--- - name: "Install haproxy via apt" apt: update_cache: yes state: present name: - haproxy - name: Copy haproxy configuration copy: src: haproxy.cfg dest: /etc/haproxy/haproxy.cfg mode: 0644 owner: root group: root - name: Enable and stop haproxy service: name: haproxy state: stopped enabled: yes - name: "Install certbot via apt" apt: update_cache: yes state: present name: - python3-certbot - name: Generate certificate for all proxied domains command: cmd: certbot certonly --non-interactive --agree-tos -m tormakristof@tormakristof.eu --standalone -d neko.tormakristof.eu - name: Enable and start haproxy service: name: haproxy state: started enabled: yes - name: Copy certbot cronjob copy: src: certbot dest: /etc/cron.weekly/certbot mode: 0755 owner: root group: root - name: Reset ufw rules to default community.general.ufw: state: reset - name: Enable ufw community.general.ufw: state: enabled - name: "Install haproxy exporter" apt: update_cache: yes state: present name: - prometheus-haproxy-exporter - name: Allow node-exporter via ufw community.general.ufw: rule: allow port: 9100 proto: tcp src: 192.168.69.0/24 ...