diff --git a/roles/backup-data-to-usb/README.md b/roles/backup-data-to-usb/README.md index 08fc2b11..ea5d9b30 100644 --- a/roles/backup-data-to-usb/README.md +++ b/roles/backup-data-to-usb/README.md @@ -4,7 +4,7 @@ This Ansible role automates data backups to a swappable USB device. It triggers the backup process automatically when the USB is mounted, allowing for customizable source and destination paths and integrating with systemd for reliable execution. -## Overview +## πŸ“Œ Overview Optimized for Archlinux, this role ensures that backups are performed consistently with minimal manual intervention. It leverages efficient synchronization methods and provides a seamless integration with systemd to manage the backup service. @@ -20,6 +20,6 @@ The primary purpose of this role is to simplify the backup process for systems t - **Efficient Synchronization:** Utilizes rsync with incremental backup strategies for optimal performance. - **Optimized for Archlinux:** Tailored for Archlinux systems using the rolling release model. -## Credits +## Credits πŸ“ Developed and maintained by **Kevin Veen-Birkenbach**. Special thanks to [OpenAI ChatGPT](https://chat.openai.com/share/a75ca771-d8a4-4b75-9912-c515ba371ae4) for its assistance in developing this role. \ No newline at end of file diff --git a/roles/backup-directory-validator/README.md b/roles/backup-directory-validator/README.md index d4289405..828dcff3 100644 --- a/roles/backup-directory-validator/README.md +++ b/roles/backup-directory-validator/README.md @@ -4,7 +4,7 @@ This Ansible role pulls the [directory-validator](https://github.com/kevinveenbirkenbach/directory-validator.git) repository to a predefined location. It is used by the backup-docker-to-local and cleanup-failed-docker-backups roles to verify whether backups have been successfully created. -## Overview +## πŸ“Œ Overview The role retrieves the latest version of the directory-validator from its Git repository and installs it into the designated folder (configured via the `backup_directory_validator_folder` variable). A fact is set to ensure that the repository is pulled only once per playbook run. diff --git a/roles/backup-docker-to-local/README.md b/roles/backup-docker-to-local/README.md index 6481b9ff..26ab83d3 100644 --- a/roles/backup-docker-to-local/README.md +++ b/roles/backup-docker-to-local/README.md @@ -4,7 +4,7 @@ This Ansible role automates the process of backing up Docker volumes to a local folder. It pulls the [backup-docker-to-local repository](https://github.com/kevinveenbirkenbach/backup-docker-to-local.git), installs required software, configures systemd services for both standard and "everything" backup modes, and seeds backup database entries as needed. -## Overview +## πŸ“Œ Overview Optimized for Archlinux, this role ensures that Docker volume backups are performed reliably with minimal manual intervention. It integrates with several dependent roles to verify backup success and manage related tasks, including: - [backup-directory-validator](../backup-directory-validator/) – Validates backup directories. diff --git a/roles/backup-remote-to-local/README.md b/roles/backup-remote-to-local/README.md index 8874ca3d..a929aed0 100644 --- a/roles/backup-remote-to-local/README.md +++ b/roles/backup-remote-to-local/README.md @@ -4,7 +4,7 @@ This role pulls backups from a remote server and stores them locally using rsync with retry logic. It is designed to retrieve remote backup data and integrate with your overall backup scheme. -## Overview +## πŸ“Œ Overview Optimized for Archlinux, this role is a key component of a comprehensive backup system. It works in conjunction with other roles to ensure that backup data is collected, verified, and maintained. The role uses a Bash script to pull backups, manage remote connections, and handle incremental backup creation. @@ -20,7 +20,7 @@ Backup Remote to Local is a robust solution for retrieving backup data from remo - **Integration with Other Roles:** Works alongside roles like backup-directory-validator, cleanup-failed-docker-backups, systemd-timer, backups-provider, and system-maintenance-lock. - **Administrative Debugging:** Detailed debug instructions and administrative tasks are provided in a separate file. -## Further Information +## πŸ“š Other Resources - **Backup Scheme:** ![backup scheme](https://www.veen.world/wp-content/uploads/2020/12/server-backup-768x567.jpg) diff --git a/roles/backups-provider-user/README.md b/roles/backups-provider-user/README.md index 3029e5a2..0910a4d5 100644 --- a/roles/backups-provider-user/README.md +++ b/roles/backups-provider-user/README.md @@ -4,7 +4,7 @@ This role sets up a dedicated backup user (`backup`) for performing secure backup operations. It creates the user, configures a restricted SSH environment with a custom `authorized_keys` template and an SSH wrapper script, and grants necessary sudo rights for executing rsync. This configuration helps ensure controlled and secure access specifically for backup processes. -## Overview +## πŸ“Œ Overview The role is a critical component in a secure backup scheme. By isolating backup operations to a dedicated user, it minimizes the risk of unauthorized actions. The role configures the SSH environment so that only specific, allowed commands can be executed, and it sets up passwordless sudo rights for rsync, ensuring smooth and secure backup operations. @@ -20,7 +20,7 @@ The purpose of this role is to enhance the security of your backup system by pro - **Sudo Configuration:** Grants passwordless sudo rights for rsync, enabling secure and automated backup transfers. - **Integration:** Supports seamless integration with your backup infrastructure by limiting the backup user's permissions to only the required commands. -## Further Information +## πŸ“š Other Resources For more details on how the role works and advanced configuration options, please see the related references below: - [Ansible Playbooks Lookups](https://docs.ansible.com/ansible/latest/user_guide/playbooks_lookups.html#id3) diff --git a/roles/backups-provider/README.md b/roles/backups-provider/README.md index ac16a480..a1cca5f2 100644 --- a/roles/backups-provider/README.md +++ b/roles/backups-provider/README.md @@ -4,7 +4,7 @@ This role sets up and manages the host as a backup provider. It establishes the framework for secure backup operations and integrates with other roles to facilitate reliable backup data management. -## Overview +## πŸ“Œ Overview Optimized for automated backup processes, this role: - Configures the host to provide backup services. diff --git a/roles/cleanup-backups-service/README.md b/roles/cleanup-backups-service/README.md index 292e8134..d34a8af0 100644 --- a/roles/cleanup-backups-service/README.md +++ b/roles/cleanup-backups-service/README.md @@ -4,7 +4,7 @@ This role automates the cleanup of old backups by executing a Python script that deletes outdated backup versions based on disk usage thresholds. It ensures that backup storage does not exceed a defined usage percentage. -## Overview +## πŸ“Œ Overview Optimized for effective disk space management, this role: - Installs required packages (e.g. [lsof](https://en.wikipedia.org/wiki/Lsof) and [psutil](https://pypi.org/project/psutil/)) using pacman. @@ -23,5 +23,5 @@ The primary purpose of this role is to maintain optimal backup storage by automa - **Systemd Integration:** Configures a systemd service to run cleanup tasks. - **Dependency Integration:** Works in conjunction with related roles for comprehensive backup management. -## Further Information +## πŸ“š Other Resources - https://stackoverflow.com/questions/48929553/get-hard-disk-size-in-python \ No newline at end of file diff --git a/roles/cleanup-backups-timer/README.md b/roles/cleanup-backups-timer/README.md index 380cd458..1227898a 100644 --- a/roles/cleanup-backups-timer/README.md +++ b/roles/cleanup-backups-timer/README.md @@ -4,7 +4,7 @@ This role sets up a systemd timer to schedule the periodic cleanup of old backups. It leverages the cleanup-backups-service role to perform the actual cleanup operation. -## Overview +## πŸ“Œ Overview Optimized for automated maintenance, this role: - Sets a fact for the service name. diff --git a/roles/cleanup-disc-space/README.md b/roles/cleanup-disc-space/README.md index f7828c5f..7338464e 100644 --- a/roles/cleanup-disc-space/README.md +++ b/roles/cleanup-disc-space/README.md @@ -4,7 +4,7 @@ This role frees disk space by executing a script that cleans up temporary files, clears package caches, and optionally cleans up backup directories and Docker resources when disk usage exceeds a specified threshold. -## Overview +## πŸ“Œ Overview Optimized for efficient storage management, this role: - Creates a directory for disk cleanup scripts. diff --git a/roles/cleanup-failed-docker-backups/README.md b/roles/cleanup-failed-docker-backups/README.md index 906904cc..c2bcc256 100644 --- a/roles/cleanup-failed-docker-backups/README.md +++ b/roles/cleanup-failed-docker-backups/README.md @@ -4,7 +4,7 @@ This role cleans up failed Docker backups by pulling a [Git repository](https://github.com/kevinveenbirkenbach/cleanup-failed-docker-backups) that contains cleanup scripts and configuring a systemd service to execute them. It ensures that failed or incomplete backups are removed to free up disk space and maintain a healthy backup environment. -## Overview +## πŸ“Œ Overview Optimized for backup maintenance, this role: - Clones the cleanup-failed-docker-backups repository. diff --git a/roles/client-wireguard-behind-firewall/README.md b/roles/client-wireguard-behind-firewall/README.md index 5a45a737..8b7380ec 100644 --- a/roles/client-wireguard-behind-firewall/README.md +++ b/roles/client-wireguard-behind-firewall/README.md @@ -1,5 +1,26 @@ -# client-wireguard-behind-nat +# Client WireGuard Behind NAT Role -# see +## Description + +This role adapts iptables rules to enable proper connectivity for a WireGuard client running behind a NAT or firewall. It ensures that traffic is forwarded correctly by applying necessary masquerading rules. + +## πŸ“Œ Overview + +Optimized for environments with network address translation (NAT), this role: +- Executes shell commands to modify iptables rules. +- Allows traffic from the WireGuard client interface (e.g. `wg0-client`) and sets up NAT masquerading on the external interface (e.g. `eth0`). +- Works as an extension to the native WireGuard client role. + +## Purpose + +The primary purpose of this role is to enable proper routing and connectivity for a WireGuard client situated behind a firewall or NAT device. By adapting iptables rules, it ensures that the client can communicate effectively with external networks. + +## Features + +- **iptables Rule Adaptation:** Modifies iptables to allow forwarding and NAT masquerading for the WireGuard client. +- **NAT Support:** Configures the external interface for proper masquerading. +- **Role Integration:** Depends on the [client-wireguard](../client-wireguard/README.md) role to ensure that WireGuard is properly configured before applying firewall rules. + +## πŸ“š Other Resources - https://gist.github.com/insdavm/b1034635ab23b8839bf957aa406b5e39 - https://wiki.debian.org/iptables diff --git a/roles/client-wireguard-behind-firewall/meta/main.yml b/roles/client-wireguard-behind-firewall/meta/main.yml index 66d04ca3..036abb86 100644 --- a/roles/client-wireguard-behind-firewall/meta/main.yml +++ b/roles/client-wireguard-behind-firewall/meta/main.yml @@ -1,2 +1,26 @@ +--- +galaxy_info: + author: "Kevin Veen-Birkenbach" + description: "Adapts iptables rules to enable proper connectivity for a WireGuard client running behind a NAT or firewall, ensuring that traffic is correctly forwarded and masqueraded." + license: "CyMaIS NonCommercial License (CNCL)" + license_url: "https://s.veen.world/cncl" + company: | + Kevin Veen-Birkenbach + Consulting & Coaching Solutions + https://www.veen.world + min_ansible_version: "2.9" + platforms: + - name: Linux + versions: + - all + galaxy_tags: + - wireguard + - nat + - firewall + - iptables + - networking + repository: "https://s.veen.world/cymais" + issue_tracker_url: "https://s.veen.world/cymaisissues" + documentation: "https://s.veen.world/cymais" dependencies: -- client-wireguard + - client-wireguard \ No newline at end of file diff --git a/roles/client-wireguard/Administration.md b/roles/client-wireguard/Administration.md new file mode 100644 index 00000000..2a502469 --- /dev/null +++ b/roles/client-wireguard/Administration.md @@ -0,0 +1,11 @@ +# Administration + +## Create Client Keys + +```bash + wg_private_key="$(wg genkey)" + wg_public_key="$(echo "$wg_private_key" | wg pubkey)" + echo "PrivateKey: $wg_private_key" + echo "PublicKey: $wg_public_key" + echo "PresharedKey: $(wg genpsk)" +``` diff --git a/roles/client-wireguard/README.md b/roles/client-wireguard/README.md index 9b8e18c8..0ecdcf87 100644 --- a/roles/client-wireguard/README.md +++ b/roles/client-wireguard/README.md @@ -1,28 +1,37 @@ -# Role Native Wireguard -Manages wireguard on a client. +# Native Wireguard Client -## Create Client Keys -```bash - wg_private_key="$(wg genkey)" - wg_public_key="$(echo "$wg_private_key" | wg pubkey)" - echo "PrivateKey: $wg_private_key" - echo "PublicKey: $wg_public_key" - echo "PresharedKey: $(wg genpsk)" -``` +## Description -## Other -- https://golb.hplar.ch/2019/01/expose-server-vpn.html -- https://wiki.archlinux.org/index.php/WireGuard -- https://wireguard.how/server/raspbian/ -- https://www.scaleuptech.com/de/blog/was-ist-und-wie-funktioniert-subnetting/ -- https://bodhilinux.boards.net/thread/450/wireguard-rtnetlink-answers-permission-denied -- https://stackoverflow.com/questions/69140072/unable-to-ssh-into-wireguard-ip-until-i-ping-another-server-from-inside-the-serv -- https://unix.stackexchange.com/questions/717172/why-is-ufw-blocking-acces-to-ssh-via-wireguard -- https://forum.openwrt.org/t/cannot-ssh-to-clients-on-lan-when-accessing-router-via-wireguard-client/132709/3 -- https://serverfault.com/questions/1086297/wireguard-connection-dies-on-ubuntu-peer -- https://unix.stackexchange.com/questions/624987/ssh-fails-to-start-when-listenaddress-is-set-to-wireguard-vpn-ip -- https://serverfault.com/questions/210408/cannot-ssh-debug1-expecting-ssh2-msg-kex-dh-gex-reply -- https://www.thomas-krenn.com/de/wiki/Linux_ip_Kommando -- https://wiki.archlinux.org/title/dhcpcd -- https://wiki.ubuntuusers.de/NetworkManager/Dispatcher/ -- https://askubuntu.com/questions/1024916/how-can-i-launch-a-systemd-service-at-startup-before-another-systemd-service-sta \ No newline at end of file +This role manages WireGuard on a client system. It sets up essential services and scripts to configure and optimize WireGuard connectivity. Additionally, it provides a link to an Administration document for creating client keys. + +## πŸ“Œ Overview + +Optimized for client configurations, this role: +- Deploys a systemd service (`set-mtu.cymais.service`) and its associated script to set the MTU on specified network interfaces. +- Uses a Jinja2 template to generate the `set-mtu.sh` script. +- Ensures that the MTU is configured correctly before starting WireGuard with [wg-quick](https://www.wireguard.com/quickstart/). + +## Purpose + +The primary purpose of this role is to configure WireGuard on a client by setting appropriate MTU values on network interfaces. This ensures a stable and optimized VPN connection. + +## Features + +- **MTU Configuration:** Deploys a template-based script to set the MTU on all defined internet interfaces. +- **Systemd Service Integration:** Creates and manages a systemd service to execute the MTU configuration script. +- **Administration Support:** For client key creation and further setup, please refer to the [Administration](./Administration.md) file. +- **Modular Design:** Easily integrates with other WireGuard roles or network configuration roles. + +## πŸ“š Other Resources + +- [WireGuard Documentation](https://www.wireguard.com/) +- [ArchWiki: