diff --git a/inventory/my-cluster/host_vars/convertx b/inventory/my-cluster/host_vars/convertx new file mode 100644 index 0000000..760ebd5 --- /dev/null +++ b/inventory/my-cluster/host_vars/convertx @@ -0,0 +1,6 @@ +--- + +ansible_user: root +ansible_host: 10.0.2.43 +ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 643 diff --git a/inventory/my-cluster/host_vars/nocodb b/inventory/my-cluster/host_vars/nocodb new file mode 100644 index 0000000..9124a01 --- /dev/null +++ b/inventory/my-cluster/host_vars/nocodb @@ -0,0 +1,6 @@ +--- + +ansible_user: root +ansible_host: 10.0.2.44 +ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 643 diff --git a/inventory/my-cluster/hosts.ini b/inventory/my-cluster/hosts.ini index 775483b..8395628 100644 --- a/inventory/my-cluster/hosts.ini +++ b/inventory/my-cluster/hosts.ini @@ -23,6 +23,8 @@ upsnap ghostfolio graylog jellyfin +convertx +nocodb [baremetal] mipha diff --git a/playbook-43-convertx.yml b/playbook-43-convertx.yml new file mode 100644 index 0000000..33deac3 --- /dev/null +++ b/playbook-43-convertx.yml @@ -0,0 +1,27 @@ +--- +- hosts: localhost + become: yes + roles: + - role: 43-convertx/provision/delete + vars: + vmid: 643 + - role: 43-convertx/provision/create + vars: + vmid: 643 + - role: 43-convertx/provision/start + vars: + vmid: 643 + +- hosts: purah + become: yes + roles: + - role: 43-convertx/enable-ssh + vars: + vmid: 643 + +- hosts: convertx + become: yes + roles: + - role: 43-convertx/update + - role: 43-convertx/install-docker + - role: 43-convertx/install-app diff --git a/playbook-44-nocodb.yml b/playbook-44-nocodb.yml new file mode 100644 index 0000000..fa6a9b0 --- /dev/null +++ b/playbook-44-nocodb.yml @@ -0,0 +1,27 @@ +--- +- hosts: localhost + become: yes + roles: + - role: 44-nocodb/provision/delete + vars: + vmid: 644 + - role: 44-nocodb/provision/create + vars: + vmid: 644 + - role: 44-nocodb/provision/start + vars: + vmid: 644 + +- hosts: purah + become: yes + roles: + - role: 44-nocodb/enable-ssh + vars: + vmid: 644 + +- hosts: nocodb + become: yes + roles: + - role: 44-nocodb/update + - role: 44-nocodb/install-docker + - role: 44-nocodb/install-app diff --git a/roles/43-convertx/enable-ssh/tasks/main.yml b/roles/43-convertx/enable-ssh/tasks/main.yml new file mode 100644 index 0000000..33f5194 --- /dev/null +++ b/roles/43-convertx/enable-ssh/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh) + +- name: Pause for 10 seconds to wait for SSH server + ansible.builtin.pause: + seconds: 10 + +- name: Allow SSH into LXC + ansible.builtin.command: lxc-attach -n 643 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config + +- name: Restart SSH Service + ansible.builtin.command: lxc-attach -n 643 service ssh restart diff --git a/roles/43-convertx/install-app/tasks/main.yml b/roles/43-convertx/install-app/tasks/main.yml new file mode 100644 index 0000000..3aa3110 --- /dev/null +++ b/roles/43-convertx/install-app/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: Create directory for docker-compose + ansible.builtin.file: + path: /root/docker/ + state: directory + mode: "0755" + +- name: Copy docker-compose file + template: + src: "docker-compose.yml" + dest: /root/docker/docker-compose.yml + owner: root + group: root + mode: 0755 + +- name: Run docker-compose + ansible.builtin.shell: + args: + cmd: docker compose up -d + chdir: /root/docker/ diff --git a/roles/43-convertx/install-app/templates/docker-compose.yml b/roles/43-convertx/install-app/templates/docker-compose.yml new file mode 100644 index 0000000..4035ed3 --- /dev/null +++ b/roles/43-convertx/install-app/templates/docker-compose.yml @@ -0,0 +1,13 @@ +services: + convertx: + image: ghcr.io/c4illin/convertx + container_name: convertx + restart: unless-stopped + ports: + - "3000:3000" + environment: + - JWT_SECRET=nYHNRfvan2ex5um8DNELQSVVXv7R2c8vBeLFn2qyUYKJY32zuJuAih8JnYZM6CvQ + - ALLOW_UNAUTHENTICATED=true + - HTTP_ALLOWED=true + volumes: + - ./data:/app/data \ No newline at end of file diff --git a/roles/43-convertx/install-docker/tasks/main.yml b/roles/43-convertx/install-docker/tasks/main.yml