From 0aa62d6af97efe3b42fce82717efc18b16c1ba88 Mon Sep 17 00:00:00 2001
From: Kris Lamoureux <kris@lamoureux.io>
Date: Thu, 23 Apr 2026 01:04:01 -0400
Subject: [PATCH] Add FOG server role

---
 dev/fog.yml              |  8 ++++++
 dev/vars/fog.yml         |  0
 roles/fog/tasks/main.yml | 53 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 61 insertions(+)
 create mode 100644 dev/fog.yml
 create mode 100644 dev/vars/fog.yml
 create mode 100644 roles/fog/tasks/main.yml

diff --git a/dev/fog.yml b/dev/fog.yml
new file mode 100644
index 0000000..61d04f4
--- /dev/null
+++ b/dev/fog.yml
@@ -0,0 +1,8 @@
+- name: Install FRITA FOG Server
+  hosts: all
+  become: true
+  vars_files:
+    - vars/fog.yml
+  roles:
+    - common
+    - fog
diff --git a/dev/vars/fog.yml b/dev/vars/fog.yml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/fog/tasks/main.yml b/roles/fog/tasks/main.yml
new file mode 100644
index 0000000..aa2a309
--- /dev/null
+++ b/roles/fog/tasks/main.yml
@@ -0,0 +1,53 @@
+- name: Check if FOG is already installed
+  ansible.builtin.stat:
+    path: /opt/fog/.fogsettings
+  register: fog_installed
+
+- name: Upgrade system before FOG server install
+  ansible.builtin.dnf:
+    name: "*"
+    state: latest # noqa: package-latest
+  when: not fog_installed.stat.exists
+
+- name: Install git
+  ansible.builtin.dnf:
+    name: git
+    state: present
+
+- name: Set SELinux to permissive and make it persistent
+  ansible.posix.selinux:
+    policy: targeted
+    state: permissive
+
+- name: Ensure parent source directory exists
+  ansible.builtin.file:
+    path: /usr/local/src
+    state: directory
+    mode: "0755"
+
+- name: Clone FOG stable branch
+  ansible.builtin.git:
+    repo: https://github.com/FOGProject/fogproject.git
+    dest: /usr/local/src/fogproject
+    version: stable
+    update: true
+
+- name: Run FOG installer first time
+  ansible.builtin.command: ./installfog.sh -Y
+  args:
+    chdir: /usr/local/src/fogproject/bin
+    creates: /opt/fog/.fogsettings
+
+- name: Allow required FOG firewall ports
+  ansible.posix.firewalld:
+    port: "{{ item }}"
+    permanent: true
+    immediate: true
+    state: enabled
+  loop:
+    - 80/tcp
+    - 69/udp
+    - 111/tcp
+    - 111/udp
+    - 2049/tcp
+    - 2049/udp