mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-22 12:41:05 +01:00
refactored playbooks, tracking and implemented multi domain for mybb
This commit is contained in:
parent
4a540e21b3
commit
994b61dd1a
61
playbook-common.yml
Normal file
61
playbook-common.yml
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
---
|
||||||
|
# general setup
|
||||||
|
- name: general setup
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
roles:
|
||||||
|
- role: update
|
||||||
|
when: execute_updates is true
|
||||||
|
|
||||||
|
- name: setup standard wireguard
|
||||||
|
hosts: wireguard_server
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- wireguard
|
||||||
|
|
||||||
|
# vpn setup
|
||||||
|
- name: setup wireguard client behind firewall\nat
|
||||||
|
hosts: wireguard_behind_firewall
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- client-wireguard-behind-firewall
|
||||||
|
|
||||||
|
- name: setup wireguard client
|
||||||
|
hosts: wireguard_client
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- client-wireguard
|
||||||
|
|
||||||
|
## backup setup
|
||||||
|
- name: setup replica backup hosts
|
||||||
|
hosts: replica_backup
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- role: backup-remote-to-local
|
||||||
|
|
||||||
|
- name: setup backup to swappable
|
||||||
|
hosts: backup_to_usb
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- backup-data-to-usb
|
||||||
|
|
||||||
|
## driver setup
|
||||||
|
- name: driver-intel
|
||||||
|
hosts: intel
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- driver-intel
|
||||||
|
|
||||||
|
- name: setup multiprinter hosts
|
||||||
|
hosts: epson_multiprinter
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- driver-epson-multiprinter
|
||||||
|
|
||||||
|
## system setup
|
||||||
|
- name: setup swapfile hosts
|
||||||
|
hosts: swapfile
|
||||||
|
become: false
|
||||||
|
roles:
|
||||||
|
- system-swapfile
|
102
playbook-pcs.yml
Normal file
102
playbook-pcs.yml
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- import_playbook: playbook-common.yml
|
||||||
|
|
||||||
|
## pc applications
|
||||||
|
- name: general host setup
|
||||||
|
hosts: personal_computers
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-administrator-tools
|
||||||
|
- driver-non-free
|
||||||
|
|
||||||
|
- name: pc-office
|
||||||
|
hosts: collection_officetools
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-office
|
||||||
|
|
||||||
|
- name: personal computer for business
|
||||||
|
hosts: business_personal_computer
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-gnucash
|
||||||
|
|
||||||
|
- name: pc-designer-tools
|
||||||
|
hosts: collection_designer
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-designer-tools
|
||||||
|
|
||||||
|
- name: pc-qbittorrent
|
||||||
|
hosts: collection_torrent
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-qbittorrent
|
||||||
|
|
||||||
|
- name: pc-streaming-tools
|
||||||
|
hosts: collection_streamer
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-streaming-tools
|
||||||
|
|
||||||
|
- name: pc-bluray-player-tools
|
||||||
|
hosts: collection_bluray_player
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-bluray-player-tools
|
||||||
|
|
||||||
|
- name: pc-latex
|
||||||
|
hosts: latex
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-latex
|
||||||
|
|
||||||
|
- name: GNOME setup
|
||||||
|
hosts: gnome
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-gnome
|
||||||
|
|
||||||
|
- name: setup ssh client
|
||||||
|
hosts: ssh
|
||||||
|
become: false
