name: ensure containers subgid is configured
|
|
lineinfile:
|
|
path: /etc/subgid
|
|
line: containers:39290640:1048576
|
|
tags:
|
|
- user
|
|
|
|
- name: ensure unifi storage path exists
|
|
file:
|
|
path: '{{ unifi_storage_path }}'
|
|
owner: unifi
|
|
group: unifi
|
|
mode: u=rwx,go=
|
|
state: directory
|
|
tags:
|
|
- datadir
|
|
|
|
- name: ensure unifi.container systemd unit exists
|
|
template:
|
|
src: unifi.container.j2
|
|
dest: /etc/containers/systemd/unifi.container
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- reload systemd
|
|
- restart unifi
|
|
tags:
|
|
- container
|
|
- name: flush_handlers
|
|
meta: flush_handlers
|
|
|
|
- name: ensure unifi.service is running
|
|
systemd:
|
|
name: unifi.service
|
|
state: started
|
|
tags:
|
|
- service
|
|
|
|
- name: ensure firewall is configured for unifi
|
|
firewalld:
|
|
port: 8080/tcp
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
when: host_uses_firewalld|d(true)|bool
|
|
tags:
|
|
- firewalld
|
|
|
|
- name: ensure nginx is configured to proxy for unifi
|
|
template:
|
|
src: unifi.nginx.conf.j2
|
|
dest: /etc/nginx/default.d/unifi.conf
|
|
mode: u=rw,go=r
|
|
owner: root
|
|
group: root
|
|
notify:
|
|
- reload nginx
|
|
tags:
|
|
- nginx
|
|
|
|
- name: ensure selinux allows nginx to proxy for unifi
|
|
seboolean:
|
|
name: httpd_can_network_connect
|
|
persistent: true
|
|
state: true
|
|
tags:
|
|
- nginx
|
|
- selinux
|