VPN client gen + Samba mask fix

roles/ansible-role-docker/tasks/main.yml

@@ -102,3 +102,16 @@
   ansible.builtin.pip:
     name: docker
     extra_args: "--break-system-packages"
+
+- name: Install a promtail plugin
+  community.docker.docker_plugin:
+    plugin_name: grafana/loki-docker-driver:latest
+    state: present
+    alias: loki
+
+- name: Enable a promtail plugin
+  community.docker.docker_plugin:
+    plugin_name: grafana/loki-docker-driver:latest
+    state: enable
+    alias: loki
+  notify: restart docker

roles/create_samba_user/tasks/main.yml

@@ -15,7 +15,7 @@
         browseable = yes
         writeable = yes
         read only = no
-        create mask = 0700
-        directory mask = 0700
+        create mask = 0644
+        directory mask = 0755
         valid users = {{ samba_user }}
   notify: smb restart

roles/create_user/tasks/main.yml

@@ -5,6 +5,7 @@
     name: "{{ primary_group }}"
     gid: "{{ gid }}"
     state: present
+  when: gid != 65534
 
 - name: Adding user
   ansible.builtin.user:

roles/docker_spin_up/tasks/pi-hole.yml

@@ -1,7 +1,7 @@
 - name: pi-hole
   community.docker.docker_container:
     name: pi-hole
-    image: pihole/pihole:latest
+    image: pihole/pihole:2024.03.2
     # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
     ports:
       - "53:53/tcp"

roles/linux_config_init/tasks/main.yml

@@ -10,6 +10,7 @@
 #     - set_perma_ip.yml
      - bashrc_copy.yml
      - timezone.yml
+     - resolvconf_copy.yml
 
 #- name: Set Pernament IP
 #  ansible.builtin.include_tasks: set_perma_ip.yml

roles/linux_config_init/tasks/set_perma_ip.yml

@@ -6,4 +6,4 @@
     owner: root
     group: root
     mode: '0644'
-  notify: networking restart
+  notify: networking restart

wireguad-client-gen.yml

@@ -5,7 +5,7 @@
     - vault.yml
     - zeus-vars.yml
   vars:
-    user: ntb
+    user: tata
     IP_name: 'wireguard_{{ user }}_ip'
     IP: "{{ lookup('vars', IP_name) }}"
     priv_name: 'wireguard_{{ user }}_key'
@@ -20,4 +20,4 @@
         group: "{{ ansible_user_id }}"
         mode: '0644'
   
-  
+  

zeus-vars.yml

@@ -4,5 +4,5 @@ ip_admin: 192.168.6.7
 mysql_host: "{{ ip_admin }}"
 
 wireguard_ntb_ip: 10.0.0.2
-wireguard_tata_ip: 10.0.0.3
-wireguard_kate_ip: 10.0.0.4
+wireguard_tata_ip: 10.0.0.4
+wireguard_kate_ip: 10.0.0.3

zeus.yml

@@ -22,7 +22,7 @@
 #    #- role: zfs_install
 #    #- role: nfs_install
 #    #- role: samba_install
-#    #- role: ansible-role-docker
+#    - role: ansible-role-docker
 
 
 #- name: Zfs dataset + Samba - Tata
@@ -35,6 +35,7 @@
 #    user: tata
 #    primary_group: nogroup
 #    uid: 1001
+#    gid: 65534
 #    password: "{{ tata_password }}"
 #    home: /bigpool/tata
 #    shell: "/bin/false"
@@ -47,7 +48,6 @@
 #
 #  roles:
 #   - role: create_user
-#   - role: create_user
 #   - role: create_zfs_dataset
 #   - role: create_samba_user
   # smbpasswd -a tata 
@@ -76,21 +76,21 @@
 #    #- role: create_zfs_dataset
 #    - role: mariaDB_install
 
-- name: nginx
-  hosts: zeus-public
-  become: true
-  vars_files:
-    - zeus-vars.yml
-  vars:
-    docker_name: nginx
-    zfs_dataset_name: "{{ docker_name }}"
-    zfs_dataset_user: root
-    zfs_dataset_group: root
-    zfs_dataset_size: 100M
-    docker_compose_file: nginx.yml
-  roles:
-    - role: create_zfs_dataset
-    - role: docker_spin_up
+#- name: nginx
+#  hosts: zeus-public
+#  become: true
+#  vars_files:
+#    - zeus-vars.yml
+#  vars:
+#    docker_name: nginx
+#    zfs_dataset_name: "{{ docker_name }}"
+#    zfs_dataset_user: root
+#    zfs_dataset_group: root
+#    zfs_dataset_size: 100M
+#    docker_compose_file: nginx.yml
+#  roles:
+#    - role: create_zfs_dataset
+#    - role: docker_spin_up
 
 
 #- name: email
@@ -210,4 +210,48 @@
 #    - zeus-vars.yml
 #  roles:
 #    - role: wireguard-server
-  
+
+#- name: monitoring
+#  hosts: zeus-public
+#  become: true
+#  vars_files:
+#    - vault.yml
+#    - zeus-vars.yml
+#  vars:
+#    user: monitoring
+#    primary_group: "{{ user }}"
+#    uid: "112"
+#    gid: "112"
+#    shell: "/bin/false"
+#    home: "/nonexistent"
+#    docker_name: monitoring
+#    zfs_dataset_name: "{{ docker_name }}"
+#    zfs_dataset_user: "{{ user }}"
+#    zfs_dataset_group: "{{ primary_group }}"
+#    zfs_dataset_size: 1G
+#    docker_compose_file: "{{ docker_name }}.yml"
+#  roles:
+#    - role: create_user
+#    - role: create_zfs_dataset
+#    - role: docker_spin_up
+
+- name: jellyfin
+  hosts: zeus-public
+  become: true
+  vars_files:
+    - vault.yml
+    - zeus-vars.yml
+  vars:
+    docker_name: jellyfin
+    user: warezjoe
+    primary_group: "{{ user }}"
+    uid: 1000
+    gid: "{{ uid }}"
+    docker_compose_file: "{{ docker_name }}.yml"
+    zfs_dataset_name: "{{ docker_name }}"
+    zfs_dataset_user: "{{ user }}"
+    zfs_dataset_group: "{{ primary_group }}"
+    zfs_dataset_size: 50M
+  roles:
+    - role: create_zfs_dataset
+    - role: docker_spin_up