Warezjoe/ansible_uni_deploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nginx, gitea, pi-hole

Browse Source
This commit is contained in:
git
2024-03-11 13:24:38 +01:00
parent ca2903d731
commit 55167e20fc
11 changed files with 226 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/ansible-role-security/tasks/ssh.yml
View File

@@ -29,5 +29,7 @@
line: "GSSAPIAuthentication {{ security_ssh_gss_api_authentication }}"
- regexp: "^X11Forwarding"
line: "X11Forwarding {{ security_ssh_x11_forwarding }}"
- regexp: "^ListenAddress"
line: "ListenAddress {{ ip_admin }}"
notify: restart ssh

9
roles/docker_spin_up/tasks/dashboard_my_public.yml Normal file
View File

@@ -0,0 +1,9 @@
---
- name: "{{ docker_name }}"
community.docker.docker_container:
name: "{{ docker_name }}"
image: ghcr.io/gethomepage/homepage:latest
ports:
- 3000:3000
volumes:
- "{{ docker_homepath }}/config:/app/config" # Make sure your local config directory exists

24
roles/docker_spin_up/tasks/gitea.yml Normal file
View File

@@ -0,0 +1,24 @@
---
- name: gitea
community.docker.docker_container:
image: gitea/gitea:1.19.3
name: gitea
env:
USER_UID: "1000"
USER_GID: "1000"
GITEA__database__DB_TYPE: "mysql"
GITEA__database__HOST: "{{ mysql_host}}:3306"
GITEA__database__NAME: "{{ GITEA__database__NAME }}"
GITEA__database__USER: "{{ GITEA__database__USER }}"
GITEA__database__PASSWD: "{{ GITEA__database__PASSWD }}"
ROOT_URL: "http://pi-vpn:8082/"
restart_policy: always
networks:
- name: http
volumes:
- "{{ docker_homepath }}/gitea:/data"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
# - "8082:3000"
- "222:22"

19
roles/docker_spin_up/tasks/nextcloud.yml Normal file
View File

@@ -0,0 +1,19 @@
---
- name: nextcloud
community.docker.docker_container:
name: nextcloud
image: nextcloud:26.0-fpm
restart_policy: always
# ports:
# - 8080:80
volumes:
- "{{ docker_homepath }}/nextcloud_nextcloud_1/_data:/var/www/html"
env:
MYSQL_PASSWORD: "{{ NEXTCLOUD_MYSQL_PASSWORD }}"
MYSQL_DATABASE: "{{ NEXTCLOUD_MYSQL_DATABASE }}"
MYSQL_USER: "{{ NEXTCLOUD_MYSQL_USER }}"
MYSQL_HOST: "{{ mysql_host }}"
PHP_MEMORY_LIMIT: 2G
PHP_UPLOAD_LIMIT: 10G
networks:
- name: http

3
roles/docker_spin_up/tasks/nginx.yml
View File

@@ -6,10 +6,11 @@
restart_policy: unless-stopped
ports:
- '80:80'
- '81:81'
- "{{ ip_admin }}:81:81"
- '443:443'
volumes:
- "{{ docker_homepath }}/data:/data"
- "{{ docker_homepath }}/letsencrypt:/etc/letsencrypt"
- "/bigpool/nextcloud/nextcloud_nextcloud_1/_data/:/var/www/html:ro"
networks:
- name: http

20
roles/docker_spin_up/tasks/pi-hole.yml
View File

@@ -0,0 +1,20 @@
- name: pi-hole
community.docker.docker_container:
name: pi-hole
image: pihole/pihole:latest
# For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
ports:
- "53:53/tcp"
- "53:53/udp"
# - "8092:80/tcp"
env:
TZ: 'Europe/Prague'
WEBPASSWORD: "{{ password }}"
# Volumes store your data between container upgrades
volumes:
- "{{ docker_homepath }}/etc-pihole:/etc/pihole"
- "{{ docker_homepath }}/etc-dnsmasq.d:/etc/dnsmasq.d"
# https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
restart_policy: unless-stopped
networks:
- name: http

2
roles/linux_config_init/tasks/main.yml
View File

@@ -7,7 +7,7 @@
- hostname_set.yml
- git.yml
# - create_user.yml
- set_perma_ip.yml
# - set_perma_ip.yml
- bashrc_copy.yml
- timezone.yml

