| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- ---
- - name: Install ipset and iptables
- ansible.builtin.apt:
- name:
- - ipset
- - iptables
- state: present
- - name: Create geoblock config directory
- ansible.builtin.file:
- path: "{{ geoblock_zone_path | dirname }}"
- state: directory
- owner: root
- group: root
- mode: "0755"
- - name: Deploy geoblock update script
- ansible.builtin.template:
- src: geoblock-update.sh.j2
- dest: "{{ geoblock_script_path }}"
- owner: root
- group: root
- mode: "0755"
- notify: reload geoblock
- - name: Deploy geoblock systemd service
- ansible.builtin.template:
- src: geoblock.service.j2
- dest: /etc/systemd/system/geoblock.service
- owner: root
- group: root
- mode: "0644"
- - name: Run initial geoblock load
- ansible.builtin.command:
- cmd: "{{ geoblock_script_path }}"
- creates: "{{ geoblock_zone_path }}"
- - name: Enable geoblock service for boot
- ansible.builtin.systemd:
- name: geoblock
- daemon_reload: yes
- enabled: yes
- - name: Configure daily cron for geoblock refresh
- ansible.builtin.cron:
- name: "geoblock-refresh"
- hour: "{{ geoblock_cron_hour }}"
- minute: "{{ geoblock_cron_minute }}"
- job: "{{ geoblock_script_path }}"
- user: root
|