WireGuard](https://wiki.archlinux.org/index.php/WireGuard) +- [WireGuard on Raspbian](https://wireguard.how/server/raspbian/) +- [Subnetting Basics](https://www.scaleuptech.com/de/blog/was-ist-und-wie-funktioniert-subnetting/) +- [WireGuard Permissions Issue Discussion](https://bodhilinux.boards.net/thread/450/wireguard-rtnetlink-answers-permission-denied) +- [SSH Issues with WireGuard](https://stackoverflow.com/questions/69140072/unable-to-ssh-into-wireguard-ip-until-i-ping-another-server-from-inside-the-serv) +- [UFW and SSH via WireGuard](https://unix.stackexchange.com/questions/717172/why-is-ufw-blocking-acces-to-ssh-via-wireguard) +- [OpenWrt Forum Discussion on WireGuard](https://forum.openwrt.org/t/cannot-ssh-to-clients-on-lan-when-accessing-router-via-wireguard-client/132709/3) +- [WireGuard Connection Dies on Ubuntu](https://serverfault.com/questions/1086297/wireguard-connection-dies-on-ubuntu-peer) +- [SSH Fails with WireGuard IP](https://unix.stackexchange.com/questions/624987/ssh-fails-to-start-when-listenaddress-is-set-to-wireguard-vpn-ip) +- [WireGuard NAT and Firewall Issues](https://serverfault.com/questions/210408/cannot-ssh-debug1-expecting-ssh2-msg-kex-dh-gex-reply) \ No newline at end of file diff --git a/roles/client-wireguard/meta/main.yml b/roles/client-wireguard/meta/main.yml index 4350a73a..bedef3c2 100644 --- a/roles/client-wireguard/meta/main.yml +++ b/roles/client-wireguard/meta/main.yml @@ -1,2 +1,27 @@ +--- +galaxy_info: + author: "Kevin Veen-Birkenbach" + description: "Manages WireGuard on a client system by deploying services and scripts to set MTU on network interfaces and ensure optimal VPN connectivity." + license: "CyMaIS NonCommercial License (CNCL)" + license_url: "https://s.veen.world/cncl" + company: | + Kevin Veen-Birkenbach + Consulting & Coaching Solutions + https://www.veen.world + min_ansible_version: "2.9" + platforms: + - name: Linux + versions: + - all + galaxy_tags: + - wireguard + - vpn + - client + - mtu + - systemd + - configuration + repository: "https://s.veen.world/cymais" + issue_tracker_url: "https://s.veen.world/cymaisissues" + documentation: "https://s.veen.world/cymais" dependencies: -- wireguard \ No newline at end of file + - wireguard diff --git a/roles/docker-akaunting/Administration.md b/roles/docker-akaunting/Administration.md new file mode 100644 index 00000000..f44ba426 --- /dev/null +++ b/roles/docker-akaunting/Administration.md @@ -0,0 +1,31 @@ +# Administration + +## View Logs +To check the latest logs of Akaunting. +```bash +docker-compose exec -it akaunting tail -n 300 storage/logs/laravel.log +``` + +## Access Containers +- Akaunting Container: `docker-compose exec -it akaunting bash` +- Database Container: `docker-compose exec -it akaunting-db /bin/mariadb -u admin --password=$akaunting_db_password akaunting` + +## Manual Update +Execute PHP artisan commands in the following order for updating Akaunting: + +```bash +php artisan about +php artisan cache:clear +php artisan view:clear +php artisan migrate:status +php artisan update:all +php artisan update:db +``` + +## Composer +To install Composer, a PHP dependency management tool: + +```bash +curl https://getcomposer.org/download/2.4.1/composer.phar --output composer.phar +php composer.phar install +``` diff --git a/roles/docker-akaunting/INSTALLATIONN.md b/roles/docker-akaunting/INSTALLATIONN.md new file mode 100644 index 00000000..58f37aed --- /dev/null +++ b/roles/docker-akaunting/INSTALLATIONN.md @@ -0,0 +1,32 @@ +# Installation Steps + +@ATTENTION Variable ```#AKAUNTING_SETUP: true``` needs to be set + +## New Manual Setup +1. **Navigate to Docker Compose Directory**: Change to the directory containing your Docker Compose files for Akaunting. + + ```bash + cd {{path_docker_compose_instances}}akaunting/ + ``` + +2. **Set Environment Variables**: These are necessary to prevent timeouts during long operations. + + ```bash + export COMPOSE_HTTP_TIMEOUT=600 + export DOCKER_CLIENT_TIMEOUT=600 + ``` + +3. **Start Akaunting Service**: This command will initialize the Akaunting setup. + + ```bash + AKAUNTING_SETUP=true docker-compose -p akaunting up -d + ``` + +4. **Check Web Interface**: Ensure the web interface is operational. + +5. **Restart Services**: To finalize the setup, restart the services. + + ```bash + docker-compose down + docker-compose -p akaunting up -d + ``` \ No newline at end of file diff --git a/roles/docker-akaunting/README.md b/roles/docker-akaunting/README.md index eb43b6df..cd06bcfa 100644 --- a/roles/docker-akaunting/README.md +++ b/roles/docker-akaunting/README.md @@ -16,69 +16,6 @@ This guide details the process of setting up Akaunting, a free and online accoun - Basic understanding of Docker concepts. - Access to the command line or terminal. -## Installation Steps - -@ATTENTION Variable ```#AKAUNTING_SETUP: true``` needs to be set - -### New Manual Setup -1. **Navigate to Docker Compose Directory**: Change to the directory containing your Docker Compose files for Akaunting. - - ```bash - cd {{path_docker_compose_instances}}akaunting/ - ``` - -2. **Set Environment Variables**: These are necessary to prevent timeouts during long operations. - - ```bash - export COMPOSE_HTTP_TIMEOUT=600 - export DOCKER_CLIENT_TIMEOUT=600 - ``` - -3. **Start Akaunting Service**: This command will initialize the Akaunting setup. - - ```bash - AKAUNTING_SETUP=true docker-compose -p akaunting up -d - ``` - -4. **Check Web Interface**: Ensure the web interface is operational. - -5. **Restart Services**: To finalize the setup, restart the services. - - ```bash - docker-compose down - docker-compose -p akaunting up -d - ``` - -### Administration -- **View Logs**: To check the latest logs of Akaunting. - - ```bash - docker-compose exec -it akaunting tail -n 300 storage/logs/laravel.log - ``` - -- **Access Containers**: For troubleshooting or configuration. - - Akaunting Container: `docker-compose exec -it akaunting bash` - - Database Container: `docker-compose exec -it akaunting-db /bin/mariadb -u admin --password=$akaunting_db_password akaunting` - -### Manual Update -Execute PHP artisan commands in the following order for updating Akaunting: - -```bash -php artisan about -php artisan cache:clear -php artisan view:clear -php artisan migrate:status -php artisan update:all -php artisan update:db -``` - -### Composer -To install Composer, a PHP dependency management tool: - -```bash -curl https://getcomposer.org/download/2.4.1/composer.phar --output composer.phar -php composer.phar install -``` ### Full Backup Routine Detailed steps for backing up your Akaunting instance, including setting manual and automatic variables, destroying containers, removing volumes, and rebuilding and recovering volumes. (Refer to the full backup routine script in the original README). @@ -94,7 +31,7 @@ Variables are crucial in configuring your Akaunting setup. Ensure you set the fo - **Nginx Configuration**: Necessary steps to configure Nginx as a reverse proxy for Akaunting. - **Database and Runtime Environment**: Instructions on how to set up the `db.env` and `run.env` files for database and runtime configurations. -## Further Information +## πŸ“š Other Resources For more details, visit the [Akaunting Docker Repository](https://github.com/akaunting/docker) and the [Akaunting Forums](https://akaunting.com/forum). ## Contribution and Feedback diff --git a/roles/docker-attendize/Installation.md b/roles/docker-attendize/Installation.md new file mode 100644 index 00000000..ef809f60 --- /dev/null +++ b/roles/docker-attendize/Installation.md @@ -0,0 +1,5 @@ +## Setup Instructions + +```bash +bash ./Makefile setup +``` \ No newline at end of file diff --git a/roles/docker-attendize/README.md b/roles/docker-attendize/README.md index b3578060..01789aeb 100644 --- a/roles/docker-attendize/README.md +++ b/roles/docker-attendize/README.md @@ -2,10 +2,4 @@ # Role: docker-attendize (WIP) -This Ansible role sets up Attendize, an open-source ticket selling and event management platform. - -## Setup Instructions - -```bash -bash ./Makefile setup -``` \ No newline at end of file +This Ansible role sets up Attendize, an open-source ticket selling and event management platform. \ No newline at end of file diff --git a/roles/docker-baserow/README.md b/roles/docker-baserow/README.md index ea22c0fe..8d6c1f8b 100644 --- a/roles/docker-baserow/README.md +++ b/roles/docker-baserow/README.md @@ -2,7 +2,7 @@ This role allows the setup of [baserole](https://baserow.io/). -## More Information +## πŸ“š Other Resources It was created with the help of [Chat GPT-4](https://chat.openai.com/share/556c2d7f-6b6f-4256-a646-a50529554efc). diff --git a/roles/docker-bigbluebutton/Administration.md b/roles/docker-bigbluebutton/Administration.md new file mode 100644 index 00000000..a94e1076 --- /dev/null +++ b/roles/docker-bigbluebutton/Administration.md @@ -0,0 +1,16 @@ +## Administration + +## cleanup +```bash + docker compose down -v +``` + +## check container status +```bash +watch -n 2 "docker compose ps -a" +``` + +## database access +```bash + sudo docker-compose exec -it postgres psql -U postgres +``` \ No newline at end of file diff --git a/roles/docker-bigbluebutton/README.md b/roles/docker-bigbluebutton/README.md index e28ea981..5a346579 100644 --- a/roles/docker-bigbluebutton/README.md +++ b/roles/docker-bigbluebutton/README.md @@ -3,27 +3,10 @@ Role to deploy [BigBlueButton](https://bigbluebutton.org/). -## maintanace - -### cleanup -```bash - docker compose down -v -``` - -### check container status -```bash -watch -n 2 "docker compose ps -a" -``` - -### database access -```bash - sudo docker-compose exec -it postgres psql -U postgres -``` - ## SSO - https://docs.bigbluebutton.org/greenlight/v3/external-authentication/ -## further information +## πŸ“š Other Resources - https://github.com/bigbluebutton/docker - https://docs.bigbluebutton.org/greenlight/gl-install.html#setting-bigbluebutton-credentials - https://goneuland.de/big-blue-button-mit-docker-und-traefik-installieren/ diff --git a/roles/docker-bluesky/Administration.md b/roles/docker-bluesky/Administration.md new file mode 100644 index 00000000..4a11ed9c --- /dev/null +++ b/roles/docker-bluesky/Administration.md @@ -0,0 +1,28 @@ +# Administration + +## create user via POST +```bash +curl -X POST https://your-pds-domain/xrpc/com.atproto.server.createAccount \ + --user "admin:$admin-password" + -H "Content-Type: application/json" \ + -d '{ + "email": "user@example.com", + "handle": "username", + "password": "securepassword123", + "inviteCode": "optional-invite-code" + }' +``` + +## Use pdsadmin +docker compose exec -it pds pdsadmin + +docker compose exec -it pds pdsadmin account create-invite-code + +## Debugging + +- Websocket: https://piehost.com/websocket-tester +- Instance: https://bsky-debug.app + +https://bluesky.veen.world/.well-known/atproto-did + +Initial setup keine top level domain \ No newline at end of file diff --git a/roles/docker-bluesky/Installation.md b/roles/docker-bluesky/Installation.md new file mode 100644 index 00000000..bb1eb69a --- /dev/null +++ b/roles/docker-bluesky/Installation.md @@ -0,0 +1,4 @@ +# Installation + +## Configure DNS +- https://bsky.social/about/blog/4-28-2023-domain-handle-tutorial diff --git a/roles/docker-bluesky/README.md b/roles/docker-bluesky/README.md index 8d41fae4..ab5efac4 100644 --- a/roles/docker-bluesky/README.md +++ b/roles/docker-bluesky/README.md @@ -1,42 +1,7 @@ # DRAFT role docker-bluesky -## Setup - -### Configure DNS -- https://bsky.social/about/blog/4-28-2023-domain-handle-tutorial - -## Administration - -### create user via POST -```bash -curl -X POST https://your-pds-domain/xrpc/com.atproto.server.createAccount \ - --user "admin:$admin-password" - -H "Content-Type: application/json" \ - -d '{ - "email": "user@example.com", - "handle": "username", - "password": "securepassword123", - "inviteCode": "optional-invite-code" - }' -``` - -### Use pdsadmin -docker compose exec -it pds pdsadmin - -docker compose exec -it pds pdsadmin account create-invite-code - -## Debugging - -- Websocket: https://piehost.com/websocket-tester -- Instance: https://bsky-debug.app - -https://bluesky.veen.world/.well-known/atproto-did - -Initial setup keine top level domain - - -## more information +## πŸ“š Other Resources - https://therobbiedavis.com/selfhosting-bluesky-with-docker-and-swag/ - Relevant for proxy configuration: https://cprimozic.net/notes/posts/notes-on-self-hosting-bluesky-pds-alongside-other-services/ - https://github.com/bluesky-social/pds diff --git a/roles/docker-central-database/README.md b/roles/docker-central-database/README.md index e509206b..74dc7969 100644 --- a/roles/docker-central-database/README.md +++ b/roles/docker-central-database/README.md @@ -4,7 +4,7 @@ This Ansible role provides the necessary tasks, files, templates, and variables --- -## Overview πŸ” +## πŸ“Œ Overview πŸ” - **Database Variables** Defined in [./vars/database.yml](./vars/database.yml), these variables include: diff --git a/roles/docker-discourse/Administration.md b/roles/docker-discourse/Administration.md new file mode 100644 index 00000000..e5c7a6d0 --- /dev/null +++ b/roles/docker-discourse/Administration.md @@ -0,0 +1,8 @@ +# Administration + +## Check configuration +```bash +./launcher enter application +pry(main)> SiteSetting.all.each { |setting| puts "#{setting.name}: #{setting.value}" } +``` +--- \ No newline at end of file diff --git a/roles/docker-discourse/README.md b/roles/docker-discourse/README.md index 5ac90fb9..3dd21808 100644 --- a/roles/docker-discourse/README.md +++ b/roles/docker-discourse/README.md @@ -2,13 +2,6 @@ This Ansible role sets up Discourse, a popular open-source discussion platform, using Docker containers. It is designed to automate the deployment and configuration process of Discourse, making it easier to maintain and update. - -## Check configuration -```bash -./launcher enter application -pry(main)> SiteSetting.all.each { |setting| puts "#{setting.name}: #{setting.value}" } -``` ---- - +## Credits πŸ“ This README was generated with information provided in the Ansible role. For more detailed instructions and information, refer to the inline comments within the role files. Additional support and context for this role can be found in an [online chat discussion](https://chat.openai.com/share/fdbf9870-1f7e-491f-b4d2-357e6e8ad59c). diff --git a/roles/docker-elk/Administration.md b/roles/docker-elk/Administration.md new file mode 100644 index 00000000..a3f4415f --- /dev/null +++ b/roles/docker-elk/Administration.md @@ -0,0 +1,4 @@ +## restart all services +```bash +docker restart elk_logstash_1 && docker restart elk_elasticsearch_1 && docker restart elk_kibana_1 +``` \ No newline at end of file diff --git a/roles/docker-elk/README.md b/roles/docker-elk/README.md index 03f2618d..7ffc7f8d 100644 --- a/roles/docker-elk/README.md +++ b/roles/docker-elk/README.md @@ -2,11 +2,6 @@ I decided against using this role for security reasons. I recommend to use another tool if you don't want to pay for keeping your logs save and if you don't want to depend on external servers. -## restart all services -```bash -docker restart elk_logstash_1 && docker restart elk_elasticsearch_1 && docker restart elk_kibana_1 -``` - ## see - https://logz.io/blog/elk-stack-on-docker/ - https://github.com/kevinveenbirkenbach/docker-elk diff --git a/roles/docker-friendica/Administration.md b/roles/docker-friendica/Administration.md new file mode 100644 index 00000000..bb432a13 --- /dev/null +++ b/roles/docker-friendica/Administration.md @@ -0,0 +1,92 @@ +## Administration πŸ“š + +### Full Reset πŸš«βž‘οΈβœ… + +The following environment variables need to be defined for successful operation: + +- `DB_ROOT_PASSWORD`: The root password for the MariaDB instance + +To completely reset Friendica, including its database and volumes, run: +```bash +docker exec -i central-mariadb mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" +docker compose down +rm -rv /mnt/hdd/data/docker/volumes/friendica_data +docker volume rm friendica_data +``` + +### Reset Database πŸ—„οΈ + +#### Manual Method: +1. Connect to the MariaDB instance: + ```bash + docker exec -it central-mariadb mariadb -u root -p + ``` +2. Run the following commands: + ```sql + DROP DATABASE friendica; + CREATE DATABASE friendica; + exit; + ``` + +#### Automatic Method: +```bash +DB_ROOT_PASSWORD="your_root_password" +docker exec -i central-mariadb mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" +``` + +### Enter the Application Container πŸ” + +To access the application container: +```bash +docker compose exec -it application sh +``` + +### Debugging Tools πŸ› οΈ + +#### Check Environment Variables +```bash +docker compose exec -it application printenv +``` + +#### Inspect Volume Data +```bash +ls -la /var/lib/docker/volumes/friendica_data/_data/ +``` + +### Autoinstall 🌟 + +Run the following command to autoinstall Friendica: +```bash +docker compose exec --user www-data -it application bin/console autoinstall +``` + +### Reinitialization πŸ”„ + +#### Docker Only: +```bash +docker-compose up -d --force-recreate +``` + +#### Full Reinitialization: +```bash +docker-compose up -d --force-recreate && sleep 2; docker compose exec --user www-data -it application bin/console autoinstall; +``` + +### Configuration Information ℹ️ + +#### General Configuration: +```bash +cat /var/lib/docker/volumes/friendica_data/_data/config/local.config.php +``` + +#### Email Configuration: +```bash +docker compose exec -it application cat /etc/msmtprc +``` + +### Email Debugging βœ‰οΈ + +To send a test email: +```bash +docker compose exec -it application msmtp --account=system_email -t test@test.de +``` diff --git a/roles/docker-friendica/README.md b/roles/docker-friendica/README.md index 5145aa4a..c7598f59 100644 --- a/roles/docker-friendica/README.md +++ b/roles/docker-friendica/README.md @@ -2,7 +2,7 @@ This role manages the setup, reset, and maintenance of a Friendica instance running with Docker. -## Overview πŸš€ +## πŸ“Œ Overview Friendica is a decentralized social networking platform. This role helps manage Friendica in a containerized environment with Docker and provides tools for debugging, resetting, and maintaining the installation. @@ -13,100 +13,7 @@ Ensure you have the following: - A central MariaDB instance running - Necessary permissions to manage Docker and database configurations -## Usage πŸ“š - -### Full Reset πŸš«βž‘οΈβœ… - -The following environment variables need to be defined for successful operation: - -- `DB_ROOT_PASSWORD`: The root password for the MariaDB instance - -To completely reset Friendica, including its database and volumes, run: -```bash -docker exec -i central-mariadb mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" -docker compose down -rm -rv /mnt/hdd/data/docker/volumes/friendica_data -docker volume rm friendica_data -``` - -### Reset Database πŸ—„οΈ - -#### Manual Method: -1. Connect to the MariaDB instance: - ```bash - docker exec -it central-mariadb mariadb -u root -p - ``` -2. Run the following commands: - ```sql - DROP DATABASE friendica; - CREATE DATABASE friendica; - exit; - ``` - -#### Automatic Method: -```bash -DB_ROOT_PASSWORD="your_root_password" -docker exec -i central-mariadb mariadb -u root -p"${DB_ROOT_PASSWORD}" -e "DROP DATABASE IF EXISTS friendica; CREATE DATABASE friendica;" -``` - -### Enter the Application Container πŸ” - -To access the application container: -```bash -docker compose exec -it application sh -``` - -### Debugging Tools πŸ› οΈ - -#### Check Environment Variables -```bash -docker compose exec -it application printenv -``` - -#### Inspect Volume Data -```bash -ls -la /var/lib/docker/volumes/friendica_data/_data/ -``` - -### Autoinstall 🌟 - -Run the following command to autoinstall Friendica: -```bash -docker compose exec --user www-data -it application bin/console autoinstall -``` - -### Reinitialization πŸ”„ - -#### Docker Only: -```bash -docker-compose up -d --force-recreate -``` - -#### Full Reinitialization: -```bash -docker-compose up -d --force-recreate && sleep 2; docker compose exec --user www-data -it application bin/console autoinstall; -``` - -### Configuration Information ℹ️ - -#### General Configuration: -```bash -cat /var/lib/docker/volumes/friendica_data/_data/config/local.config.php -``` - -#### Email Configuration: -```bash -docker compose exec -it application cat /etc/msmtprc -``` - -### Email Debugging βœ‰οΈ - -To send a test email: -```bash -docker compose exec -it application msmtp --account=system_email -t test@test.de -``` - -## Additional Resources πŸ“– +## πŸ“š Other Resources - [Friendica Docker Hub](https://hub.docker.com/_/friendica) - [Friendica Installation Docs](https://wiki.friendi.ca/docs/install) diff --git a/roles/docker-funkwhale/Administration.md b/roles/docker-funkwhale/Administration.md new file mode 100644 index 00000000..786002b5 --- /dev/null +++ b/roles/docker-funkwhale/Administration.md @@ -0,0 +1,7 @@ +# Administration + +## cleanup + +```bash +docker-compose down && docker volume rm funkwhale_data +``` \ No newline at end of file diff --git a/roles/docker-funkwhale/README.md b/roles/docker-funkwhale/README.md index 39ccd3eb..f9eaa90c 100644 --- a/roles/docker-funkwhale/README.md +++ b/roles/docker-funkwhale/README.md @@ -2,11 +2,5 @@ This role doesn't work and needs to be implemented -## cleanup - -```bash -docker-compose down && docker volume rm funkwhale_data -``` - -## further information +## πŸ“š Other Resources - https://docs.funkwhale.audio/installation/docker.html \ No newline at end of file diff --git a/roles/docker-gitea/Administration.md b/roles/docker-gitea/Administration.md new file mode 100644 index 00000000..73c7493f --- /dev/null +++ b/roles/docker-gitea/Administration.md @@ -0,0 +1,29 @@ +# Administration + +## update +```bash +cd {{docker_compose.directories.instance}} +docker-compose down +docker-compose pull +docker-compose up -d +``` +Keep in mind to track and to don't interrupt the update process until the migration is done. + +## set variables +```bash + COMPOSE_HTTP_TIMEOUT=600 + DOCKER_CLIENT_TIMEOUT=600 +``` + +## recreate +```bash +cd {{docker_compose.directories.instance}} && docker-compose -p gitea up -d --force-recreate +``` + +## database access +To access the database execute +```bash + docker-compose exec -it database /bin/mysql -u gitea -p +``` +## bash in application +docker-compose exec -it application /bin/sh \ No newline at end of file diff --git a/roles/docker-gitea/README.md b/roles/docker-gitea/README.md index 7b915cca..3e2f204b 100644 --- a/roles/docker-gitea/README.md +++ b/roles/docker-gitea/README.md @@ -1,33 +1,5 @@ # role docker-gitea -## update -```bash -cd {{docker_compose.directories.instance}} -docker-compose down -docker-compose pull -docker-compose up -d -``` -Keep in mind to track and to don't interrupt the update process until the migration is done. - -## set variables -```bash - COMPOSE_HTTP_TIMEOUT=600 - DOCKER_CLIENT_TIMEOUT=600 -``` - -## recreate -```bash -cd {{docker_compose.directories.instance}} && docker-compose -p gitea up -d --force-recreate -``` - -## database access -To access the database execute -```bash - docker-compose exec -it database /bin/mysql -u gitea -p -``` -## bash in application -docker-compose exec -it application /bin/sh - -## More Information +## πŸ“š Other Resources - [Gitea LDAP integration](https://docs.gitea.com/usage/authentication) - [Gitea Alternatives](https://chatgpt.com/share/67a5f599-c9b0-800f-87fe-49a3b61263e6) \ No newline at end of file diff --git a/roles/docker-gitlab/README.md b/roles/docker-gitlab/README.md index 62cbbf1b..c6f5af06 100644 --- a/roles/docker-gitlab/README.md +++ b/roles/docker-gitlab/README.md @@ -1,6 +1,6 @@ # Docker-GitLab Ansible Role -## Overview +## πŸ“Œ Overview This Ansible role is designed for setting up and managing a GitLab server running in a Docker container. It automates the process of installing GitLab, configuring its environment, and managing dependencies such as a PostgreSQL database and an Nginx reverse proxy. ## Features @@ -33,7 +33,7 @@ Include this role in your Ansible playbooks and specify the necessary variables. For a detailed walkthrough and explanation of this role, refer to the conversation at [ChatGPT Session Transcript](https://chat.openai.com/share/1b0147bf-d4de-4790-b8ed-c332aa4e3ce3). -## Further Information +## πŸ“š Other Resources - https://ralph.blog.imixs.com/2019/06/09/running-gitlab-on-docker/ ## Performance Optimation diff --git a/roles/docker-joomla/Administration.md b/roles/docker-joomla/Administration.md new file mode 100644 index 00000000..966378ba --- /dev/null +++ b/roles/docker-joomla/Administration.md @@ -0,0 +1,5 @@ +## delete all data +```bash +docker stop joomla_application_1; docker rm -f joomla_application_1; docker volume rm -f joomla-data; +docker stop joomla_database_1; docker rm -f joomla_database_1; docker volume rm -f joomla-database; +``` \ No newline at end of file diff --git a/roles/docker-joomla/README.md b/roles/docker-joomla/README.md index 2d4ad253..0ff97bb8 100644 --- a/roles/docker-joomla/README.md +++ b/roles/docker-joomla/README.md @@ -1,6 +1 @@ # role docker-joomla -## delete all data -```bash -docker stop joomla_application_1; docker rm -f joomla_application_1; docker volume rm -f joomla-data; -docker stop joomla_database_1; docker rm -f joomla_database_1; docker volume rm -f joomla-database; -``` diff --git a/roles/docker-keycloak/README.md b/roles/docker-keycloak/README.md index 4a54427e..b112dca7 100644 --- a/roles/docker-keycloak/README.md +++ b/roles/docker-keycloak/README.md @@ -13,7 +13,7 @@ The role integrates Keycloak with PostgreSQL as a database and supports operatio - Support for running behind a reverse proxy (e.g., NGINX). - Automatic creation and management of Docker Compose files. -## More Information πŸ“š +## πŸ“š Other Resources πŸ“š For more details about Keycloak, check out: - [Official Keycloak Documentation](https://www.keycloak.org/) diff --git a/roles/docker-ldap/Administration.md b/roles/docker-ldap/Administration.md new file mode 100644 index 00000000..35eea055 --- /dev/null +++ b/roles/docker-ldap/Administration.md @@ -0,0 +1,26 @@ +# Administration + +## Show Configuration +```bash +docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config'" +``` + +```bash +docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=*)'" +``` + +```bash +docker exec -it openldap bash -c "ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b 'cn=config' -s base '(objectClass=olcModuleList)'" +``` + +## Show all Entries +```bash +docker exec --env LDAP_ADMIN_PASSWORD="$LDAP_ADMIN_PASSWORD" LDAP_DN_BASE="$LDAP_DN_BASE" -it openldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"cn=administrator,\$LDAP_DN_BASE\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"\$LDAP_DN_BASE\""; +``` + +### Delete Groups and Subgroup +To delete the group inclusive all subgroups use: +```bash +docker exec --env LDAP_ADMIN_PASSWORD="$LDAP_ADMIN_PASSWORD" -it openldap bash -c "ldapsearch -LLL -o ldif-wrap=no -x -D \"cn=administrator,\$LDAP_DN_BASE\" -w \"\$LDAP_ADMIN_PASSWORD\" -b \"ou=applications,ou=groups,\$LDAP_DN_BASE\" dn | sed -n 's/^dn: //p' | tac | while read -r dn; do echo \"Deleting \$dn\"; ldapdelete -x -D \"cn=administrator,\$LDAP_DN_BASE\" -w \"\$LDAP_ADMIN_PASSWORD\" \"\$dn\"; done" + +``` \ No newline at end of file diff --git a/roles/docker-ldap/Installation.md b/roles/docker-ldap/Installation.md new file mode 100644 index 00000000..e66920a9 --- /dev/null +++ b/roles/docker-ldap/Installation.md @@ -0,0 +1,29 @@ +# Installation + +## MemberOf +```bash +# Activate +ldapmodify -Y EXTERNAL -H ldapi:/// < LocalSettings.php << EOF + "\$wgResourceBasePath/resources/assets/wiki.png" ]; + +## UPO means: this is also a user preference option + +\$wgEnableEmail = true; +\$wgEnableUserEmail = true; # UPO + +\$wgEmergencyContact = "apache@🌻.invalid"; +\$wgPasswordSender = "apache@🌻.invalid"; + +\$wgEnotifUserTalk = false; # UPO +\$wgEnotifWatchlist = false; # UPO +\$wgEmailAuthentication = true; + +## Database settings +\$wgDBtype = "mysql"; +\$wgDBserver = "database:3306"; +\$wgDBname = "mediawiki"; +\$wgDBuser = "mediawiki"; +\$wgDBpassword = "test"; + +# MySQL specific settings +\$wgDBprefix = ""; + +# MySQL table options to use during installation or update +\$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary"; + +## Shared memory settings +\$wgMainCacheType = CACHE_NONE; +\$wgMemCachedServers = []; + +## To enable image uploads, make sure the 'images' directory +## is writable, then set this to true: +\$wgEnableUploads = false; +\$wgUseImageMagick = true; +\$wgImageMagickConvertCommand = "/usr/bin/convert"; + +# InstantCommons allows wiki to use images from https://commons.wikimedia.org +\$wgUseInstantCommons = false; + +# Periodically send a pingback to https://www.mediawiki.org/ with basic data +# about this MediaWiki instance. The Wikimedia Foundation shares this data +# with MediaWiki developers to help guide future development efforts. +\$wgPingback = true; + +## If you use ImageMagick (or any other shell command) on a +## Linux server, this will need to be set to the name of an +## available UTF-8 locale +\$wgShellLocale = "C.UTF-8"; + +## Set \$wgCacheDirectory to a writable directory on the web server +## to make your wiki go slightly faster. The directory should not +## be publicly accessible from the web. +#\$wgCacheDirectory = "\$IP/cache"; + +# Site language code, should be one of the list in ./languages/data/Names.php +\$wgLanguageCode = "en"; + +\$wgSecretKey = "603fe88c985b05706f19aaf77d2a61459555ff21a4a4d4ef0aa15c8f8ec50f00"; + +# Changing this will log out all existing sessions. +\$wgAuthenticationTokenVersion = "1"; + +# Site upgrade key. Must be set to a string (default provided) to turn on the +# web installer while LocalSettings.php is in place +\$wgUpgradeKey = "f99263b0f3a7c59a"; + +## For attaching licensing metadata to pages, and displaying an +## appropriate copyright notice / icon. GNU Free Documentation +## License and Creative Commons licenses are supported so far. +\$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright +\$wgRightsUrl = ""; +\$wgRightsText = ""; +\$wgRightsIcon = ""; + +# Path to the GNU diff3 utility. Used for conflict resolution. +\$wgDiff3 = "/usr/bin/diff3"; + +## Default skin: you can change the default skin. Use the internal symbolic +## names, ie 'vector', 'monobook': +\$wgDefaultSkin = "vector"; + +# Enabled skins. +# The following skins were automatically enabled: +wfLoadSkin( 'MonoBook' ); +wfLoadSkin( 'Timeless' ); +wfLoadSkin( 'Vector' ); + + +# End of automatically generated settings. +# Add more configuration options below. +EOF +``` \ No newline at end of file diff --git a/roles/docker-mediawiki/README.md b/roles/docker-mediawiki/README.md index 83d2772b..35f2b3ea 100644 --- a/roles/docker-mediawiki/README.md +++ b/roles/docker-mediawiki/README.md @@ -1,147 +1,4 @@ # role docker-mediawiki -## Generate LocalSettings.php -Login to the container: -```bash -docker-compose exec -it application /bin/sh -``` - -Seed the LocalSettings.php: - -```bash -cat > LocalSettings.php << EOF - "\$wgResourceBasePath/resources/assets/wiki.png" ]; - -## UPO means: this is also a user preference option - -\$wgEnableEmail = true; -\$wgEnableUserEmail = true; # UPO - -\$wgEmergencyContact = "apache@🌻.invalid"; -\$wgPasswordSender = "apache@🌻.invalid"; - -\$wgEnotifUserTalk = false; # UPO -\$wgEnotifWatchlist = false; # UPO -\$wgEmailAuthentication = true; - -## Database settings -\$wgDBtype = "mysql"; -\$wgDBserver = "database:3306"; -\$wgDBname = "mediawiki"; -\$wgDBuser = "mediawiki"; -\$wgDBpassword = "test"; - -# MySQL specific settings -\$wgDBprefix = ""; - -# MySQL table options to use during installation or update -\$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary"; - -## Shared memory settings -\$wgMainCacheType = CACHE_NONE; -\$wgMemCachedServers = []; - -## To enable image uploads, make sure the 