diff options
| author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 08:42:21 -0500 |
|---|---|---|
| committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 08:45:42 -0500 |
| commit | 29d67e764c544789e74fdf3cbf4626bea758699b (patch) | |
| tree | 96c8612db7eeabbdf1ee173b6698c62a64da9283 /playbooks | |
| parent | c4115b174d408a576c418c05dc5b4b5ac845b26d (diff) | |
| download | selfhosted-29d67e764c544789e74fdf3cbf4626bea758699b.tar.gz selfhosted-29d67e764c544789e74fdf3cbf4626bea758699b.zip | |
move common setup from playbook into role
Diffstat (limited to 'playbooks')
33 files changed, 113 insertions, 251 deletions
diff --git a/playbooks/archiver.yml b/playbooks/archiver.yml index 9056db3..6c6e891 100644 --- a/playbooks/archiver.yml +++ b/playbooks/archiver.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: archive_servers - - name: configure archiver hosts: archive_servers tags: archive,archiver roles: - - archive_server + - role: common + tags: common + + - role: archive_server diff --git a/playbooks/asterisk.yml b/playbooks/asterisk.yml index 153176a..76bbe40 100644 --- a/playbooks/asterisk.yml +++ b/playbooks/asterisk.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: asterisk_servers - - name: configure asterisk pbx hosts: asterisk_servers tags: asterisk roles: + - role: common + tags: common + - role: asterisk - role: archive_job diff --git a/playbooks/bitwarden.yml b/playbooks/bitwarden.yml index cb9a911..1e7529d 100644 --- a/playbooks/bitwarden.yml +++ b/playbooks/bitwarden.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: bitwarden_servers - - name: configure vaultwarden hosts: bitwarden_servers tags: vaultwarden,bitwarden roles: + - role: common + tags: common + - role: vaultwarden - role: apache_vhost diff --git a/playbooks/common.yml b/playbooks/common.yml index e96be0b..c6c21fd 100644 --- a/playbooks/common.yml +++ b/playbooks/common.yml @@ -1,112 +1,6 @@ -- hosts: '{{ hostlist | default("el") }}' +- name: apply base configuration to all hosts + hosts: el gather_facts: no tags: common roles: - - role: proxmox_instance - when: '"proxmox_instances" in group_names' - tags: proxmox - - - role: dns_records - when: not (bootstrap | default(false)) - tags: dns - - - role: gather_facts - when: not ansible_facts - tags: always - - - role: udev - when: not ansible_virtualization_tech_guest - tags: udev - - - role: root_authorized_keys - tags: authorized_keys - - - role: root_password - tags: root_password - - - role: polkit - tags: polkit - - - role: grub - tags: grub - - - role: sudo - tags: sudo,sudoers - - - role: hostname - tags: hostname - - - role: timezone - tags: timezone - - - role: journald - tags: journald - - - role: yum_disable_default_repos - when: '"yum_mirrors" not in group_names' - - - role: yum - yum_repositories: - - rocky-baseos - - rocky-appstream - - rocky-extras - when: - - '"yum_mirrors" not in group_names' - - not (bootstrap | default(false)) - tags: yum - - - role: dnsmasq - when: '"freeipa_servers" not in group_names' - tags: dnsmasq - - - role: locale - tags: locale - - - role: selinux - tags: selinux - - - role: qemu_guest_agent - when: '"kvm" in ansible_virtualization_tech_guest' - tags: qemu - - - role: firewalld - tags: firewalld - - - role: chrony - tags: chrony,ntp - - - role: dnf_automatic - tags: yum - - - role: ssh - tags: ssh - - - role: tuned - tags: tuned - - - role: motd - tags: motd - - - role: packages - tags: packages - - - role: postfix_client - when: '"mail_servers" not in group_names' - tags: postfix,mail - - - role: freeipa_client - when: '"freeipa_servers" not in group_names' - tags: freeipa - - - role: rsyslog_client - when: - - '"syslog_servers" not in group_names' - - not (bootstrap | default(false)) - tags: rsyslog - - - role: nagios_client - when: - - (group_names | intersect(nagios_excluded_groups) | length) == 0 - - '"yum_mirrors" not in group_names' - - not (bootstrap | default(false)) - tags: nagios + - common diff --git a/playbooks/cups.yml b/playbooks/cups.yml index 20bed0b..ed67eb1 100644 --- a/playbooks/cups.yml +++ b/playbooks/cups.