--- - hosts: all vars: base_port: 41080 notes_port: "{{ base_port + 1 }}" dayoff_port: "{{ base_port + 2 }}" homepage_port: "{{ base_port + 3 }}" netdata_port: "{{ base_port + 4 }}" wiki_port: "{{ base_port + 5 }}" nomie_port: "{{ base_port + 6 }}" nomie_db_port: "{{ base_port + 7 }}" gitea_port: "{{ base_port + 8 }}" vars_files: - vars/vars.yml tasks: - name: 'Install additional packages.' apt: name: '{{ packages }}' update_cache: yes vars: packages: - git - python3-pip - acl - import_role: name: yatesr.timezone vars: timezone: UTC - import_role: name: geerlingguy.security vars: security_ssh_permit_root_login: "yes" security_autoupdate_enabled: "no" security_fail2ban_enabled: "yes" - name: 'Install python docker lib.' pip: name: docker tags: - docker - import_role: name: geerlingguy.docker tags: - docker - name: 'Ensure networkd service is started (required by Caddy).' systemd: name: systemd-networkd state: started enabled: true tags: - webserver - import_role: name: caddy_ansible.caddy_ansible vars: caddy_github_token: '{{ caddy_vars.github_token }}' caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}' caddy_update: False caddy_setcap: True caddy_systemd_capabilities_enabled: True caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE" tags: - webserver - import_role: name: netdata vars: netdata_version: 'v1.43.1' netdata_exposed_port: '{{ netdata_port }}' tags: - monitoring # Applications - import_role: name: docker-app vars: username: homepage extra_groups: - docker ssh_keys: - '{{ lookup("file", "files/av_id_rsa.pub") }}' env: DOCKER_PREFIX: homepage PROJECT_NAME: homepage IMAGE_PREFIX: homepage CONTAINER_PREFIX: homepage WEB_SERVER_PORT: '127.0.0.1:{{ homepage_port }}' tags: - apps - import_role: name: docker-app vars: username: dayoff extra_groups: - docker ssh_keys: - '{{ lookup("file", "files/av_id_rsa.pub") }}' - '{{ lookup("file", "files/dayoff_id_rsa.pub") }}' env: DOCKER_PREFIX: dayoff PROJECT_NAME: dayoff IMAGE_PREFIX: dayoff CONTAINER_PREFIX: dayoff WEB_SERVER_PORT: '127.0.0.1:{{ dayoff_port }}' tags: - apps - import_role: name: docker-app vars: username: wiki extra_groups: - docker ssh_keys: - '{{ lookup("file", "files/av_id_rsa.pub") }}' env: PROJECT_NAME: wiki DOCKER_PREFIX: wiki IMAGE_PREFIX: wiki CONTAINER_PREFIX: wiki WEB_SERVER_PORT: '127.0.0.1:{{ wiki_port }}' tags: - apps - import_role: name: docker-app vars: username: nomie extra_groups: - docker ssh_keys: - '{{ lookup("file", "files/av_id_rsa.pub") }}' env: PROJECT_NAME: nomie DOCKER_PREFIX: nomie IMAGE_PREFIX: nomie CONTAINER_PREFIX: nomie WEB_SERVER_PORT: '127.0.0.1:{{ nomie_port }}' COUCH_DB_PORT: '127.0.0.1:{{ nomie_db_port }}' COUCH_DB_USER: 'couch-admin' COUCH_DB_PASSWORD: '{{ nomie.couch_db_password }}' tags: - apps - import_role: name: docker-app vars: username: gitea extra_groups: - docker ssh_keys: - '{{ lookup("file", "files/av_id_rsa.pub") }}' env: PROJECT_NAME: gitea DOCKER_PREFIX: gitea IMAGE_PREFIX: gitea CONTAINER_PREFIX: gitea WEB_SERVER_PORT: '127.0.0.1:{{ gitea_port }}' USER_UID: '{{ uc_result.uid }}' USER_GID: '{{ uc_result.group }}' tags: - apps