6
roles/linux_config_init/templates/etc_network_interface
View File

@@ -4,7 +4,9 @@ iface lo inet loopback
auto {{ in_face }}
iface {{ in_face }} inet static
address {{ ip }}/24
iface {{ in_face }} inet static
address {{ ip_admin }}/24
gateway 192.168.5.1
source /etc/network/interfaces.d/*

47
vault.yml
View File

@@ -1,19 +1,30 @@
$ANSIBLE_VAULT;1.1;AES256
35363534613936356464373637376133343034633638376163633063383335636364373864353935
3366356539376539316237303231373464336563383539330a666236356231323938656531643262
39613261333032353332653034366537616535613164663333636133613066363833386462343036
6137653433666632380a383132346135633637333831313735366430316263343732633865636262
33393166353735636635633761386532373261623264376265396533613737313330613230343765
32303133383264613764343933306166646236393463383133633231633866643765313163383436
66356135373332303335636263643839383264343362323933303736383562313435616432653735
35326132646439663932343264623133643737646533396362336662656633323064396332633966
31326164363532633337313730616637336266646239346632363838643431336238616637376630
63336334383139653231396532333530333465616539356532396164376264303534623937383261
31666130633832616436616336353136363765326163336131363735353934323266633232616234
30356136326138393134626135643464656336353362643635303937656161653036613337326134
38633531303339613935336266386632363335613838356539613934626133363364323932343565
32646361623837663832373933336338383737343237343364313134343030323432643034303432
34313366633233373136346565363266336532333434303635353930343164316565626437356561
33653339353563343330626232313331656638366538666535313936343664613165306133356163
33373561633062613564306133336562643235643065323961303666306565366532663033393035
3737656462363930383834613234666131626161343761303435
35613836323530633636393530383362636264653266353364373563333338626139323063343961
3664663931393161616231316236313738663461633934350a643535333363376265653464393831
66333763636239323835333630623335643232653932626463616130376661353538306530353739
3731636635363264350a636533633036623033353234353233306261323736373636616132366339
62646131313463313639333931653131306636633239656235623330633137663031656566333463
32353964376161383864336130346336643838333566383464373961646430643538636537313132
37376634373562633930323930306464613838366231363839356234343830333763643530656665
32643730356565653465326537373564386337663330396139396166396163333865633130643664
61616437353561653564616139346561343939663663316330303636366664383230633539353133
63633637353961383937393438343032303230633531613333353036643031323266336162366663
65383530383639323063333665393334316133623564346164653764613830643263643838353037
38643461613234346131306636353834636634363935633365633661353736633361383666396261
33636263633431623631326266623664633238393338643664343739386530363032366537323532
62396562633465363338663939363836396234656139633136623438613739383839313534356630
66663763313132646362363162396230666633303336343262386333643138356432613161336163
65653861363565633630316161613634386634666564366465353931353361313837373437303531
66613337323464353734346537353737646335383539646161333039653037383963343463366462
64303064623434356138646466373261666564396332396631336532316436363936623137386437
62326165386438376139346131623832323561303364373034393232306133386633393933366361
61303630356363636236643731653630323264303939643161633631323034633166373633303133
31383531646330353661613266396330396266643835363236383638623634356465373734383433
32623863366539656536346436343232613163353230303763396536653162393264643266663831
65343562373164316439613961356335373633663931313538326136666463663930346331373536
39353763383837373761653332643734363764656131356462313361396335613463303630396432
65366361623265323339323238636537663634373361653639383432363138396433626236393966
39633333313830333665343930323630333933373731656635643836663234663738343830643434
63663164393137643861326566383763656166343865393737346539386234333137613333633965
39636339303263616263646438626437396337306466386162306333363037663736623862343465
31623263326131643134353166356465323934323965393837656132393630626630

5
zeus-vars.yml
View File

@@ -1 +1,4 @@
zfs_pool_name: bigpool
zfs_pool_name: bigpool
ip: 192.168.5.7
ip_admin: 192.168.6.7
mysql_host: "{{ ip_admin }}"