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: cups_servers - - name: configure cups hosts: cups_servers tags: cups roles: + - role: common + tags: common + - role: cups_server - role: archive_job diff --git a/playbooks/dav.yml b/playbooks/dav.yml index 21c4a97..69b6167 100644 --- a/playbooks/dav.yml +++ b/playbooks/dav.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: dav_servers - - name: configure sabredav hosts: dav_servers tags: sabredav,dav roles: + - role: common + tags: common + - role: sabredav - role: apache_vhost diff --git a/playbooks/dev_servers.yml b/playbooks/dev_servers.yml index 2602d6d..7530b05 100644 --- a/playbooks/dev_servers.yml +++ b/playbooks/dev_servers.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: dev_servers - - name: configure development environment hosts: dev_servers tags: dev roles: - - dev_environment + - role: common + tags: common + + - role: dev_environment diff --git a/playbooks/freeipa.yml b/playbooks/freeipa.yml index a83aaf6..b8ecc85 100644 --- a/playbooks/freeipa.yml +++ b/playbooks/freeipa.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: freeipa_servers - - name: configure freeipa master hosts: freeipa_master tags: freeipa roles: + - role: common + tags: common + - role: freeipa_server - role: archive_job diff --git a/playbooks/freeipa_bootstrap.yml b/playbooks/freeipa_bootstrap.yml index 38865a1..224abe5 100644 --- a/playbooks/freeipa_bootstrap.yml +++ b/playbooks/freeipa_bootstrap.yml @@ -1,10 +1,9 @@ -- import_playbook: common.yml - vars: - hostlist: freeipa_master - bootstrap: yes - - name: configure freeipa master hosts: freeipa_master tags: freeipa roles: - - freeipa_server + - role: common + bootstrap: yes + tags: common + + - role: freeipa_server diff --git a/playbooks/freeipa_replica.yml b/playbooks/freeipa_replica.yml index adac739..a313439 100644 --- a/playbooks/freeipa_replica.yml +++ b/playbooks/freeipa_replica.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: freeipa_master - - name: configure freeipa replicas hosts: freeipa_servers:!freeipa_master tags: freeipa roles: - - freeipa_replica + - role: common + tags: common + + - role: freeipa_replica diff --git a/playbooks/git.yml b/playbooks/git.yml index 9e4c112..6833467 100644 --- a/playbooks/git.yml +++ b/playbooks/git.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: git_servers - - name: configure git repository hosts: git_servers tags: git roles: + - role: common + tags: common + - role: gitolite tags: gitolite diff --git a/playbooks/jellyfin.yml b/playbooks/jellyfin.yml index 7fa6721..4b68d82 100644 --- a/playbooks/jellyfin.yml +++ b/playbooks/jellyfin.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: jellyfin_servers - - name: configure jellyfin hosts: jellyfin_servers tags: jellyfin roles: + - role: common + tags: common + - role: jellyfin - role: apache_vhost diff --git a/playbooks/linux_desktops.yml b/playbooks/linux_desktops.yml index d7c2fee..6fa6570 100644 --- a/playbooks/linux_desktops.yml +++ b/playbooks/linux_desktops.yml @@ -1,10 +1,9 @@ -- import_playbook: common.yml - vars: - hostlist: linux_desktops - - name: configure linux desktop environment hosts: linux_desktops roles: + - role: common + tags: common + - role: dev_environment tags: dev diff --git a/playbooks/linux_laptops.yml b/playbooks/linux_laptops.yml index c841e95..a3c62a6 100644 --- a/playbooks/linux_laptops.yml +++ b/playbooks/linux_laptops.yml @@ -1,10 +1,9 @@ -- import_playbook: common.yml - vars: - hostlist: linux_laptops - - name: configure linux desktop environment hosts: linux_laptops roles: + - role: common + tags: common + - role: dev_environment tags: dev diff --git a/playbooks/mail.yml b/playbooks/mail.yml index 6df70f3..ce272a9 100644 --- a/playbooks/mail.yml +++ b/playbooks/mail.yml @@ -1,6 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: rspamd_servers,mail_servers,imap_servers +- name: run common roles + hosts: rspamd_servers,mail_servers,imap_servers + tags: common + roles: + - common - name: configure rspamd hosts: rspamd_servers @@ -18,13 +20,13 @@ archive_shell: '{{ rspamd_archive_shell }}' tags: archive -- name: configure Postfix +- name: configure postfix hosts: mail_servers tags: postfix,smtp roles: - - postfix_server + - role: postfix_server -- name: configure Dovecot +- name: configure dovecot hosts: imap_servers tags: dovecot,imap roles: diff --git a/playbooks/nagios.yml b/playbooks/nagios.yml index cb13d57..d0ff488 100644 --- a/playbooks/nagios.yml +++ b/playbooks/nagios.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: nagios_servers - - name: configure nagios hosts: nagios_servers tags: nagios roles: + - role: common + tags: common + - role: nagios_server - role: apache_vhost diff --git a/playbooks/nameservers.yml b/playbooks/nameservers.yml index a977744..8241208 100644 --- a/playbooks/nameservers.yml +++ b/playbooks/nameservers.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: authoritative_nameservers - - name: configure nsd hosts: authoritative_nameservers tags: nsd roles: - - nsd + - role: common + tags: common + + - role: nsd diff --git a/playbooks/nfs.yml b/playbooks/nfs.yml index a066afb..0c96231 100644 --- a/playbooks/nfs.yml +++ b/playbooks/nfs.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: nfs_servers - - name: configure nfs exports hosts: nfs_servers tags: nfs roles: - - nfs_server + - role: common + tags: common + + - role: nfs_server diff --git a/playbooks/photostructure.yml b/playbooks/photostructure.yml index 12ebe1f..d94ddc7 100644 --- a/playbooks/photostructure.yml +++ b/playbooks/photostructure.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: photostructure_servers - - name: configure photostructure hosts: photostructure_servers tags: photostructure roles: + - role: common + tags: common + - role: photostructure - role: apache_vhost diff --git a/playbooks/postgres.yml b/playbooks/postgres.yml index 72192ec..fb7f7aa 100644 --- a/playbooks/postgres.yml +++ b/playbooks/postgres.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: postgresql_servers - - name: configure postgresql hosts: postgresql_servers tags: postgres,postgresql roles: + - role: common + tags: common + - role: postgresql_server - role: archive_job diff --git a/playbooks/privbrowse.yml b/playbooks/privbrowse.yml index 8b61d5c..aaa5ee5 100644 --- a/playbooks/privbrowse.yml +++ b/playbooks/privbrowse.yml @@ -1,10 +1,9 @@ -- import_playbook: common.yml - vars: - hostlist: privbrowse_servers - - name: configure web service frontends hosts: privbrowse_servers roles: + - role: common + tags: common + - role: invidious tags: invidious diff --git a/playbooks/radius.yml b/playbooks/radius.yml index 6529365..59140b9 100644 --- a/playbooks/radius.yml +++ b/playbooks/radius.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: radius_servers - - name: configure freeradius hosts: radius_servers tags: freeradius,radius roles: - - freeradius + - role: common + tags: common + + - role: freeradius diff --git a/playbooks/syncthing.yml b/playbooks/syncthing.yml index 3fad588..e93745d 100644 --- a/playbooks/syncthing.yml +++ b/playbooks/syncthing.