171 lines
4.2 KiB
YAML
171 lines
4.2 KiB
YAML
---
|
|
- hosts: all
|
|
vars:
|
|
base_port: 41080
|
|
notes_port: "{{ base_port + 1 }}"
|
|
dayoff_port: "{{ base_port + 2 }}"
|
|
homepage_port: "{{ base_port + 3 }}"
|
|
netdata_port: "{{ base_port + 4 }}"
|
|
wiki_port: "{{ base_port + 5 }}"
|
|
nomie_port: "{{ base_port + 6 }}"
|
|
nomie_db_port: "{{ base_port + 7 }}"
|
|
gitea_port: "{{ base_port + 8 }}"
|
|
vars_files:
|
|
- vars/vars.yml
|
|
|
|
tasks:
|
|
|
|
- name: 'Install additional packages.'
|
|
apt:
|
|
name: '{{ packages }}'
|
|
update_cache: yes
|
|
vars:
|
|
packages:
|
|
- git
|
|
- python3-pip
|
|
- acl
|
|
|
|
- import_role:
|
|
name: yatesr.timezone
|
|
vars:
|
|
timezone: UTC
|
|
|
|
- import_role:
|
|
name: geerlingguy.security
|
|
vars:
|
|
security_ssh_permit_root_login: "yes"
|
|
security_autoupdate_enabled: "no"
|
|
security_fail2ban_enabled: "yes"
|
|
|
|
- name: 'Install python docker lib.'
|
|
pip:
|
|
name: docker
|
|
tags:
|
|
- docker
|
|
|
|
- import_role:
|
|
name: geerlingguy.docker
|
|
tags:
|
|
- docker
|
|
|
|
- name: 'Ensure networkd service is started (required by Caddy).'
|
|
systemd:
|
|
name: systemd-networkd
|
|
state: started
|
|
enabled: true
|
|
tags:
|
|
- webserver
|
|
|
|
- import_role:
|
|
name: caddy_ansible.caddy_ansible
|
|
vars:
|
|
caddy_github_token: '{{ caddy_vars.github_token }}'
|
|
caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
|
|
caddy_update: False
|
|
caddy_setcap: True
|
|
caddy_systemd_capabilities_enabled: True
|
|
caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE"
|
|
tags:
|
|
- webserver
|
|
|
|
- import_role:
|
|
name: netdata
|
|
vars:
|
|
netdata_version: 'v1.43.2'
|
|
netdata_exposed_port: '{{ netdata_port }}'
|
|
tags:
|
|
- monitoring
|
|
|
|
# Applications
|
|
|
|
- import_role:
|
|
name: docker-app
|
|
vars:
|
|
username: homepage
|
|
extra_groups:
|
|
- docker
|
|
ssh_keys:
|
|
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
|
|
env:
|
|
DOCKER_PREFIX: homepage
|
|
PROJECT_NAME: homepage
|
|
IMAGE_PREFIX: homepage
|
|
CONTAINER_PREFIX: homepage
|
|
WEB_SERVER_PORT: '127.0.0.1:{{ homepage_port }}'
|
|
tags:
|
|
- apps
|
|
|
|
- import_role:
|
|
name: docker-app
|
|
vars:
|
|
username: dayoff
|
|
extra_groups:
|
|
- docker
|
|
ssh_keys:
|
|
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
|
|
- '{{ lookup("file", "files/dayoff_id_rsa.pub") }}'
|
|
env:
|
|
DOCKER_PREFIX: dayoff
|
|
PROJECT_NAME: dayoff
|
|
IMAGE_PREFIX: dayoff
|
|
CONTAINER_PREFIX: dayoff
|
|
WEB_SERVER_PORT: '127.0.0.1:{{ dayoff_port }}'
|
|
tags:
|
|
- apps
|
|
|
|
- import_role:
|
|
name: docker-app
|
|
vars:
|
|
username: wiki
|
|
extra_groups:
|
|
- docker
|
|
ssh_keys:
|
|
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
|
|
env:
|
|
PROJECT_NAME: wiki
|
|
DOCKER_PREFIX: wiki
|
|
IMAGE_PREFIX: wiki
|
|
CONTAINER_PREFIX: wiki
|
|
WEB_SERVER_PORT: '127.0.0.1:{{ wiki_port }}'
|
|
tags:
|
|
- apps
|
|
|
|
- import_role:
|
|
name: docker-app
|
|
vars:
|
|
username: nomie
|
|
extra_groups:
|
|
- docker
|
|
ssh_keys:
|
|
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
|
|
env:
|
|
PROJECT_NAME: nomie
|
|
DOCKER_PREFIX: nomie
|
|
IMAGE_PREFIX: nomie
|
|
CONTAINER_PREFIX: nomie
|
|
WEB_SERVER_PORT: '127.0.0.1:{{ nomie_port }}'
|
|
COUCH_DB_PORT: '127.0.0.1:{{ nomie_db_port }}'
|
|
COUCH_DB_USER: 'couch-admin'
|
|
COUCH_DB_PASSWORD: '{{ nomie.couch_db_password }}'
|
|
tags:
|
|
- apps
|
|
|
|
- import_role:
|
|
name: docker-app
|
|
vars:
|
|
username: gitea
|
|
extra_groups:
|
|
- docker
|
|
ssh_keys:
|
|
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
|
|
env:
|
|
PROJECT_NAME: gitea
|
|
DOCKER_PREFIX: gitea
|
|
IMAGE_PREFIX: gitea
|
|
CONTAINER_PREFIX: gitea
|
|
WEB_SERVER_PORT: '127.0.0.1:{{ gitea_port }}'
|
|
USER_UID: '{{ uc_result.uid }}'
|
|
USER_GID: '{{ uc_result.group }}'
|
|
tags:
|
|
- apps
|