Personal collection of Ansible roles for FreeBSD hosts
Allow reusing Nginx backend
Make it possible to not specify snooze (default to every midnight)
Allow for a more fine-grained duplicity schedules

refs

master
browse log

clone

read-only
https://git.sr.ht/~sirn/ansible-freebsd
read/write
git@git.sr.ht:~sirn/ansible-freebsd

Ansible Roles

Personal collection of Ansible roles for FreeBSD hosts.

Components

These roles are managed using FreeBSD's RC or configuring packages in base:

  • freebsd-ntpd — sets up the ntpd for time sync
  • freebsd-pf — sets up the PF firewall
  • freebsd-s6 — sets up the S6 supervision suite
  • freebsd-tuning — common tuning for FreeBSD systems

These roles are Ports/Pkg-installed packages that are managed using S6 supervision suite and require freebsd-s6 to be installed:

  • freebsd-s6-dehydrated — sets up Dehydrated and Lexicon for Let's Encrypt certificate provision
  • freebsd-s6-duplicity — sets up Duplicity for periodic backups
  • freebsd-s6-hitch — sets up Hitch for SSL/TLS terminating
  • freebsd-s6-mysql — sets up MariaDB database server
  • freebsd-s6-nginx — sets up Nginx for serving web sites
  • freebsd-s6-php — sets up PHP runtime
  • freebsd-s6-postgresql — sets up PostgreSQL database server
  • freebsd-s6-redis — sets up Redis key-value store
  • freebsd-s6-varnish — sets up Varnish caching server

These roles replaced the corresponding packages in base for e.g. Ports/Pkg-only setup and require freebsd-s6:

  • freebsd-s6-openntpd — sets up OpenNTPd via Ports/Pkg to replace ntpd in base for time sync
  • freebsd-s6-openssh — sets up OpenSSH via Ports/Pkg to replace OpenSSH in base for remote login