diff options
-rw-r--r-- | ansible/host_vars/hash/roa-server.vault.yml | 19 | ||||
-rw-r--r-- | ansible/plays/roa-server.yml | 25 | ||||
-rw-r--r-- | ansible/plays/templates/roa-server/docker-compose.yml | 14 |
3 files changed, 58 insertions, 0 deletions
diff --git a/ansible/host_vars/hash/roa-server.vault.yml b/ansible/host_vars/hash/roa-server.vault.yml new file mode 100644 index 0000000..a750fb2 --- /dev/null +++ b/ansible/host_vars/hash/roa-server.vault.yml @@ -0,0 +1,19 @@ +$ANSIBLE_VAULT;1.1;AES256 +38363463316565643131623966623232623833613832383566353166636462613237396635396239 +3832343533663432353731353231313732386662333035330a363464616131316264613331383333 +31353331336166313361623833343135653761653133623931396464383436633132393963303462 +3630653434643266610a613130653961636362313065353833613036623239333635643164333266 +64373064363563666435383062626139356630643163386134366133333933383939343265646365 +33323165353331656232303133613263346530376333336565393235393564373562613732323766 +32613534306565386135303263383561316230303434656664323635666463663062313661343338 +39313535393964383232643337666364343763623964303130343631393964633330303038666364 +64346362343066643566333030313232396334643139613066336332633466663466663530346339 +39613430303461326431663832386537643061313961663332356661663535306266323064313634 +62393663373364336239626233396336636232376532343732616432343031653361383734333235 +31343032396532313531396135376263373163396634626166363366663365653562613130313839 +65656136633965643035353234333037663363616366323830333265616236613761323836303461 +39656237343561646166616265383630366432333631303938393938346232613039373735356333 +36626537353564353662616566643635336464336432636464616663336661373965323035326232 +34373831613465313161343132383036666338303166626639646539303438376335323261356532 +34346535656462646562333332393561656262656631303465346330643934343039663762396563 +3437326539616661643163396461663930376232396136333634 diff --git a/ansible/plays/roa-server.yml b/ansible/plays/roa-server.yml new file mode 100644 index 0000000..c662640 --- /dev/null +++ b/ansible/plays/roa-server.yml @@ -0,0 +1,25 @@ +- hosts: + - hash + tasks: + - name: mkdir /etc/docker-service/roa-server + become: true + file: + path: /etc/docker-service/roa-server + state: directory + mode: 0700 + - name: Install /etc/docker-service/roa-server/private.pem + become: true + copy: + dest: /etc/docker-service/roa-server/private.pem + content: "{{ roa_server.private }}" + owner: root + group: root + mode: 0444 + + - import_role: + name: docker-service + vars: + service: roa-server + template: templates/roa-server/docker-compose.yml +# systemd_enabled: no +# systemd_state: stopped diff --git a/ansible/plays/templates/roa-server/docker-compose.yml b/ansible/plays/templates/roa-server/docker-compose.yml new file mode 100644 index 0000000..c11933c --- /dev/null +++ b/ansible/plays/templates/roa-server/docker-compose.yml @@ -0,0 +1,14 @@ +version: "3" +services: + stayrtr: + image: rpki/stayrtr:latest # no tagged images are available :( + volumes: + - /etc/docker-service/roa-server/id_ecdsa:/id_ecdsa:ro + ports: + - 8022:8022 + command: + - -bind= + - -ssh.bind=:8022 + - -ssh.key=/id_ecdsa + - -checktime=false + - -cache=https://dn42.burble.com/roa/dn42_roa_46.json |