From fd05c2250a1160a47f7e6223af60cb3db16d4fd6 Mon Sep 17 00:00:00 2001
From: git <git@desktop>
Date: Sat, 4 May 2024 21:22:46 +0200
Subject: [PATCH] VPN client gen + Samba mask fix

---
 roles/ansible-role-docker/tasks/main.yml      | 13 +++
 roles/create_samba_user/tasks/main.yml        |  4 +-
 roles/create_user/tasks/main.yml              |  1 +
 roles/docker_spin_up/tasks/pi-hole.yml        |  2 +-
 roles/linux_config_init/tasks/main.yml        |  1 +
 .../linux_config_init/tasks/set_perma_ip.yml  |  2 +-
 wireguad-client-gen.yml                       |  4 +-
 zeus-vars.yml                                 |  4 +-
 zeus.yml                                      | 80 ++++++++++++++-----
 9 files changed, 85 insertions(+), 26 deletions(-)

diff --git a/roles/ansible-role-docker/tasks/main.yml b/roles/ansible-role-docker/tasks/main.yml
index 187b29a..fe7dc43 100644
--- a/roles/ansible-role-docker/tasks/main.yml
+++ b/roles/ansible-role-docker/tasks/main.yml
@@ -102,3 +102,16 @@
   ansible.builtin.pip:
     name: docker
     extra_args: "--break-system-packages"
+
+- name: Install a promtail plugin
+  community.docker.docker_plugin:
+    plugin_name: grafana/loki-docker-driver:latest
+    state: present
+    alias: loki
+
+- name: Enable a promtail plugin
+  community.docker.docker_plugin:
+    plugin_name: grafana/loki-docker-driver:latest
+    state: enable
+    alias: loki
+  notify: restart docker
\ No newline at end of file
diff --git a/roles/create_samba_user/tasks/main.yml b/roles/create_samba_user/tasks/main.yml
index 71e48c1..6affe32 100644
--- a/roles/create_samba_user/tasks/main.yml
+++ b/roles/create_samba_user/tasks/main.yml
@@ -15,7 +15,7 @@
         browseable = yes
         writeable = yes
         read only = no
-        create mask = 0700
-        directory mask = 0700
+        create mask = 0644
+        directory mask = 0755
         valid users = {{ samba_user }}
   notify: smb restart
\ No newline at end of file
diff --git a/roles/create_user/tasks/main.yml b/roles/create_user/tasks/main.yml
index fa1998c..ace3b43 100644
--- a/roles/create_user/tasks/main.yml
+++ b/roles/create_user/tasks/main.yml
@@ -5,6 +5,7 @@
     name: "{{ primary_group }}"
     gid: "{{ gid }}"
     state: present
+  when: gid != 65534
 
 - name: Adding user
   ansible.builtin.user:
diff --git a/roles/docker_spin_up/tasks/pi-hole.yml b/roles/docker_spin_up/tasks/pi-hole.yml
index e766375..be5b31f 100644
--- a/roles/docker_spin_up/tasks/pi-hole.yml
+++ b/roles/docker_spin_up/tasks/pi-hole.yml
@@ -1,7 +1,7 @@
 - name: pi-hole
   community.docker.docker_container:
     name: pi-hole
-    image: pihole/pihole:latest
+    image: pihole/pihole:2024.03.2
     # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
     ports:
       - "53:53/tcp"
diff --git a/roles/linux_config_init/tasks/main.yml b/roles/linux_config_init/tasks/main.yml
index 34d8257..ef3c783 100644
--- a/roles/linux_config_init/tasks/main.yml
+++ b/roles/linux_config_init/tasks/main.yml
@@ -10,6 +10,7 @@
 #     - set_perma_ip.yml
      - bashrc_copy.yml
      - timezone.yml
+     - resolvconf_copy.yml
 
 #- name: Set Pernament IP
 #  ansible.builtin.include_tasks: set_perma_ip.yml
diff --git a/roles/linux_config_init/tasks/set_perma_ip.yml b/roles/linux_config_init/tasks/set_perma_ip.yml
index 6e513f8..c5ef132 100644
--- a/roles/linux_config_init/tasks/set_perma_ip.yml
+++ b/roles/linux_config_init/tasks/set_perma_ip.yml
@@ -6,4 +6,4 @@
     owner: root
     group: root
     mode: '0644'
-  notify: networking restart
\ No newline at end of file
+  notify: networking restart
diff --git a/wireguad-client-gen.yml b/wireguad-client-gen.yml
index 7bbb14a..b791592 100644
--- a/wireguad-client-gen.yml
+++ b/wireguad-client-gen.yml
@@ -5,7 +5,7 @@
     - vault.yml
     - zeus-vars.yml
   vars:
-    user: ntb
+    user: tata
     IP_name: 'wireguard_{{ user }}_ip'
     IP: "{{ lookup('vars', IP_name) }}"
     priv_name: 'wireguard_{{ user }}_key'
@@ -20,4 +20,4 @@
         group: "{{ ansible_user_id }}"
         mode: '0644'
   
