mirror of
https://github.com/iiab/iiab.git
synced 2025-02-13 19:52:06 +00:00
99 lines
2.9 KiB
YAML
99 lines
2.9 KiB
YAML
- name: Install Squid packages
|
|
package: name={{ item }}
|
|
state=present
|
|
with_items:
|
|
- "{{ proxy }}"
|
|
- cadaver
|
|
tags:
|
|
- download
|
|
|
|
- name: Create the Squid user
|
|
user: name={{ proxy_user }}
|
|
createhome=False
|
|
shell=/bin/false
|
|
|
|
- name: Copy init script and config file
|
|
template: src={{ item.src }}
|
|
dest={{ item.dest }}
|
|
owner={{ item.owner }}
|
|
group={{ item.group }}
|
|
mode={{ item.mode }}
|
|
with_items:
|
|
- src: 'roles/network/templates/squid/squid.sysconfig'
|
|
dest: '/etc/sysconfig/squid'
|
|
owner: 'root'
|
|
group: 'root'
|
|
mode: '0755'
|
|
- src: 'roles/network/templates/squid/sites.whitelist.txt'
|
|
dest: '/etc/{{ proxy }}/sites.whitelist.txt'
|
|
owner: '{{ proxy_user }}'
|
|
group: '{{ proxy_user }}'
|
|
mode: '0644'
|
|
- src: 'roles/network/templates/squid/allowregex.rules'
|
|
dest: '/etc/{{ proxy }}/allowregex.rules'
|
|
owner: '{{ proxy_user }}'
|
|
group: '{{ proxy_user }}'
|
|
mode: '0644'
|
|
- src: 'roles/network/templates/squid/denyregex.rules'
|
|
dest: '/etc/{{ proxy }}/denyregex.rules'
|
|
owner: '{{ proxy_user }}'
|
|
group: '{{ proxy_user }}'
|
|
mode: '0644'
|
|
- src: 'roles/network/templates/squid/dstaddress.rules'
|
|
dest: '/etc/{{ proxy }}/dstaddress.rules'
|
|
owner: '{{ proxy_user }}'
|
|
group: '{{ proxy_user }}'
|
|
mode: '0644'
|
|
- src: 'roles/network/templates/squid/iiab-httpcache.j2'
|
|
dest: '/usr/bin/iiab-httpcache'
|
|
owner: 'root'
|
|
group: 'root'
|
|
mode: '0755'
|
|
|
|
- name: Create Squid cache directory
|
|
file: path=/library/cache
|
|
owner={{ proxy_user }}
|
|
group={{ proxy_user }}
|
|
mode=0750
|
|
state=directory
|
|
|
|
- name: Create Squid log directory
|
|
file: path=/var/log/{{ proxy }}
|
|
owner={{ proxy_user }}
|
|
group={{ proxy_user }}
|
|
mode=0750
|
|
state=directory
|
|
|
|
- name: Stop Squid
|
|
service: name={{ proxy }}
|
|
state=stopped
|
|
when: not installing
|
|
|
|
- include_tasks: roles/network/tasks/dansguardian.yml
|
|
when: dansguardian_install
|
|
|
|
- name: Add Squid to service list
|
|
ini_file: dest='{{ service_filelist }}'
|
|
section={{ proxy }}
|
|
option='{{ item.option }}'
|
|
value='{{ item.value }}'
|
|
with_items:
|
|
- option: name
|
|
value: squid
|
|
- option: description
|
|
value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter"'
|
|
- option: enabled
|
|
value: "{{ squid_enabled }}"
|
|
|
|
- name: Add 'dansguardian' to service list
|
|
ini_file: dest='{{ service_filelist }}'
|
|
section=dansguardian
|
|
option='{{ item.option }}'
|
|
value='{{ item.value }}'
|
|
with_items:
|
|
- option: name
|
|
value: dansguardian
|
|
- option: description
|
|
value: '"DansGuardian searches web content for obectionable references and denies access when found."'
|
|
- option: enabled
|
|
value: "{{ dansguardian_enabled }}"
|