From a43c1593d9b25bc43ec45a9e722efbc255153521 Mon Sep 17 00:00:00 2001 From: Lino Silva Date: Sat, 25 Mar 2023 23:54:00 +0000 Subject: [PATCH] feat: Buncha shit --- inventory/my-cluster/group_vars/all.yml | 20 +++++++++++++- .../my-cluster/host_vars/cloudflare-ddns | 6 +++++ inventory/my-cluster/host_vars/dahua-to-mqtt | 6 +++++ inventory/my-cluster/host_vars/daruk | 7 ----- inventory/my-cluster/host_vars/frigate | 1 + inventory/my-cluster/host_vars/swag | 1 + inventory/my-cluster/hosts.ini | 15 +++-------- playbook-cloudflare-ddns.yml | 19 +++++++++++++ playbook-dahua-to-mqtt.yml | 23 ++++++++++++++++ playbook-frigate.yml | 2 +- playbook-swag.yml | 2 +- playbook-update-lxc.yml | 15 +++++++++++ roles/{ => archive}/argocd/tasks/main.yml | 0 .../argocd/templates/ingress.yml | 0 .../argocd/templates/install.yml | 0 .../templates/middleware-forwardauth.yml | 0 roles/{ => archive}/arr/tasks/main.yml | 0 .../arr/templates/deployment.yml | 0 roles/{ => archive}/arr/templates/ingress.yml | 0 .../arr/templates/middleware-forwardauth.yml | 0 roles/{ => archive}/arr/templates/service.yml | 0 roles/{ => archive}/authentik/tasks/main.yml | 0 .../authentik/templates/values.yml | 0 .../{ => archive}/cert-manager/tasks/main.yml | 0 .../templates/letsencrypt-production.yml | 0 .../templates/letsencrypt-staging.yml | 0 .../templates/lino-cooking.prod.yml | 0 .../templates/lino-cooking.staging.yml | 0 .../templates/secret-cf-token.yml | 0 .../cert-manager/templates/values.yml | 0 roles/{ => archive}/download/tasks/main.yml | 0 .../k3s/copy-config/tasks/main.yml | 0 .../k3s/dashboard/tasks/main.yml | 0 .../templates/dashboard.admin-user-role.yml | 0 .../templates/dashboard.admin-user.yml | 0 .../k3s/master/defaults/main.yml | 0 .../k3s/master/tasks/fetch_k3s_init_logs.yml | 0 roles/{ => archive}/k3s/master/tasks/main.yml | 0 .../k3s/master/templates/content.j2 | 0 .../k3s/master/templates/k3s.service.j2 | 0 .../k3s/master/templates/metallb.crds.j2 | 0 .../k3s/master/templates/metallb.namespace.j2 | 0 .../k3s/master/templates/vip.rbac.yaml.j2 | 0 .../k3s/master/templates/vip.yaml.j2 | 0 roles/{ => archive}/k3s/node/tasks/main.yml | 0 .../k3s/node/templates/k3s.service.j2 | 0 .../{ => archive}/k3s/post/defaults/main.yml | 0 roles/{ => archive}/k3s/post/tasks/main.yml | 0 .../k3s/post/templates/metallb.crs.j2 | 0 .../k3s/provision/cgroup/tasks/main.yml | 0 .../k3s/provision/cloud-init/tasks/main.yml | 0 .../k3s/provision/create/tasks/main.yml | 0 .../k3s/provision/delete/tasks/main.yml | 0 .../k3s/provision/enable-ssh/tasks/main.yml | 0 .../k3s/provision/pre/tasks/main.yml | 0 .../k3s/provision/start/tasks/main.yml | 0 roles/{ => archive}/nginx/tasks/main.yml | 0 .../nginx/templates/deployment.yml | 0 .../{ => archive}/nginx/templates/ingress.yml | 0 .../templates/middleware-forwardauth.yml | 0 .../{ => archive}/nginx/templates/service.yml | 0 roles/{ => archive}/prereq/tasks/main.yml | 0 .../{ => archive}/prereq/templates/rclocal.j2 | 0 roles/{ => archive}/redis/tasks/main.yml | 0 .../redis/templates/deployment.yml | 0 roles/{ => archive}/redis/templates/pvc.yml | 0 .../{ => archive}/redis/templates/service.yml | 0 roles/{ => archive}/reset/tasks/main.yml | 0 .../reset/tasks/umount_with_children.yml | 0 .../install-app/tasks/main.yml | 20 ++++++++++++++ .../install-app/templates/docker-compose.yml | 11 ++++++++ .../install-docker/tasks/main.yml | 27 +++++++++++++++++++ .../provision/create/tasks/main.yml | 27 +++++++++++++++++++ .../provision/delete/tasks/main.yml | 26 ++++++++++++++++++ .../provision/start/tasks/main.yml | 8 ++++++ roles/cloudflare-ddns/update/tasks/main.yml | 6 +++++ .../enable-ssh/tasks/main.yml | 4 +-- .../dahua-to-mqtt/install-app/tasks/main.yml | 20 ++++++++++++++ .../install-app/templates/docker-compose.yml | 18 +++++++++++++ .../install-docker/tasks/main.yml | 27 +++++++++++++++++++ .../provision/create/tasks/main.yml | 27 +++++++++++++++++++ .../provision/delete/tasks/main.yml | 26 ++++++++++++++++++ .../provision/start/tasks/main.yml | 8 ++++++ roles/dahua-to-mqtt/update/tasks/main.yml | 6 +++++ .../provision/enable-ssh/tasks/main.yml | 8 ------ .../install-app/templates/docker-compose.yml | 8 ------ roles/swag/install-docker/tasks/main.yml | 4 --- .../swag/provision/enable-ssh/tasks/main.yml | 8 ------ 88 files changed, 354 insertions(+), 52 deletions(-) create mode 100644 inventory/my-cluster/host_vars/cloudflare-ddns create mode 100644 inventory/my-cluster/host_vars/dahua-to-mqtt delete mode 100644 inventory/my-cluster/host_vars/daruk create mode 100644 playbook-cloudflare-ddns.yml create mode 100644 playbook-dahua-to-mqtt.yml create mode 100644 playbook-update-lxc.yml rename roles/{ => archive}/argocd/tasks/main.yml (100%) rename roles/{ => archive}/argocd/templates/ingress.yml (100%) rename roles/{ => archive}/argocd/templates/install.yml (100%) rename roles/{ => archive}/argocd/templates/middleware-forwardauth.yml (100%) rename roles/{ => archive}/arr/tasks/main.yml (100%) rename roles/{ => archive}/arr/templates/deployment.yml (100%) rename roles/{ => archive}/arr/templates/ingress.yml (100%) rename roles/{ => archive}/arr/templates/middleware-forwardauth.yml (100%) rename roles/{ => archive}/arr/templates/service.yml (100%) rename roles/{ => archive}/authentik/tasks/main.yml (100%) rename roles/{ => archive}/authentik/templates/values.yml (100%) rename roles/{ => archive}/cert-manager/tasks/main.yml (100%) rename roles/{ => archive}/cert-manager/templates/letsencrypt-production.yml (100%) rename roles/{ => archive}/cert-manager/templates/letsencrypt-staging.yml (100%) rename roles/{ => archive}/cert-manager/templates/lino-cooking.prod.yml (100%) rename roles/{ => archive}/cert-manager/templates/lino-cooking.staging.yml (100%) rename roles/{ => archive}/cert-manager/templates/secret-cf-token.yml (100%) rename roles/{ => archive}/cert-manager/templates/values.yml (100%) rename roles/{ => archive}/download/tasks/main.yml (100%) rename roles/{ => archive}/k3s/copy-config/tasks/main.yml (100%) rename roles/{ => archive}/k3s/dashboard/tasks/main.yml (100%) rename roles/{ => archive}/k3s/dashboard/templates/dashboard.admin-user-role.yml (100%) rename roles/{ => archive}/k3s/dashboard/templates/dashboard.admin-user.yml (100%) rename roles/{ => archive}/k3s/master/defaults/main.yml (100%) rename roles/{ => archive}/k3s/master/tasks/fetch_k3s_init_logs.yml (100%) rename roles/{ => archive}/k3s/master/tasks/main.yml (100%) rename roles/{ => archive}/k3s/master/templates/content.j2 (100%) rename roles/{ => archive}/k3s/master/templates/k3s.service.j2 (100%) rename roles/{ => archive}/k3s/master/templates/metallb.crds.j2 (100%) rename roles/{ => archive}/k3s/master/templates/metallb.namespace.j2 (100%) rename roles/{ => archive}/k3s/master/templates/vip.rbac.yaml.j2 (100%) rename roles/{ => archive}/k3s/master/templates/vip.yaml.j2 (100%) rename roles/{ => archive}/k3s/node/tasks/main.yml (100%) rename roles/{ => archive}/k3s/node/templates/k3s.service.j2 (100%) rename roles/{ => archive}/k3s/post/defaults/main.yml (100%) rename roles/{ => archive}/k3s/post/tasks/main.yml (100%) rename roles/{ => archive}/k3s/post/templates/metallb.crs.j2 (100%) rename roles/{ => archive}/k3s/provision/cgroup/tasks/main.yml (100%) rename roles/{ => archive}/k3s/provision/cloud-init/tasks/main.yml (100%) rename roles/{ => archive}/k3s/provision/create/tasks/main.yml (100%) rename roles/{ => archive}/k3s/provision/delete/tasks/main.yml (100%) rename roles/{ => archive}/k3s/provision/enable-ssh/tasks/main.yml (100%) rename roles/{ => archive}/k3s/provision/pre/tasks/main.yml (100%) rename roles/{ => archive}/k3s/provision/start/tasks/main.yml (100%) rename roles/{ => archive}/nginx/tasks/main.yml (100%) rename roles/{ => archive}/nginx/templates/deployment.yml (100%) rename roles/{ => archive}/nginx/templates/ingress.yml (100%) rename roles/{ => archive}/nginx/templates/middleware-forwardauth.yml (100%) rename roles/{ => archive}/nginx/templates/service.yml (100%) rename roles/{ => archive}/prereq/tasks/main.yml (100%) rename roles/{ => archive}/prereq/templates/rclocal.j2 (100%) rename roles/{ => archive}/redis/tasks/main.yml (100%) rename roles/{ => archive}/redis/templates/deployment.yml (100%) rename roles/{ => archive}/redis/templates/pvc.yml (100%) rename roles/{ => archive}/redis/templates/service.yml (100%) rename roles/{ => archive}/reset/tasks/main.yml (100%) rename roles/{ => archive}/reset/tasks/umount_with_children.yml (100%) create mode 100644 roles/cloudflare-ddns/install-app/tasks/main.yml create mode 100644 roles/cloudflare-ddns/install-app/templates/docker-compose.yml create mode 100644 roles/cloudflare-ddns/install-docker/tasks/main.yml create mode 100644 roles/cloudflare-ddns/provision/create/tasks/main.yml create mode 100644 roles/cloudflare-ddns/provision/delete/tasks/main.yml create mode 100644 roles/cloudflare-ddns/provision/start/tasks/main.yml create mode 100644 roles/cloudflare-ddns/update/tasks/main.yml rename roles/{frigate/provision => dahua-to-mqtt}/enable-ssh/tasks/main.yml (67%) create mode 100644 roles/dahua-to-mqtt/install-app/tasks/main.yml create mode 100644 roles/dahua-to-mqtt/install-app/templates/docker-compose.yml create mode 100644 roles/dahua-to-mqtt/install-docker/tasks/main.yml create mode 100644 roles/dahua-to-mqtt/provision/create/tasks/main.yml create mode 100644 roles/dahua-to-mqtt/provision/delete/tasks/main.yml create mode 100644 roles/dahua-to-mqtt/provision/start/tasks/main.yml create mode 100644 roles/dahua-to-mqtt/update/tasks/main.yml delete mode 100644 roles/pihole/provision/enable-ssh/tasks/main.yml delete mode 100644 roles/swag/provision/enable-ssh/tasks/main.yml diff --git a/inventory/my-cluster/group_vars/all.yml b/inventory/my-cluster/group_vars/all.yml index 4da05b3..3266e40 100644 --- a/inventory/my-cluster/group_vars/all.yml +++ b/inventory/my-cluster/group_vars/all.yml @@ -91,4 +91,22 @@ dns_cloudflare_api_key: !vault | 64313165343933343535623731393536396332613336316239363764653565346535666531656433 6131646439656638323561643264613834356662363332323835 -dns_cloudflare_email: cloudflare@lino.cooking \ No newline at end of file +dns_cloudflare_email: cloudflare@lino.cooking + +cloudflare_ddns_api_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32353865663337376239333232376630616436643435343862346164353466356563623930386461 + 3132306361653330356663613534626463373133616132620a313161316137313838666534313737 + 34336161373334356630326432626139666566316663373630656538333331656461373631613931 + 6364313538663464350a343061383835663264616238353965656635343564306635303830343266 + 38396530393133646133643232363061386265373234373832656135393764346462666566656264 + 3635316261393863393736383132386133313666306234343666 + +homeassistant_pwd: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 34623865646265653733666136316164303765633036616464626133306339393032336465613735 + 3139333561366530383535363834316138303338313030390a306561366265643737623833633837 + 31353332646635353339373937393134376566643539363563613061393731623931643931336566 + 3039626631643930650a393163643534353731316261376638643736623232366431396136313666 + 37613864396630306335626532633832653633346465316332356236393239653063393630323461 + 3862316639643265373166373330333936303233383333653362 \ No newline at end of file diff --git a/inventory/my-cluster/host_vars/cloudflare-ddns b/inventory/my-cluster/host_vars/cloudflare-ddns new file mode 100644 index 0000000..7f28b8e --- /dev/null +++ b/inventory/my-cluster/host_vars/cloudflare-ddns @@ -0,0 +1,6 @@ +--- + +ansible_user: root +ansible_host: 10.0.2.16 +ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 607 \ No newline at end of file diff --git a/inventory/my-cluster/host_vars/dahua-to-mqtt b/inventory/my-cluster/host_vars/dahua-to-mqtt new file mode 100644 index 0000000..a8be6cb --- /dev/null +++ b/inventory/my-cluster/host_vars/dahua-to-mqtt @@ -0,0 +1,6 @@ +--- + +ansible_user: root +ansible_host: 10.0.2.17 +ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 608 diff --git a/inventory/my-cluster/host_vars/daruk b/inventory/my-cluster/host_vars/daruk deleted file mode 100644 index 8c9baae..0000000 --- a/inventory/my-cluster/host_vars/daruk +++ /dev/null @@ -1,7 +0,0 @@ ---- -ansible_user: root -ansible_host: 10.0.2.6 -ansible_ssh_pass: "{{ proxmox_api_password }}" -ip_addr: 10.0.2.6 -# interface which will be used for flannel -flannel_iface: "vmbr0" diff --git a/inventory/my-cluster/host_vars/frigate b/inventory/my-cluster/host_vars/frigate index a30604b..9e1e435 100644 --- a/inventory/my-cluster/host_vars/frigate +++ b/inventory/my-cluster/host_vars/frigate @@ -3,3 +3,4 @@ ansible_user: root ansible_host: 10.0.2.14 ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 605 \ No newline at end of file diff --git a/inventory/my-cluster/host_vars/swag b/inventory/my-cluster/host_vars/swag index e2bd184..b9bb221 100644 --- a/inventory/my-cluster/host_vars/swag +++ b/inventory/my-cluster/host_vars/swag @@ -3,3 +3,4 @@ ansible_user: root ansible_host: 10.0.2.15 ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 606 \ No newline at end of file diff --git a/inventory/my-cluster/hosts.ini b/inventory/my-cluster/hosts.ini index 07410ab..76f838c 100644 --- a/inventory/my-cluster/hosts.ini +++ b/inventory/my-cluster/hosts.ini @@ -1,4 +1,7 @@ frigate +swag +cloudflare-ddns +dahua-to-mqtt [master] mipha @@ -7,9 +10,6 @@ yuga [node] revali -; daruk -; tingle -; impa [k3s_cluster:children] master @@ -22,18 +22,9 @@ k3s_cluster mipha epona revali -; daruk yuga [pihole] epona-pihole revali-pihole urbosa-pihole - -; [raspi] -; tingle -; impa - -[ingress] -swag -authelia diff --git a/playbook-cloudflare-ddns.yml b/playbook-cloudflare-ddns.yml new file mode 100644 index 0000000..9ccb778 --- /dev/null +++ b/playbook-cloudflare-ddns.yml @@ -0,0 +1,19 @@ +--- +- hosts: localhost + become: yes + roles: + # - role: cloudflare-ddns/provision/delete + - role: cloudflare-ddns/provision/create + - role: cloudflare-ddns/provision/start + +- hosts: revali + become: yes + roles: + - role: lxc/enable-ssh + +- hosts: cloudflare-ddns + become: yes + roles: + - role: cloudflare-ddns/update + - role: cloudflare-ddns/install-docker + - role: cloudflare-ddns/install-app diff --git a/playbook-dahua-to-mqtt.yml b/playbook-dahua-to-mqtt.yml new file mode 100644 index 0000000..f2398ba --- /dev/null +++ b/playbook-dahua-to-mqtt.yml @@ -0,0 +1,23 @@ +--- +- hosts: localhost + become: yes + roles: + # - role: dahua-to-mqtt/provision/delete + # - role: dahua-to-mqtt/provision/create + - role: dahua-to-mqtt/provision/start + vars: + vmid: 608 + +- hosts: revali + become: yes + roles: + - role: dahua-to-mqtt/enable-ssh + vars: + vmid: 608 + +- hosts: dahua-to-mqtt + become: yes + roles: + - role: dahua-to-mqtt/update + - role: dahua-to-mqtt/install-docker + - role: dahua-to-mqtt/install-app diff --git a/playbook-frigate.yml b/playbook-frigate.yml index b839524..a9bb827 100644 --- a/playbook-frigate.yml +++ b/playbook-frigate.yml @@ -18,7 +18,7 @@ - hosts: epona become: yes roles: - - role: frigate/provision/enable-ssh + - role: lxc/enable-ssh - hosts: frigate become: yes diff --git a/playbook-swag.yml b/playbook-swag.yml index e09c292..1ff6556 100644 --- a/playbook-swag.yml +++ b/playbook-swag.yml @@ -9,7 +9,7 @@ # - hosts: mipha # become: yes # roles: -# - role: swag/provision/enable-ssh +# - role: lxc/enable-ssh - hosts: swag become: yes diff --git a/playbook-update-lxc.yml b/playbook-update-lxc.yml new file mode 100644 index 0000000..2d9a889 --- /dev/null +++ b/playbook-update-lxc.yml @@ -0,0 +1,15 @@ +--- +- hosts: frigate + become: yes + roles: + - role: frigate/update + +- hosts: cloudflare-ddns + become: yes + roles: + - role: cloudflare-ddns/update + +- hosts: swag + become: yes + roles: + - role: swag/update diff --git a/roles/argocd/tasks/main.yml b/roles/archive/argocd/tasks/main.yml similarity index 100% rename from roles/argocd/tasks/main.yml rename to roles/archive/argocd/tasks/main.yml diff --git a/roles/argocd/templates/ingress.yml b/roles/archive/argocd/templates/ingress.yml similarity index 100% rename from roles/argocd/templates/ingress.yml rename to roles/archive/argocd/templates/ingress.yml diff --git a/roles/argocd/templates/install.yml b/roles/archive/argocd/templates/install.yml similarity index 100% rename from roles/argocd/templates/install.yml rename to roles/archive/argocd/templates/install.yml diff --git a/roles/argocd/templates/middleware-forwardauth.yml b/roles/archive/argocd/templates/middleware-forwardauth.yml similarity index 100% rename from roles/argocd/templates/middleware-forwardauth.yml rename to roles/archive/argocd/templates/middleware-forwardauth.yml diff --git a/roles/arr/tasks/main.yml b/roles/archive/arr/tasks/main.yml similarity index 100% rename from roles/arr/tasks/main.yml rename to roles/archive/arr/tasks/main.yml diff --git a/roles/arr/templates/deployment.yml b/roles/archive/arr/templates/deployment.yml similarity index 