saibotk-de/infrastructure
saibotk-de/infrastructure
1
0
Fork 0
Code Issues Pull requests Releases 42 Activity

ansible-lint: Fix various new issues

Browse source
This commit is contained in:
saibotk 2022-11-02 21:57:13 +01:00
parent 27017d2d7a
commit f112f27449
Signed by: saibotk
GPG key ID: 67585F0065E261D5
99 changed files with 1193 additions and 308 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.ansible/skeleton/default/defaults/main.yml.j2
View file

@ -3,7 +3,7 @@
# Infrastructure # Infrastructure
# Ansible instructions to deploy the infrastructure # Ansible instructions to deploy the infrastructure
# Copyright (C) 2021 Saibotk # Copyright (C) 2022 Saibotk
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by

2
.ansible/skeleton/default/handlers/main.yml.j2
View file

@ -3,7 +3,7 @@
# Infrastructure # Infrastructure
# Ansible instructions to deploy the infrastructure # Ansible instructions to deploy the infrastructure
# Copyright (C) 2021 Saibotk # Copyright (C) 2022 Saibotk
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by

36
.ansible/skeleton/default/meta/main.yml.j2
View file

@ -1,13 +1,41 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Setup {{ role_name }}. description: "Setup {{ role_name }}."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []

2
.ansible/skeleton/default/tasks/main.yml.j2
View file

@ -3,7 +3,7 @@
# Infrastructure # Infrastructure
# Ansible instructions to deploy the infrastructure # Ansible instructions to deploy the infrastructure
# Copyright (C) 2021 Saibotk # Copyright (C) 2022 Saibotk
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by

3
playbooks/camo.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: camo - name: Install & configure camo
hosts: camo
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/codimd.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: codimd - name: Install & configure HedgeDoc
hosts: codimd
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/docker_ipv6_nat.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: docker_ipv6_nat - name: Install & configure Docker IPv6 NAT
hosts: docker_ipv6_nat
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/factorio.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: factorio - name: Install & configure Factorio
hosts: factorio
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/gitlab.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: gitlab - name: Install & configure GitLab
hosts: gitlab
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/gitlab_runner.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: gitlab_runner - name: Install & configure GitLab Runner
hosts: gitlab_runner
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/keycloak.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: keycloak - name: Install & configure Keycloak
hosts: keycloak
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/luks_ssh.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: luks_ssh - name: Install & configure LUKS SSH setup
hosts: luks_ssh
roles: roles:
- haveged - haveged
- luks_ssh - luks_ssh

3
playbooks/lvm_self_backup.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: lvm_self_backup - name: Install & configure LVM self backup
hosts: lvm_self_backup
roles: roles:
- docker - docker
- lvm_self_backup - lvm_self_backup

3
playbooks/mailcow.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: mailcow - name: Install & configure Docker & backup cronjob
hosts: mailcow
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/mastodon.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: mastodon - name: Install & configure Mastodon
hosts: mastodon
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/matrix.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: matrix - name: Install & configure Matrix
hosts: matrix
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/matrix_delegate.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: matrix_delegate - name: Install & configure Matrix Delegate
hosts: matrix_delegate
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/matrix_elementweb.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: matrix_elementweb - name: Install & configure Element Web
hosts: matrix_elementweb
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/matrix_maubot.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: matrix_maubot - name: Install & configure Mauboot
hosts: matrix_maubot
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/matrix_webhooks.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: matrix_webhooks - name: Install & configure Matrix Webhooks
hosts: matrix_webhooks
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/minecraft.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: minecraft - name: Install & configure Minecraft
hosts: minecraft
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/minecraft_blockmap.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: minecraft - name: Install & configure BlockMap
hosts: minecraft
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/minio.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: minio - name: Install & configure MinIO
hosts: minio
roles: roles:
- docker - docker
- docker_compose - docker_compose

6
playbooks/monitoring.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: monitoring - name: Install & configure monitoring servers
hosts: monitoring
roles: roles:
- docker - docker
- docker_compose - docker_compose
@ -27,7 +28,8 @@
environment: environment:
PYTHONPATH: /opt/ansible-dependencies/lib/python{{ env_ansible_deps_python_version | default(2.7) }}/site-packages PYTHONPATH: /opt/ansible-dependencies/lib/python{{ env_ansible_deps_python_version | default(2.7) }}/site-packages
- hosts: all - name: Install & configure monitoring clients
hosts: all
serial: 1 serial: 1
roles: roles:
- docker - docker