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: syncthing_servers - - name: configure syncthing hosts: syncthing_servers tags: syncthing roles: + - role: common + tags: common + - role: syncthing - role: archive_job diff --git a/playbooks/syslog.yml b/playbooks/syslog.yml index 2891dc6..abf3cc3 100644 --- a/playbooks/syslog.yml +++ b/playbooks/syslog.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: syslog_servers - - name: configure rsyslog server hosts: syslog_servers tags: rsyslog,syslog roles: - - rsyslog_server + - role: common + tags: common + + - role: rsyslog_server diff --git a/playbooks/ttrss.yml b/playbooks/ttrss.yml index befd157..337258e 100644 --- a/playbooks/ttrss.yml +++ b/playbooks/ttrss.yml @@ -1,12 +1,10 @@ -- import_playbook: common.yml - tags: common - vars: - hostlist: ttrss_servers - - name: configure tinytinyrss hosts: ttrss_servers tags: ttrss roles: + - role: common + tags: common + - role: ttrss - role: apache_vhost diff --git a/playbooks/turn.yml b/playbooks/turn.yml index 20b6196..42832d6 100644 --- a/playbooks/turn.yml +++ b/playbooks/turn.yml @@ -1,10 +1,8 @@ -- import_playbook: common.yml - tags: common - vars: - hostlist: turn_servers - - name: configure coturn hosts: turn_servers tags: coturn,turn roles: + - role: common + tags: common + - role: coturn diff --git a/playbooks/unifi.yml b/playbooks/unifi.yml index 1b0864d..667ff1b 100644 --- a/playbooks/unifi.yml +++ b/playbooks/unifi.yml @@ -1,12 +1,10 @@ -- import_playbook: common.yml - tags: common - vars: - hostlist: unifi_controllers - - name: configure unifi controller hosts: unifi_controllers tags: unifi roles: + - role: common + tags: common + - role: unifi - role: archive_job diff --git a/playbooks/webserver_internal.yml b/playbooks/webserver_internal.yml index eb27c97..90ffdb3 100644 --- a/playbooks/webserver_internal.yml +++ b/playbooks/webserver_internal.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: www1 - - name: configure internal web servers hosts: www1 tags: apache roles: + - role: common + tags: common + - role: apache_vhost apache_default_vhost: yes apache_config: | diff --git a/playbooks/webserver_public.yml b/playbooks/webserver_public.yml index 17221e6..b362eed 100644 --- a/playbooks/webserver_public.yml +++ b/playbooks/webserver_public.yml @@ -1,10 +1,9 @@ -- import_playbook: common.yml - vars: - hostlist: dmz-www1 - - name: configure public web server hosts: dmz-www1 roles: + - role: common + tags: common + - role: apache_vhost apache_server_name: www.example.com apache_server_aliases: [example.com] diff --git a/playbooks/wiki.yml b/playbooks/wiki.yml index 794eb74..bb7d25d 100644 --- a/playbooks/wiki.yml +++ b/playbooks/wiki.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: wiki_servers - - name: configure mediawiki hosts: wiki_servers tags: wiki,mediawiki roles: + - role: common + tags: common + - role: mediawiki - role: apache_vhost diff --git a/playbooks/xmpp.yml b/playbooks/xmpp.yml index 38d0ce4..6d86a88 100644 --- a/playbooks/xmpp.yml +++ b/playbooks/xmpp.yml @@ -1,9 +1,8 @@ -- import_playbook: common.yml - vars: - hostlist: xmpp_servers - - name: configure prosody hosts: xmpp_servers tags: xmpp,prosody roles: + - role: common + tags: common + - role: prosody diff --git a/playbooks/yum.yml b/playbooks/yum.yml index e0c829f..9f93b8f 100644 --- a/playbooks/yum.yml +++ b/playbooks/yum.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: yum_mirrors - - name: configure yum mirrors hosts: yum_mirrors tags: yum roles: + - role: common + tags: common + - role: yum_mirror - role: apache_vhost diff --git a/playbooks/znc.yml b/playbooks/znc.yml index 79f3721..34d6ada 100644 --- a/playbooks/znc.yml +++ b/playbooks/znc.yml @@ -1,11 +1,10 @@ -- import_playbook: common.yml - vars: - hostlist: znc_servers - - name: configure znc hosts: znc_servers tags: znc roles: + - role: common + tags: common + - role: znc - role: archive_job |