From edf18757209591ae43f6d4f84c2720546091dba9 Mon Sep 17 00:00:00 2001 From: kitoy Date: Tue, 31 Oct 2023 02:13:38 +0100 Subject: [PATCH] rm tmp files --- roles/dnsdist/tasks/main.yml~ | 88 ----------------------------------- 1 file changed, 88 deletions(-) delete mode 100644 roles/dnsdist/tasks/main.yml~ diff --git a/roles/dnsdist/tasks/main.yml~ b/roles/dnsdist/tasks/main.yml~ deleted file mode 100644 index 4026db2..0000000 --- a/roles/dnsdist/tasks/main.yml~ +++ /dev/null @@ -1,88 +0,0 @@ ---- -- name: Install dnsdist - apt: - name: - - dnsdist - - acl - state: present - -- name: Allow DoT connexions - ufw: - rule: allow - port: 853 - proto: tcp - -- name: Allow DoH connexions - ufw: - rule: allow - port: 443 - proto: tcp - -- name: Allow DNS connexions - ufw: - rule: allow - port: 53 - proto: any - -- name: Copy Configuration file for DNSdist - ansible.builtin.copy: - src: dnsdist.conf - dest: /etc/dnsdist/dnsdist.conf - owner: root - group: root - mode: '0644' - - -- name: Add SSL keys to dnsdist.conf - ansible.builtin.replace: - path: /etc/dnsdist/dnsdist.conf - regexp: '__SSL_CRT__' - replace: '/etc/ssl/{{ domain}}.crt' - when: installCertbot == False - -- name: Add SSL keys to dnsdist.conf - ansible.builtin.replace: - path: /etc/dnsdist/dnsdist.conf - regexp: '__SSL_KEY__' - replace: '/etc/ssl/{{ domain}}.key' - when: installCertbot == False - -- name: permission to ssl cert - shell: | - setfacl -R -m u:_dnsdist:rx /etc/ssl/"{{ domain }}".key - setfacl -R -m u:_dnsdist:rx /etc/ssl/"{{ domain }}".crt - when: installCertbot == False - - - -- name: Add SSL keys to dnsdist.conf - ansible.builtin.replace: - path: /etc/dnsdist/dnsdist.conf - regexp: '__SSL_CRT__' - replace: '/etc/letsencrypt/live/{{ domain}}/fullchain.pem' - when: installCertbot == True - -- name: Add SSL keys to dnsdist.conf - ansible.builtin.replace: - path: /etc/dnsdist/dnsdist.conf - regexp: '__SSL_KEY__' - replace: '/etc/letsencrypt/live/{{ domain}}/privkey.pem' - when: installCertbot == True - -- name: Set permission letsencrypt SSL keys - shell: setfacl -R -m u:_dnsdist:rx /etc/letsencrypt/ - when: installCertbot == True - - -- name: Disable and stop systemd-resolved - shell: | - systemctl disable systemd-resolved - systemctl stop systemd-resolved || echo "systemd-resolved is already stopped" - -- name: Start dnsdist service - shell: "systemctl start dnsdist" - - - -- name: Enable systemd service - shell: "systemctl enable dnsdist" \ No newline at end of file