3
playbooks/owncast.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: owncast - name: Install & configure Owncast
hosts: owncast
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/penpot.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: penpot - name: Install & configure Penpot
hosts: penpot
roles: roles:
- docker - docker
- docker_compose - docker_compose

63
playbooks/site.yml
View file

@ -17,24 +17,45 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- import_playbook: docker_ipv6_nat.yml - name: Install & configure ipv6 NAT for Docker
- import_playbook: lvm_self_backup.yml import_playbook: docker_ipv6_nat.yml
- import_playbook: gitlab.yml - name: Install & configure backup solution using LVM
- import_playbook: gitlab_runner.yml import_playbook: lvm_self_backup.yml
- import_playbook: camo.yml - name: Install & configure GitLab
- import_playbook: keycloak.yml import_playbook: gitlab.yml
- import_playbook: monitoring.yml - name: Install & configure GitLab Runner
- import_playbook: minio.yml import_playbook: gitlab_runner.yml
- import_playbook: mastodon.yml - name: Install & configure camo
- import_playbook: codimd.yml import_playbook: camo.yml
- import_playbook: matrix.yml - name: Install & configure Keycloak
- import_playbook: matrix_delegate.yml import_playbook: keycloak.yml
- import_playbook: matrix_elementweb.yml - name: Install & configure monitoring
- import_playbook: matrix_webhooks.yml import_playbook: monitoring.yml
- import_playbook: matrix_maubot.yml - name: Install & configure MinIO
- import_playbook: static_websites.yml import_playbook: minio.yml
- import_playbook: teamspeak.yml - name: Install & configure Mastodon
- import_playbook: owncast.yml import_playbook: mastodon.yml
- import_playbook: factorio.yml - name: Install & configure HedgeDoc
- import_playbook: penpot.yml import_playbook: codimd.yml
- import_playbook: vikunja.yml - name: Install & configure Matrix
import_playbook: matrix.yml
- name: Install & configure Matrix Delegate
import_playbook: matrix_delegate.yml
- name: Install & configure Element Web
import_playbook: matrix_elementweb.yml
- name: Install & configure Matrix Webhooks
import_playbook: matrix_webhooks.yml
- name: Install & configure Maubot
import_playbook: matrix_maubot.yml
- name: Install & configure static websites
import_playbook: static_websites.yml
- name: Install & configure Teamspeak
import_playbook: teamspeak.yml
- name: Install & configure Owncast
import_playbook: owncast.yml
- name: Install & configure Factorio
import_playbook: factorio.yml
- name: Install & configure Penpot
import_playbook: penpot.yml
- name: Install & configure Vikunja
import_playbook: vikunja.yml

3
playbooks/ssh.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: ssh - name: Configure SSH
hosts: ssh
collections: collections:
- devsec.hardening - devsec.hardening
roles: roles:

3
playbooks/static_websites.yml
View file

@ -17,7 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: static_websites - name: Install & configure static websites
hosts: static_websites
serial: 1 serial: 1
roles: roles:
- docker - docker

3
playbooks/sys_upgrade.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: all - name: Install latest updates to all packages on hosts
hosts: all
roles: roles:
- sys_upgrade - sys_upgrade
environment: environment:

3
playbooks/teamspeak.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: teamspeak - name: Install & configure Teamspeak
hosts: teamspeak
roles: roles:
- docker - docker
- docker_compose - docker_compose

3
playbooks/vikunja.yml
View file

@ -16,7 +16,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- hosts: vikunja - name: Install & configure Vikunja
hosts: vikunja
roles: roles:
- docker - docker
- docker_compose - docker_compose

2
requirements.yml
View file

@ -8,3 +8,5 @@ collections:
version: 3.2.0 version: 3.2.0
- name: ansible.posix - name: ansible.posix
version: 1.4.0 version: 1.4.0
- name: ansible.utils
version: 2.6.1

