Push old broken role to edit it on new laptop

2022-03-08 03:48:56 +03:00 · 2022-03-08 03:48:56 +03:00 · d77f51aa5c
parent ff1fe181b1
commit d77f51aa5c
4 changed files with 103 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,6 @@
+---
+
+cfg_3proxy_defaults:
+  user: service3proxy
+  group: service3proxy
+  chroot: /var/empty
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -0,0 +1,19 @@
+---
+
+- name: 3proxy | Reload configuration
+  systemd:
+    name: 3proxy
+    # Change to reloaded, when systemd unit override is done
+    state: restarted
+
+- name: 3proxy | Stop service
+  systemd:
+    name: 3proxy
+    state: stopped
+
+- name: 3proxy | Start service
+  systemd:
+    name: 3proxy
+    daemon_reload: yes
+    state: started
+
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,54 @@
+#- block:
+#  - name: 3proxy | Install from aur
+#    aur:
+#      name: 3proxy
+#      use: makepkg
+#      skip_installed: yes
+#  become: no
+
+#Creating group threeproxy with gid 973.
+#Creating user threeproxy (3proxy user) with uid 973 and gid 973.
+
+- name: 3proxy | Create group
+  group:
+    name: "{{ cfg_3proxy.group | default(cfg_3proxy_defaults.group) }}"
+    system: yes
+
+- name: 3proxy | Create user
+  user:
+    name: "{{ cfg_3proxy.user | default(cfg_3proxy_defaults.user) }}"
+    group: "{{ cfg_3proxy.group | default(cfg_3proxy_defaults.group) }}"
+    shell: /usr/bin/nologin
+    system: yes
+    create_home: no
+  register: cfg_3proxy_user_info
+
+#3proxy | Deploy configuration file...
+#  nyarlathotep.zeym.org failed | msg: Destination directory /etc/3proxy does not exist
+
+- name: 3proxy | Deploy configuration file
+  template:
+    src: 3proxy.cfg.j2
+    dest: /etc/3proxy/3proxy.cfg
+    mode: 0600
+    owner: "{{ cfg_3proxy.user | default(cfg_3proxy_defaults.user) }}"
+    group: "{{ cfg_3proxy.group | default(cfg_3proxy_defaults.group) }}"
+  notify: 3proxy | Reload configuration
+
+#### some hardening
+#- name: 3proxy | Deploy systemd service override
+#  template:
+#   src: 3proxy.service.j2
+#   dest: /etc/systemd/system/...??? or /var/lib
+#   mode: 0600
+#   owner: root
+#   group: root
+#  notify:
+#    - 3proxy | Stop service
+#    - 3proxy | Start service
+
+- name: 3proxy | Enable and start
+  systemd:
+    name: 3proxy
+    enabled: yes
+    state: started
--- a/templates/3proxy.cfg.j2
+++ b/templates/3proxy.cfg.j2
@ -0,0 +1,24 @@
+# {{ ansible_managed }}
+nserver 127.0.0.1
+nscache 1048576
+
+external 0.0.0.0
+internal 0.0.0.0
+
+auth strong
+maxconn 512
+socks -p{{ cfg_3proxy.socks_port }}
+
+{% for item in cfg_3proxy.users %}
+users "{{ item }}"
+{% endfor %}
+
+{% for item in cfg_3proxy.include %}
+include "{{ item }}"
+{% endfor %}
+
+chroot {{ cfg_3proxy.chroot | default(cfg_3proxy_defaults.chroot) }}
+setgid {{ cfg_3proxy_user_info.group | default(cfg_3proxy_defaults.group) }}
+setuid {{ cfg_3proxy_user_info.uid | default(cfg_3proxy_defaults.user) }}
+
+end