kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-07-19 15:04:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/README.md

122 lines
3.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Roles
This directory contains all of the Ansible roles used throughout the CyMaIS project. Roles are organized by function and prefixed accordingly.
For a complete list of role categories and detailed definitions, see:
- [Application Glossary](application_glosar.rst)
- [Application Categories](application_categories.rst)
---
## Core & System
- **core-***
Fundamental system configuration (SSH, journald, sudo, etc.)
- **gen-***
Generic helpers and language/tool installers (e.g. `gen-git`, `gen-locales`, `gen-timer`)
- **desk-***
Desktop environment and application roles (e.g. `desk-gnome`, `desk-browser`, `desk-libreoffice`)
---
## Webserver & HTTP
- **srv-web-7-4-core**
Installs and configures the base Nginx server.
- **srv-web-6-6-tls-***
Manages TLS certificates and renewal (formerly “https”; e.g. `srv-web-6-6-tls-deploy`, `srv-web-6-6-tls-renew`).
- **srv-web-proxy-***
Proxy and vhost orchestration roles (domain setup, OAuth2 proxy, etc.)
- **srv-web-7-7-inj-***
HTML response modifiers: CSS, JS, Matomo tracking, iframe notifier.
- **srv-web-7-6-composer**
Aggregates multiple sub-filters into one include for your vhost.
- **web-svc-***
Staticcontent servers (assets, HTML, legal pages, file hosting).
- **web-app-***
Application-specific Docker/Compose roles (e.g. GitLab, Nextcloud, Mastodon, Redis).
---
## Network
- **net-***
Network infrastructure (DNS records, Lets Encrypt HTTP entrypoints, WireGuard, etc.)
- **svc-***
Docker-deployed services that arent “apps” (RDBMS, LDAP, Redis, OpenLDAP).
---
## Monitoring & Alerting
- **mon-bot-***
“Bot”-style health checks (Btrfs, diskspace, Docker, journalctl, CSP crawler, webserver) with alerts.
- **monitor-core-***
Low-level system monitors (journalctl, Docker containers, disk space, etc.)
- **alert-***
Notification handlers for failures (core, email, Telegram).
---
## Maintenance & Healing
- **maint-***
Periodic maintenance tasks (Btrfs balancing, swapfile management, etc.)
- **maint-docker-***
Automated recovery and restarts for Docker Compose workloads.
- **cln-***
Housekeeping tasks (old backups, expired certs, log rotation).
---
## Backup & Restore
- **bkp-***
Local and remote backup strategies for files, Docker volumes, databases.
---
## Updates & Package Management
- **update-***
Keeps OS and language packages up to date (`update-apt`, `update-docker`, `update-pip`, etc.)
- **pkgmgr-***
Language or platform package managers (npm, pip, AUR helper, etc.)
---
## Users & Access
- **user-***
Creates user accounts and SSH keys.
- **user-administrator**, **user-root**
Specialized configurations for privileged users.
---
> **Tip:** To find a role quickly, search for its prefix:
> `core-`, `gen-`, `desk-`, `srv-web-`, `web-svc-`, `web-app-`,
> `net-`, `svc-`, `mon-bot-`, `monitor-core-`, `alert-`,
> `maint-`, `maint-docker-`, `cln-`, `bkp-`, `update-`,
> `pkgmgr-`, `user-`.
---
_For more details on which applications each role supports, see the [Application Categories](application_categories.rst) and the full [Application Glossary](application_glosar.rst)._
Reference in New Issue View Git Blame Copy Permalink