From ea8e387a1c808e6db49a41682b4e480bf8475f45 Mon Sep 17 00:00:00 2001 From: Thomas Kleinendorst Date: Sat, 5 Oct 2024 12:58:04 +0200 Subject: [PATCH] Add cloudflared role --- playbook.yml | 2 ++ roles/cloudflared/tasks/main.yml | 10 ++++++++++ roles/cloudflared/vars/main/vault.yml | 16 ++++++++++++++++ 3 files changed, 28 insertions(+) create mode 100644 roles/cloudflared/tasks/main.yml create mode 100644 roles/cloudflared/vars/main/vault.yml diff --git a/playbook.yml b/playbook.yml index 3db9b74..594b3c8 100644 --- a/playbook.yml +++ b/playbook.yml @@ -20,6 +20,8 @@ - role: changedetection - role: pi-hole - role: monitoring + - role: wedding + - role: cloudflared vars: # devsec.hardening.ssh_hardening vars: ssh_client_port: 22 # Default, but duplicated here for documentation purpose. Not changed because its only accessible via LAN. diff --git a/roles/cloudflared/tasks/main.yml b/roles/cloudflared/tasks/main.yml new file mode 100644 index 0000000..1a6766a --- /dev/null +++ b/roles/cloudflared/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- name: Install Cloudflared + become: true + ansible.builtin.apt: + deb: https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64.deb +- name: Install the Cloudflared tunnel as a systemd service + become: true + ansible.builtin.command: + cmd: "cloudflared service install {{ cloudflared_refresh_token }}" + creates: /etc/systemd/system/cloudflared.service diff --git a/roles/cloudflared/vars/main/vault.yml b/roles/cloudflared/vars/main/vault.yml new file mode 100644 index 0000000..eed787b --- /dev/null +++ b/roles/cloudflared/vars/main/vault.yml @@ -0,0 +1,16 @@ +$ANSIBLE_VAULT;1.1;AES256 +64663837353165376439353038656432653963396630643034663733356632636131316531346266 +3637643234616564646635613033636364306662643133350a333839313934643061373162643434 +65396539373938623961323464633263336665353138353565633066666630323462303137636362 +3766626364643533640a653064643237653862386139303865613131623639643337356261633661 +33393631343138653030373036336637666363373765343364393438333566386439633137656334 +65376562653931666664636461386332396666303634633034656631333366366335663765343830 +35626530376461373036623361636435306165616136393139343035303664376461356537353130 +37323663376461316633633732326361316232663635636238336661313834363137336565653938 +34613531663062363838653436353432393131333063326134393034386237373038386262306364 +39643361313661623762386132636130383465663762663239393937396462346162366131633861 +35363162323938666534376339393839656464353464363364653931353762623462396136383230 +62306237663537353038643131356561353737613463616534366635386234613135666330633064 +64643732343530633065396266366363313339313763353732666331306637663064616233346133 +66663338363234366466613534666361666332626539646230333238313939616438616431363538 +363631313431343664383531616530353164