vleeuwenmenno/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
dotfiles/config/ansible/tasks/servers/services/caddy/country-blocking.yml
Menno van Leeuwen 2eb5ab5387
Some checks failed
Ansible Lint Check / check-ansible (push) Failing after 26s
Details
Nix Format Check / check-format (push) Failing after 1m27s
Details
Python Lint Check / check-python (push) Failing after 18s
Details
Enhance Ansible playbooks and scripts: 
- Add '--skip-check' option to update.py to skip dotfiles update checks.
- Update playbook.yml and symlinks.yml to use 'inventory_hostname' for host checks.
- Refactor service task inclusions in server.yml for better readability and maintainability.
- Add new Home Assistant service with corresponding docker-compose configuration.
- Update various service YAML files to use dynamic paths based on inventory_hostname.
- Add tags for service tasks to improve organization and execution control.
- Remove obsolete services.yml file.
2025-07-11 03:04:50 +00:00

51 lines
2.0 KiB
YAML
Raw Permalink Blame History

---
- name: Country blocking setup for Caddy with MaxMind GeoLocation
block:
- name: Copy Dockerfile for custom Caddy build with GeoIP
ansible.builtin.copy:
src: Dockerfile
dest: "{{ caddy_service_dir }}/Dockerfile"
mode: "0644"
when: enable_country_blocking | default(false)
- name: Check if MaxMind Country database is available
ansible.builtin.stat:
path: "{{ geoip_db_path }}/GeoLite2-Country.mmdb"
register: maxmind_country_db
when: enable_country_blocking | default(false)
- name: Ensure log directory exists for Caddy
ansible.builtin.file:
path: "{{ caddy_data_dir }}/logs"
state: directory
mode: "0755"
become: true
when: enable_country_blocking | default(false)
- name: Display country blocking configuration
ansible.builtin.debug:
msg:
- "✅ Country blocking enabled: {{ enable_country_blocking | default(false) }}"
- "🛡️ Countries to allow: {{ allowed_countries_codes | default([]) | join(', ') }}"
- "📍 Using MaxMind GeoLocation plugin"
- "💾 Database path: /etc/caddy/geoip/GeoLite2-Country.mmdb"
- "📊 Database available: {{ maxmind_country_db.stat.exists | default(false) }}"
when: enable_country_blocking | default(false)
- name: Warn if MaxMind database not found
ansible.builtin.debug:
msg:
- "⚠️ WARNING: MaxMind Country database not found!"
- "Expected location: {{ geoip_db_path }}/GeoLite2-Country.mmdb"
- "Country blocking will not work until EchoIP service is deployed"
- "Run: dotf update --ansible --tags echoip"
when:
- enable_country_blocking | default(false)
- not maxmind_country_db.stat.exists | default(false)
tags:
- caddy
- security
- country-blocking
- geoip
Reference in New Issue View Git Blame Copy Permalink