2
roles/camo/defaults/main.yml
View file

@ -32,7 +32,7 @@ camo_domain: camo.example.com
camo_traefik_certresolver: "letsencrypt_http" camo_traefik_certresolver: "letsencrypt_http"
# The HMAC key to be used # The HMAC key to be used
camo_key: "{{ lookup('passwordstore', camo_domain + '/hmac-key create=true length=128') }}" camo_key: "{{ lookup('passwordstore', camo_domain + '/hmac-key create=true length=128') }}"
# The maximum allowed response size (in KB). (0 means unlimited) # The maximum allowed response size (in KB). (0 means unlimited)
camo_max_size: 0 camo_max_size: 0

42
roles/camo/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs a go-camo image proxy server. description: "Installs a go-camo image proxy server via Docker."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

43
roles/codimd/meta/main.yml
View file

@ -1,16 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs HedgeDoc as a docker container description: "Installs HedgeDoc as a Docker container."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

17
roles/docker/meta/main.yml
View file

@ -1,16 +1,23 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs docker package from their official repository and installs the docker python package via pip. description: "Installs Docker package from their official repository and installs the docker python package via pip."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: Fedora
versions:
- all
- name: Ubuntu - name: Ubuntu
versions: versions:
- 20.04 - all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []

4
roles/docker/tasks/main.yml
View file

@ -18,8 +18,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" - name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" # noqa name[template]
include_tasks: "{{ distro_file }}" ansible.builtin.include_tasks: "{{ distro_file }}"
with_first_found: with_first_found:
- "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_distribution }}.yml" - "{{ ansible_distribution }}.yml"

39
roles/docker_cleanup/meta/main.yml
View file

@ -1,16 +1,43 @@
galaxy_info: galaxy_info:
author: Christoph Kern author: Christoph Kern
description: Cleans up the exsting docker install description: "Cleans up the exsting Docker install"
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: "2.9"
min_ansible_version: 2.4 standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker

14
roles/docker_compose/meta/main.yml
View file

@ -1,16 +1,20 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs the docker-compose pip package. description: "Installs the docker-compose pip package."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - "7"
- name: Ubuntu - name: Ubuntu
versions: versions:
- 20.04 - all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []

4
roles/docker_compose/tasks/main.yml
View file

@ -23,8 +23,8 @@
state: "{{ docker_compose_package_state }}" state: "{{ docker_compose_package_state }}"
become: true become: true
- name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" - name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" # noqa name[template]
include_tasks: "{{ distro_file }}" ansible.builtin.include_tasks: "{{ distro_file }}"
with_first_found: with_first_found:
- "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_distribution }}.yml" - "{{ ansible_distribution }}.yml"

40
roles/docker_ipv6_nat/meta/main.yml
View file

@ -1,16 +1,44 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a robbertkl/ipv6nat container. description: "Deploys a robbertkl/ipv6nat container."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose

7
roles/epel/meta/main.yml
View file

@ -2,12 +2,13 @@ galaxy_info:
author: saibotk author: saibotk
description: Installs the epel-release package. description: Installs the epel-release package.
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - "7"
galaxy_tags: [] galaxy_tags: []

40
roles/factorio/meta/main.yml
View file

@ -1,16 +1,44 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs a factorio server. description: "Installs a factorio server via Docker."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose

2
roles/fail2ban/handlers/main.yml
View file

@ -17,7 +17,7 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- name: restart fail2ban service - name: Restart fail2ban service
ansible.builtin.systemd: ansible.builtin.systemd:
name: "fail2ban" name: "fail2ban"
state: "restarted" state: "restarted"

36
roles/fail2ban/meta/main.yml
View file

@ -1,16 +1,42 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs and configures fail2ban. description: "Installs and configures fail2ban."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu - name: Ubuntu
versions: versions:
- 20.04 - all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: [] dependencies: []

6
roles/fail2ban/tasks/main.yml
View file

@ -48,7 +48,7 @@
mode: '0644' mode: '0644'
owner: 'root' owner: 'root'
group: 'root' group: 'root'
notify: restart fail2ban service notify: Restart fail2ban service
become: true become: true
- name: Deploy fail2ban config. - name: Deploy fail2ban config.
@ -58,7 +58,7 @@
mode: '0644' mode: '0644'
owner: 'root' owner: 'root'
group: 'root' group: 'root'
notify: restart fail2ban service notify: Restart fail2ban service
become: true become: true
- name: Deploy fail2ban hardening systemd drop-in. - name: Deploy fail2ban hardening systemd drop-in.
@ -68,7 +68,7 @@
mode: '0644' mode: '0644'
owner: 'root' owner: 'root'
group: 'root' group: 'root'
notify: restart fail2ban service notify: Restart fail2ban service
become: true become: true
- name: Flush handlers - name: Flush handlers

