Matthias Johnson
b38cd94fc8
- Seed postfix-accounts.cf before mailserver start to satisfy Dovecot's requirement for at least one account on first boot - Add failed_when: false to mail user/alias list tasks (files don't exist on first run) - Add forgejo_runner_version (was undefined); default to 12 - Create /srv/forgejo/data/gitea/conf before deploying app.ini - Decouple goaccess sync from restic: new enable_goaccess_sync flag with its own goaccess_sync_* variables - Move Docker installation to bootstrap exclusively; rename docker.yml to networks.yml (runs docker_network role only) - Add radicale_password to vault template and setup.sh - Fix goaccess sync tasks gated on enable_goaccess_sync - Add upstream bug comment to authorized_key deprecation warning - Update CLAUDE.md and README.md throughout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
98 lines
2.3 KiB
YAML
98 lines
2.3 KiB
YAML
---
|
|
- name: Install GoAccess and jq
|
|
ansible.builtin.apt:
|
|
name:
|
|
- goaccess
|
|
- jq
|
|
state: present
|
|
|
|
- name: Create GoAccess directories
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
loop:
|
|
- /srv/goaccess
|
|
- /srv/goaccess/data
|
|
- /srv/goaccess/reports
|
|
|
|
- name: Deploy GoAccess config
|
|
ansible.builtin.template:
|
|
src: goaccess.conf.j2
|
|
dest: /srv/goaccess/goaccess.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Deploy report generation script
|
|
ansible.builtin.template:
|
|
src: goaccess-report.sh.j2
|
|
dest: /usr/local/bin/goaccess-report
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
|
|
- name: Deploy report generation systemd service
|
|
ansible.builtin.template:
|
|
src: goaccess-report.service.j2
|
|
dest: /etc/systemd/system/goaccess-report.service
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: Reload systemd
|
|
|
|
- name: Deploy report generation systemd timer
|
|
ansible.builtin.template:
|
|
src: goaccess-report.timer.j2
|
|
dest: /etc/systemd/system/goaccess-report.timer
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: Reload systemd
|
|
|
|
- name: Deploy sync script
|
|
ansible.builtin.template:
|
|
src: goaccess-sync.sh.j2
|
|
dest: /usr/local/bin/goaccess-sync
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
when: enable_goaccess_sync | default(false)
|
|
|
|
- name: Deploy sync systemd service
|
|
ansible.builtin.template:
|
|
src: goaccess-sync.service.j2
|
|
dest: /etc/systemd/system/goaccess-sync.service
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: Reload systemd
|
|
when: enable_goaccess_sync | default(false)
|
|
|
|
- name: Deploy sync systemd timer
|
|
ansible.builtin.template:
|
|
src: goaccess-sync.timer.j2
|
|
dest: /etc/systemd/system/goaccess-sync.timer
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: Reload systemd
|
|
when: enable_goaccess_sync | default(false)
|
|
|
|
- name: Flush handlers to reload systemd
|
|
ansible.builtin.meta: flush_handlers
|
|
|
|
- name: Enable and start GoAccess report timer
|
|
ansible.builtin.systemd:
|
|
name: goaccess-report.timer
|
|
enabled: true
|
|
state: started
|
|
|
|
- name: Enable and start GoAccess sync timer
|
|
ansible.builtin.systemd:
|
|
name: goaccess-sync.timer
|
|
enabled: true
|
|
state: started
|
|
when: enable_goaccess_sync | default(false)
|