roa-server

2 files changed, 39 insertions, 0 deletions

diff --git a/ansible/plays/roa-server.yml b/ansible/plays/roa-server.yml
new file mode 100644
index 0000000..c662640
--- /dev/null
+++ b/ansible/plays/roa-server.yml
@@ -0,0 +1,25 @@
+- hosts:
+    - hash
+  tasks:
+    - name: mkdir /etc/docker-service/roa-server
+      become: true
+      file:
+        path: /etc/docker-service/roa-server
+        state: directory
+        mode: 0700
+    - name: Install /etc/docker-service/roa-server/private.pem
+      become: true
+      copy:
+        dest: /etc/docker-service/roa-server/private.pem
+        content: "{{ roa_server.private }}"
+        owner: root
+        group: root
+        mode: 0444
+
+    - import_role:
+        name: docker-service
+      vars:
+        service: roa-server
+        template: templates/roa-server/docker-compose.yml
+#        systemd_enabled: no
+#        systemd_state: stopped
diff --git a/ansible/plays/templates/roa-server/docker-compose.yml b/ansible/plays/templates/roa-server/docker-compose.yml
new file mode 100644
index 0000000..c11933c
--- /dev/null
+++ b/ansible/plays/templates/roa-server/docker-compose.yml
@@ -0,0 +1,14 @@
+version: "3"
+services:
+  stayrtr:
+    image: rpki/stayrtr:latest # no tagged images are available :(
+    volumes:
+      - /etc/docker-service/roa-server/id_ecdsa:/id_ecdsa:ro
+    ports:
+      - 8022:8022
+    command:
+      - -bind=
+      - -ssh.bind=:8022
+      - -ssh.key=/id_ecdsa
+      - -checktime=false
+      - -cache=https://dn42.burble.com/roa/dn42_roa_46.json