--- - name: Install needed tools package: name: - tar - zstd tags: cs - when: cs_install_mode != 'none' block: - name: Download crowdsec get_url: url: "{{ cs_archive_url }}" dest: /tmp/ checksum: sha1:{{ cs_archive_sha1 }} - name: Extract crowdsec unarchive: src: /tmp/crowdsec-release.tgz dest: /tmp/ remote_src: True - name: Install or upgrade crowdsec command: ./wizard.sh --bin{{ cs_install_mode }} args: chdir: /tmp/crowdsec-v{{ cs_version }}/ notify: restart crowdsec - name: Update crowdsec hub command: cscli hub update tags: cs - name: Create the systemd unit snippet dir file: path=/etc/systemd/system/crowdsec.service.d state=directory tags: cs - name: Make the service restart on failure copy: content: | [Service] Restart=on-failure StartLimitInterval=0 RestartSec=30 dest: /etc/systemd/system/crowdsec.service.d/restart.conf register: crodwsec_unit_restart notify: restart crowdsec tags: cs - name: Set user account which runs the service copy: content: | [Service] User={{ cs_user }} Group={{ cs_user }} dest: /etc/systemd/system/crowdsec.service.d/user.conf register: crodwsec_unit_user notify: restart crowdsec tags: cs - name: Reload systemd systemd: daemon_reload=True when: crodwsec_unit_restart.changed or crodwsec_unit_user.changed tags: cs - name: Install pre and post backup hooks template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/crowdsec mode=700 loop: - pre - post tags: cs