'images' directory -## is writable, then set this to true: -\$wgEnableUploads = false; -\$wgUseImageMagick = true; -\$wgImageMagickConvertCommand = "/usr/bin/convert"; - -# InstantCommons allows wiki to use images from https://commons.wikimedia.org -\$wgUseInstantCommons = false; - -# Periodically send a pingback to https://www.mediawiki.org/ with basic data -# about this MediaWiki instance. The Wikimedia Foundation shares this data -# with MediaWiki developers to help guide future development efforts. -\$wgPingback = true; - -## If you use ImageMagick (or any other shell command) on a -## Linux server, this will need to be set to the name of an -## available UTF-8 locale -\$wgShellLocale = "C.UTF-8"; - -## Set \$wgCacheDirectory to a writable directory on the web server -## to make your wiki go slightly faster. The directory should not -## be publicly accessible from the web. -#\$wgCacheDirectory = "\$IP/cache"; - -# Site language code, should be one of the list in ./languages/data/Names.php -\$wgLanguageCode = "en"; - -\$wgSecretKey = "603fe88c985b05706f19aaf77d2a61459555ff21a4a4d4ef0aa15c8f8ec50f00"; - -# Changing this will log out all existing sessions. -\$wgAuthenticationTokenVersion = "1"; - -# Site upgrade key. Must be set to a string (default provided) to turn on the -# web installer while LocalSettings.php is in place -\$wgUpgradeKey = "f99263b0f3a7c59a"; - -## For attaching licensing metadata to pages, and displaying an -## appropriate copyright notice / icon. GNU Free Documentation -## License and Creative Commons licenses are supported so far. -\$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright -\$wgRightsUrl = ""; -\$wgRightsText = ""; -\$wgRightsIcon = ""; - -# Path to the GNU diff3 utility. Used for conflict resolution. -\$wgDiff3 = "/usr/bin/diff3"; - -## Default skin: you can change the default skin. Use the internal symbolic -## names, ie 'vector', 'monobook': -\$wgDefaultSkin = "vector"; - -# Enabled skins. -# The following skins were automatically enabled: -wfLoadSkin( 'MonoBook' ); -wfLoadSkin( 'Timeless' ); -wfLoadSkin( 'Vector' ); - - -# End of automatically generated settings. -# Add more configuration options below. -EOF -``` - -## Further Information +## πŸ“š Other Resources This role was adapted to solve some deprecation message. Please test it before using productive. [See this conversation](https://chatgpt.com/share/6781487e-45fc-800f-a35e-e93f49448176). diff --git a/roles/docker-moodle/README.md b/roles/docker-moodle/README.md index 795147fb..94922b4d 100644 --- a/roles/docker-moodle/README.md +++ b/roles/docker-moodle/README.md @@ -1,4 +1,4 @@ # role docker-moodle -## further information +## πŸ“š Other Resources - https://github.com/bitnami/containers/tree/main/bitnami/moodle \ No newline at end of file diff --git a/roles/docker-mybb/Installation.md b/roles/docker-mybb/Installation.md new file mode 100644 index 00000000..7072d076 --- /dev/null +++ b/roles/docker-mybb/Installation.md @@ -0,0 +1,55 @@ +# Installation + +## Multi Domain Installation +If you want to access your mybb over multiple domains, keep the following in mind: +- Set Cookie Domain to nothing +- Access mybb for installation via mybb. +- Set the Board Url to mybb. + +## Manual Installation of MyBB Plugins + +This guide describes the process of manually installing MyBB plugins in your Docker-MyBB environment. This can be useful if you want to quickly test plugins or do not wish to execute the Ansible role. + +### Steps for Manual Installation + + +1. **Prepare Plugin Files:** + - Download the desired MyBB plugin zip files. + +2. **Copy plugin to host:** + - ```bash scp administrator@:/opt/docker/mybb/plugins``` + +3. **Unzip Plugin Files on the Host:** + - Unzip the plugin zip files in the host's plugin directory: + ```bash + unzip /opt/docker/mybb/plugins/.zip -d /opt/docker/mybb/plugins/ + ``` + - Replace `.zip` with the name of the plugin zip file. + - Repeat this step for each plugin. + +4. **Access the Docker Container:** + - Open a terminal or SSH session on the server where the Docker container is running. + +5. **Copy Unzipped Plugin Files to the Container:** + - Copy the unzipped plugin files from the host directory to the Docker container: + ```bash + docker compose cp /opt/docker/mybb/plugins/ application:/var/www/html/inc/plugins/ + ``` + - Replace `` with the name of the unzipped plugin folder. + +6. **Restart the Container:** + - Execute the following command to restart the MyBB container: + ```bash + docker-compose -p mybb up -d --force-recreate + ``` + - This ensures all changes take effect. + +7. **Activate Plugins in the MyBB Admin Panel:** + - Open the MyBB admin panel in your web browser. + - Navigate to the plugin settings and activate the newly installed plugins. + +### Important Notes + +- Ensure you use the correct paths and filenames. +- Do not forget to regularly back up your MyBB database and files before making changes. +- If encountering issues, refer to the MyBB documentation or specific instructions from the plugin author. \ No newline at end of file diff --git a/roles/docker-mybb/README.md b/roles/docker-mybb/README.md index 27d0bb88..73eeb631 100644 --- a/roles/docker-mybb/README.md +++ b/roles/docker-mybb/README.md @@ -1,76 +1,7 @@ -# Role Name: Docker MyBB +# Docker MyBB -## Dependencies -- nginx-docker-reverse-proxy - -## Usage - -### Multi Domain Installation -If you want to access your mybb over multiple domains, keep the following in mind: -- Set Cookie Domain to nothing -- Access mybb for installation via mybb. -- Set the Board Url to mybb. - -### Manual Installation of MyBB Plugins - -This guide describes the process of manually installing MyBB plugins in your Docker-MyBB environment. This can be useful if you want to quickly test plugins or do not wish to execute the Ansible role. - -#### Steps for Manual Installation - - -1. **Prepare Plugin Files:** - - Download the desired MyBB plugin zip files. - -2. **Copy plugin to host:** - - ```bash scp administrator@:/opt/docker/mybb/plugins``` - -3. **Unzip Plugin Files on the Host:** - - Unzip the plugin zip files in the host's plugin directory: - ```bash - unzip /opt/docker/mybb/plugins/.zip -d /opt/docker/mybb/plugins/ - ``` - - Replace `.zip` with the name of the plugin zip file. - - Repeat this step for each plugin. - -4. **Access the Docker Container:** - - Open a terminal or SSH session on the server where the Docker container is running. - -5. **Copy Unzipped Plugin Files to the Container:** - - Copy the unzipped plugin files from the host directory to the Docker container: - ```bash - docker compose cp /opt/docker/mybb/plugins/ application:/var/www/html/inc/plugins/ - ``` - - Replace `` with the name of the unzipped plugin folder. - -6. **Restart the Container:** - - Execute the following command to restart the MyBB container: - ```bash - docker-compose -p mybb up -d --force-recreate - ``` - - This ensures all changes take effect. - -7. **Activate Plugins in the MyBB Admin Panel:** - - Open the MyBB admin panel in your web browser. - - Navigate to the plugin settings and activate the newly installed plugins. - -#### Important Notes - -- Ensure you use the correct paths and filenames. -- Do not forget to regularly back up your MyBB database and files before making changes. -- If encountering issues, refer to the MyBB documentation or specific instructions from the plugin author. - -### Running the Role -Execute the Ansible playbook containing this role to set up MyBB in a Docker environment. - -## Docker Compose Configuration -The `docker-compose.yml.j2` template outlines the services required for MyBB, including the application server, Nginx web server, and database (MariaDB). - -## Additional Information -- For detailed configuration and customization, refer to the contents of the `default.conf` template and the `docker-compose.yml.j2` template. -- Ensure that the environment variables and paths are correctly set as per your system's configuration. - -## Created with ChatGPT +## Credits πŸ“ This README was created with the assistance of ChatGPT, based on a conversation held at this [link](https://chat.openai.com/share/83828f9a-b817-48d8-86ed-599f64850b4d). ChatGPT provided guidance on structuring this document and outlining the key components of the Docker MyBB role. -## More Information +## πŸ“š Other Resources - https://github.com/mybb/docker \ No newline at end of file diff --git a/roles/docker-nextcloud/Administration.md b/roles/docker-nextcloud/Administration.md new file mode 100644 index 00000000..063ccd86 --- /dev/null +++ b/roles/docker-nextcloud/Administration.md @@ -0,0 +1,190 @@ +# Administration + +## Modify Config πŸ”§ + +### Enter the Container +```bash +docker-compose exec -it application /bin/sh +``` + +### Modify the Configuration +Inside the container, install a text editor and edit the config: +```bash +apk add --no-cache nano && nano config/config.php +``` + +--- + +## Update πŸ”„ + +To update the Nextcloud container, execute the following commands on the server: +```bash +docker exec -it -u www-data nextcloud-application /var/www/html/occ maintenance:mode --on && +export COMPOSE_HTTP_TIMEOUT=600 && +export DOCKER_CLIENT_TIMEOUT=600 && +docker-compose down +``` + +Afterwards, update the ***applications.nextcloud.version*** variable to the next version and run this repository with this Ansible role. + +> **Note:** +> It is only possible to update from one to the next major version at a time. +> Wait for the update to finish. + +Verify the update by checking the logs: +```bash +docker-compose logs application +``` +and +```bash +docker-compose exec -it application top +``` + +If Nextcloud remains in maintenance mode after the update, try the following: +```bash +docker exec -it -u www-data nextcloud-application/var/www/html/occ maintenance:mode --on +docker exec -it -u www-data nextcloud-application /var/www/html/occ upgrade +docker exec -it -u www-data nextcloud-application /var/www/html/occ maintenance:mode --off +``` + +If the update process fails, execute: +```bash +docker exec -it -u www-data nextcloud-application /var/www/html/occ maintenance:repair --include-expensive +``` +and disable any non-functioning apps. + +--- + +## Recover Latest Backup πŸ’Ύ + +```bash +cd {{path_docker_compose_instances}}nextcloud && +docker-compose down && +docker-compose exec -i database mysql -u nextcloud -pPASSWORT nextcloud < "/Backups/$(sha256sum /etc/machine-id | head -c 64)/backup-docker-to-local/latest/nextcloud_database/sql/backup.sql" && +cd {{path_administrator_scripts}}backup-docker-to-local && +bash ./recover-docker-from-local.sh "nextcloud_data" "$(sha256sum /etc/machine-id | head -c 64)" +``` + +--- + +## Database Management πŸ—„οΈ + +### Database Access +To access the database, execute: +```bash +docker-compose exec -it database mysql -u nextcloud -D nextcloud -p +``` + +### Recreate Database with New Volume +```bash +docker-compose run --detach --name database --env MYSQL_USER="nextcloud" --env MYSQL_PASSWORD=PASSWORD --env MYSQL_ROOT_PASSWORD=PASSWORD --env MYSQL_DATABASE="nextcloud" -v nextcloud_database:/var/lib/mysql +``` + +--- + +## OCC (Nextcloud Command Line) πŸ”§ + +To use OCC, run: +```bash +docker-compose exec -it -u www-data application /var/www/html/occ +``` +### User Administration + +#### List Users +```bash +docker compose exec -it -u www-data application php occ user:list +``` + +#### Sync Users +```bash +docker compose exec -it -u www-data application php occ user:sync +``` + +#### Create user via CLI +```bash +docker compose exec -it -u www-data application php occ user:add {{username}} +``` + +#### Make user admin via cli +```bash +docker compose exec -it -u www-data application php occ group:adduser admin {{username}} +``` + +#### Delete user via CLI +```bash +docker compose exec -it -u www-data application php occ user:delete {{username}} +``` +--- + +### App Administration +```bash +docker compose exec -u www-data application php occ config:list {{app_name}} +``` + +### Initialize Duplicates +```bash +docker-compose exec -it -u www-data application /var/www/html/occ duplicates:find-all --output +``` + +### Unlock Files +```bash +docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on +docker-compose exec -it nextcloud_database_1 mysql -u nextcloud -pPASSWORD1234132 -D nextcloud -e "delete from oc_file_locks where 1" +docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --off +``` + +--- + +## Apps + +### App Relevant Tables πŸ—ƒοΈ + +- `oc_appconfig` +- `oc_migrations` + +### Cospend + +#### Relevant SQL Commands for Cospend +Debugguging Migrations: + +https://github.com/julien-nc/cospend-nc/issues/325 +```sql +-- Show all Cospend Tables +SHOW TABLES where Tables_in_nextcloud LIKE "%cospend%"; +-- Show Cospend Configuration +SELECT * FROM `oc_appconfig` WHERE appid LIKE "%cospend%"; +-- Show Cospend Database Migrations +SELECT * FROM `oc_migrations` WHERE app LIKE "%cospend%"; +``` + +# Identity and Access Management (IAM) + +## OpenID Connect (OIDC) Support πŸ” + +OIDC is supported in this roleβ€”for example, via **Keycloak**. OIDC-specific tasks are included when enabled, allowing integration of external authentication providers seamlessly. + +### Verify OIDC Configuration + +```bash +docker compose exec -u www-data application /var/www/html/occ config:app:get sociallogin custom_providers +``` + +## LDAP + +More information: https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_auth_ldap.html + +## Get all relevant entries except password + +```sql +SELECT * FROM `oc_appconfig` WHERE appid LIKE "%ldap%" and configkey != "s01ldap_agent_password"; +``` + +## Update User with LDAP values + +```bash +docker compose exec -it -u www-data application php occ ldap:check-user --update {{username}} +``` + +## Federation + +If users are just created via Keycloak and not via LDAP, they have a different username. Due to this reaso concider to use LDAP to guaranty that the username is valid. diff --git a/roles/docker-nextcloud/README.md b/roles/docker-nextcloud/README.md index 5637cef5..5a088010 100644 --- a/roles/docker-nextcloud/README.md +++ b/roles/docker-nextcloud/README.md @@ -1,201 +1,9 @@ # Docker Nextcloud Role πŸš€ This repository contains an Ansible role for deploying and managing [Nextcloud](https://nextcloud.com/) using [Docker](https://www.docker.com/). It covers configuration modifications, updates, backups, database management, and more. Additionally, OIDC (OpenID Connect) is supported (for example, via **Keycloak**). - --- -## Modify Config πŸ”§ - -### Enter the Container -```bash -docker-compose exec -it application /bin/sh -``` - -### Modify the Configuration -Inside the container, install a text editor and edit the config: -```bash -apk add --no-cache nano && nano config/config.php -``` - ---- - -## Update πŸ”„ - -To update the Nextcloud container, execute the following commands on the server: -```bash -docker exec -it -u www-data nextcloud-application /var/www/html/occ maintenance:mode --on && -export COMPOSE_HTTP_TIMEOUT=600 && -export DOCKER_CLIENT_TIMEOUT=600 && -docker-compose down -``` - -Afterwards, update the ***applications.nextcloud.version*** variable to the next version and run this repository with this Ansible role. - -> **Note:** -> It is only possible to update from one to the next major version at a time. -> Wait for the update to finish. - -Verify the update by checking the logs: -```bash -docker-compose logs application -``` -and -```bash -docker-compose exec -it application top -``` - -If Nextcloud remains in maintenance mode after the update, try the following: -```bash -docker exec -it -u www-data nextcloud-application/var/www/html/occ maintenance:mode --on -docker exec -it -u www-data nextcloud-application /var/www/html/occ upgrade -docker exec -it -u www-data nextcloud-application /var/www/html/occ maintenance:mode --off -``` - -If the update process fails, execute: -```bash -docker exec -it -u www-data nextcloud-application /var/www/html/occ maintenance:repair --include-expensive -``` -and disable any non-functioning apps. - ---- - -## Recover Latest Backup πŸ’Ύ - -```bash -cd {{path_docker_compose_instances}}nextcloud && -docker-compose down && -docker-compose exec -i database mysql -u nextcloud -pPASSWORT nextcloud < "/Backups/$(sha256sum /etc/machine-id | head -c 64)/backup-docker-to-local/latest/nextcloud_database/sql/backup.sql" && -cd {{path_administrator_scripts}}backup-docker-to-local && -bash ./recover-docker-from-local.sh "nextcloud_data" "$(sha256sum /etc/machine-id | head -c 64)" -``` - ---- - -## Database Management πŸ—„οΈ - -### Database Access -To access the database, execute: -```bash -docker-compose exec -it database mysql -u nextcloud -D nextcloud -p -``` - -### Recreate Database with New Volume -```bash -docker-compose run --detach --name database --env MYSQL_USER="nextcloud" --env MYSQL_PASSWORD=PASSWORD --env MYSQL_ROOT_PASSWORD=PASSWORD --env MYSQL_DATABASE="nextcloud" -v nextcloud_database:/var/lib/mysql -``` - ---- - -## OCC (Nextcloud Command Line) πŸ”§ - -To use OCC, run: -```bash -docker-compose exec -it -u www-data application /var/www/html/occ -``` -### User Administration - -#### List Users -```bash -docker compose exec -it -u www-data application php occ user:list -``` - -#### Sync Users -```bash -docker compose exec -it -u www-data application php occ user:sync -``` - -#### Create user via CLI -```bash -docker compose exec -it -u www-data application php occ user:add {{username}} -``` - -#### Make user admin via cli -```bash -docker compose exec -it -u www-data application php occ group:adduser admin {{username}} -``` - -#### Delete user via CLI -```bash -docker compose exec -it -u www-data application php occ user:delete {{username}} -``` ---- - -### App Administration -```bash -docker compose exec -u www-data application php occ config:list {{app_name}} -``` - -### Initialize Duplicates -```bash -docker-compose exec -it -u www-data application /var/www/html/occ duplicates:find-all --output -``` - -### Unlock Files -```bash -docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on -docker-compose exec -it nextcloud_database_1 mysql -u nextcloud -pPASSWORD1234132 -D nextcloud -e "delete from oc_file_locks where 1" -docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --off -``` - ---- - -## Apps - -### App Relevant Tables πŸ—ƒοΈ - -- `oc_appconfig` -- `oc_migrations` - -### Cospend - -#### Relevant SQL Commands for Cospend -Debugguging Migrations: - -https://github.com/julien-nc/cospend-nc/issues/325 -```sql --- Show all Cospend Tables -SHOW TABLES where Tables_in_nextcloud LIKE "%cospend%"; --- Show Cospend Configuration -SELECT * FROM `oc_appconfig` WHERE appid LIKE "%cospend%"; --- Show Cospend Database Migrations -SELECT * FROM `oc_migrations` WHERE app LIKE "%cospend%"; -``` - -# Identity and Access Management (IAM) - -## OpenID Connect (OIDC) Support πŸ” - -OIDC is supported in this roleβ€”for example, via **Keycloak**. OIDC-specific tasks are included when enabled, allowing integration of external authentication providers seamlessly. - -### Verify OIDC Configuration - -```bash -docker compose exec -u www-data application /var/www/html/occ config:app:get sociallogin custom_providers -``` - -## LDAP - -More information: https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_auth_ldap.html - -## Get all relevant entries except password - -```sql -SELECT * FROM `oc_appconfig` WHERE appid LIKE "%ldap%" and configkey != "s01ldap_agent_password"; -``` - -## Update User with LDAP values - -```bash -docker compose exec -it -u www-data application php occ ldap:check-user --update {{username}} -``` - -## Federation - -If users are just created via Keycloak and not via LDAP, they have a different username. Due to this reaso concider to use LDAP to guaranty that the username is valid. - ---- - -## Further Information ℹ️ +## πŸ“š Other Resources - [Nextcloud Docker Example with Nginx Proxy, MariaDB, and FPM](https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/docker-compose.yml) - [Nextcloud Upgrade via Docker by Goneuland](https://goneuland.de/nextcloud-upgrade-auf-neue-versionen-mittels-docker/) @@ -210,14 +18,6 @@ If users are just created via Keycloak and not via LDAP, they have a different u - [Nextcloud Talk Plugin and Turnserver in Docker](https://forum.openmediavault.org/index.php?thread/31782-docker-nextcloud-talk-plugin-and-turnserver/) - [Nextcloud Talk on Docker: Turn Server Issues](https://help.nextcloud.com/t/nextcloud-talk-im-docker/container/turn-server-auf-docker-host-kein-video/84133/10) ---- -## Author - -**Developed by:** Kevin Veen-Birkenbach -**Website:** [https://www.veen.world/](https://www.veen.world/) - -*This README.md was created with the help of [ChatGPT](https://chatgpt.com/share/67a5312c-7248-800f-ae27-0288c1c82f1d).* - --- *Enjoy and happy containerizing! πŸ˜„* diff --git a/roles/docker-oauth2-proxy/README.md b/roles/docker-oauth2-proxy/README.md index 311123a1..8d4993e5 100644 --- a/roles/docker-oauth2-proxy/README.md +++ b/roles/docker-oauth2-proxy/README.md @@ -2,7 +2,7 @@ Welcome to the **Docker OAuth2 Proxy Role**! 🌟 This role contains helper functions to set up an OAuth2 proxy using [OAuth2 Proxy](https://github.com/oauth2-proxy/oauth2-proxy), a tool designed to secure applications by protecting them with OAuth2 authentication. πŸ’‘ -## Overview +## πŸ“Œ Overview The OAuth2 Proxy is used to shield specific web applications from unauthorized access by requiring users to authenticate via an external identity provider, such as Keycloak. This role simplifies the setup process by providing templated configurations and tasks to integrate the OAuth2 Proxy with Docker Compose and Keycloak. diff --git a/roles/docker-openproject/README.md b/roles/docker-openproject/README.md index 573fd7cb..a7c20400 100644 --- a/roles/docker-openproject/README.md +++ b/roles/docker-openproject/README.md @@ -1,6 +1,6 @@ # OpenProject Role -## Overview +## πŸ“Œ Overview This role is designed to deploy the [OpenProject](https://www.openproject.org/) application using Docker. It includes tasks for setting up the environment, pulling the Docker repository, and configuring a reverse proxy with Nginx. It was developed by [Kevin Veen-Birkenbach](https://www.veen.world/) diff --git a/roles/docker-peertube/Administration.md b/roles/docker-peertube/Administration.md new file mode 100644 index 00000000..c7b161b2 --- /dev/null +++ b/roles/docker-peertube/Administration.md @@ -0,0 +1,29 @@ +# Administration + +## track docker container status +```bash +watch -n 2 "docker ps -a | grep peertube" +``` + +## clean rebuild +```bash +cd {{path_docker_compose_instances}}peertube/ && +docker-compose down +docker volume rm peertube_assets peertube_config peertube_data peertube_database peertube_redis +docker-compose up -d +``` + +## access terminal +```bash +docker-compose exec -it application /bin/bash +``` + +## update config +```bash +apt update && apt install nano && nano ./config/default.yaml +``` + +## get root pasword +```bash +docker logs peertube-application-1 | grep -A1 root +``` \ No newline at end of file diff --git a/roles/docker-peertube/README.md b/roles/docker-peertube/README.md index 923099bf..54a58103 100644 --- a/roles/docker-peertube/README.md +++ b/roles/docker-peertube/README.md @@ -1,37 +1,7 @@ # docker peertube -## track docker container status -```bash -watch -n 2 "docker ps -a | grep peertube" -``` -## clean rebuild -```bash -cd {{path_docker_compose_instances}}peertube/ && -docker-compose down -docker volume rm peertube_assets peertube_config peertube_data peertube_database peertube_redis -docker-compose up -d -``` - -## access terminal -```bash -docker-compose exec -it application /bin/bash -``` - -## update config -```bash -apt update && apt install nano && nano ./config/default.yaml -``` - -## get root pasword -```bash -docker logs peertube-application-1 | grep -A1 root -``` - -## upgrade version -- https://docs.joinpeertube.org/install/docker - -## further information +## πŸ“š Other Resources - https://docs.joinpeertube.org/install-docker - https://github.com/Chocobozzz/PeerTube/issues/3091 - [OIDC Plugin installation](https://chatgpt.com/c/67a4f448-4be8-800f-8639-4c15cb2fb44e) \ No newline at end of file diff --git a/roles/docker-peertube/Upgrade.md b/roles/docker-peertube/Upgrade.md new file mode 100644 index 00000000..bc74c09d --- /dev/null +++ b/roles/docker-peertube/Upgrade.md @@ -0,0 +1,2 @@ +# upgrade version +- https://docs.joinpeertube.org/install/docker \ No newline at end of file diff --git a/roles/docker-pixelfed/Administration.md b/roles/docker-pixelfed/Administration.md new file mode 100644 index 00000000..2d3d3614 --- /dev/null +++ b/roles/docker-pixelfed/Administration.md @@ -0,0 +1,134 @@ +## Accessing Services + +### Application Access +To gain shell access to the application container, run the following command: +```bash +docker-compose exec -it application bash +``` + +### Clear Cache +```bash +docker compose exec -it application php artisan cache:clear +``` + +### Database Access +To access the MariaDB instance in the database container, run the following command: +```bash +docker-compose exec -it database mariadb -u pixelfed -p +``` + +### User Management via CLI in Pixelfed Docker Setup +To manage users in your Pixelfed instance running in a Docker container, as configured in Kevin Veen-Birkenbach's docker-pixelfed role, you can follow these steps via the Command Line Interface (CLI): + +1. **Access the Application Container:** First, gain shell access to the Pixelfed application container. Use the command provided in the README: + + ```bash + docker-compose exec -it application bash + ``` + + This command lets you access the bash shell inside the `application` Docker container where Pixelfed is running. + +2. **Navigate to Pixelfed Directory:** Once inside the container, navigate to the Pixelfed directory. This is typically the root directory where Pixelfed is installed. + +3. **Use Artisan Commands:** Pixelfed is built on Laravel, so you'll use Laravel's Artisan CLI for user management. Here are some common tasks: + + - **Create a New User:** + ```bash + php artisan user:create + ``` + This command will prompt you to enter the user's details like username, email, and password. + + - **List Users:** + ```bash + php artisan user:list + ``` + This command displays a list of all users. + + - **Delete a User:** + ```bash + php artisan user:delete {username} + ``` + Replace `{username}` with the actual username of the user you wish to delete. + + - **Reset Password:** + ```bash + php artisan user:reset-password {username} + ``` + This will initiate a password reset process for the specified user. + +4. **Verify and Validate:** Depending on your Pixelfed's configuration, especially if email verification is required, you might need to perform additional steps to verify new accounts or modify user details. + +5. **Exit the Container:** After completing your user management tasks, exit the Docker container shell by typing `exit`. + +### Note: + +- **Commands Variability:** The available Artisan commands can vary based on your version of Pixelfed and Laravel. Always refer to the specific documentation for your version. +- **Permissions:** Ensure you have the necessary permissions and rights within the Docker container to perform these actions. +- **Environment Specifics:** The exact paths and commands may vary based on your Docker and Pixelfed setup, as defined in your `docker-compose.yml` and other configuration files. + +This process provides a streamlined way to manage Pixelfed users directly from the CLI in a Dockerized environment, ensuring that you can efficiently administer your Pixelfed instance without needing to access the Pixelfed web interface. + +## Instagram Import Cleanup + +If you have imported posts from Instagram, you can clean up the imported data and files as follows: + +### Database Cleanup +Run these commands inside your MariaDB shell to remove import related data: +```bash +DELETE from import_posts WHERE 1; +DELETE from import_jobs WHERE 1; +DELETE from import_datas WHERE 1; +DELETE from statuses where created_at < "2022-12-01 22:15:39"; +DELETE from media where deleted_at >= "2023-07-28 14:39:05"; +``` + +### File System Cleanup +Run these commands to remove the imported files and trigger the cleanup job: +```bash +docker-compose exec -u "www-data" application rm -rv "/var/www/storage/app/imports/1" +docker-compose exec -u "www-data" application php artisan schedule:run +``` + +## Full Cleanup (Reset) + +For a hard reset, which will delete all data and stop all services, use the following commands: +```bash +docker-compose down +docker volume rm pixelfed_application_data pixelfed_database pixelfed_redis +``` + +## Update Procedure + +To update your Pixelfed instance, navigate to the directory where your `docker-compose.yml` file is located and run these commands: +```bash +cd {{path_docker_compose_instances}}pixelfed/ && +docker-compose down && +docker network prune -f && +docker-compose pull && +docker-compose build && +docker-compose -p pixelfed up -d --force-recreate +``` + +## Inspecting the Services + +To see the status of all services or follow the logs, use these commands: +```bash +docker-compose ps -a +docker-compose logs -f +``` + +## Debug +To debug the system set APP_DEBUG to true, like descriped [here](https://docs.pixelfed.org/technical-documentation/config/). + +```bash +nano config/app.php +php artisan cache:clear +php artisan route:cache +php artisan view:clear +php artisan config:cache +``` + +## Modifying files +```bash +apt update && apt upgrade && apt install nano +``` \ No newline at end of file diff --git a/roles/docker-pixelfed/README.md b/roles/docker-pixelfed/README.md index 0b7f3880..0a486a16 100644 --- a/roles/docker-pixelfed/README.md +++ b/roles/docker-pixelfed/README.md @@ -2,141 +2,6 @@ This README details the steps to manage your Pixelfed instance running in a Docker container. This setup is part of the docker-pixelfed role within Kevin Veen-Birkenbach's cymais located at [this GitHub repository](https://github.com/kevinveenbirkenbach/cymais/tree/master/roles/docker-pixelfed). -## Accessing Services - -### Application Access -To gain shell access to the application container, run the following command: -```bash -docker-compose exec -it application bash -``` - -### Clear Cache -```bash -docker compose exec -it application php artisan cache:clear -``` - -### Database Access -To access the MariaDB instance in the database container, run the following command: -```bash -docker-compose exec -it database mariadb -u pixelfed -p -``` - -### User Management via CLI in Pixelfed Docker Setup -To manage users in your Pixelfed instance running in a Docker container, as configured in Kevin Veen-Birkenbach's docker-pixelfed role, you can follow these steps via the Command Line Interface (CLI): - -1. **Access the Application Container:** First, gain shell access to the Pixelfed application container. Use the command provided in the README: - - ```bash - docker-compose exec -it application bash - ``` - - This command lets you access the bash shell inside the `application` Docker container where Pixelfed is running. - -2. **Navigate to Pixelfed Directory:** Once inside the container, navigate to the Pixelfed directory. This is typically the root directory where Pixelfed is installed. - -3. **Use Artisan Commands:** Pixelfed is built on Laravel, so you'll use Laravel's Artisan CLI for user management. Here are some common tasks: - - - **Create a New User:** - ```bash - php artisan user:create - ``` - This command will prompt you to enter the user's details like username, email, and password. - - - **List Users:** - ```bash - php artisan user:list - ``` - This command displays a list of all users. - - - **Delete a User:** - ```bash - php artisan user:delete {username} - ``` - Replace `{username}` with the actual username of the user you wish to delete. - - - **Reset Password:** - ```bash - php artisan user:reset-password {username} - ``` - This will initiate a password reset process for the specified user. - -4. **Verify and Validate:** Depending on your Pixelfed's configuration, especially if email verification is required, you might need to perform additional steps to verify new accounts or modify user details. - -5. **Exit the Container:** After completing your user management tasks, exit the Docker container shell by typing `exit`. - -### Note: - -- **Commands Variability:** The available Artisan commands can vary based on your version of Pixelfed and Laravel. Always refer to the specific documentation for your version. -- **Permissions:** Ensure you have the necessary permissions and rights within the Docker container to perform these actions. -- **Environment Specifics:** The exact paths and commands may vary based on your Docker and Pixelfed setup, as defined in your `docker-compose.yml` and other configuration files. - -This process provides a streamlined way to manage Pixelfed users directly from the CLI in a Dockerized environment, ensuring that you can efficiently administer your Pixelfed instance without needing to access the Pixelfed web interface. - -## Instagram Import Cleanup - -If you have imported posts from Instagram, you can clean up the imported data and files as follows: - -### Database Cleanup -Run these commands inside your MariaDB shell to remove import related data: -```bash -DELETE from import_posts WHERE 1; -DELETE from import_jobs WHERE 1; -DELETE from import_datas WHERE 1; -DELETE from statuses where created_at < "2022-12-01 22:15:39"; -DELETE from media where deleted_at >= "2023-07-28 14:39:05"; -``` - -### File System Cleanup -Run these commands to remove the imported files and trigger the cleanup job: -```bash -docker-compose exec -u "www-data" application rm -rv "/var/www/storage/app/imports/1" -docker-compose exec -u "www-data" application php artisan schedule:run -``` - -## Full Cleanup (Reset) - -For a hard reset, which will delete all data and stop all services, use the following commands: -```bash -docker-compose down -docker volume rm pixelfed_application_data pixelfed_database pixelfed_redis -``` - -## Update Procedure - -To update your Pixelfed instance, navigate to the directory where your `docker-compose.yml` file is located and run these commands: -```bash -cd {{path_docker_compose_instances}}pixelfed/ && -docker-compose down && -docker network prune -f && -docker-compose pull && -docker-compose build && -docker-compose -p pixelfed up -d --force-recreate -``` - -## Inspecting the Services - -To see the status of all services or follow the logs, use these commands: -```bash -docker-compose ps -a -docker-compose logs -f -``` - -## Debug -To debug the system set APP_DEBUG to true, like descriped [here](https://docs.pixelfed.org/technical-documentation/config/). - -```bash -nano config/app.php -php artisan cache:clear -php artisan route:cache -php artisan view:clear -php artisan config:cache -``` - -## Modifying files -```bash -apt update && apt upgrade && apt install nano -``` - ## Further Reading For additional information, refer to these resources: - [Docker image on Docker Hub](https://hub.docker.com/r/zknt/pixelfed) diff --git a/roles/docker-postgres/Administration.md b/roles/docker-postgres/Administration.md new file mode 100644 index 00000000..8deb63cf --- /dev/null +++ b/roles/docker-postgres/Administration.md @@ -0,0 +1,5 @@ +## Root Access +To access the database via the root account execute the following on the server: +```bash +docker exec -it central-postgres psql -U postgres +``` \ No newline at end of file diff --git a/roles/docker-postgres/README.md b/roles/docker-postgres/README.md index a10ce8a8..957678d6 100644 --- a/roles/docker-postgres/README.md +++ b/roles/docker-postgres/README.md @@ -1,6 +1,6 @@ # Docker-Postgres Ansible Role -## Overview +## πŸ“Œ Overview This Ansible role is designed to deploy a PostgreSQL database using Docker. It includes tasks for setting up a Docker network, installing PostgreSQL in a Docker container, and initializing the database with a specified user and database. ## Role Variables @@ -23,12 +23,6 @@ This Ansible role is designed to deploy a PostgreSQL database using Docker. It i 2. Include this role in your playbook. 3. Run the playbook against the target host. -## Root Access -To access the database via the root account execute the following on the server: -```bash -docker exec -it central-postgres psql -U postgres -``` - ## Notes - The PostgreSQL server is bound to `127.0.0.1:5432` on the host machine, making it accessible only from localhost. diff --git a/roles/docker-roulette-wheel/README.md b/roles/docker-roulette-wheel/README.md index 689dff46..375d0ddc 100644 --- a/roles/docker-roulette-wheel/README.md +++ b/roles/docker-roulette-wheel/README.md @@ -1,6 +1,6 @@ # docker roulette-wheel -## further information +## πŸ“š Other Resources - https://github.com/p-wojt/roulette-wheel - https://dev.to/ms314006/how-to-package-front-end-projects-into-docker-images-and-use-it-with-webpack-go3 - https://stackoverflow.com/questions/53178820/dockerfile-to-run-nodejs-static-content-in-docker-container diff --git a/roles/docker-snipe_it/Administration.md b/roles/docker-snipe_it/Administration.md new file mode 100644 index 00000000..fefb8c9d --- /dev/null +++ b/roles/docker-snipe_it/Administration.md @@ -0,0 +1,7 @@ +# Administration πŸ› οΈ +Clear and restart the application: +```bash +docker-compose exec application php artisan config:clear +docker-compose exec application php artisan cache:clear +docker-compose restart application +``` \ No newline at end of file diff --git a/roles/docker-snipe_it/README.md b/roles/docker-snipe_it/README.md index 47d5b72d..9bfd36b1 100644 --- a/roles/docker-snipe_it/README.md +++ b/roles/docker-snipe_it/README.md @@ -13,14 +13,6 @@ This πŸš€ **CyMaIS** role provides an automated deployment and configuration for - **SAML Authentication Support** (Pending Fix) πŸ” - **Redis Caching** for improved performance ⚑ -## Administration πŸ› οΈ -Clear and restart the application: -```bash -docker-compose exec application php artisan config:clear -docker-compose exec application php artisan cache:clear -docker-compose restart application -``` - ## Pending Issue 🚧 To ensure full **SAML authentication integration**, this issue still needs to be resolved: πŸ”— [GitHub Issue #16186](https://github.com/snipe/snipe-it/issues/16186) diff --git a/roles/docker-wordpress/Administration.md b/roles/docker-wordpress/Administration.md new file mode 100644 index 00000000..03b317ed --- /dev/null +++ b/roles/docker-wordpress/Administration.md @@ -0,0 +1,27 @@ +# Administration + +## database + +## access database +To access the database execute +```bash + docker-compose exec -it database /bin/mysql -u wordpress -p +``` + +## upgrade database +To upgrade the database execute +```bash + docker-compose exec -it database /bin/mysql_upgrade --user=root --password= +``` + +## change database root password +- https://wolfgang.gassler.org/reset-password-mariadb-mysql-docker/ +- https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password + +## bash in application +docker-compose exec -it wordpress-application-1 /bin/sh + +## update wp-config.php +```bash +apt update && apt install nano && nano wp-config.php +``` \ No newline at end of file diff --git a/roles/docker-wordpress/README.md b/roles/docker-wordpress/README.md index 5795cb41..aadf9b4f 100644 --- a/roles/docker-wordpress/README.md +++ b/roles/docker-wordpress/README.md @@ -1,31 +1,5 @@ # role docker-wordpress -## database - -## access database -To access the database execute -```bash - docker-compose exec -it database /bin/mysql -u wordpress -p -``` - -## upgrade database -To upgrade the database execute -```bash - docker-compose exec -it database /bin/mysql_upgrade --user=root --password= -``` - -## change database root password -- https://wolfgang.gassler.org/reset-password-mariadb-mysql-docker/ -- https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password - -## bash in application -docker-compose exec -it wordpress-application-1 /bin/sh - -## update wp-config.php -```bash -apt update && apt install nano && nano wp-config.php -``` - ## multiside - https://multilingualpress.de/doku/wordpress-multisite-installieren-einrichten/ - https://pressable.com/knowledgebase/adding-or-changing-the-domain-on-a-wordpress-multisite/ diff --git a/roles/docker-yourls/Administration.md b/roles/docker-yourls/Administration.md new file mode 100644 index 00000000..fef34c7e --- /dev/null +++ b/roles/docker-yourls/Administration.md @@ -0,0 +1,9 @@ +# Administration + +## database + +To login to the database type in: + +```bash +docker-compose exec -it database /bin/mysql -u yourls -p +``` \ No newline at end of file diff --git a/roles/docker-yourls/README.md b/roles/docker-yourls/README.md index 44d6d8df..d8850257 100644 --- a/roles/docker-yourls/README.md +++ b/roles/docker-yourls/README.md @@ -1,9 +1 @@ # role docker-yourls - -## database - -To login to the database type in: - -```bash -docker-compose exec -it database /bin/mysql -u yourls -p -``` diff --git a/roles/driver-epson-multiprinter/README.md b/roles/driver-epson-multiprinter/README.md index bc5d0d1c..6ca1c5b8 100644 --- a/roles/driver-epson-multiprinter/README.md +++ b/roles/driver-epson-multiprinter/README.md @@ -1,5 +1,5 @@ # role driver-epson-multiprinter -## further information +## πŸ“š Other Resources - https://bernhardsteindl.at/epson-ecotank-et-3600-unter-arch-linux-einrichten/ - http://download.ebz.epson.net/dsc/search/01/search/searchModule - https://aur.archlinux.org/packages/epson-inkjet-printer-escpr diff --git a/roles/health-nginx/README.md b/roles/health-nginx/README.md index e47f6ff6..1b8ac691 100644 --- a/roles/health-nginx/README.md +++ b/roles/health-nginx/README.md @@ -1,6 +1,6 @@ # health-nginx -## Overview +## πŸ“Œ Overview `health-nginx` is an Ansible role designed to send health reports for nginx configurations. It leverages Python scripting to check the status of nginx server configurations and reports back any issues. This role is especially useful for maintaining the health of nginx servers in a dynamic environment. ## Requirements diff --git a/roles/hunspell/tasks/README.md b/roles/hunspell/tasks/README.md index e857c507..53759145 100644 --- a/roles/hunspell/tasks/README.md +++ b/roles/hunspell/tasks/README.md @@ -1,6 +1,6 @@ # Hunspell -## Overview +## πŸ“Œ Overview This README accompanies the Hunspell Playbook, located within the `cymais` repository. The playbook is focused on installing Hunspell, a widely-used spell checker, along with various language packages to enhance its functionality. ## Playbook Contents diff --git a/roles/java/README.md b/roles/java/README.md index bf8b3928..8f2cde24 100644 --- a/roles/java/README.md +++ b/roles/java/README.md @@ -1,6 +1,6 @@ # Java -## Overview +## πŸ“Œ Overview This README file is for the Java role, which is part of the `cymais`. The role is specifically designed to automate the installation of Java on a system, focusing on the OpenJDK 11 version. ## Contents of the role diff --git a/roles/nginx-redirect-www/README.md b/roles/nginx-redirect-www/README.md index d184c2bd..529dbd0f 100644 --- a/roles/nginx-redirect-www/README.md +++ b/roles/nginx-redirect-www/README.md @@ -1,6 +1,6 @@ # nginx-redirect-www -## Overview +## πŸ“Œ Overview The `nginx-redirect-www` role is designed to automate the process of setting up redirects from `www.domain.tld` to `domain.tld` for all domains and subdomains configured within the `{{nginx.directories.http.servers}}` directory. This role dynamically identifies configuration files following the pattern `*domain.tld.conf` and creates corresponding redirection rules. ## Role Description diff --git a/roles/pc-administrator-tools/README.md b/roles/pc-administrator-tools/README.md index f2a23777..ce0ddafe 100644 --- a/roles/pc-administrator-tools/README.md +++ b/roles/pc-administrator-tools/README.md @@ -1,6 +1,6 @@ # PC-Bluray-Player-Tools Role -## Overview +## πŸ“Œ Overview Welcome to the `pc-bluray-player-tools` role, a part of the `cymais` repository. This role is dedicated to setting up software required for Blu-ray playback on personal computers. It focuses on installing necessary packages to enable the use of Blu-ray media with VLC player and other compatible software. ## Role Contents @@ -12,7 +12,7 @@ The `main.yml` file in this role consists of tasks that automate the installatio There are commented-out tasks for installing additional AUR packages, such as `aacskeys` and `libbdplus`, which can be enabled as per the user's requirements. -## Further Information and Resources +## πŸ“š Other Resources and Resources For more in-depth information and guidance on Blu-ray playback and software configuration, the following resources can be consulted: - [Arch Linux Wiki on Blu-ray](https://wiki.archlinux.org/title/Blu-ray#Using_aacskeys) - [Guide to Play Blu-ray with VLC](https://videobyte.de/play-blu-ray-with-vlc) diff --git a/roles/pc-bluray-player-tools/README.md b/roles/pc-bluray-player-tools/README.md index 94c42188..16e07f9f 100644 --- a/roles/pc-bluray-player-tools/README.md +++ b/roles/pc-bluray-player-tools/README.md @@ -1,6 +1,6 @@ # collection-blu-ray-player -## further information +## πŸ“š Other Resources - https://wiki.archlinux.org/title/Blu-ray#Using_aacskeys - https://videobyte.de/play-blu-ray-with-vlc - https://archived.forum.manjaro.org/t/wie-kann-ich-bluray-uhd-abspielen/127396/12 diff --git a/roles/pc-designer-tools/README.md b/roles/pc-designer-tools/README.md index 8b2c7c4a..6062389a 100644 --- a/roles/pc-designer-tools/README.md +++ b/roles/pc-designer-tools/README.md @@ -1,6 +1,6 @@ # PC-Designer-Tools Role -## Overview +## πŸ“Œ Overview This README is associated with the `pc-designer-tools` role, part of the `cymais` repository. This role focuses on setting up a suite of essential design tools on personal computers, catering specifically to the needs of graphic designers, illustrators, and digital artists. ## Role Contents diff --git a/roles/pc-developer-tools-arduino/README.md b/roles/pc-developer-tools-arduino/README.md index 753dd499..06f978f6 100644 --- a/roles/pc-developer-tools-arduino/README.md +++ b/roles/pc-developer-tools-arduino/README.md @@ -1,6 +1,6 @@ # PC-Developer-Tools-Arduino Role -## Overview +## πŸ“Œ Overview This README file is for the `pc-developer-tools-arduino` role, a specialized component of the `cymais` repository. This role is specifically crafted for setting up Arduino development tools on personal computers. ## Role Details diff --git a/roles/pc-developer-tools-bash/README.md b/roles/pc-developer-tools-bash/README.md index fa0afa74..f0767871 100644 --- a/roles/pc-developer-tools-bash/README.md +++ b/roles/pc-developer-tools-bash/README.md @@ -1,6 +1,6 @@ # PC-Developer-Tools-Bash Role -## Overview +## πŸ“Œ Overview This README accompanies the `pc-developer-tools-bash` role within the `cymais` repository. This role is dedicated to equipping personal computers with essential tools for Bash scripting and development. ## Role Contents diff --git a/roles/pc-developer-tools-java/README.md b/roles/pc-developer-tools-java/README.md index 5cbf6039..66a86bfd 100644 --- a/roles/pc-developer-tools-java/README.md +++ b/roles/pc-developer-tools-java/README.md @@ -1,6 +1,6 @@ # PC-Developer-Tools-Java Role -## Overview +## πŸ“Œ Overview Welcome to the `pc-developer-tools-java` role, a part of the `cymais` repository. This role is specifically designed for setting up Java development tools on personal computers. It is an essential component for Java developers, providing the necessary tools and dependencies for efficient Java development. ## Role Dependencies diff --git a/roles/pc-developer-tools-php/README.md b/roles/pc-developer-tools-php/README.md index 274f0ce8..fe4df718 100644 --- a/roles/pc-developer-tools-php/README.md +++ b/roles/pc-developer-tools-php/README.md @@ -1,6 +1,6 @@ # PC-Developer-Tools-PHP Role -## Overview +## πŸ“Œ Overview This README document is for the `pc-developer-tools-php` role within the `cymais` repository. This role is specifically designed to facilitate the setup of PHP development tools on personal computing environments. ## Role Contents diff --git a/roles/pc-developer-tools-python/README.md b/roles/pc-developer-tools-python/README.md index 15b503fe..be409a3c 100644 --- a/roles/pc-developer-tools-python/README.md +++ b/roles/pc-developer-tools-python/README.md @@ -1,6 +1,6 @@ # PC-Developer-Tools-Python Role -## Overview +## πŸ“Œ Overview This README accompanies the `pc-developer-tools-python` role, which is part of the `cymais` repository. The role is dedicated to setting up Python development tools on personal computers. ## Role Contents diff --git a/roles/pc-developer-tools/README.md b/roles/pc-developer-tools/README.md index c49e488c..f4d9afca 100644 --- a/roles/pc-developer-tools/README.md +++ b/roles/pc-developer-tools/README.md @@ -1,6 +1,6 @@ # PC-Developer-Tools Role -## Overview +## πŸ“Œ Overview This README document is for the `pc-developer-tools` role within the `cymais` repository. The role is designed to streamline the setup of essential development tools on personal computers, particularly for software development environments. ## Role Contents diff --git a/roles/pc-docker/README.md b/roles/pc-docker/README.md index f02ce2bd..83610073 100644 --- a/roles/pc-docker/README.md +++ b/roles/pc-docker/README.md @@ -1,6 +1,6 @@ # README for PC-Docker Playbook -## Overview +## πŸ“Œ Overview This playbook, `pc-docker`, is part of a larger collection housed within the `cymais` repository. It is specifically tailored for setting up Docker and Docker Compose on personal computers (PCs) used for development purposes. The primary goal is to facilitate a development environment on individual workstations rather than configuring servers for hosting or distributing Docker images. ## Contents diff --git a/roles/pc-games/README.md b/roles/pc-games/README.md index a69da515..429a1876 100644 --- a/roles/pc-games/README.md +++ b/roles/pc-games/README.md @@ -1,6 +1,6 @@ # PC-Games Role -## Overview +## πŸ“Œ Overview This README is for the `pc-games` role, a part of the `cymais` repository. This role is designed to install a variety of popular open-source and freely available games on personal computers. ## Role Contents diff --git a/roles/pc-git/README.md b/roles/pc-git/README.md index ed5bb69a..3373a388 100644 --- a/roles/pc-git/README.md +++ b/roles/pc-git/README.md @@ -1,6 +1,6 @@ # PC-Git Role -## Overview +## πŸ“Œ Overview Welcome to the `pc-git` role documentation, part of the `cymais` repository. This role is focused on setting up Git, a widely-used version control system, on personal computers. The role includes tasks for installing Git and configuring global user details. ## Role Tasks diff --git a/roles/pc-gnome/README.md b/roles/pc-gnome/README.md index 1481ca6c..9d954652 100644 --- a/roles/pc-gnome/README.md +++ b/roles/pc-gnome/README.md @@ -1,6 +1,6 @@ # PC-Gnome Role -## Overview +## πŸ“Œ Overview Welcome to the `pc-gnome` role, a key part of the `cymais` repository. This role is dedicated to setting up and configuring the GNOME desktop environment on personal computers. ## Role Details @@ -24,7 +24,7 @@ The `pc-gnome` role includes several tasks for installing GNOME software, managi 6. **Execute CLI GNOME Extension Manager Script**: - Runs the CLI GNOME Extension Manager script to manage GNOME extensions based on the `{{gnome_extensions}}` variable. -## Further Information +## πŸ“š Other Resources For additional details on managing GNOME extensions via command line, visit [Ask Ubuntu](https://askubuntu.com/questions/1029376/how-do-i-enable-and-disable-gnome-extensions-from-the-command-line). ## Dependencies diff --git a/roles/pc-gnucash/README.md b/roles/pc-gnucash/README.md index 01c338aa..83814e7a 100644 --- a/roles/pc-gnucash/README.md +++ b/roles/pc-gnucash/README.md @@ -1,6 +1,6 @@ # GnuCash Installation Role -## Overview +## πŸ“Œ Overview This Ansible role is responsible for installing GnuCash, a free and open-source financial management software, on systems utilizing the Pacman package manager. It's particularly useful for setting up GnuCash in a Linux environment with minimal manual intervention. ## Role: pc-gnucash diff --git a/roles/pc-jrnl/README.md b/roles/pc-jrnl/README.md index 6c9bca8d..356d462a 100644 --- a/roles/pc-jrnl/README.md +++ b/roles/pc-jrnl/README.md @@ -1,6 +1,6 @@ # Jrnl Role for Ansible -## Overview +## πŸ“Œ Overview This role automates the installation of Jrnl, a simple and effective command-line journal application. It uses the `community.general.pacman` module for systems that support the Pacman package manager, ensuring that Jrnl is installed and up to date. ## Requirements @@ -28,6 +28,6 @@ For more detailed information on Jrnl and its functionalities, visit [Jrnl's off ## Contributing Contributions to this role are welcome. Please adhere to standard coding conventions and best practices. -## More Information +## πŸ“š Other Resources This role was created as part of a larger playbook. For more context on this role, you can refer to the related ChatGPT conversation [here](https://chat.openai.com/share/ae168ca0-5191-4bec-96a0-ffcfabca0024). \ No newline at end of file diff --git a/roles/pc-latex/README.md b/roles/pc-latex/README.md index 4598d391..be8213d1 100644 --- a/roles/pc-latex/README.md +++ b/roles/pc-latex/README.md @@ -1,6 +1,6 @@ # LaTeX Role -## Overview +## πŸ“Œ Overview Welcome to the LaTeX role within the `cymais` repository. It focuses on setting up a comprehensive LaTeX environment on Arch Linux-based systems, catering to the needs of users who require an advanced document preparation system. ## Role Contents diff --git a/roles/pc-libreoffice/README.md b/roles/pc-libreoffice/README.md index 039adae0..f9d7b7a5 100644 --- a/roles/pc-libreoffice/README.md +++ b/roles/pc-libreoffice/README.md @@ -1,6 +1,6 @@ # PC-LibreOffice Role -## Overview +## πŸ“Œ Overview This README is for the `pc-libreoffice` role, part of the `cymais` repository. This role focuses on installing LibreOffice, a powerful and free office suite, along with necessary fonts and language packages. ## Role Contents diff --git a/roles/pc-network-analyze-tools/README.md b/roles/pc-network-analyze-tools/README.md index 2c09f68c..ceb4cdad 100644 --- a/roles/pc-network-analyze-tools/README.md +++ b/roles/pc-network-analyze-tools/README.md @@ -1,6 +1,6 @@ # PC-Network-Analyze-Tools Role -## Overview +## πŸ“Œ Overview This README accompanies the `pc-network-analyze-tools` role within the `cymais` repository. This role is dedicated to installing key network analysis tools on personal computers. ## Role Contents diff --git a/roles/pc-nextcloud/README.md b/roles/pc-nextcloud/README.md index 8bb93fdd..f363a6a2 100644 --- a/roles/pc-nextcloud/README.md +++ b/roles/pc-nextcloud/README.md @@ -1,6 +1,6 @@ # PC-Nextcloud Role -## Overview +## πŸ“Œ Overview This README details the `pc-nextcloud` role, part of the `cymais` repository. This role focuses on setting up the Nextcloud client on personal computers and configuring directory synchronization. ## Role Variables diff --git a/roles/pc-office/README.md b/roles/pc-office/README.md index 7368ca7a..e73b7462 100644 --- a/roles/pc-office/README.md +++ b/roles/pc-office/README.md @@ -1,6 +1,6 @@ # PC-Office Role -## Overview +## πŸ“Œ Overview This README document is for the `pc-office` role, a component of the `cymais` repository. This role is designed to install a suite of office-related software on personal computers, providing a comprehensive set of tools for various office tasks. ## Role Tasks diff --git a/roles/pc-qbittorrent/README.md b/roles/pc-qbittorrent/README.md index 56f8c0de..acba4046 100644 --- a/roles/pc-qbittorrent/README.md +++ b/roles/pc-qbittorrent/README.md @@ -1,6 +1,6 @@ # PC-QBittorrent Role -## Overview +## πŸ“Œ Overview This README is for the `pc-qbittorrent` role within the `cymais` repository. This role is specifically crafted for installing qBittorrent, a popular open-source torrent client, on personal computers. ## Role Tasks diff --git a/roles/pc-security-tools/README.md b/roles/pc-security-tools/README.md index 52d8df37..c050b68a 100644 --- a/roles/pc-security-tools/README.md +++ b/roles/pc-security-tools/README.md @@ -1,6 +1,6 @@ # PC-Security-Tools Role -## Overview +## πŸ“Œ Overview This README document is for the `pc-security-tools` role, a part of the `cymais` repository. This role is designed to equip personal computers with essential tools for enhancing data security and privacy. ## Role Tasks diff --git a/roles/pc-spotify/README.md b/roles/pc-spotify/README.md index 05fa9d9c..6e1df744 100644 --- a/roles/pc-spotify/README.md +++ b/roles/pc-spotify/README.md @@ -1,6 +1,6 @@ # PC-Spotify Role -## Overview +## πŸ“Œ Overview This README is for the `pc-spotify` role, part of the `cymais` repository. This role is dedicated to installing Spotify, a popular digital music streaming service, on personal computers. ## Role Tasks diff --git a/roles/pc-ssh/README.md b/roles/pc-ssh/README.md index e04dc98f..88e37200 100644 --- a/roles/pc-ssh/README.md +++ b/roles/pc-ssh/README.md @@ -1,6 +1,6 @@ # PC-SSH Role -## Overview +## πŸ“Œ Overview Welcome to the `pc-ssh` role, a critical component of the `cymais` repository. This role is dedicated to setting up SSH (Secure Shell) on the client side, facilitating secure access to remote servers. ## Role Description diff --git a/roles/pc-streaming-tools/README.md b/roles/pc-streaming-tools/README.md index 557a3d72..cf0aeca9 100644 --- a/roles/pc-streaming-tools/README.md +++ b/roles/pc-streaming-tools/README.md @@ -1,6 +1,6 @@ # PC-Streaming-Tools Role -## Overview +## πŸ“Œ Overview This README is associated with the `pc-streaming-tools` role, part of the `cymais` repository. This role is focused on setting up essential tools for live streaming and video recording on personal computers. ## Role Tasks diff --git a/roles/pc-torbrowser/README.md b/roles/pc-torbrowser/README.md index 43dcc134..45ae7eab 100644 --- a/roles/pc-torbrowser/README.md +++ b/roles/pc-torbrowser/README.md @@ -1,6 +1,6 @@ # PC-TorBrowser Role -## Overview +## πŸ“Œ Overview This README document is for the `pc-torbrowser` role, a crucial component of the `cymais` repository. This role is specifically designed for the installation and setup of Tor Browser on personal computers. ## Role Tasks diff --git a/roles/pc-video-conference/README.md b/roles/pc-video-conference/README.md index d720c67e..a60eab06 100644 --- a/roles/pc-video-conference/README.md +++ b/roles/pc-video-conference/README.md @@ -1,6 +1,6 @@ # PC-Video-Conference Role -## Overview +## πŸ“Œ Overview Welcome to the `pc-video-conference` role documentation, a part of the `cymais` repository. This role is focused on installing video conferencing software on Linux systems, specifically tailored for personal use and remote work requirements. ## Role Tasks @@ -9,7 +9,7 @@ The `main.yml` file in the `pc-video-conference` role includes tasks for setting 1. **Install Video Conference Software**: - Utilizes the `kewlfft.aur.aur` module with `yay` as the helper to install `zoom`, a popular video conferencing application. -## Further Information +## πŸ“š Other Resources - As noted, the Microsoft Teams client is no longer natively supported on Linux. For more information and potential workarounds, you can visit the [AUR package page for Teams](https://aur.archlinux.org/packages/teams). ## Dependencies diff --git a/roles/postfix/README.md b/roles/postfix/README.md index c6c242a6..58f68a34 100644 --- a/roles/postfix/README.md +++ b/roles/postfix/README.md @@ -4,7 +4,7 @@ This role installs and configures [Postfix](https://en.wikipedia.org/wiki/Postfix_(software)) – a mail transfer agent – on the target system. It deploys a preconfigured aliases file (using a Jinja2 template) that defines mail redirections and standard aliases for local mail delivery. -## Overview +## πŸ“Œ Overview Optimized for secure and reliable mail delivery, this role: - Installs Postfix via [pacman](https://wiki.archlinux.org/title/Pacman). diff --git a/roles/python-pip/README.md b/roles/python-pip/README.md index 02f9c9f8..0a7d4951 100644 --- a/roles/python-pip/README.md +++ b/roles/python-pip/README.md @@ -4,7 +4,7 @@ This role installs the [python-pip](https://en.wikipedia.org/wiki/Pip_(package_manager)) package on the target system. It ensures that the pip package manager is available for installing Python packages. -## Overview +## πŸ“Œ Overview Optimized for simplicity and idempotency, this role: - Installs the python-pip package using [pacman](https://wiki.archlinux.org/title/Pacman). diff --git a/roles/restart-docker/README.md b/roles/restart-docker/README.md index 333d60f9..699a8723 100644 --- a/roles/restart-docker/README.md +++ b/roles/restart-docker/README.md @@ -3,7 +3,7 @@ This role automates the restart process for Docker Compose instances within a specified directory. It deploys a Python script that checks for the presence of docker-compose.yml files and restarts the associated servicesβ€”using a hard restart for certain directories if needed. -## Overview +## πŸ“Œ Overview Optimized for containerized environments, this role: - Sets up the necessary directories and scripts for restarting Docker Compose instances. @@ -26,5 +26,5 @@ The primary purpose of this role is to ensure that all Docker Compose services a # Context This role was implemented to address the classic issue: ["Have you tried turning it off and on again?"](https://www.youtube.com/watch?v=rksCTVFtjM4). The problem initially arose with the `fetchmail` container in [Mailu](../roles/docker/mailu), which fails if only some containers, and not the full docker-compose composition, are restarted. -## Credits +## Credits πŸ“ This role was developed with the assistance of [ChatGPT](https://openai.com/chatgpt), including insights and optimizations from this [conversation](https://chatgpt.com/share/674c6870-fcc4-800f-a19e-b20621b24317). Special thanks for providing guidance on error handling, Ansible best practices, and Python integration. \ No newline at end of file diff --git a/roles/sshd/README.md b/roles/sshd/README.md index ea198456..01cf5145 100644 --- a/roles/sshd/README.md +++ b/roles/sshd/README.md @@ -4,7 +4,7 @@ This role configures the SSH daemon ([sshd](https://man7.org/linux/man-pages/man5/sshd_config.5.html)) on the target system by deploying a templated configuration file. It ensures that secure and proper SSH settings are applied, reducing the risk of misconfiguration and potential lockout. -## Overview +## πŸ“Œ Overview Optimized for secure remote access, this role: - Generates an SSH daemon configuration file from a Jinja2 template. @@ -21,6 +21,6 @@ The primary purpose of this role is to establish a secure SSH environment by dep - **Systemd Integration:** Automatically restarts the SSH service upon configuration changes. - **Security Enhancements:** Enforces secure defaults such as disabled root login and public key authentication. -## Further Information +## πŸ“š Other Resources - https://www.google.com/search?client=firefox-b-d&q=sshd+why+to+deactivate+pam - https://man7.org/linux/man-pages/man5/sshd_config.5.html diff --git a/roles/sudo/README.md b/roles/sudo/README.md index 5209e224..50809bbc 100644 --- a/roles/sudo/README.md +++ b/roles/sudo/README.md @@ -4,7 +4,7 @@ This role installs the [sudo](https://en.wikipedia.org/wiki/Sudo) package and deploys a default sudoers file to ensure secure and consistent privilege escalation on the target system. It uses a preconfigured sudoers file that follows best practices and includes directives to read drop-in files from `/etc/sudoers.d`. -## Overview +## πŸ“Œ Overview Optimized for security and ease of administration, this role guarantees that sudo is installed and configured according to recommended practices. The provided sudoers file includes essential