|
||||||
|
roles:
|
||||||
|
- pc-ssh
|
||||||
|
|
||||||
|
- name: setup gaming hosts
|
||||||
|
hosts: gaming
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-games
|
||||||
|
|
||||||
|
- name: setup entertainment hosts
|
||||||
|
hosts: entertainment
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-spotify
|
||||||
|
|
||||||
|
- name: setup torbrowser hosts
|
||||||
|
hosts: torbrowser
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-torbrowser
|
||||||
|
|
||||||
|
- name: setup nextcloud
|
||||||
|
hosts: nextcloud_client
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-nextcloud
|
||||||
|
|
||||||
|
- name: setup docker
|
||||||
|
hosts: docker
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- pc-docker
|
||||||
|
|
||||||
|
# driver
|
||||||
|
- name: setup msi rgb keyboard
|
||||||
|
hosts: msi_perkeyrgb
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- driver-msi-keyboard-color
|
@ -1,11 +1,6 @@
|
|||||||
---
|
---
|
||||||
- name: general setup
|
|
||||||
hosts: all
|
- import_playbook: playbook-common.yml
|
||||||
become: true
|
|
||||||
tasks:
|
|
||||||
roles:
|
|
||||||
- role: update
|
|
||||||
when: execute_updates is true
|
|
||||||
|
|
||||||
- name: servers host setup
|
- name: servers host setup
|
||||||
hosts: servers
|
hosts: servers
|
||||||
@ -17,25 +12,6 @@
|
|||||||
- cleanup-disc-space
|
- cleanup-disc-space
|
||||||
- health-btrfs
|
- health-btrfs
|
||||||
|
|
||||||
# Wireguard Rollen
|
|
||||||
- name: setup standard wireguard
|
|
||||||
hosts: wireguard_server
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- wireguard
|
|
||||||
|
|
||||||
- name: setup wireguard client behind firewall\nat
|
|
||||||
hosts: wireguard_behind_firewall
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- client-wireguard-behind-firewall
|
|
||||||
|
|
||||||
- name: setup wireguard client
|
|
||||||
hosts: wireguard_client
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- client-wireguard
|
|
||||||
|
|
||||||
# Native Webserver Roles
|
# Native Webserver Roles
|
||||||
- name: setup nginx-homepages
|
- name: setup nginx-homepages
|
||||||
hosts: homepage
|
hosts: homepage
|
||||||
@ -61,6 +37,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: cloud.{{top_domain}}
|
domain: cloud.{{top_domain}}
|
||||||
http_port: 8001
|
http_port: 8001
|
||||||
|
|
||||||
- name: setup gitea hosts
|
- name: setup gitea hosts
|
||||||
hosts: gitea
|
hosts: gitea
|
||||||
become: true
|
become: true
|
||||||
@ -71,13 +48,13 @@
|
|||||||
http_port: 8002
|
http_port: 8002
|
||||||
ssh_port: 2201
|
ssh_port: 2201
|
||||||
run_mode: prod
|
run_mode: prod
|
||||||
|
|
||||||
- name: setup wordpress hosts
|
- name: setup wordpress hosts
|
||||||
hosts: wordpress
|
hosts: wordpress
|
||||||
become: true
|
become: true
|
||||||
roles:
|
roles:
|
||||||
- role: docker-wordpress
|
- role: docker-wordpress
|
||||||
vars:
|
vars:
|
||||||
domain: "{{ item }}"
|
|
||||||
http_port: 8003
|
http_port: 8003
|
||||||
|
|
||||||
- name: setup mediawiki hosts
|
- name: setup mediawiki hosts
|
||||||
@ -88,14 +65,16 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: wiki.{{top_domain}}
|
domain: wiki.{{top_domain}}
|
||||||
http_port: 8004
|
http_port: 8004
|
||||||
|
|
||||||
- name: setup mybb hosts
|
- name: setup mybb hosts
|
||||||
hosts: mybb
|
hosts: mybb
|
||||||
become: true
|
become: true
|
||||||
roles:
|
roles:
|
||||||
- role: docker-mybb
|
- role: docker-mybb
|
||||||
vars:
|
vars:
|
||||||
domain: forum.{{top_domain}}
|
domains: "{{mybb_domains}}"
|
||||||
http_port: 8005
