--- - name: Setup directories file: path: "{{ item }}" state: directory owner: "{{ unifi_user }}" group: "{{ unifi_group }}" recurse: True with_items: - "{{ unifi_base_dir }}" - "{{ unifi_base_dir }}/{{ unifi_version }}" - "{{ unifi_tmp_dir }}" become: True - block: - name: Download unifi version '{{ unifi_version }}' get_url: url: "https://dl.ubnt.com/unifi/{{ unifi_version }}/UniFi.unix.zip" dest: /tmp/UniFi.unix.zip force: true - name: Setup unifi version '{{ unifi_version }}' unarchive: src: /tmp/UniFi.unix.zip dest: "{{ unifi_base_dir }}/{{ unifi_version }}" remote_src: yes - name: Cleanup file: path: /tmp/UniFi.unix.zip state: absent become: True become_user: "{{ unifi_user }}" when: unifi_current_version is version_compare(unifi_version, ">") or unifi_current_version is version_compare('0.0.0', "=") - name: Create symlink for latest version file: src: "{{ unifi_base_dir }}/{{ unifi_version }}" dest: "{{ unifi_base_dir }}/latest" state: link notify: __unifi_restart become: True become_user: "{{ unifi_user }}" - block: - name: Open ports in iptables iptables_raw: name: "{{ item.flag }}" state: present rules: "-A INPUT -m state --state NEW -p {{ item.proto }} --dport {{ item.port }} -j ACCEPT" with_items: "{{ unifi_open_ports }}" when: unifi_iptables_enabled - name: Create systemd unit files template: src: "etc/systemd/system/unifi.service.j2" dest: "/etc/systemd/system/unifi.service" mode: 0644 notify: - __unifi_restart - name: Ensure service is up and running systemd: state: started daemon_reload: yes enabled: yes name: unifi - name: Set current version to custom fact template: src: etc/ansible/facts.d/unifi.fact.j2 dest: /etc/ansible/facts.d/unifi.fact when: unifi_current_version is version_compare(unifi_version, ">") or unifi_current_version is version_compare('0.0.0', "=") become: True