Ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

72 lines
1.6 KiB

---
- name: Install needed tools
package:
name:
- tar
- zstd
tags: cs
- when: cs_install_mode != 'none'
block:
- name: Download crowdsec
get_url:
url: "{{ cs_archive_url }}"
dest: /tmp/
checksum: sha1:{{ cs_archive_sha1 }}
- name: Extract crowdsec
unarchive:
src: /tmp/crowdsec-release.tgz
dest: /tmp/
remote_src: True
- name: Install or upgrade crowdsec
command: ./wizard.sh --bin{{ cs_install_mode }}
args:
chdir: /tmp/crowdsec-v{{ cs_version }}/
notify: restart crowdsec
- name: Update crowdsec hub
command: cscli hub update
tags: cs
- name: Create the systemd unit snippet dir
file: path=/etc/systemd/system/crowdsec.service.d state=directory
tags: cs
- name: Make the service restart on failure
copy:
content: |
[Service]
Restart=on-failure
StartLimitInterval=0
RestartSec=30
dest: /etc/systemd/system/crowdsec.service.d/restart.conf
register: crodwsec_unit_restart
notify: restart crowdsec
tags: cs
- name: Set user account which runs the service
copy:
content: |
[Service]
User={{ cs_user }}
Group={{ cs_user }}
dest: /etc/systemd/system/crowdsec.service.d/user.conf
register: crodwsec_unit_user
notify: restart crowdsec
tags: cs
- name: Reload systemd
systemd: daemon_reload=True
when: crodwsec_unit_restart.changed or crodwsec_unit_user.changed
tags: cs
- name: Install pre and post backup hooks
template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/crowdsec mode=700
loop:
- pre
- post
tags: cs