--- # pinnwand - name: Install pinnwand hosts: pinnwand become: true vars_files: - vars/vaults/hostman.yml - vars/vaults/pinnwand.yml - vars/pinnwand.yml # This is to try to avoid the handler issue in pre/post tasks handlers: - import_tasks: handlers/main.yml pre_tasks: - name: Check if ansible cannot be run here stat: path: /etc/no-ansible register: no_ansible - name: Verify if we can run ansible assert: that: - "not no_ansible.stat.exists" success_msg: "We are able to run on this node" fail_msg: "/etc/no-ansible exists - skipping run on this node" - name: Install SELinux packages package: name: python3-policycoreutils.noarch state: present tasks: #- include_tasks: tasks/pinnwand.yml # tags: ['includetasks'] roles: - role: rockylinux.ipagetcert state: present tags: ['certs'] - role: rockylinux.pinnwand state: present tags: ['role_pinnwand'] # Define variables in vars/matomo/nginx.yml - role: nginxinc.nginx_core.nginx tags: ['nginx'] #- role: nginxinc.nginx_core.nginx_config # tags: ['nginx'] post_tasks: - name: Open firewalld ports ansible.posix.firewalld: port: "{{ item.port }}" permanent: "{{ item.permanent | default(yes) }}" state: "{{ item.state | default(present) }}" loop: "{{ firewall_rules }}" - name: Touching run file that ansible has ran here file: path: /var/log/ansible.run state: touch mode: '0644' owner: root group: root