new file mode 100644 index 0000000..d5baba9 --- /dev/null +++ b/roles/43-convertx/install-docker/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Get convenience script + uri: + url: "https://get.docker.com" + method: GET + dest: /tmp/get-docker.sh + mode: a+x + creates: /tmp/get-docker.sh + +- name: Execute script + ansible.builtin.shell: /tmp/get-docker.sh + +- name: Ensure group "docker" exists + ansible.builtin.group: + name: docker + state: present + +- name: Add root user to docker group + ansible.builtin.user: + name: root + groups: docker + append: yes + +- name: Enable docker on startup + ansible.builtin.shell: | + systemctl enable docker.service + systemctl enable containerd.service diff --git a/roles/43-convertx/provision/create/tasks/main.yml b/roles/43-convertx/provision/create/tasks/main.yml new file mode 100644 index 0000000..c269383 --- /dev/null +++ b/roles/43-convertx/provision/create/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Create container + community.general.proxmox: + vmid: 643 + node: purah + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + password: "{{ lxc_password }}" + hostname: convertx + ostemplate: "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst" + netif: "{'net0':'name=eth0,\ + gw=10.0.0.1,\ + ip=10.0.2.43/21,\ + hwaddr=cc:c6:cf:de:20:43,\ + bridge=vmbr0'}" + cores: 2 + memory: 4196 + unprivileged: no + swap: 0 + searchdomain: "home" + onboot: 1 + features: + - nesting=1 + - keyctl=1 + disk: purah-mirror-860gb:20 + force: yes diff --git a/roles/43-convertx/provision/delete/tasks/main.yml b/roles/43-convertx/provision/delete/tasks/main.yml new file mode 100644 index 0000000..9a400d1 --- /dev/null +++ b/roles/43-convertx/provision/delete/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Stop container + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: stopped + ignore_errors: true + timeout: 90 + +- name: Remove containers + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: absent + ignore_errors: true + timeout: 90 + +- name: Remove .ssh/known_hosts lines + ansible.builtin.lineinfile: + path: /Users/lino.silva/.ssh/known_hosts + state: absent + regexp: "^10.0.2.43" + diff --git a/roles/43-convertx/provision/start/tasks/main.yml b/roles/43-convertx/provision/start/tasks/main.yml new file mode 100644 index 0000000..de86b9b --- /dev/null +++ b/roles/43-convertx/provision/start/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- name: Start deployments + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: started diff --git a/roles/43-convertx/update/tasks/main.yml b/roles/43-convertx/update/tasks/main.yml new file mode 100644 index 0000000..8227bf4 --- /dev/null +++ b/roles/43-convertx/update/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Update all packages to their latest version + become: true + ansible.builtin.apt: + update_cache: yes + upgrade: full diff --git a/roles/44-nocodb/enable-ssh/tasks/main.yml b/roles/44-nocodb/enable-ssh/tasks/main.yml new file mode 100644 index 0000000..ca743fe --- /dev/null +++ b/roles/44-nocodb/enable-ssh/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh) + +- name: Pause for 10 seconds to wait for SSH server + ansible.builtin.pause: + seconds: 10 + +- name: Allow SSH into LXC + ansible.builtin.command: lxc-attach -n 644 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config + +- name: Restart SSH Service + ansible.builtin.command: lxc-attach -n 644 service ssh restart diff --git a/roles/44-nocodb/install-app/tasks/main.yml b/roles/44-nocodb/install-app/tasks/main.yml new file mode 100644 index 0000000..3aa3110 --- /dev/null +++ b/roles/44-nocodb/install-app/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: Create directory for docker-compose + ansible.builtin.file: + path: /root/docker/ + state: directory + mode: "0755" + +- name: Copy docker-compose file + template: + src: "docker-compose.yml" + dest: /root/docker/docker-compose.yml + owner: root + group: root + mode: 0755 + +- name: Run docker-compose + ansible.builtin.shell: + args: + cmd: docker compose up -d + chdir: /root/docker/ diff --git a/roles/44-nocodb/install-app/templates/docker-compose.yml b/roles/44-nocodb/install-app/templates/docker-compose.yml new file mode 100644 index 0000000..df344bf --- /dev/null +++ b/roles/44-nocodb/install-app/templates/docker-compose.yml @@ -0,0 +1,28 @@ +version: '2.1' +services: + nocodb: + depends_on: + root_db: + condition: service_healthy + environment: + NC_DB: "pg://root_db:5432?u=frxcKozq3RVsSnb7SFY5Jc86Dm2bdQHAfLAW63mjKqsNCoZDLUy84MPRDmJ4ExbJ&p=pZSc4HmWrcnFQxgxcTsPMBHBvvs9D3q5UzrU54JeqkRBheN8bPvfgpKJEhCRcf3d&d=root_db" + image: "nocodb/nocodb:latest" + ports: + - "8080:8080" + restart: always + volumes: + - "/data/app:/usr/app/data" + root_db: + environment: + POSTGRES_DB: root_db + POSTGRES_PASSWORD: pZSc4HmWrcnFQxgxcTsPMBHBvvs9D3q5UzrU54JeqkRBheN8bPvfgpKJEhCRcf3d + POSTGRES_USER: frxcKozq3RVsSnb7SFY5Jc86Dm2bdQHAfLAW63mjKqsNCoZDLUy84MPRDmJ4ExbJ + healthcheck: + interval: 10s + retries: 10 + test: "pg_isready -U \"$$POSTGRES_USER\" -d \"$$POSTGRES_DB\"" + timeout: 2s + image: postgres:16.6 + restart: always + volumes: + - "/data/pg:/var/lib/postgresql/data" diff --git a/roles/44-nocodb/install-docker/tasks/main.yml b/roles/44-nocodb/install-docker/tasks/main.yml new file mode 100644 index 0000000..d5baba9 --- /dev/null +++ b/roles/44-nocodb/install-docker/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Get convenience script + uri: + url: "https://get.docker.com" + method: GET + dest: /tmp/get-docker.sh + mode: a+x + creates: /tmp/get-docker.sh + +- name: Execute script + ansible.builtin.shell: /tmp/get-docker.sh + +- name: Ensure group "docker" exists + ansible.builtin.group: + name: docker + state: present + +- name: Add root user to docker group + ansible.builtin.user: + name: root + groups: docker + append: yes + +- name: Enable docker on startup + ansible.builtin.shell: | + systemctl enable docker.service + systemctl enable containerd.service diff --git a/roles/44-nocodb/provision/create/tasks/main.yml b/roles/44-nocodb/provision/create/tasks/main.yml new file mode 100644 index 0000000..6380608 --- /dev/null +++ b/roles/44-nocodb/provision/create/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Create container + community.general.proxmox: + vmid: 644 + node: purah + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + password: "{{ lxc_password }}" + hostname: nocodb + ostemplate: "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst" + netif: "{'net0':'name=eth0,\ + gw=10.0.0.1,\ + ip=10.0.2.44/21,\ + hwaddr=cc:c6:cf:de:20:44,\ + bridge=vmbr0'}" + cores: 2 + memory: 4196 + unprivileged: no + swap: 0 + searchdomain: "home" + onboot: 1 + features: + - nesting=1 + - keyctl=1 + disk: purah-mirror-860gb:40 + force: yes diff --git a/roles/44-nocodb/provision/delete/tasks/main.yml b/roles/44-nocodb/provision/delete/tasks/main.yml new file mode 100644 index 0000000..414be67 --- /dev/null +++ b/roles/44-nocodb/provision/delete/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Stop container + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: stopped + ignore_errors: true + timeout: 90 + +- name: Remove containers + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: absent + ignore_errors: true + timeout: 90 + +- name: Remove .ssh/known_hosts lines + ansible.builtin.lineinfile: + path: /Users/lino.silva/.ssh/known_hosts + state: absent + regexp: "^10.0.2.44" + diff --git a/roles/44-nocodb/provision/start/tasks/main.yml b/roles/44-nocodb/provision/start/tasks/main.yml new file mode 100644 index 0000000..de86b9b --- /dev/null +++ b/roles/44-nocodb/provision/start/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- name: Start deployments + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: started diff --git a/roles/44-nocodb/update/tasks/main.yml b/roles/44-nocodb/update/tasks/main.yml new file mode 100644 index 0000000..8227bf4 --- /dev/null +++ b/roles/44-nocodb/update/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Update all packages to their latest version + become: true + ansible.builtin.apt: + update_cache: yes + upgrade: full