52 lines
1.8 KiB
YAML
52 lines
1.8 KiB
YAML
- name: Check GeoLite2 file
|
|
stat:
|
|
path: "{{ docker_dir }}/caddy/GeoLite2-City.mmdb"
|
|
register: geolite
|
|
tags: never
|
|
|
|
- name: Create GeoLite2 file
|
|
command: "touch {{ docker_dir }}/caddy/GeoLite2-City.mmdb"
|
|
when:
|
|
- not geolite.stat.exists
|
|
tags: never
|
|
|
|
# ----------------------------------------------------------------------------------------------------
|
|
|
|
- name: Install yq on control host
|
|
apt:
|
|
name:
|
|
- yq
|
|
state: latest
|
|
install_recommends: false
|
|
delegate_to: "{{ control_host }}"
|
|
|
|
- name: Curl IP block range file by ProjectSegfault
|
|
command: curl --output /tmp/blocked-ranges.yaml https://raw.githubusercontent.com/ProjectSegfault/ansible/master/privfrontends/blocked-ranges.yaml
|
|
delegate_to: "{{ control_host }}"
|
|
|
|
- name: Read IP block range file by ProjectSegfault
|
|
ansible.builtin.shell: "yq -e '.blocked_ranges' /tmp/blocked-ranges.yaml"
|
|
register: result
|
|
delegate_to: "{{ control_host }}"
|
|
|
|
- name: Parse IP block range file by ProjectSegfault
|
|
set_fact:
|
|
blocked_ranges: "{{ result.stdout | from_yaml }}"
|
|
|
|
# ----------------------------------------------------------------------------------------------------
|
|
|
|
- name: Parse IP block range file by return42
|
|
set_fact:
|
|
botnet_ranges: "{{ lookup('url', 'https://raw.githubusercontent.com/return42/sandbox/main/data/searxng/ipv4_botnet.lst') | regex_replace(',', ' ') | trim }}"
|
|
delegate_to: "{{ control_host }}"
|
|
|
|
# ----------------------------------------------------------------------------------------------------
|
|
|
|
- name: Set up Caddyfile
|
|
template:
|
|
src: "conf/Caddyfile.j2"
|
|
dest: "{{ docker_dir }}/caddy/Caddyfile"
|
|
owner: 1000
|
|
group: 1000
|
|
mode: 0755
|