2
roles/gitlab/defaults/main.yml
View file

@ -60,7 +60,7 @@ gitlab_selinux_enabled: true
gitlab_smtp_address: smtp.example.com gitlab_smtp_address: smtp.example.com
gitlab_smtp_port: 465 gitlab_smtp_port: 465
gitlab_smtp_user_name: 'gitlab@example.com' gitlab_smtp_user_name: 'gitlab@example.com'
gitlab_smtp_password: "{{ lookup('passwordstore', gitlab_domain + '/' + gitlab_smtp_user_name + ' create=true length=42') }}" gitlab_smtp_password: "{{ lookup('passwordstore', gitlab_domain + '/' + gitlab_smtp_user_name + ' create=true length=42') }}"
gitlab_smtp_tls: "{{ gitlab_snmp_tls | default('true') }}" # There was a typo in the config option name, this makes sure it's falling back properly gitlab_smtp_tls: "{{ gitlab_snmp_tls | default('true') }}" # There was a typo in the config option name, this makes sure it's falling back properly
gitlab_email_from: "{{ gitlab_smtp_user_name }}" gitlab_email_from: "{{ gitlab_smtp_user_name }}"
gitlab_email_reply_to: "{{ gitlab_smtp_user_name }}" gitlab_email_reply_to: "{{ gitlab_smtp_user_name }}"

42
roles/gitlab/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs and configures gitlab via docker. description: "Installs and configures GitLab via Docker."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

40
roles/gitlab_runner/meta/main.yml
View file

@ -1,16 +1,44 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a gitlab-runner using Docker. description: "Deploys a gitlab-runner using Docker."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose

20
roles/haveged/meta/main.yml
View file

@ -1,15 +1,25 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs the haveged package and starts the systemd service. description: "Installs the haveged package and starts the systemd service."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: Fedora
versions:
- all
- name: Ubuntu
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- epel - role: epel

2
roles/keycloak/defaults/main.yml
View file

@ -49,7 +49,7 @@ keycloak_domain: keycloak.example.com
# The database credentials. # The database credentials.
keycloak_database_user: "keycloak" keycloak_database_user: "keycloak"
keycloak_database_password: "{{ lookup('passwordstore', keycloak_domain + '/database' + ' create=true') }}" keycloak_database_password: "{{ lookup('passwordstore', keycloak_domain + '/database' + ' create=true') }}"
# The default welcome theme keycloak will use # The default welcome theme keycloak will use
keycloak_theme_welcome: "{{ omit }}" keycloak_theme_welcome: "{{ omit }}"

42
roles/keycloak/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs Keycloak via the official container and traefik. description: "Installs Keycloak via the official container and traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

7
roles/luks_ssh/meta/main.yml
View file

@ -2,12 +2,13 @@ galaxy_info:
author: saibotk author: saibotk
description: Installs openssh to initramfs with dracut, to unlock LUKS encrypted root partition on boot. description: Installs openssh to initramfs with dracut, to unlock LUKS encrypted root partition on boot.
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - "7"
galaxy_tags: [] galaxy_tags: []

38
roles/lvm_self_backup/meta/main.yml
View file

@ -1,15 +1,43 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a self backup solution using lvm and duplicity. description: "Deploys a self backup solution using lvm and duplicity."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker

42
roles/mastodon/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a mastodon server via docker using traefik. description: "Deploys a mastodon server via docker using traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

6
roles/mastodon/tasks/main.yml
View file

@ -111,7 +111,7 @@
become: true become: true
- name: Migrate database - name: Migrate database
ansible.builtin.command: docker-compose run --rm web rails db:migrate ansible.builtin.command: "docker-compose run --rm web rails db:migrate"
args: args:
chdir: "{{ mastodon_install_location }}" chdir: "{{ mastodon_install_location }}"
when: when:
@ -122,7 +122,7 @@
- mastodon - mastodon
become: true become: true
environment: environment:
PYTHONPATH: PYTHONPATH: ""
- name: Clear cache - name: Clear cache
ansible.builtin.command: docker-compose run --rm web bin/tootctl cache clear ansible.builtin.command: docker-compose run --rm web bin/tootctl cache clear
@ -136,7 +136,7 @@
- mastodon - mastodon
become: true become: true
environment: environment:
PYTHONPATH: PYTHONPATH: ""
- name: Compose mastodon - name: Compose mastodon
community.docker.docker_compose: community.docker.docker_compose:

2
roles/matrix/defaults/main.yml
View file

@ -39,7 +39,7 @@ matrix_synapse_domain: "{{ matrix_synapse_servername }}"
matrix_synapse_options: {} matrix_synapse_options: {}
# The database password to use # The database password to use
matrix_database_password: "{{ lookup('passwordstore', matrix_synapse_domain + '/db create=true length=42') }}" matrix_database_password: "{{ lookup('passwordstore', matrix_synapse_domain + '/db create=true length=42') }}"
# Container versions # Container versions
# renovate: depName=docker.io/matrixdotorg/synapse # renovate: depName=docker.io/matrixdotorg/synapse

42
roles/matrix/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a matrix server via docker using traefik. description: "Deploys a matrix server via docker using traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

2
roles/matrix_delegate/handlers/main.yml
View file

@ -18,7 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
- name: restart matrix delegate nginx - name: Restart matrix delegate nginx
community.docker.docker_compose: community.docker.docker_compose:
services: services:
- delegate - delegate

42
roles/matrix_delegate/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a matrix delegate server via docker using traefik. description: "Deploys a matrix delegate server via docker using traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

2
roles/matrix_delegate/tasks/main.yml
View file

@ -73,7 +73,7 @@
- docker - docker
- matrix - matrix
- delegate - delegate
notify: restart matrix delegate nginx notify: Restart matrix delegate nginx
become: true become: true
- name: Compose matrix_delegate - name: Compose matrix_delegate

2
roles/matrix_elementweb/handlers/main.yml
View file

@ -18,7 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
- name: restart matrix elementweb - name: Restart matrix elementweb
community.docker.docker_compose: community.docker.docker_compose:
services: services:
- elementweb - elementweb

42
roles/matrix_elementweb/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a elementweb server via docker using traefik. description: "Deploys a elementweb server via docker using traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

2
roles/matrix_elementweb/tasks/main.yml
View file

@ -78,7 +78,7 @@
- docker - docker
- matrix - matrix
- elementweb - elementweb
notify: restart matrix elementweb notify: Restart matrix elementweb
become: true become: true
- name: Compose matrix-elementweb - name: Compose matrix-elementweb

2
roles/matrix_maubot/defaults/main.yml
View file

@ -32,7 +32,7 @@ matrix_maubot_traefik_certresolver: letsencrypt_http
matrix_maubot_domain: "maubot.example.com" matrix_maubot_domain: "maubot.example.com"
# The database password to use # The database password to use
matrix_maubot_database_password: "{{ lookup('passwordstore', matrix_maubot_domain + '/db create=true length=42') }}" matrix_maubot_database_password: "{{ lookup('passwordstore', matrix_maubot_domain + '/db create=true length=42') }}"
# Container versions # Container versions
# renovate: depName=dock.mau.dev/maubot/maubot # renovate: depName=dock.mau.dev/maubot/maubot

42
roles/matrix_maubot/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a matrix maubot server via docker using traefik. description: "Deploys a matrix maubot server via docker using traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

2
roles/matrix_webhooks/defaults/main.yml
View file

@ -41,7 +41,7 @@ matrix_webhooks_hs_servername: "example.com"
matrix_webhooks_image_version: "latest" matrix_webhooks_image_version: "latest"
# The Provision API key # The Provision API key
matrix_webhooks_provisioning_key: "{{ lookup('passwordstore', matrix_webhooks_domain + '/provisioning-api create=true length=42') }}" matrix_webhooks_provisioning_key: "{{ lookup('passwordstore', matrix_webhooks_domain + '/provisioning-api create=true length=42') }}"
# Webhook user profile (seems to be unused at the moment) # Webhook user profile (seems to be unused at the moment)
matrix_webhooks_display_name: "Captain Webhook" matrix_webhooks_display_name: "Captain Webhook"

