diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..e17b067 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,4 @@ +warn_list: + - all +skip_list: + - role-name[path] diff --git a/group_vars/all.yml b/group_vars/all.yml index d1e9541..581c1d7 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,8 +1,16 @@ ansible_become_pass: Cinnamonbun89$ project_root: "{{ inventory_dir }}" + # Local paths docker_stacks: "{{ project_root }}/docker" assets: "{{ project_root }}/assets" + # Remote paths remote_stacks: "/home/javi/docker" remote_app_mounts: "/home/docker" + +# Postgres +pg_host: 10.89.0.102 +pg_port: 5432 +pg_user: postgres +pg_password: password diff --git a/playbooks/arrstack.yml b/playbooks/apps/arrstack.yml similarity index 100% rename from playbooks/arrstack.yml rename to playbooks/apps/arrstack.yml diff --git a/playbooks/apps/jellyfin.yml b/playbooks/apps/jellyfin.yml new file mode 100644 index 0000000..6abe79e --- /dev/null +++ b/playbooks/apps/jellyfin.yml @@ -0,0 +1,15 @@ +--- +- name: Set up jellyfin and jellyseer + hosts: streaming_services + become: true + roles: + - role: util/mount_nfs + vars: + share: "/mnt/main/media" + mount_path: "/home/docker/media" + - role: docker/stack + vars: + stack_name: jellyfin + apps: + - jellyfin + - jellyseer \ No newline at end of file diff --git a/playbooks/apps/stash.yml b/playbooks/apps/stash.yml index 19bccaa..a6762b0 100644 --- a/playbooks/apps/stash.yml +++ b/playbooks/apps/stash.yml @@ -6,7 +6,7 @@ vars: share: "/mnt/main/xrandr" mount_path: "/home/docker/xrandr" - - role: deploy_docker_stack + - role: docker/stack vars: stack_name: stash apps: diff --git a/playbooks/databases.yml b/playbooks/databases.yml deleted file mode 100644 index da909e9..0000000 --- a/playbooks/databases.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Also create users -# Assign a user all priviledges on it's databases ---- -- name: Ensure databases exist - hosts: localhost - connection: local - vars_files: - - ../../vars/pg_main.yml - vars: - dbs: - - arrstack_sonarr_main - - arrstack_sonarr_log - - arrstack_radarr_main - - arrstack_radarr_log - - arrstack_readarr_main - - arrstack_readarr_log - - arrstack_lidarr_main - - arrstack_lidarr_log - - arrstack_prowlarr_main - - arrstack_prowlarr_log - - planeso - - readeck - - spacebin - - linkwarden - - opengist - tasks: - - include_tasks: "../tasks/create_db.yml" - vars: - name: "{{ item }}" - loop: "{{ dbs }}" diff --git a/playbooks/ftp.yml b/playbooks/ftp.yml deleted file mode 100644 index c5fa5c5..0000000 --- a/playbooks/ftp.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -- name: Setup FTP server on Ubuntu - hosts: all - become: true - - tasks: - - name: Update apt cache - ansible.builtin.apt: - update_cache: true - - - name: Install proftpd package - ansible.builtin.apt: - name: proftpd - state: present - - - name: Ensure proftpd is enabled and started - ansible.builtin.service: - name: proftpd - state: started - enabled: true - become: true - - - name: Allow FTP through UFW firewall (if UFW is enabled) - ansible.builtin.ufw: - rule: allow - port: 21 - proto: tcp - ignore_errors: false \ No newline at end of file diff --git a/playbooks/initial_server_setup.yml b/playbooks/initial_server_setup.yml deleted file mode 100644 index 7399b1d..0000000 --- a/playbooks/initial_server_setup.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Set up a new virtual machine - hosts: all - become: true - tasks: - - name: Install Docker - ansible.builtin.include_tasks: - file: '../tasks/provisioning/install_docker.yml' - - name: Pull and run the portainer agent - community.docker.docker_container: - name: portainer_agent - image: portainer/agent:2.27.0 - state: started - restart_policy: always - published_ports: - - "9001:9001" - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - /var/lib/docker/volumes:/var/lib/docker/volumes - - /:/host diff --git a/playbooks/jellyfin.yml b/playbooks/jellyfin.yml deleted file mode 100644 index 0ee6f55..0000000 --- a/playbooks/jellyfin.