|
http_port: 8005
|
||||||
|
|
||||||
- name: setup yourls hosts
|
- name: setup yourls hosts
|
||||||
hosts: yourls
|
hosts: yourls
|
||||||
become: true
|
become: true
|
||||||
@ -104,6 +83,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: s.{{top_domain}}
|
domain: s.{{top_domain}}
|
||||||
http_port: 8006
|
http_port: 8006
|
||||||
|
|
||||||
- name: setup mailu hosts
|
- name: setup mailu hosts
|
||||||
hosts: mailu
|
hosts: mailu
|
||||||
become: true
|
become: true
|
||||||
@ -112,6 +92,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: "mail.{{top_domain}}"
|
domain: "mail.{{top_domain}}"
|
||||||
http_port: 8007
|
http_port: 8007
|
||||||
|
|
||||||
- name: setup elk hosts
|
- name: setup elk hosts
|
||||||
hosts: elk
|
hosts: elk
|
||||||
become: true
|
become: true
|
||||||
@ -120,6 +101,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: "elk.{{top_domain}}"
|
domain: "elk.{{top_domain}}"
|
||||||
http_port: 8008
|
http_port: 8008
|
||||||
|
|
||||||
- name: setup mastodon hosts
|
- name: setup mastodon hosts
|
||||||
hosts: mastodon
|
hosts: mastodon
|
||||||
become: true
|
become: true
|
||||||
@ -129,6 +111,7 @@
|
|||||||
domain: "mastodon.{{top_domain}}"
|
domain: "mastodon.{{top_domain}}"
|
||||||
http_port: 8009
|
http_port: 8009
|
||||||
stream_port: 4001
|
stream_port: 4001
|
||||||
|
|
||||||
- name: setup pixelfed hosts
|
- name: setup pixelfed hosts
|
||||||
hosts: pixelfed
|
hosts: pixelfed
|
||||||
become: true
|
become: true
|
||||||
@ -137,6 +120,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: pixelfed.{{top_domain}}
|
domain: pixelfed.{{top_domain}}
|
||||||
http_port: 8010
|
http_port: 8010
|
||||||
|
|
||||||
- name: setup peertube hosts
|
- name: setup peertube hosts
|
||||||
hosts: peertube
|
hosts: peertube
|
||||||
become: true
|
become: true
|
||||||
@ -145,6 +129,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: peertube.{{top_domain}}
|
domain: peertube.{{top_domain}}
|
||||||
http_port: 8011
|
http_port: 8011
|
||||||
|
|
||||||
- name: setup bigbluebutton hosts
|
- name: setup bigbluebutton hosts
|
||||||
hosts: bigbluebutton
|
hosts: bigbluebutton
|
||||||
become: true
|
become: true
|
||||||
@ -160,6 +145,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: funkwhale.{{top_domain}}
|
domain: funkwhale.{{top_domain}}
|
||||||
http_port: 8012
|
http_port: 8012
|
||||||
|
|
||||||
- name: setup roulette-wheel hosts
|
- name: setup roulette-wheel hosts
|
||||||
hosts: roulette_wheel
|
hosts: roulette_wheel
|
||||||
become: true
|
become: true
|
||||||
@ -168,6 +154,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: roulette.{{top_domain}}
|
domain: roulette.{{top_domain}}
|
||||||
http_port: 8013
|
http_port: 8013
|
||||||
|
|
||||||
- name: setup joomla hosts
|
- name: setup joomla hosts
|
||||||
hosts: joomla
|
hosts: joomla
|
||||||
become: true
|
become: true
|
||||||
@ -176,6 +163,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: "joomla.{{top_domain}}"
|
domain: "joomla.{{top_domain}}"
|
||||||
http_port: 8014
|
http_port: 8014
|
||||||
|
|
||||||
- name: setup attendize
|
- name: setup attendize
|
||||||
hosts: attendize
|
hosts: attendize
|
||||||
become: true
|
become: true
|
||||||
@ -185,6 +173,7 @@
|
|||||||
domain: "tickets.{{top_domain}}"
|
domain: "tickets.{{top_domain}}"
|
||||||
http_port: 8015
|
http_port: 8015
|
||||||
mail_interface_http_port: 8016
|
mail_interface_http_port: 8016
|
||||||
|
|
||||||
- name: setup baserow hosts
|
- name: setup baserow hosts
|
||||||
hosts: baserow
|
hosts: baserow
|
||||||
become: true
|