159
zeus.yml
View File

@@ -2,6 +2,7 @@
# hosts: zeus-public
# become: true
# vars_files:
# - zeus-vars.yml
# - vault.yml
# vars:
# user: warezjoe
@@ -11,7 +12,6 @@
# host: zeus
# set_ip: true # false
# in_face: ens18
# ip: 192.168.5.7
# samba_ip: "{{ ip }}/32"
# docker_users: "{{ user }}"
# roles:
@@ -76,21 +76,21 @@
# #- role: create_zfs_dataset
# - role: mariaDB_install
- name: nginx
hosts: zeus-public
become: true
vars_files:
- zeus-vars.yml
vars:
docker_name: nginx
zfs_dataset_name: "{{ docker_name }}"
zfs_dataset_user: root
zfs_dataset_group: root
zfs_dataset_size: 100M
docker_compose_file: nginx.yml
roles:
- role: create_zfs_dataset
- role: docker_spin_up
#- name: nginx
# hosts: zeus-public
# become: true
# vars_files:
# - zeus-vars.yml
# vars:
# docker_name: nginx
# zfs_dataset_name: "{{ docker_name }}"
# zfs_dataset_user: root
# zfs_dataset_group: root
# zfs_dataset_size: 100M
# docker_compose_file: nginx.yml
# roles:
# - role: create_zfs_dataset
# - role: docker_spin_up
#- name: email
@@ -112,46 +112,111 @@
- name: Torrent client spawn
#- name: Torrent client spawn
# hosts: zeus-public
# become: true
# vars_files:
# - vault.yml
# - zeus-vars.yml
# vars:
# user: warezjoe
# uid: "1000"
# password: "{{ warezjoe_password_un }}"
# docker_name: transmission
# docker_compose_file: transmission.yaml
# zfs_dataset_name: "{{ docker_name }}"
# zfs_dataset_user: "{{ user }}"
# zfs_dataset_group: "{{ user }}"
# zfs_dataset_size: 1T
#
# roles:
# - role: create_zfs_dataset
# - role: docker_spin_up
#- name: Pi-hole
# hosts: zeus-public
# become: true
# vars_files:
# - vault.yml
# - zeus-vars.yml
# vars:
# docker_name: pi-hole
# password: "{{ warezjoe_password_un }}"
# zfs_dataset_name: "{{ docker_name }}"
# zfs_dataset_user: root
# zfs_dataset_group: root
# zfs_dataset_size: 1G
# docker_compose_file: pi-hole.yml
# roles:
# - role: create_zfs_dataset
# - role: docker_spin_up
#- name: Pi-hole
# hosts: zeus-public
# become: true
# vars_files:
# - vault.yml
# - zeus-vars.yml
# vars:
# docker_name: pi-hole
# password: "{{ warezjoe_password_un }}"
# zfs_dataset_name: "{{ docker_name }}"
# zfs_dataset_user: root
# zfs_dataset_group: root
# zfs_dataset_size: 1G
# docker_compose_file: pi-hole.yml
# roles:
# - role: create_zfs_dataset
# - role: docker_spin_up
#- name: nextcloud
# hosts: zeus-public
# become: true
# vars_files:
# - vault.yml
# - zeus-vars.yml
# vars:
# docker_name: nextcloud
# zfs_dataset_name: "{{ docker_name }}"
# zfs_dataset_user: root
# zfs_dataset_group: root
# zfs_dataset_size: 1T
# docker_compose_file: nextcloud.yml
# roles:
# - role: create_zfs_dataset
# - role: docker_spin_up
#- name: gitea
# hosts: zeus-public
# become: true
# vars_files:
# - vault.yml
# - zeus-vars.yml
# vars:
# docker_name: gitea
# zfs_dataset_name: "{{ docker_name }}"
# zfs_dataset_user: root
# zfs_dataset_group: root
# zfs_dataset_size: 100M
# docker_compose_file: gitea.yml
# roles:
# - role: create_zfs_dataset
# - role: docker_spin_up
- name: dashboard-my-public
hosts: zeus-public
become: true
vars_files:
- vault.yml
- zeus-vars.yml
vars:
user: warezjoe
uid: "1000"
password: "{{ warezjoe_password_un }}"
docker_name: transmission
docker_compose_file: transmission.yaml
zfs_dataset_name: "{{ docker_name }}"
zfs_dataset_user: "{{ user }}"
zfs_dataset_group: "{{ user }}"
zfs_dataset_size: 1T
roles:
- role: create_zfs_dataset
- role: docker_spin_up
- name: Pi-hole
hosts: zeus-public
become: true
vars_files:
- vault.yml
- zeus-vars.yml
vars:
docker_name: pi-hole
docker_name: dashboard_my_public
zfs_dataset_name: "{{ docker_name }}"
zfs_dataset_user: root
zfs_dataset_group: root
zfs_dataset_size: 100M
docker_compose_file: pi-hole.yml
docker_compose_file: "{{ docker_name }}.yml"
roles:
- role: create_zfs_dataset
- role: docker_spin_up
- role: docker_spin_up