74 lines
1.5 KiB
YAML
74 lines
1.5 KiB
YAML
- name: ensure dnsmasq is installed
|
|
package:
|
|
name: dnsmasq
|
|
state: present
|
|
tags:
|
|
- install
|
|
|
|
- name: ensure dnsmasq is configured for homeassistant
|
|
template:
|
|
src: homeassistant.dnsmasq.conf.j2
|
|
dest: /etc/dnsmasq.d/homeassistant.conf
|
|
mode: '0644'
|
|
notify:
|
|
- restart dnsmasq
|
|
|
|
- name: ensure dnsmasq systemd unit drop-in directory exists
|
|
file:
|
|
path: /etc/systemd/system/dnsmasq.service.d
|
|
mode: u=rwx,go=rx
|
|
owner: root
|
|
group: root
|
|
state: directory
|
|
tags:
|
|
- systemd
|
|
- name: ensure dnsmasq starts after network is up
|
|
copy:
|
|
src: after-network.conf
|
|
dest: /etc/systemd/system/dnsmasq.service.d/after-network.conf
|
|
mode: u=rw,go=r
|
|
owner: root
|
|
group: root
|
|
tags:
|
|
- systemd
|
|
|
|
- meta: flush_handlers
|
|
- name: ensure homeassistant firewall zone exists
|
|
firewalld:
|
|
zone: homeassistant
|
|
permanent: true
|
|
state: present
|
|
tags:
|
|
- firewall
|
|
notify:
|
|
- reload firewalld
|
|
- name: ensure homeassistant firewalld zone is configured
|
|
firewalld:
|
|
zone: homeassistant
|
|
interface: '{{ hass_interface }}'
|
|
permanent: true
|
|
state: enabled
|
|
notify:
|
|
- reload firewalld
|
|
tags:
|
|
- firewall
|
|
- meta: flush_handlers
|
|
- name: ensure firewall is configured for home assistant services
|
|
firewalld:
|
|
zone: homeassistant
|
|
service: '{{ item }}'
|
|
immediate: yes
|
|
permanent: no
|
|
state: enabled
|
|
loop:
|
|
- dhcp
|
|
- dns
|
|
- http
|
|
- https
|
|
- mdns
|
|
- mqtt-tls
|
|
notify:
|
|
- save firewalld configuration
|
|
tags:
|
|
- firewall
|