become: true
|
||||||
@ -193,6 +182,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: baserow.{{top_domain}}
|
domain: baserow.{{top_domain}}
|
||||||
http_port: 8017
|
http_port: 8017
|
||||||
|
|
||||||
- name: setup matomo hosts
|
- name: setup matomo hosts
|
||||||
hosts: matomo
|
hosts: matomo
|
||||||
become: true
|
become: true
|
||||||
@ -201,6 +191,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: matomo.{{top_domain}}
|
domain: matomo.{{top_domain}}
|
||||||
http_port: 8018
|
http_port: 8018
|
||||||
|
|
||||||
- name: setup listmonk
|
- name: setup listmonk
|
||||||
hosts: listmonk
|
hosts: listmonk
|
||||||
become: true
|
become: true
|
||||||
@ -209,6 +200,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: listmonk.{{top_domain}}
|
domain: listmonk.{{top_domain}}
|
||||||
http_port: 8019
|
http_port: 8019
|
||||||
|
|
||||||
- name: setup akaunting hosts
|
- name: setup akaunting hosts
|
||||||
hosts: akaunting
|
hosts: akaunting
|
||||||
become: true
|
become: true
|
||||||
@ -217,133 +209,3 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: akaunting.{{top_domain}}
|
domain: akaunting.{{top_domain}}
|
||||||
http_port: 8080
|
http_port: 8080
|
||||||
|
|
||||||
# Backup Roles
|
|
||||||
- name: setup replica backup hosts
|
|
||||||
hosts: replica_backup
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- role: backup-remote-to-local
|
|
||||||
|
|
||||||
## PC services
|
|
||||||
- name: general host setup
|
|
||||||
hosts: personal_computers
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-administrator-tools
|
|
||||||
- driver-non-free
|
|
||||||
|
|
||||||
- name: pc-office
|
|
||||||
hosts: collection_officetools
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-office
|
|
||||||
|
|
||||||
- name: personal computer for business
|
|
||||||
hosts: business_personal_computer
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-gnucash
|
|
||||||
|
|
||||||
- name: pc-designer-tools
|
|
||||||
hosts: collection_designer
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-designer-tools
|
|
||||||
|
|
||||||
- name: pc-qbittorrent
|
|
||||||
hosts: collection_torrent
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-qbittorrent
|
|
||||||
|
|
||||||
- name: pc-streaming-tools
|
|
||||||
hosts: collection_streamer
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-streaming-tools
|
|
||||||
|
|
||||||
- name: pc-bluray-player-tools
|
|
||||||
hosts: collection_bluray_player
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-bluray-player-tools
|
|
||||||
|
|
||||||
- name: driver-intel
|
|
||||||
hosts: intel
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- driver-intel
|
|
||||||
|
|
||||||
- name: pc-latex
|
|
||||||
hosts: latex
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-latex
|
|
||||||
|
|
||||||
- name: GNOME setup
|
|
||||||
hosts: gnome
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-gnome
|
|
||||||
|
|
||||||
- name: setup msi rgb keyboard
|
|
||||||
hosts: msi_perkeyrgb
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- driver-msi-keyboard-color
|
|
||||||
|
|
||||||
- name: setup ssh hosts
|
|
||||||
hosts: ssh
|
|
||||||
become: false
|
|
||||||
roles:
|
|
||||||
- pc-ssh
|
|
||||||
|
|
||||||
- name: setup swapfile hosts
|
|
||||||
hosts: swapfile
|
|
||||||
become: false
|
|
||||||
roles:
|
|
||||||
- system-swapfile
|
|
||||||
|
|
||||||
- name: setup gaming hosts
|
|
||||||
hosts: gaming
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-games
|
|
||||||
|
|
||||||
- name: setup entertainment hosts
|
|
||||||