2
roles/matrix_webhooks/handlers/main.yml
View file

@ -18,7 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
- name: restart matrix webhooks - name: Restart matrix webhooks
community.docker.docker_compose: community.docker.docker_compose:
services: services:
- appservice-webhooks - appservice-webhooks

42
roles/matrix_webhooks/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a matrix webhook appservice server via docker using traefik. description: "Deploys a matrix webhook appservice server via docker using traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

2
roles/matrix_webhooks/tasks/main.yml
View file

@ -77,7 +77,7 @@
- docker - docker
- matrix - matrix
- webhooks - webhooks
notify: restart matrix webhooks notify: Restart matrix webhooks
become: true become: true
- name: Generate webhooks registration - name: Generate webhooks registration

40
roles/minecraft/meta/main.yml
View file

@ -1,16 +1,44 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a minecraft server with docker and an optional RCON webinterface. description: "Deploys a minecraft server with docker and an optional RCON webinterface."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose

42
roles/minecraft_blockmap/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a minecraft-blockmap renderer and makes the result available using nginx and traefik. description: "Deploys a minecraft-blockmap renderer and makes the result available using nginx and traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

42
roles/minio/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs and manages minio instances for S3 compatible storage. description: "Installs and manages minio instances for S3 compatible storage."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

7
roles/moby_engine/meta/main.yml
View file

@ -1,13 +1,14 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs moby-engine. description: "Installs moby-engine."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: Fedora - name: Fedora
versions: versions:
- 32 - all
galaxy_tags: [] galaxy_tags: []

4
roles/moby_engine/tasks/main.yml
View file

@ -17,8 +17,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
- name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" - name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" # noqa name[template]
include_tasks: "{{ distro_file }}" ansible.builtin.include_tasks: "{{ distro_file }}"
with_first_found: with_first_found:
- "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_distribution }}.yml" - "{{ ansible_distribution }}.yml"

4
roles/monitoring/defaults/main.yml
View file

@ -65,7 +65,7 @@ monitoring_grafana_feature_toggles: []
# The influxdb admin credentials that should be created # The influxdb admin credentials that should be created
monitoring_influxdb_admin_username: "admin" monitoring_influxdb_admin_username: "admin"
monitoring_influxdb_admin_password: "{{ lookup('passwordstore', monitoring_influxdb_domain + '/db-admin create=true length=42') }}" monitoring_influxdb_admin_password: "{{ lookup('passwordstore', monitoring_influxdb_domain + '/db-admin create=true length=42') }}"
# The influxdb databases that should be created and their policies # The influxdb databases that should be created and their policies
monitoring_influxdb_databases: monitoring_influxdb_databases:
@ -82,7 +82,7 @@ monitoring_influxdb_databases:
# Other influxdb users, that should be created # Other influxdb users, that should be created
monitoring_influxdb_users: monitoring_influxdb_users:
- username: "telegraf" - username: "telegraf"
password: "{{ lookup('passwordstore', monitoring_influxdb_domain + '/db create=true length=42') }}" password: "{{ lookup('passwordstore', monitoring_influxdb_domain + '/db create=true length=42') }}"
grants: grants:
- database: "telegraf" - database: "telegraf"
privilege: "ALL" privilege: "ALL"

42
roles/monitoring/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys an influxdb and grafana via docker and traefik. description: "Deploys an influxdb and grafana via docker and traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

2
roles/monitoring/tasks/influxdb/main.yml
View file

@ -33,7 +33,7 @@
no_log: true no_log: true
- name: Configure databases - name: Configure databases
include_tasks: database.yml ansible.builtin.include_tasks: database.yml
loop: "{{ monitoring_influxdb_databases }}" loop: "{{ monitoring_influxdb_databases }}"
loop_control: loop_control:
loop_var: "database" loop_var: "database"

2
roles/monitoring/tasks/main.yml
View file

@ -89,4 +89,4 @@
when: monitoring_compose is changed when: monitoring_compose is changed
- name: Include influxdb management - name: Include influxdb management
include_tasks: influxdb/main.yml ansible.builtin.include_tasks: influxdb/main.yml

2
roles/owncast/handlers/main.yml
View file

@ -18,7 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
- name: restart owncast - name: Restart owncast
community.docker.docker_compose: community.docker.docker_compose:
services: services:
- owncast - owncast

