Personal collection of Ansible roles for FreeBSD hosts
Make duplicity backup for 12 months
Add timecounter configurations.
Add ntpd for time sync.


browse log



Ansible Roles

Personal collection of Ansible roles for FreeBSD hosts.


These roles are managed using FreeBSD's RC or configuring packages in base:

  • freebsd-ntpd — sets up the ntpd for time sync
  • freebsd-pf — sets up the PF firewall
  • freebsd-s6 — sets up the S6 supervision suite
  • freebsd-tuning — common tuning for FreeBSD systems

These roles are Ports/Pkg-installed packages that are managed using S6 supervision suite and require freebsd-s6 to be installed:

  • freebsd-s6-dehydrated — sets up Dehydrated and Lexicon for Let's Encrypt certificate provision
  • freebsd-s6-duplicity — sets up Duplicity for periodic backups
  • freebsd-s6-hitch — sets up Hitch for SSL/TLS terminating
  • freebsd-s6-nginx — sets up Nginx for serving web sites
  • freebsd-s6-postgresql — sets up PostgreSQL database server
  • freebsd-s6-redis — sets up Redis key-value store
  • freebsd-s6-varnish — sets up Varnish caching server

These roles replaced the corresponding packages in base for e.g. Ports/Pkg-only setup and require freebsd-s6:

  • freebsd-s6-openntpd — sets up OpenNTPd via Ports/Pkg to replace ntpd in base for time sync
  • freebsd-s6-openssh — sets up OpenSSH via Ports/Pkg to replace OpenSSH in base for remote login