first commit
This commit is contained in:
commit
e83a9abddf
131
webmin.yml
Normal file
131
webmin.yml
Normal file
@ -0,0 +1,131 @@
|
|||||||
|
- name: Webmin setup
|
||||||
|
hosts: tor-nas.dedyn.io
|
||||||
|
tasks:
|
||||||
|
|
||||||
|
- name: Add webmin Apt signing key
|
||||||
|
ansible.builtin.apt_key:
|
||||||
|
url: https://download.webmin.com/jcameron-key.asc
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Add webmin repository
|
||||||
|
ansible.builtin.apt_repository:
|
||||||
|
repo: deb https://download.webmin.com/download/repository sarge contrib
|
||||||
|
state: present
|
||||||
|
filename: webmin
|
||||||
|
|
||||||
|
- name: Install webmin
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- libauthen-oath-perl
|
||||||
|
- webmin
|
||||||
|
update_cache: no
|
||||||
|
install_recommends: no
|
||||||
|
|
||||||
|
- name: /etc/webmin/miniserv.conf ssl
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/webmin/miniserv.conf
|
||||||
|
regexp: '^ssl\=1$'
|
||||||
|
line: 'ssl=0'
|
||||||
|
backup: yes
|
||||||
|
notify:
|
||||||
|
- Restart webmin
|
||||||
|
|
||||||
|
- name: /etc/webmin/miniserv.conf redirect_host
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/webmin/miniserv.conf
|
||||||
|
regexp: '^redirect_host\=.*$'
|
||||||
|
line: "redirect_host=webmin.{{inventory_hostname}}"
|
||||||
|
backup: yes
|
||||||
|
notify:
|
||||||
|
- Restart webmin
|
||||||
|
|
||||||
|
- name: /etc/webmin/miniserv.conf redirect_port
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/webmin/miniserv.conf
|
||||||
|
regexp: '^redirect_port\=.*$'
|
||||||
|
line: "redirect_port=443"
|
||||||
|
backup: yes
|
||||||
|
notify:
|
||||||
|
- Restart webmin
|
||||||
|
|
||||||
|
- name: /etc/webmin/miniserv.conf redirect_port
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/webmin/miniserv.conf
|
||||||
|
regexp: '^redirect_ssl\=.*$'
|
||||||
|
line: "redirect_ssl=1"
|
||||||
|
backup: yes
|
||||||
|
notify:
|
||||||
|
- Restart webmin
|
||||||
|
|
||||||
|
- name: /etc/webmin/miniserv.conf trust_real_ip
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/webmin/miniserv.conf
|
||||||
|
line: "trust_real_ip=1"
|
||||||
|
backup: yes
|
||||||
|
notify:
|
||||||
|
- Restart webmin
|
||||||
|
|
||||||
|
- name: /etc/webmin/config referers
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/webmin/config
|
||||||
|
regexp: '^referers='
|
||||||
|
line: "referers=webmin.{{inventory_hostname}}"
|
||||||
|
backup: yes
|
||||||
|
notify:
|
||||||
|
- Restart webmin
|
||||||
|
|
||||||
|
- name: /etc/webmin/rootpwfromadm.sh
|
||||||
|
blockinfile:
|
||||||
|
path: /etc/webmin/rootpwfromadm.sh
|
||||||
|
create: yes
|
||||||
|
mode: 0400
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
marker: "# {mark} ANSIBLE MANAGED BLOCK"
|
||||||
|
block: |
|
||||||
|
grep ^tor-nasadm: /etc/shadow >/etc/webmin/miniserv.users
|
||||||
|
sed -i "s/^{{ ansible_facts['hostname'] }}adm/root/" /etc/webmin/miniserv.users
|
||||||
|
echo done >/etc/webmin/rootpwfromadm.sh.done
|
||||||
|
backup: yes
|
||||||
|
notify:
|
||||||
|
- Restart webmin
|
||||||
|
|
||||||
|
- name: Set initial Webin-internal-Root Passwort from admin User
|
||||||
|
ansible.builtin.shell: bash /etc/webmin/rootpwfromadm.sh
|
||||||
|
args:
|
||||||
|
chdir: /home/docker/nextcloud.{{inventory_hostname}}
|
||||||
|
creates: /etc/webmin/rootpwfromadm.sh.done
|
||||||
|
|
||||||
|
- name: /home/docker/traefik/providers/webmin.yml Webmin<->Traefik provider
|
||||||
|
blockinfile:
|
||||||
|
path: /home/docker/traefik/providers/webmin.yml
|
||||||
|
create: yes
|
||||||
|
mode: 0444
|
||||||
|
owner: root
|
||||||
|
group: docker
|
||||||
|
marker: "# {mark} ANSIBLE MANAGED BLOCK"
|
||||||
|
block: |
|
||||||
|
http:
|
||||||
|
routers:
|
||||||
|
webmin:
|
||||||
|
rule: "Host(`webmin.{{inventory_hostname}}`)"
|
||||||
|
service: webmin
|
||||||
|
entryPoints:
|
||||||
|
- "https"
|
||||||
|
tls:
|
||||||
|
certresolver:
|
||||||
|
- "letsencrypt"
|
||||||
|
middlewares: secHeaders@file
|
||||||
|
services:
|
||||||
|
webmin:
|
||||||
|
loadBalancer:
|
||||||
|
servers:
|
||||||
|
- url: "http://192.168.41.1:10000"
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
|
||||||
|
- name: Restart webmin
|
||||||
|
service:
|
||||||
|
name: webmin
|
||||||
|
state: restarted
|
||||||
|
|
Loading…
Reference in New Issue
Block a user