42
roles/owncast/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys an owncast server. description: "Deploys an owncast server."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

2
roles/owncast/tasks/main.yml
View file

@ -61,7 +61,7 @@
owner: 'root' owner: 'root'
group: 'root' group: 'root'
setype: "container_file_t" setype: "container_file_t"
notify: restart owncast notify: Restart owncast
become: true become: true
- name: Deploy docker-compose.yml - name: Deploy docker-compose.yml

2
roles/penpot/defaults/main.yml
View file

@ -44,7 +44,7 @@ penpot_domain: design.example.com
penpot_traefik_certresolver: letsencrypt_http penpot_traefik_certresolver: letsencrypt_http
# The database credentials # The database credentials
penpot_database_password: "{{ lookup('passwordstore', penpot_domain + '/db create=true length=42') }}" penpot_database_password: "{{ lookup('passwordstore', penpot_domain + '/db create=true length=42') }}"
# Should the registration be enabled? # Should the registration be enabled?
penpot_registration_enabled: false penpot_registration_enabled: false

42
roles/penpot/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Setup a penpot docker container with traefik. description: "Setup a penpot docker container with traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

36
roles/ssh/meta/main.yml
View file

@ -1,13 +1,41 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs ssh keys for users and creates them if necessary. description: "Installs ssh keys for users and creates them if necessary."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: Centos - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []

42
roles/static_websites/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys static website containers with traefik. description: "Deploys static website containers with traefik."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik

10
roles/sys_upgrade/meta/main.yml
View file

@ -1,14 +1,14 @@
galaxy_info: galaxy_info:
author: Christoph Kern author: Christoph Kern
description: Upgrades System so latest packages are installed description: "Upgrades System so latest packages are installed"
# If the issue tracker for your role is not on github, uncomment the # If the issue tracker for your role is not on github, uncomment the
# next line and provide a value # next line and provide a value
issue_tracker_url: https://github.com/SISheogorath/ansible-client/issues issue_tracker_url: https://github.com/SISheogorath/ansible-client/issues
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: "2.9"
min_ansible_version: 2.9 standalone: true
# #
# platforms is a list of platforms, and each platform has a name and a list of versions. # platforms is a list of platforms, and each platform has a name and a list of versions.
@ -17,9 +17,9 @@ galaxy_info:
- name: Fedora - name: Fedora
versions: versions:
- all - all
- name: CentOS - name: EL
versions: versions:
- 7 - "7"
- name: Debian - name: Debian
versions: versions:
- all - all

2
roles/sys_upgrade/tasks/Debian.yml
View file

@ -31,7 +31,7 @@
- name: Upgrade all packages - name: Upgrade all packages
ansible.builtin.apt: ansible.builtin.apt:
name: "*" name: "*"
state: latest # noqa 403 state: latest # noqa package-latest
update_cache: true update_cache: true
tags: tags:
- apt - apt

2
roles/sys_upgrade/tasks/Fedora.yml
View file

@ -21,7 +21,7 @@
- name: Upgrade all packages - name: Upgrade all packages
ansible.builtin.dnf: ansible.builtin.dnf:
name: "*" name: "*"
state: latest # noqa 403 state: latest # noqa package-latest
update_cache: true update_cache: true
tags: tags:
- dnf - dnf

2
roles/sys_upgrade/tasks/RedHat.yml
View file

@ -21,7 +21,7 @@
- name: Upgrade all packages (RedHat-common) - name: Upgrade all packages (RedHat-common)
ansible.builtin.yum: ansible.builtin.yum:
name: "*" name: "*"
state: latest # noqa 403 state: latest # noqa package-latest
update_cache: true update_cache: true
tags: tags:
- yum - yum

2
roles/sys_upgrade/tasks/main.yml
View file

@ -18,7 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# #
- name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" - name: "Select tasks for {{ ansible_distribution }} {{ ansible_distribution_major_version }}" # noqa name[template]
ansible.builtin.include_tasks: "{{ distro_file }}" ansible.builtin.include_tasks: "{{ distro_file }}"
with_first_found: with_first_found:
- "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"

40
roles/teamspeak/meta/main.yml
View file

@ -1,16 +1,44 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a teamspeak 3 server via docker. description: "Deploys a teamspeak 3 server via docker."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose

2
roles/telegraf/defaults/main.yml
View file

@ -42,7 +42,7 @@ telegraf_influxdb_endpoints:
# The influxdb credentials # The influxdb credentials
telegraf_influxdb_username: telegraf telegraf_influxdb_username: telegraf
telegraf_influxdb_password: "{{ lookup('passwordstore', telegraf_influxdb_endpoints[0] + '/db create=true length=42') }}" telegraf_influxdb_password: "{{ lookup('passwordstore', telegraf_influxdb_endpoints[0] + '/db create=true length=42') }}"
# The retention policy settings (see https://github.com/influxdata/telegraf/blob/release-1.15/plugins/outputs/influxdb/README.md) # The retention policy settings (see https://github.com/influxdata/telegraf/blob/release-1.15/plugins/outputs/influxdb/README.md)
telegraf_influxdb_retention_policy: "" telegraf_influxdb_retention_policy: ""

40
roles/telegraf/meta/main.yml
View file

@ -1,16 +1,44 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Deploys a telegraf container for monitoring. description: "Deploys a telegraf container for monitoring."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose

40
roles/traefik/meta/main.yml
View file

@ -1,16 +1,44 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs traefik via docker with optional tor access and acmedumper. description: "Installs traefik via docker with optional tor access and acmedumper."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose

8
roles/traefik/tasks/main.yml
View file

@ -58,11 +58,11 @@
become: true become: true
- name: Include configs for Tor - name: Include configs for Tor
include_tasks: tor.yml ansible.builtin.include_tasks: tor.yml
when: traefik_tor_enabled | bool when: traefik_tor_enabled | bool
- name: Include configs for acme-dumper - name: Include configs for acme-dumper
include_tasks: acmedumper.yml ansible.builtin.include_tasks: acmedumper.yml
when: traefik_acmedumper_enabled | bool when: traefik_acmedumper_enabled | bool
- name: Create proxy network - name: Create proxy network
@ -171,7 +171,7 @@
- -p - -p
- tcp - tcp
- --destination - --destination
- "{{ traefik_ipv6.ip_addr | ipaddr('address') }}/128" - "{{ traefik_ipv6.ip_addr | default('2001:db8::') | ansible.utils.ipaddr('address') }}/128"
- --dport - --dport
- "{{ item }}" - "{{ item }}"
- -j - -j
@ -205,7 +205,7 @@
- -p - -p
- tcp - tcp
- --destination - --destination
- "{{ traefik_ipv6.ip_addr | ipaddr('address') }}/128" - "{{ traefik_ipv6.ip_addr | default('2001:db8::') | ansible.utils.ipaddr('address') }}/128"
- --dport - --dport
- "{{ item }}" - "{{ item }}"
- -j - -j

2
roles/vikunja/defaults/main.yml
View file

@ -39,7 +39,7 @@ vikunja_api_traefik_certresolver: letsencrypt_http
vikunja_api_domain: "{{ vikunja_frontend_domain }}" vikunja_api_domain: "{{ vikunja_frontend_domain }}"
# The database password to use # The database password to use
vikunja_database_password: "{{ lookup('passwordstore', vikunja_api_domain + '/db create=true length=42') }}" vikunja_database_password: "{{ lookup('passwordstore', vikunja_api_domain + '/db create=true length=42') }}"
# Container versions # Container versions
# renovate: depName=docker.io/vikunja/api # renovate: depName=docker.io/vikunja/api

42
roles/vikunja/meta/main.yml
View file

@ -1,17 +1,45 @@
galaxy_info: galaxy_info:
author: saibotk author: saibotk
description: Installs vikunja via docker. description: "Installs vikunja via docker."
license: GPL-3.0-only license: GPL-3.0-only
min_ansible_version: 2.9 min_ansible_version: "2.9"
standalone: true
platforms: platforms:
- name: CentOS - name: EL
versions: versions:
- 7 - all
- name: GenericUNIX
versions:
- all
- name: Fedora
versions:
- all
- name: opensuse
versions:
- all
- name: GenericBSD
versions:
- all
- name: FreeBSD
versions:
- all
- name: Ubuntu
versions:
- all
- name: SLES
versions:
- all
- name: GenericLinux
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: [] galaxy_tags: []
dependencies: dependencies:
- docker - role: docker
- docker_compose - role: docker_compose
- traefik - role: traefik