Getting started¶

Example inventory
Example playbook
Ansible tags

Example inventory ¶

To setup and configure Firejail on a given host it should be included in the debops_service_firejail Ansible inventory group:

[debops_service_firejail]
hostname

Example playbook ¶

Here's an example playbook that uses the debops-contrib.firejail role:

---

- name: Setup and configure Firejail
  hosts: [ 'debops_service_firejail' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'

  roles:

    - role: debops-contrib.firejail
      tags: [ 'role::firejail' ]

The playbooks is shipped with this role under ./docs/playbooks/firejail.yml from which you can symlink it to your playbook directory. In case you use multiple DebOps Contrib roles, consider using the DebOps Contrib playbooks.

Ansible tags ¶

You can use Ansible --tags or --skip-tags parameters to limit what tasks are performed during Ansible run. This can be used after a host was first configured to speed up playbook execution, when you are sure that most of the configuration is already in the desired state.

Available role tags:

role::firejail: Main role tag, should be used in the playbook to execute all of the role tasks as well as role dependencies.
role::firejail:pkgs: Tasks related to system package management like installing or removing packages.
role::firejail:profile: Tasks related to Firejail security profile management like copying or removing profile files.

Read the Docs v: latest

Versions: latest

Downloads: pdf; htmlzip; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.