hosts: entertainment
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-spotify
|
|
||||||
|
|
||||||
- name: setup multiprinter hosts
|
|
||||||
hosts: epson_multiprinter
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- driver-epson-multiprinter
|
|
||||||
|
|
||||||
- name: setup torbrowser hosts
|
|
||||||
hosts: torbrowser
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-torbrowser
|
|
||||||
|
|
||||||
- name: setup nextcloud
|
|
||||||
hosts: nextcloud_client
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-nextcloud
|
|
||||||
|
|
||||||
- name: setup docker
|
|
||||||
hosts: docker
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- pc-docker
|
|
||||||
|
|
||||||
|
|
||||||
- name: setup backup to swappable
|
|
||||||
hosts: backup_to_usb
|
|
||||||
become: true
|
|
||||||
roles:
|
|
||||||
- backup-data-to-usb
|
|
@ -1,16 +1,13 @@
|
|||||||
---
|
---
|
||||||
- name: recieve {{domain}} certificate
|
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||||
command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
|
include_tasks: nginx-docker-proxy-domain.yml
|
||||||
|
loop: "{{ domains }}"
|
||||||
|
loop_control:
|
||||||
|
loop_var: domain
|
||||||
|
|
||||||
- name: configure {{domain}}.conf
|
- name: "create {{conf_d_server_directory}} and parent directories"
|
||||||
template:
|
|
||||||
src: "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
|
|
||||||
dest: "/etc/nginx/conf.d/{{domain}}.conf"
|
|
||||||
notify: restart nginx
|
|
||||||
|
|
||||||
- name: "create {{conf_d_docker_directory}} and parent directories"
|
|
||||||
file:
|
file:
|
||||||
path: "{{conf_d_docker_directory}}"
|
path: "{{conf_d_server_directory}}"
|
||||||
state: directory
|
state: directory
|
||||||
mode: 0755
|
mode: 0755
|
||||||
recurse: yes
|
recurse: yes
|
||||||
|
@ -9,11 +9,6 @@
|
|||||||
state: directory
|
state: directory
|
||||||
mode: 0755
|
mode: 0755
|
||||||
|
|
||||||
- name: Activate NGINX matomo tracking
|
|
||||||
include_role:
|
|
||||||
name: nginx-matomo-tracking
|
|
||||||
when: nginx_matomo_tracking_active and domain is defined
|
|
||||||
|
|
||||||
- name: create nginx config file
|
- name: create nginx config file
|
||||||
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
|
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
|
||||||
notify: restart nginx
|
notify: restart nginx
|
||||||
|
5
tasks/create-domain-conf.yml
Normal file
5
tasks/create-domain-conf.yml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
- name: configure {{domain}}.conf
|
||||||
|
template:
|
||||||
|
src: "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
|
||||||
|
dest: "/etc/nginx/conf.d/{{domain}}.conf"
|
||||||
|
notify: restart nginx
|
4
tasks/implement-matomo-tracking.yml
Normal file
4
tasks/implement-matomo-tracking.yml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
- name: Activate NGINX matomo tracking
|
||||||
|
include_role:
|
||||||
|
name: nginx-matomo-tracking
|
||||||
|
when: nginx_matomo_tracking_active and domain is defined
|
8
tasks/nginx-docker-proxy-domain.yml
Normal file
8
tasks/nginx-docker-proxy-domain.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
- name: "include task receive certbot certificate"
|
||||||
|
include_tasks: recieve-certbot-certificate.yml
|
||||||
|
|
||||||
|
- name: "include task implement-matomo-tracking.yml"
|
||||||
|
include_tasks: implement-matomo-tracking.yml
|
||||||
|
|
||||||
|
- name: "include task create-domain-conf.yml"
|
||||||
|
include_tasks: create-domain-conf.yml
|
Loading…
Reference in New Issue
Block a user