pizza1: add postfix & tor configs; install knot by def

all/playbook.yaml

@@ -15,6 +15,15 @@
       ansible.builtin.apt_repository:
         repo: deb http://deb.debian.org/debian bookworm-backports main contrib
         state: present
+    - name: Get Knot GPG keys
+      ansible.builtin.get_url:
+        url: https://deb.knot-dns.cz/apt.gpg
+        dest: /usr/share/keyrings/knot.gpg
+        mode: '0644'
+    - name: Enable knot repo
+      ansible.builtin.apt_repository:
+        repo: deb [signed-by=/usr/share/keyrings/knot.gpg] https://deb.knot-dns.cz/knot-latest/ bookworm main
+        state: present
     - name: Install Required Programs / APT
       ansible.builtin.apt:
         name:

pizza1/playbook.yaml

@@ -0,0 +1,36 @@
+---
+- name: Pizza-1 specific stuff
+  hosts: pizza1
+  vars_files:
+    - ./vars.yaml
+  tasks:
+    - name: Install stuff
+      ansible.builtin.apt:
+        name:
+          - postfix
+          - postfix-pgsql
+          - tor
+          - knot
+          - knot-dnsutils
+          - knot-module-geoip
+    - name: Setup postfix configs
+      ansible.builtin.copy:
+        src: ./configs/postfix
+        target: /etc/postfix
+        mode: preserve
+    - name: Restart postfix
+      ansible.builtin.service:
+        name: postfix
+        enabled: true
+        state: restarted
+    - name: Setup torrc
+      ansible.builtin.copy:
+        src: ./configs/tor/torrc
+        target: /etc/tor/torrc
+        mode: preserve
+    # You gotta copy pjsfsvc manually though
+    - name: Restart tor
+      ansible.builtin.service:
+        name: tor
+        enabled: true
+        state: restarted

pizza1/tor/torrc

@@ -0,0 +1,2 @@
+HiddenServiceDir /var/lib/tor/pjsfsvc/
+HiddenServicePort 80 127.0.0.1:80