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -- name: Set up jellyfin - hosts: streaming_services - become: true - tasks: - - name: Mount the media share to the VM - ansible.builtin.include_tasks: - file: ../tasks/mount_nfs.yml - vars: - mount_path: "/home/docker/media" - mount_source: "10.89.0.15:/mnt/main/media" - - - name: Create app mount directory - ansible.builtin.file: - path: /home/docker/jellyfin - state: directory - mode: '0777' - - - name: Ensure jellyfin docker compose folder exists - ansible.builtin.file: - path: /home/javi/docker/jellyfin - state: directory - mode: '0777' - - - name: Ensure jellyseer docker compose folder exists - ansible.builtin.file: - path: /home/javi/docker/jellyseer - state: directory - mode: '0777' - - - name: Copy docker-compose.yml to server - ansible.builtin.copy: - src: '../docker/jellyfin/docker-compose.yml' - dest: '/home/javi/docker/jellyfin/docker-compose.yml' - owner: javi - group: javi - mode: '0777' - - - name: Start up the containers - ansible.builtin.command: docker compose up -d - args: - chdir: /home/javi/docker/jellyfin \ No newline at end of file diff --git a/playbooks/server/base.yml b/playbooks/server/base.yml new file mode 100644 index 0000000..b937573 --- /dev/null +++ b/playbooks/server/base.yml @@ -0,0 +1,9 @@ +--- +- name: Set up a new virtual machine + hosts: all + become: true + roles: + - role: docker/install + - role: docker/portainer + - role: server/setup/sshkey + - role: server/setup/webmin diff --git a/playbooks/webmin.yml b/playbooks/webmin.yml deleted file mode 100644 index 2d93336..0000000 --- a/playbooks/webmin.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -- name: Install Webmin on Debian/Ubuntu - hosts: all - become: true - tasks: - - name: Install required dependencies - ansible.builtin.apt: - name: - - wget - - apt-transport-https - - software-properties-common - state: present - update_cache: true - - - name: Add Webmin repository - ansible.builtin.copy: - dest: /etc/apt/sources.list.d/webmin.list - content: "deb http://download.webmin.com/download/repository sarge contrib" - owner: javi - group: javi - mode: '0777' - - - name: Add Webmin GPG key - ansible.builtin.apt_key: - url: https://www.webmin.com/jcameron-key.asc - state: present - - - name: Update apt cache - ansible.builtin.apt: - update_cache: true - - - name: Install Webmin with recommended packages - ansible.builtin.apt: - name: - - webmin - state: present - update_cache: true - install_recommends: true - - - name: Ensure Webmin service is enabled and running - systemd: - name: webmin - enabled: true - state: started diff --git a/roles/app/database/defaults/main.yml b/roles/app/database/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/app/database/tasks/main.yml b/roles/app/database/tasks/main.yml new file mode 100644 index 0000000..1fb4cf8 --- /dev/null +++ b/roles/app/database/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: Create app database + ansible.builtin.include_role: + name: postgres/database + vars: + database: "{{ app_name }}" + +- name: Create app db user + ansible.builtin.include_role: + name: postgres/user + vars: + user: "{{ app_name }}" + password: "password" + +- name: Give app user full priviledges on DB + ansible.builtin.include_role: + name: postgres/priviledges + vars: + database: "{{ app_name }}" + user: "{{ app_name }}" \ No newline at end of file diff --git a/roles/docker/install/defaults/main.yml b/roles/docker/install/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/docker/install/tasks/main.yml b/roles/docker/install/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/docker/portainer/defaults/main.yml b/roles/docker/portainer/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/docker/portainer/tasks/main.yml b/roles/docker/portainer/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/deploy_docker_stack/defaults/main.yml b/roles/docker/stack/defaults/main.yml similarity index 100% rename from roles/deploy_docker_stack/defaults/main.yml rename to roles/docker/stack/defaults/main.yml diff --git a/roles/deploy_docker_stack/tasks/main.yml b/roles/docker/stack/tasks/main.yml similarity index 100% rename from roles/deploy_docker_stack/tasks/main.yml rename to roles/docker/stack/tasks/main.yml diff --git a/roles/postgres/database/defaults/main.yml b/roles/postgres/database/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/postgres/database/tasks/main.yml b/roles/postgres/database/tasks/main.yml new file mode 100644 index 0000000..b54e09e --- /dev/null +++ b/roles/postgres/database/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- name: Create database + delegate_to: localhost + community.postgresql.postgresql_db: + name: "{{ database }}" + state: present + login_host: "{{ pg_host }}" + login_port: "{{ pg_port }}" + login_user: "{{ pg_user }}" + login_password: "{{ pg_password }}" diff --git a/roles/postgres/priviledges/defaults/main.yml b/roles/postgres/priviledges/defaults/main.yml new file mode 100644 index 0000000..84dc138 --- /dev/null +++ b/roles/postgres/priviledges/defaults/main.yml @@ -0,0 +1 @@ +priviledges: ALL \ No newline at end of file diff --git a/roles/postgres/priviledges/tasks/main.yml b/roles/postgres/priviledges/tasks/main.yml new file mode 100644 index 0000000..7825c35 --- /dev/null +++ b/roles/postgres/priviledges/tasks/main.yml @@ -0,0 +1,14 @@ +--- +- name: Give user full priviledges on database + delegate_to: localhost + community.postgresql.postgresql_privs: + db: "{{ database }}" + type: schema + objs: public + privs: "{{ priviledges }}" + role: "{{ user }}" + state: present + login_host: "{{ pg_host }}" + login_port: "{{ pg_port }}" + login_user: "{{ pg_user }}" + login_password: "{{ pg_password }}" \ No newline at end of file diff --git a/roles/postgres/user/defaults/main.yml b/roles/postgres/user/defaults/main.yml new file mode 100644 index 0000000..3fab93f --- /dev/null +++ b/roles/postgres/user/defaults/main.yml @@ -0,0 +1 @@ +password: "password" \ No newline at end of file diff --git a/roles/postgres/user/tasks/main.yml b/roles/postgres/user/tasks/main.yml new file mode 100644 index 0000000..bbdd928 --- /dev/null +++ b/roles/postgres/user/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: Create postgres user + delegate_to: localhost + community.postgresql.postgresql_user: + name: "{{ user }}" + password: "{{ password }}" + state: present + login_host: "{{ pg_host }}" + login_port: "{{ pg_port }}" + login_user: "{{ pg_user }}" + login_password: "{{ pg_password }}" \ No newline at end of file diff --git a/roles/server/setup/ftp/defaults/main.yml b/roles/server/setup/ftp/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/setup/ftp/tasks/main.yml b/roles/server/setup/ftp/tasks/main.yml new file mode 100644 index 0000000..a710115 --- /dev/null +++ b/roles/server/setup/ftp/tasks/main.yml @@ -0,0 +1,23 @@ +--- +- name: Update apt cache + ansible.builtin.apt: + update_cache: true + +- name: Install proftpd package + ansible.builtin.apt: + name: proftpd + state: present + +- name: Ensure proftpd is enabled and started + ansible.builtin.service: + name: proftpd + state: started + enabled: true + become: true + +- name: Allow FTP through UFW firewall (if UFW is enabled) + community.general.ufw: + rule: allow + port: 21 + proto: tcp + ignore_errors: false \ No newline at end of file diff --git a/roles/server/setup/sshkey/defaults/main.yml b/roles/server/setup/sshkey/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/setup/sshkey/tasks/main.yml b/roles/server/setup/sshkey/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/setup/webmin/defaults/main.yml b/roles/server/setup/webmin/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/setup/webmin/tasks/main.yml b/roles/server/setup/webmin/tasks/main.yml new file mode 100644 index 0000000..48f0d21 --- /dev/null +++ b/roles/server/setup/webmin/tasks/main.yml @@ -0,0 +1,40 @@ +--- +- name: Install required dependencies + ansible.builtin.apt: + name: + - wget + - apt-transport-https + - software-properties-common + state: present + update_cache: true + +- name: Add Webmin repository + ansible.builtin.copy: + dest: /etc/apt/sources.list.d/webmin.list + content: "deb http://download.webmin.com/download/repository sarge contrib" + owner: javi + group: javi + mode: '0777' + +- name: Add Webmin GPG key + ansible.builtin.apt_key: + url: https://www.webmin.com/jcameron-key.asc + state: present + +- name: Update apt cache + ansible.builtin.apt: + update_cache: true + +- name: Install Webmin with recommended packages + ansible.builtin.apt: + name: + - webmin + state: present + update_cache: true + install_recommends: true + +- name: Ensure Webmin service is enabled and running + ansible.builtin.systemd: + name: webmin + enabled: true + state: started \ No newline at end of file diff --git a/roles/mount_nfs/defaults/main.yml b/roles/util/mount_nfs/defaults/main.yml similarity index 100% rename from roles/mount_nfs/defaults/main.yml rename to roles/util/mount_nfs/defaults/main.yml diff --git a/roles/mount_nfs/tasks/main.yml b/roles/util/mount_nfs/tasks/main.yml similarity index 100% rename from roles/mount_nfs/tasks/main.yml rename to roles/util/mount_nfs/tasks/main.yml