comments, host/user aliases, and defaults to help prevent misconfigurations. diff --git a/roles/system-aur-helper/README.md b/roles/system-aur-helper/README.md index 214abd66..0efb8c7f 100644 --- a/roles/system-aur-helper/README.md +++ b/roles/system-aur-helper/README.md @@ -3,7 +3,7 @@ This role ensures that the AUR helper [yay](https://wiki.archlinux.org/title/Yay) is installed on the system. It installs yay via [pacman](https://wiki.archlinux.org/title/Pacman) and creates a dedicated `aur_builder` user to facilitate building AUR packages. -## Overview +## πŸ“Œ Overview The role performs the following tasks: - Installs the AUR helper [yay](https://wiki.archlinux.org/title/Yay) using pacman. @@ -20,5 +20,5 @@ The primary purpose of this role is to streamline AUR package management on Arch - **User Creation:** Creates a dedicated `aur_builder` user. - **Sudo Configuration:** Grants passwordless sudo rights to `aur_builder` for pacman. -## More Information +## πŸ“š Other Resources - https://github.com/kewlfft/ansible-aur \ No newline at end of file diff --git a/roles/system-btrfs-auto-balancer/README.md b/roles/system-btrfs-auto-balancer/README.md index 433b97cf..24f024f5 100644 --- a/roles/system-btrfs-auto-balancer/README.md +++ b/roles/system-btrfs-auto-balancer/README.md @@ -4,7 +4,7 @@ This role automates the management and balancing of Btrfs file systems. It clones the latest version of the [auto-btrfs-balancer](https://github.com/kevinveenbirkenbach/auto-btrfs-balancer.git) repository and configures a systemd service and timer to run the balancing script automatically. -## Overview +## πŸ“Œ Overview Optimized for automated file system management, this role: - Clones the auto-btrfs-balancer repository. diff --git a/roles/system-maintenance-lock/README.md b/roles/system-maintenance-lock/README.md index 4a458082..40fd3dcd 100644 --- a/roles/system-maintenance-lock/README.md +++ b/roles/system-maintenance-lock/README.md @@ -4,7 +4,7 @@ This role provides a locking mechanism to ensure that critical services are not interrupted during maintenance activities such as updates, backups, or patch applications. It waits for specified services to stop and prevents conflicting operations. -## Overview +## πŸ“Œ Overview The role performs the following: - Blocks execution until specified services have stopped. @@ -21,5 +21,5 @@ The primary purpose of this role is to safeguard system stability during mainten - **Timeout and Retry Logic:** Configurable wait times and maximum attempts. - **Conflict Avoidance:** Prevents interference between maintenance operations and running services. -## Credits +## Credits πŸ“ Created with ChatGPT. Conversation is [here](https://chat.openai.com/share/a886b86b-8de6-4eca-9fba-e36c9f20d536) available. \ No newline at end of file diff --git a/roles/system-security/README.md b/roles/system-security/README.md index 03a69086..f00be063 100644 --- a/roles/system-security/README.md +++ b/roles/system-security/README.md @@ -4,7 +4,7 @@ This role configures security-related settings on the target system to ensure that essential security services are properly managed. It reinforces system security by integrating with related roles and enforcing best practices. -## Overview +## πŸ“Œ Overview The role focuses on: - Configuring key security services such as [SSH](https://en.wikipedia.org/wiki/Secure_Shell). diff --git a/roles/system-storage-optimizer/README.md b/roles/system-storage-optimizer/README.md index e29995d1..8ee686b7 100644 --- a/roles/system-storage-optimizer/README.md +++ b/roles/system-storage-optimizer/README.md @@ -4,7 +4,7 @@ This role optimizes storage allocation for Docker volumes by migrating volumes between SSD (rapid storage) and HDD (mass storage) based on container image types. It creates symbolic links to maintain consistent storage paths after migration. -## Overview +## πŸ“Œ Overview The role performs the following tasks: - Migrates Docker volumes with database workloads to rapid storage (SSD) for improved performance. @@ -23,7 +23,7 @@ The primary purpose of this role is to enhance system performance by ensuring th - **Container Management:** Safely stops and starts containers during volume migration. - **Performance Optimization:** Improves overall system performance by leveraging appropriate storage media. -## Credits +## Credits πŸ“ For detailed context and the development history of this role, refer to [this conversation](https://chat.openai.com/share/40fef8a6-5e9b-4b5e-8e68-7f2fd9abf5cc). diff --git a/roles/system-swapfile/README.md b/roles/system-swapfile/README.md index c8c6a9a2..0a4229a7 100644 --- a/roles/system-swapfile/README.md +++ b/roles/system-swapfile/README.md @@ -4,7 +4,7 @@ This role automates the creation of a swapfile on the target system by cloning a swapfile creation script from a Git repository and executing it with the specified swapfile size. -## Overview +## πŸ“Œ Overview The role performs the following tasks: - Clones the swapfile creation script from the Git repository. diff --git a/roles/systemd-notifier-email/README.md b/roles/systemd-notifier-email/README.md index 4c9110e2..04753621 100644 --- a/roles/systemd-notifier-email/README.md +++ b/roles/systemd-notifier-email/README.md @@ -4,7 +4,7 @@ This role installs and configures the necessary components for sending email notifications via systemd when a service fails. It sets up the `systemd-notifier-email` service and configures email parameters and templates using msmtp. -## Overview +## πŸ“Œ Overview Optimized for secure and reliable service failure notifications, this role is an integral part of the overall `systemd-notifier` suite. It ensures that, upon failure of a critical service, an email alert is sent automatically to enable prompt troubleshooting. @@ -19,6 +19,6 @@ The primary purpose of this role is to provide a comprehensive solution for auto - **Secure Notifications:** Integrates with systemd to trigger email alerts when services fail. - **Suite Integration:** Part of the `systemd-notifier` suite, offering a unified approach to service failure notifications. -## Further Information +## πŸ“š Other Resources This role was created as part of a conversation with OpenAI's ChatGPT and can be found [here](https://chat.openai.com/share/96e4ca12-0888-41c0-9cfc-29c0180f0dba). diff --git a/roles/systemd-notifier-telegram/README.md b/roles/systemd-notifier-telegram/README.md index b9d504db..9b18cb0b 100644 --- a/roles/systemd-notifier-telegram/README.md +++ b/roles/systemd-notifier-telegram/README.md @@ -4,7 +4,7 @@ This role installs and configures the necessary components for sending notifications via systemd when a service fails. It sets up the `systemd-notifier-telegram` service and configures parameters and customizable templates for sending messages through [Telegram](https://telegram.org). -## Overview +## πŸ“Œ Overview Optimized for real-time alerts, this role is a key component of the overall [`systemd-notifier` suite](../). It ensures that, upon failure of a critical service, a Telegram message is automatically sent to notify administrators and enable prompt troubleshooting. @@ -19,6 +19,6 @@ The primary purpose of this role is to provide a robust solution for automated T - **Secure Notifications:** Leverages systemd to trigger alerts automatically when services fail. - **Suite Integration:** Part of the [`systemd-notifier` suite](../) which includes related roles such as [systemd-notifier-email](../systemd-notifier-email/README.md) and others. -## Further Information +## πŸ“š Other Resources This role was developed as part of a conversation with OpenAI's ChatGPT and can be found [here](https://chat.openai.com/share/96e4ca12-0888-41c0-9cfc-29c0180f0dba). diff --git a/roles/systemd-notifier/README.md b/roles/systemd-notifier/README.md index 444a9f61..2f36839b 100644 --- a/roles/systemd-notifier/README.md +++ b/roles/systemd-notifier/README.md @@ -4,7 +4,7 @@ This role installs a systemd service that sends notifications via both [systemd-notifier-telegram](../systemd-notifier-telegram/README.md) and [systemd-notifier-email](../systemd-notifier-email/README.md) when any service fails. -## Overview +## πŸ“Œ Overview Optimized for prompt and comprehensive failure alerts, this role configures a unified notification service. It leverages the capabilities of both Telegram and Email notifications to ensure that administrators are quickly informed about service issues, enabling rapid troubleshooting. diff --git a/roles/systemd-timer/README.md b/roles/systemd-timer/README.md index 1d980a2d..727b532e 100644 --- a/roles/systemd-timer/README.md +++ b/roles/systemd-timer/README.md @@ -4,7 +4,7 @@ This role configures a systemd timer to periodically start a corresponding service. It uses a Jinja2 template to create a timer unit file that specifies the scheduling parameters (such as OnCalendar and RandomizedDelaySec) and then restarts the timer service accordingly. -## Overview +## πŸ“Œ Overview Optimized for automated task scheduling in a [systemd](https://en.wikipedia.org/wiki/Systemd) environment, this role: - Generates a timer unit file for a given service (using the `service_name` variable). diff --git a/roles/update-apt/README.md b/roles/update-apt/README.md index 21468d68..7fd8ba71 100644 --- a/roles/update-apt/README.md +++ b/roles/update-apt/README.md @@ -4,7 +4,7 @@ This role updates packages on Debian-based systems. It refreshes the apt cache and performs a distribution upgrade to ensure all packages are at their latest version. -## Overview +## πŸ“Œ Overview Designed for Debian and Ubuntu systems, this role: - Updates the package cache using apt. diff --git a/roles/update-docker/README.md b/roles/update-docker/README.md index 77bfa0ec..5feb103f 100644 --- a/roles/update-docker/README.md +++ b/roles/update-docker/README.md @@ -4,7 +4,7 @@ This role updates Docker Compose instances by checking for changes in Docker image digests and applying updates if necessary. It utilizes a Python script to handle git pulls and Docker image pulls, and rebuilds containers when changes are detected. -## Overview +## πŸ“Œ Overview The role performs the following: - Deploys a Python script to check for Docker image updates. @@ -23,5 +23,5 @@ The role is designed to ensure that Docker images remain current by automaticall - **Service Management:** Configures and restarts a systemd service to handle updates. - **Application-Specific Procedures:** Includes hooks for updating specific Docker applications. -## Credits +## Credits πŸ“ It was created with the help of ChatGPT. The conversation is available [here](https://chat.openai.com/share/165418b8-25fa-433b-baca-caded941e22a) \ No newline at end of file diff --git a/roles/update-pacman/README.md b/roles/update-pacman/README.md index 09869e11..47958988 100644 --- a/roles/update-pacman/README.md +++ b/roles/update-pacman/README.md @@ -4,7 +4,7 @@ This role updates the package cache and upgrades installed packages on Arch Linux systems using [pacman](https://wiki.archlinux.org/title/Pacman). -## Overview +## πŸ“Œ Overview Optimized for Arch Linux, this role uses pacman to refresh the package cache and upgrade all installed packages to their latest available versions. It automates system updates to ensure that the system remains secure and up-to-date with the latest software improvements and security patches. diff --git a/roles/update-yay/README.md b/roles/update-yay/README.md index 1433651e..637c69b7 100644 --- a/roles/update-yay/README.md +++ b/roles/update-yay/README.md @@ -4,7 +4,7 @@ This role updates AUR packages on Arch Linux systems using [yay](https://wiki.archlinux.org/title/Yay). It automates the process of upgrading AUR packages, ensuring that your system stays current with the latest software available in the Arch User Repository. -## Overview +## πŸ“Œ Overview The role performs the following: - Checks if the [yay](https://wiki.archlinux.org/title/Yay) AUR helper is installed. diff --git a/roles/update/tasks/README.md b/roles/update/tasks/README.md index 117d7002..d50742b8 100644 --- a/roles/update/tasks/README.md +++ b/roles/update/tasks/README.md @@ -4,7 +4,7 @@ This role serves as a central orchestrator for system updates. It conditionally executes various update roles based on the target system and available directories, ensuring that packages and Docker images are kept up-to-date. -## Overview +## πŸ“Œ Overview This role performs the following tasks: - Checks if the Docker Compose instances directory exists. diff --git a/roles/user-administrator/README.md b/roles/user-administrator/README.md index 63a96d67..6e099a92 100644 --- a/roles/user-administrator/README.md +++ b/roles/user-administrator/README.md @@ -4,7 +4,7 @@ This role creates a dedicated administrator user for local administrative tasks. The administrator account is configured to require a password when executing [sudo](https://en.wikipedia.org/wiki/Sudo), ensuring secure privilege escalation. For security reasons, it is recommended to use this dedicated administrator user instead of the default root account. The role also sets up SSH-related configuration by copying an authorized_keys file from inventory data. -## Overview +## πŸ“Œ Overview Optimized for secure system management, this role performs the following: - Creates an administrator user with a home directory. diff --git a/roles/user-root/README.md b/roles/user-root/README.md index 851bb78b..219dcff1 100644 --- a/roles/user-root/README.md +++ b/roles/user-root/README.md @@ -4,7 +4,7 @@ This role manages the generation and handling of an SSH key for the [root user](https://en.wikipedia.org/wiki/Superuser) on a target system. It ensures that an SSH key is generated if one does not already exist and outputs the public key, enabling secure SSH access for the root user in automated environments. -## Overview +## πŸ“Œ Overview Optimized for secure system administration, this role performs the following tasks: - Verifies the existence of a root SSH public key. diff --git a/roles/user/README.md b/roles/user/README.md index fd6b7a42..b4f962bd 100644 --- a/roles/user/README.md +++ b/roles/user/README.md @@ -1,10 +1,10 @@ -# User Role +# User ## Description This role executes tasks that are relevant for all users by configuring essential shell files. It deploys customized templates for [`.bashrc`](https://wiki.archlinux.org/title/Bash#Startup_files) and [`.bash_profile`](https://wiki.archlinux.org/title/Bash#Login_shells) for any specified user. This ensures a consistent and enhanced shell environment across the system. -## Overview +## πŸ“Œ Overview Optimized for modular configuration, this role uses Jinja2 templates to create: - A customized [`.bashrc`](https://wiki.archlinux.org/title/Bash#Startup_files) that sets up a dynamic welcome message, system information, and useful aliases. diff --git a/roles/wireguard/Administration.md b/roles/wireguard/Administration.md index f21969d4..2f4a1c67 100644 --- a/roles/wireguard/Administration.md +++ b/roles/wireguard/Administration.md @@ -25,7 +25,7 @@ systemctl status wg-quick@wg0.cymais.service ``` -## Further Information +## πŸ“š Other Resources - https://golb.hplar.ch/2019/01/expose-server-vpn.html - https://wiki.archlinux.org/index.php/WireGuard - https://wireguard.how/server/raspbian/ diff --git a/roles/wireguard/README.md b/roles/wireguard/README.md index d8fc9002..7168bd53 100644 --- a/roles/wireguard/README.md +++ b/roles/wireguard/README.md @@ -4,7 +4,7 @@ This role manages [Wireguard](https://www.wireguard.com/) on the host. It installs the necessary Wireguard packages, configures sysctl settings for IPv4/IPv6 forwarding, and deploys the Wireguard configuration file to enable the VPN service using [wg-quick](https://www.wireguard.com/quickstart/). -## Overview +## πŸ“Œ Overview Optimized for both [Arch Linux](https://wiki.archlinux.org/index.php/WireGuard) and [Ubuntu/Debian](https://wireguard.com/install/), this role performs the following tasks: - Installs Wireguard tools using the appropriate package manager.