diff --git a/hosts.yml b/hosts.yml index 9068861..1c34a46 100755 --- a/hosts.yml +++ b/hosts.yml @@ -5,7 +5,7 @@ # 10.89.0.1xx for VMs running the actual apps I host all: children: - servers: + bare_metal: hosts: node1: ansible_host: 10.89.0.13 diff --git a/playbooks/local-docker.yml b/playbooks/local-docker.yml new file mode 100644 index 0000000..1e6c49d --- /dev/null +++ b/playbooks/local-docker.yml @@ -0,0 +1,6 @@ +--- +- name: Install docker + hosts: localhost + become: true + roles: + - docker/install \ No newline at end of file diff --git a/playbooks/nodes/apps.yml b/playbooks/nodes/apps.yml index fd5e137..efbb0fe 100644 --- a/playbooks/nodes/apps.yml +++ b/playbooks/nodes/apps.yml @@ -3,9 +3,9 @@ hosts: apps become: true roles: - - role: apps/kan - vars: - port: 7070 + # - role: apps/kan + # vars: + # port: 7070 - role: apps/memos vars: port: 7071 @@ -21,10 +21,13 @@ - role: apps/stirling-pdf vars: port: 7075 - - role: apps/dumbware-todo + # - role: apps/dumbware-todo + # vars: + # port: 7076 + # pin: 8989 + - role: apps/flowtodo vars: port: 7076 - pin: 8989 - role: apps/filebrowser vars: port: 7078 @@ -63,6 +66,10 @@ vars: port: 7085 url: "https://tasks.thegrind.dev" + - role: apps/planka + vars: + port: 7085 + url: "https://tasks.thegrind.dev" tasks: - name: Personal DW drop ansible.builtin.include_role: diff --git a/playbooks/observability.yml b/playbooks/observability.yml new file mode 100644 index 0000000..e76905a --- /dev/null +++ b/playbooks/observability.yml @@ -0,0 +1,7 @@ +--- +- name: Set up observability on all relevant hosts + hosts: vms + become: true + roles: + # - role: docker/install # Needed for the node exporter + - role: observability/prometheus-node-exporter diff --git a/playbooks/pve-user.yml b/playbooks/pve-user.yml new file mode 100644 index 0000000..d698e5a --- /dev/null +++ b/playbooks/pve-user.yml @@ -0,0 +1,8 @@ +- name: Set up javi as a user with ssh key on PVE hosts + hosts: node1 + remote_user: root + roles: + - role: server/install-sudo + - role: server/users + - role: server/setup/sshkey + - role: server/kitty diff --git a/playbooks/server/base.yml b/playbooks/server/base.yml index dc7bc2f..230a9fd 100755 --- a/playbooks/server/base.yml +++ b/playbooks/server/base.yml @@ -1,10 +1,11 @@ --- - name: set up a new virtual machine - hosts: vms + hosts: apps become: true roles: # - role: observability/prometheus-node-exporter + - role: server/kitty # - role: observability/beszel-agent # - role: docker/install # - role: docker/portainer - # - role: server/setup/sshkey \ No newline at end of file + - role: server/setup/sshkey \ No newline at end of file diff --git a/playbooks/util/templates/prometheus.yml.j2 b/playbooks/util/templates/prometheus.yml.j2 index a939420..2fd36ae 100644 --- a/playbooks/util/templates/prometheus.yml.j2 +++ b/playbooks/util/templates/prometheus.yml.j2 @@ -12,4 +12,17 @@ scrape_configs: - targets: ['{{ hostvars[host].ansible_host }}:9100'] labels: name: '{{ host }}' + group: 'vms' + {% endfor %} + {% for host in groups['proxies'] %} + - targets: ['{{ hostvars[host].ansible_host }}:9100'] + labels: + name: '{{ host }}' + group: 'proxies' + {% endfor %} + {% for host in groups['utility'] %} + - targets: ['{{ hostvars[host].ansible_host }}:9100'] + labels: + name: '{{ host }}' + group: 'utility' {% endfor %} \ No newline at end of file diff --git a/roles/apps/flowtodo/defaults/main.yml b/roles/apps/flowtodo/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/apps/flowtodo/tasks/main.yml b/roles/apps/flowtodo/tasks/main.yml new file mode 100644 index 0000000..651f39b --- /dev/null +++ b/roles/apps/flowtodo/tasks/main.yml @@ -0,0 +1,25 @@ +- name: Create database + ansible.builtin.include_role: + role: app/database + vars: + app_name: "flowtodo" + +- name: Deploy container + community.docker.docker_container: + image: gitgud.foo/thegrind/flowtodo + name: flowtodo + pull: true + state: started + ports: + - "{{ port }}:8000" + env: + APP_URL: "https://do.thatshit.live" + APP_TIMEZONE: "America/New_York" + APP_KEY: "base64:7qHvFe7hgCjspoQfBBqMn1nqA6jrRMkYfee/hYlCNt8=" + OCTANE_HTTPS: "true" + DB_CONNECTION: "pgsql" + DB_HOST: "{{ pg_host }}" + DB_PORT: "{{ pg_port | string }}" + DB_DATABASE: "flowtodo" + DB_USERNAME: "flowtodo" + DB_PASSWORD: "password" \ No newline at end of file diff --git a/roles/docker/install/tasks/main.yml b/roles/docker/install/tasks/main.yml index 86b2c7c..55f44f6 100755 --- a/roles/docker/install/tasks/main.yml +++ b/roles/docker/install/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Update apt cache ansible.builtin.apt: - update_cache: yes + update_cache: true - name: Install prerequisite packages ansible.builtin.apt: diff --git a/roles/server/install-sudo/defaults/main.yml b/roles/server/install-sudo/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/install-sudo/tasks/main.yml b/roles/server/install-sudo/tasks/main.yml new file mode 100644 index 0000000..e7ebdfa --- /dev/null +++ b/roles/server/install-sudo/tasks/main.yml @@ -0,0 +1,27 @@ +- name: Disable Proxmox Enterprise repo + ansible.builtin.replace: + path: /etc/apt/sources.list.d/pve-enterprise.list + regexp: '^deb' + replace: '# deb' + +- name: Comment out Proxmox Ceph Enterprise repo + ansible.builtin.replace: + path: /etc/apt/sources.list.d/ceph.list + regexp: '^deb ' + replace: '# deb ' + ignore_errors: true + +- name: Add no-subscription Proxmox repo + ansible.builtin.copy: + dest: /etc/apt/sources.list.d/pve-no-subscription.list + content: | + deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription + owner: root + group: root + mode: '0644' + +- name: Install sudo + ansible.builtin.apt: + update_cache: true + name: sudo + state: present \ No newline at end of file diff --git a/roles/server/kitty/defaults/main.yml b/roles/server/kitty/defaults/main.yml new file mode 100644 index 0000000..5637f0b --- /dev/null +++ b/roles/server/kitty/defaults/main.yml @@ -0,0 +1,3 @@ +users: + - xbazzi + - ansible diff --git a/roles/server/kitty/tasks/main.yml b/roles/server/kitty/tasks/main.yml new file mode 100644 index 0000000..1d4dac6 --- /dev/null +++ b/roles/server/kitty/tasks/main.yml @@ -0,0 +1,29 @@ +--- +# Pre-requisite: +# ❯ infocmp -a xterm-kitty > ~/.xterm-kitty.terminfo +# - name: Check if kitty term-info exists +# ansible.builtin.stat: +# path: "/home/javi/.xterm-kitty.terminfo" +# register: file_check + +# - name: Fail if file does not exist +# ansible.builtin.fail: +# msg: "Kitty term info does't exist. Please run: infocmp -a xterm-kitty > ~/.xterm-kitty.terminfo" +# when: not file_check.stat.exists + +- name: Copy pre-generated kitty terminfo to remote users + copy: + src: "/home/javi/.xterm-kitty.terminfo" + dest: /home/javi/.xterm-kitty.terminfo + owner: "javi" + group: "javi" + mode: '0644' + +- name: Compile terminfo for each user + ansible.builtin.command: > + tic -x -o /home/javi/.terminfo/ /home/javi/.xterm-kitty.terminfo + +- name: Clean up xterm-kitty.terminfo from home directory + ansible.builtin.file: + path: "/home/javi/.xterm-kitty.terminfo" + state: absent \ No newline at end of file diff --git a/roles/server/users/defaults/main.yml b/roles/server/users/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/users/tasks/main.yml b/roles/server/users/tasks/main.yml new file mode 100644 index 0000000..3c65d9e --- /dev/null +++ b/roles/server/users/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: Add javi group + ansible.builtin.group: + name: javi + gid: 1000 + state: present + +- name: Add javi user + ansible.builtin.user: + name: javi + create_home: true + shell: /bin/bash + groups: "sudo,javi" + uid: 1000 + state: present + append: true + +- name: Add javi to sudoers w/ no password + community.general.sudoers: + name: sudoers + user: javi + state: present + commands: ALL + nopassword: true \ No newline at end of file