-  
\ No newline at end of file
+  
diff --git a/zeus-vars.yml b/zeus-vars.yml
index d1487c3..9ccc98a 100644
--- a/zeus-vars.yml
+++ b/zeus-vars.yml
@@ -4,5 +4,5 @@ ip_admin: 192.168.6.7
 mysql_host: "{{ ip_admin }}"
 
 wireguard_ntb_ip: 10.0.0.2
-wireguard_tata_ip: 10.0.0.3
-wireguard_kate_ip: 10.0.0.4
\ No newline at end of file
+wireguard_tata_ip: 10.0.0.4
+wireguard_kate_ip: 10.0.0.3
diff --git a/zeus.yml b/zeus.yml
index d7bc084..b048390 100644
--- a/zeus.yml
+++ b/zeus.yml
@@ -22,7 +22,7 @@
 #    #- role: zfs_install
 #    #- role: nfs_install
 #    #- role: samba_install
-#    #- role: ansible-role-docker
+#    - role: ansible-role-docker
 
 
 #- name: Zfs dataset + Samba - Tata
@@ -35,6 +35,7 @@
 #    user: tata
 #    primary_group: nogroup
 #    uid: 1001
+#    gid: 65534
 #    password: "{{ tata_password }}"
 #    home: /bigpool/tata
 #    shell: "/bin/false"
@@ -47,7 +48,6 @@
 #
 #  roles:
 #   - role: create_user
-#   - role: create_user
 #   - role: create_zfs_dataset
 #   - role: create_samba_user
   # smbpasswd -a tata 
@@ -76,21 +76,21 @@
 #    #- role: create_zfs_dataset
 #    - role: mariaDB_install
 
-- name: nginx
-  hosts: zeus-public
-  become: true
-  vars_files:
-    - zeus-vars.yml
-  vars:
-    docker_name: nginx
-    zfs_dataset_name: "{{ docker_name }}"
-    zfs_dataset_user: root
-    zfs_dataset_group: root
-    zfs_dataset_size: 100M
-    docker_compose_file: nginx.yml
-  roles:
-    - role: create_zfs_dataset
-    - role: docker_spin_up
+#- name: nginx
+#  hosts: zeus-public
+#  become: true
+#  vars_files:
+#    - zeus-vars.yml
+#  vars:
+#    docker_name: nginx
+#    zfs_dataset_name: "{{ docker_name }}"
+#    zfs_dataset_user: root
+#    zfs_dataset_group: root
+#    zfs_dataset_size: 100M
+#    docker_compose_file: nginx.yml
+#  roles:
+#    - role: create_zfs_dataset
+#    - role: docker_spin_up
 
 
 #- name: email
@@ -210,4 +210,48 @@
 #    - zeus-vars.yml
 #  roles:
 #    - role: wireguard-server
-  
\ No newline at end of file
+
+#- name: monitoring
+#  hosts: zeus-public
+#  become: true
+#  vars_files:
+#    - vault.yml
+#    - zeus-vars.yml
+#  vars:
+#    user: monitoring
+#    primary_group: "{{ user }}"
+#    uid: "112"
+#    gid: "112"
+#    shell: "/bin/false"
+#    home: "/nonexistent"
+#    docker_name: monitoring
+#    zfs_dataset_name: "{{ docker_name }}"
+#    zfs_dataset_user: "{{ user }}"
+#    zfs_dataset_group: "{{ primary_group }}"
+#    zfs_dataset_size: 1G
+#    docker_compose_file: "{{ docker_name }}.yml"
+#  roles:
+#    - role: create_user
+#    - role: create_zfs_dataset
+#    - role: docker_spin_up
+
+- name: jellyfin
+  hosts: zeus-public
+  become: true
+  vars_files:
+    - vault.yml
+    - zeus-vars.yml
+  vars:
+    docker_name: jellyfin
+    user: warezjoe
+    primary_group: "{{ user }}"
+    uid: 1000
+    gid: "{{ uid }}"
+    docker_compose_file: "{{ docker_name }}.yml"
+    zfs_dataset_name: "{{ docker_name }}"
+    zfs_dataset_user: "{{ user }}"
+    zfs_dataset_group: "{{ primary_group }}"
+    zfs_dataset_size: 50M
+  roles:
+    - role: create_zfs_dataset
+    - role: docker_spin_up
\ No newline at end of file