kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2024-09-19 16:03:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

refactored playbooks, tracking and implemented multi domain for mybb

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2023-12-06 16:29:34 +01:00
parent 4a540e21b3
commit 994b61dd1a
8 changed files with 208 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
playbook-common.yml Normal file
View File

@ -0,0 +1,61 @@
---
# general setup
- name: general setup
hosts: all
become: true
tasks:
roles:
- role: update
when: execute_updates is true
- name: setup standard wireguard
hosts: wireguard_server
become: true
roles:
- wireguard
# vpn setup
- name: setup wireguard client behind firewall\nat
hosts: wireguard_behind_firewall
become: true
roles:
- client-wireguard-behind-firewall
- name: setup wireguard client
hosts: wireguard_client
become: true
roles:
- client-wireguard
## backup setup
- name: setup replica backup hosts
hosts: replica_backup
become: true
roles:
- role: backup-remote-to-local
- name: setup backup to swappable
hosts: backup_to_usb
become: true
roles:
- backup-data-to-usb
## driver setup
- name: driver-intel
hosts: intel
become: true
roles:
- driver-intel
- name: setup multiprinter hosts
hosts: epson_multiprinter
become: true
roles:
- driver-epson-multiprinter
## system setup
- name: setup swapfile hosts
hosts: swapfile
become: false
roles:
- system-swapfile

102
playbook-pcs.yml Normal file
View File

@ -0,0 +1,102 @@
---
- import_playbook: playbook-common.yml
## pc applications
- name: general host setup
hosts: personal_computers
become: true
roles:
- pc-administrator-tools
- driver-non-free
- name: pc-office
hosts: collection_officetools
become: true
roles:
- pc-office
- name: personal computer for business
hosts: business_personal_computer
become: true
roles:
- pc-gnucash
- name: pc-designer-tools
hosts: collection_designer
become: true
roles:
- pc-designer-tools
- name: pc-qbittorrent
hosts: collection_torrent
become: true
roles:
- pc-qbittorrent
- name: pc-streaming-tools
hosts: collection_streamer
become: true
roles:
- pc-streaming-tools
- name: pc-bluray-player-tools
hosts: collection_bluray_player
become: true
roles:
- pc-bluray-player-tools
- name: pc-latex
hosts: latex
become: true
roles:
- pc-latex
- name: GNOME setup
hosts: gnome
become: true
roles:
- pc-gnome
- name: setup ssh client
hosts: ssh
become: false
roles:
- pc-ssh
- name: setup gaming hosts
hosts: gaming
become: true
roles:
- pc-games
- name: setup entertainment hosts
hosts: entertainment
become: true
roles:
- pc-spotify
- name: setup torbrowser hosts
hosts: torbrowser
become: true
roles:
- pc-torbrowser
- name: setup nextcloud
hosts: nextcloud_client
become: true
roles:
- pc-nextcloud
- name: setup docker
hosts: docker
become: true
roles:
- pc-docker
# driver
- name: setup msi rgb keyboard
hosts: msi_perkeyrgb
become: true
roles:
- driver-msi-keyboard-color

