diff --git a/roles/system/cockpit/defaults/main.yml b/roles/system/cockpit/defaults/main.yml new file mode 100644 index 0000000..ee6f952 --- /dev/null +++ b/roles/system/cockpit/defaults/main.yml @@ -0,0 +1,5 @@ +--- +# Boolean variable that adjust the Cockpit config when it's being served via +# reverse proxy (adjusts the origin, so that the Cockpit doesn't drop sessions, +# and checks for SSL/TLS connections) +system_cockpit_has_reverse_proxy: false diff --git a/roles/system/cockpit/tasks/install.yml b/roles/system/cockpit/tasks/install.yml new file mode 100644 index 0000000..50e675e --- /dev/null +++ b/roles/system/cockpit/tasks/install.yml @@ -0,0 +1,5 @@ +--- +- name: Install cockpit + ansible.builtin.package: + name: cockpit + state: present diff --git a/roles/system/cockpit/tasks/main.yml b/roles/system/cockpit/tasks/main.yml new file mode 100644 index 0000000..162a247 --- /dev/null +++ b/roles/system/cockpit/tasks/main.yml @@ -0,0 +1,19 @@ +--- +- name: Packages + ansible.builtin.include_tasks: install.yml + tags: install + +- name: Install config to enable reverse proxy + ansible.builtin.template: + src: templates/cockpit.conf + dest: /etc/cockpit/cockpit.conf + mode: 0644 + owner: root + group: root + when: system_cockpit_has_reverse_proxy + +- name: Enable cockpit + ansible.builtin.service: + name: "cockpit.socket" + enabled: true + state: restarted diff --git a/roles/system/cockpit/templates/cockpit.conf b/roles/system/cockpit/templates/cockpit.conf new file mode 100644 index 0000000..710c26c --- /dev/null +++ b/roles/system/cockpit/templates/cockpit.conf @@ -0,0 +1,3 @@ +[WebService] +Origins = https://cockpit.{{ host_fqdn }} wss://cockpit.{{ host_fqdn }} +ProtocolHeader = X-Forwarded-Proto