Personal collection of Ansible roles for FreeBSD hosts
duplicity: cleanups
dehydrated: cleanups
duplicity: set LANG before running duplicity


browse  log 



You can also use your local clone with git send-email.

Ansible Roles

This repository hosts a personal collection of Ansible roles for FreeBSD hosts. These are common configurations that I use in my own servers in various projects. To use this repository, add the following line to your requirements.yml:

- src: git+https://git.sr.ht/~sirn/ansible-freebsd
  version: master
  name: freebsd-roles

Then you can refer the role in playbook with, for example:

- hosts: freebsd
    - import_role:
        name: freebsd-roles/freebsd-pf

Most roles in this repository uses s6 supervision suite to perform process supervision.


These roles configure packages in base:

  • freebsd-hardening — performs a basic hardening
  • freebsd-ntpd — sets up the ntpd for time sync
  • freebsd-pf — sets up the pf firewall
  • freebsd-racct — sets up racct for resource limiting
  • freebsd-tuning — common tuning for FreeBSD systems

These roles are for pkg-installed packages:

These roles are for pkg-installed packages that are managed using S6 supervision suite and require freebsd-s6 to be installed:

  • freebsd-s6-dehydrated — sets up Dehydrated and Lexicon for Let's Encrypt certificate provision
  • freebsd-s6-duplicity — sets up Duplicity for periodic backups
  • freebsd-s6-hitch — sets up Hitch for SSL/TLS terminating
  • freebsd-s6-mysql — sets up MariaDB database server
  • freebsd-s6-nginx — sets up Nginx for serving web sites
  • freebsd-s6-openntpd — sets up OpenNTPd via pkg to replace ntpd in base
  • freebsd-s6-openssh — sets up OpenSSH via pkg to replace OpenSSH in base
  • freebsd-s6-php — sets up PHP runtime
  • freebsd-s6-postgresql — sets up PostgreSQL database server
  • freebsd-s6-redis — sets up Redis key-value store
  • freebsd-s6-varnish — sets up Varnish caching server

See also

  • ansible-openbsd — Personal collection of Ansible roles for OpenBSD hosts.