ansible/roles/services/tasks/siahsd.yaml

---
# TODO: Install and build

- name: Create directories
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: siahsd
    group: nogroup
  with_items:
    - /var/log/siahsd
    - /var/lib/siahsd

- name: Install config file
  ansible.builtin.template:
    src: siahsd.conf
    dest: /etc/siahsd.conf
    owner: root
    group: root
    mode: 0644
  notify: restart siahsd

- name: Install service file
  ansible.builtin.template:
    src: siahsd.service
    dest: /etc/systemd/system/siahsd.service
    owner: root
    group: root
    mode: 0644
  notify: restart siahsd

- name: Start siahsd
  ansible.builtin.systemd:
    name: siahsd
    state: started
    enabled: yes
    daemon_reload: true

- name: Allow siahsd traffic
  ansible.builtin.iptables:
    chain: INPUT
    protocol: udp
    destination_port: "4000"
    jump: ACCEPT
    ip_version: "{{ item }}"
    action: insert
  with_items: [ ipv4, ipv6 ]
  notify: persist iptables
  when: not nft | bool