180
playbook.yml → playbook-servers.yml
View File

@ -1,11 +1,6 @@
---
- name: general setup
hosts: all
become: true
tasks:
roles:
- role: update
when: execute_updates is true
- import_playbook: playbook-common.yml
- name: servers host setup
hosts: servers
@ -17,25 +12,6 @@
- cleanup-disc-space
- health-btrfs
# Wireguard Rollen
- name: setup standard wireguard
hosts: wireguard_server
become: true
roles:
- wireguard
- name: setup wireguard client behind firewall\nat
hosts: wireguard_behind_firewall
become: true
roles:
- client-wireguard-behind-firewall
- name: setup wireguard client
hosts: wireguard_client
become: true
roles:
- client-wireguard
# Native Webserver Roles
- name: setup nginx-homepages
hosts: homepage
@ -61,6 +37,7 @@
vars:
domain: cloud.{{top_domain}}
http_port: 8001
- name: setup gitea hosts
hosts: gitea
become: true
@ -71,13 +48,13 @@
http_port: 8002
ssh_port: 2201
run_mode: prod
- name: setup wordpress hosts
hosts: wordpress
become: true
roles:
- role: docker-wordpress
vars:
domain: "{{ item }}"
http_port: 8003
- name: setup mediawiki hosts
@ -88,14 +65,16 @@
vars:
domain: wiki.{{top_domain}}
http_port: 8004
- name: setup mybb hosts
hosts: mybb
become: true
roles:
- role: docker-mybb
vars:
domain: forum.{{top_domain}}
domains: "{{mybb_domains}}"
http_port: 8005
- name: setup yourls hosts
hosts: yourls
become: true
@ -104,6 +83,7 @@
vars:
domain: s.{{top_domain}}
http_port: 8006
- name: setup mailu hosts
hosts: mailu
become: true
@ -112,6 +92,7 @@
vars:
domain: "mail.{{top_domain}}"
http_port: 8007
- name: setup elk hosts
hosts: elk
become: true
@ -120,6 +101,7 @@
vars:
domain: "elk.{{top_domain}}"
http_port: 8008
- name: setup mastodon hosts
hosts: mastodon
become: true
@ -129,6 +111,7 @@
domain: "mastodon.{{top_domain}}"
http_port: 8009
stream_port: 4001
- name: setup pixelfed hosts
hosts: pixelfed
become: true
@ -137,6 +120,7 @@
vars:
domain: pixelfed.{{top_domain}}
http_port: 8010
- name: setup peertube hosts
hosts: peertube
become: true
@ -145,6 +129,7 @@
vars:
domain: peertube.{{top_domain}}
http_port: 8011
- name: setup bigbluebutton hosts
hosts: bigbluebutton
become: true
@ -160,6 +145,7 @@
vars:
domain: funkwhale.{{top_domain}}
http_port: 8012
- name: setup roulette-wheel hosts
hosts: roulette_wheel
become: true
@ -168,6 +154,7 @@
vars:
domain: roulette.{{top_domain}}
http_port: 8013
- name: setup joomla hosts
hosts: joomla
become: true
@ -176,6 +163,7 @@
vars:
domain: "joomla.{{top_domain}}"
http_port: 8014
- name: setup attendize
hosts: attendize
become: true
@ -185,6 +173,7 @@
domain: "tickets.{{top_domain}}"
http_port: 8015
mail_interface_http_port: 8016
- name: setup baserow hosts
hosts: baserow
become: true
@ -193,6 +182,7 @@
vars:
domain: baserow.{{top_domain}}
http_port: 8017
- name: setup matomo hosts
hosts: matomo
become: true
@ -201,6 +191,7 @@
vars:
domain: matomo.{{top_domain}}
http_port: 8018
- name: setup listmonk
hosts: listmonk
become: true
@ -209,6 +200,7 @@
vars:
domain: listmonk.{{top_domain}}
http_port: 8019
- name: setup akaunting hosts
hosts: akaunting
become: true
@ -216,134 +208,4 @@
- role: docker-akaunting
vars:
domain: akaunting.{{top_domain}}
http_port: 8080
# Backup Roles
- name: setup replica backup hosts
hosts: replica_backup
become: true
roles:
- role: backup-remote-to-local
## PC services
- name: general host setup
hosts: personal_computers
become: true
roles:
- pc-administrator-tools
- driver-non-free
- name: pc-office
hosts: collection_officetools
become: true
roles:
- pc-office
- name: personal computer for business
hosts: business_personal_computer
become: true
roles:
- pc-gnucash
- name: pc-designer-tools
hosts: collection_designer
become: true
roles:
- pc-designer-tools
- name: pc-qbittorrent
hosts: collection_torrent
become: true
roles:
- pc-qbittorrent
- name: pc-streaming-tools
hosts: collection_streamer
become: true
roles:
- pc-streaming-tools
- name: pc-bluray-player-tools
hosts: collection_bluray_player
become: true
roles:
- pc-bluray-player-tools
- name: driver-intel
hosts: intel
become: true
roles:
- driver-intel
- name: pc-latex
hosts: latex
become: true
roles:
- pc-latex
- name: GNOME setup
hosts: gnome
become: true
roles:
- pc-gnome
- name: setup msi rgb keyboard
hosts: msi_perkeyrgb
become: true
roles:
- driver-msi-keyboard-color
- name: setup ssh hosts
hosts: ssh
become: false
roles:
- pc-ssh
- name: setup swapfile hosts
hosts: swapfile
become: false
roles:
- system-swapfile
- name: setup gaming hosts
hosts: gaming
become: true
roles:
- pc-games
- name: setup entertainment hosts
hosts: entertainment
become: true
roles:
- pc-spotify
- name: setup multiprinter hosts
hosts: epson_multiprinter
become: true
roles:
- driver-epson-multiprinter
- name: setup torbrowser hosts
hosts: torbrowser
become: true
roles:
- pc-torbrowser
- name: setup nextcloud
hosts: nextcloud_client
become: true
roles:
- pc-nextcloud
- name: setup docker
hosts: docker
become: true
roles:
- pc-docker
- name: setup backup to swappable
hosts: backup_to_usb
become: true
roles:
- backup-data-to-usb
http_port: 8080

17
roles/docker-mybb/tasks/main.yml
View File

@ -1,16 +1,13 @@
---
- name: recieve {{domain}} certificate
command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
- name: "include tasks nginx-docker-proxy-domain.yml"
include_tasks: nginx-docker-proxy-domain.yml
loop: "{{ domains }}"
loop_control:
loop_var: domain
- name: configure {{domain}}.conf
template:
src: "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
dest: "/etc/nginx/conf.d/{{domain}}.conf"
notify: restart nginx
- name: "create {{conf_d_docker_directory}} and parent directories"
- name: "create {{conf_d_server_directory}} and parent directories"
file:
path: "{{conf_d_docker_directory}}"
path: "{{conf_d_server_directory}}"
state: directory
mode: 0755
recurse: yes

5
roles/nginx/tasks/main.yml
View File

@ -9,11 +9,6 @@
state: directory
mode: 0755
- name: Activate NGINX matomo tracking
include_role:
name: nginx-matomo-tracking
when: nginx_matomo_tracking_active and domain is defined
- name: create nginx config file
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
notify: restart nginx

5
tasks/create-domain-conf.yml Normal file
View File

@ -0,0 +1,5 @@
- name: configure {{domain}}.conf
template:
src: "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
dest: "/etc/nginx/conf.d/{{domain}}.conf"
notify: restart nginx

4
tasks/implement-matomo-tracking.yml Normal file
View File

@ -0,0 +1,4 @@
- name: Activate NGINX matomo tracking
include_role:
name: nginx-matomo-tracking
when: nginx_matomo_tracking_active and domain is defined

8
tasks/nginx-docker-proxy-domain.yml Normal file
View File

@ -0,0 +1,8 @@
- name: "include task receive certbot certificate"
include_tasks: recieve-certbot-certificate.yml
- name: "include task implement-matomo-tracking.yml"
include_tasks: implement-matomo-tracking.yml
- name: "include task create-domain-conf.yml"
include_tasks: create-domain-conf.yml