100% rename from roles/arr/templates/deployment.yml rename to roles/archive/arr/templates/deployment.yml diff --git a/roles/arr/templates/ingress.yml b/roles/archive/arr/templates/ingress.yml similarity index 100% rename from roles/arr/templates/ingress.yml rename to roles/archive/arr/templates/ingress.yml diff --git a/roles/arr/templates/middleware-forwardauth.yml b/roles/archive/arr/templates/middleware-forwardauth.yml similarity index 100% rename from roles/arr/templates/middleware-forwardauth.yml rename to roles/archive/arr/templates/middleware-forwardauth.yml diff --git a/roles/arr/templates/service.yml b/roles/archive/arr/templates/service.yml similarity index 100% rename from roles/arr/templates/service.yml rename to roles/archive/arr/templates/service.yml diff --git a/roles/authentik/tasks/main.yml b/roles/archive/authentik/tasks/main.yml similarity index 100% rename from roles/authentik/tasks/main.yml rename to roles/archive/authentik/tasks/main.yml diff --git a/roles/authentik/templates/values.yml b/roles/archive/authentik/templates/values.yml similarity index 100% rename from roles/authentik/templates/values.yml rename to roles/archive/authentik/templates/values.yml diff --git a/roles/cert-manager/tasks/main.yml b/roles/archive/cert-manager/tasks/main.yml similarity index 100% rename from roles/cert-manager/tasks/main.yml rename to roles/archive/cert-manager/tasks/main.yml diff --git a/roles/cert-manager/templates/letsencrypt-production.yml b/roles/archive/cert-manager/templates/letsencrypt-production.yml similarity index 100% rename from roles/cert-manager/templates/letsencrypt-production.yml rename to roles/archive/cert-manager/templates/letsencrypt-production.yml diff --git a/roles/cert-manager/templates/letsencrypt-staging.yml b/roles/archive/cert-manager/templates/letsencrypt-staging.yml similarity index 100% rename from roles/cert-manager/templates/letsencrypt-staging.yml rename to roles/archive/cert-manager/templates/letsencrypt-staging.yml diff --git a/roles/cert-manager/templates/lino-cooking.prod.yml b/roles/archive/cert-manager/templates/lino-cooking.prod.yml similarity index 100% rename from roles/cert-manager/templates/lino-cooking.prod.yml rename to roles/archive/cert-manager/templates/lino-cooking.prod.yml diff --git a/roles/cert-manager/templates/lino-cooking.staging.yml b/roles/archive/cert-manager/templates/lino-cooking.staging.yml similarity index 100% rename from roles/cert-manager/templates/lino-cooking.staging.yml rename to roles/archive/cert-manager/templates/lino-cooking.staging.yml diff --git a/roles/cert-manager/templates/secret-cf-token.yml b/roles/archive/cert-manager/templates/secret-cf-token.yml similarity index 100% rename from roles/cert-manager/templates/secret-cf-token.yml rename to roles/archive/cert-manager/templates/secret-cf-token.yml diff --git a/roles/cert-manager/templates/values.yml b/roles/archive/cert-manager/templates/values.yml similarity index 100% rename from roles/cert-manager/templates/values.yml rename to roles/archive/cert-manager/templates/values.yml diff --git a/roles/download/tasks/main.yml b/roles/archive/download/tasks/main.yml similarity index 100% rename from roles/download/tasks/main.yml rename to roles/archive/download/tasks/main.yml diff --git a/roles/k3s/copy-config/tasks/main.yml b/roles/archive/k3s/copy-config/tasks/main.yml similarity index 100% rename from roles/k3s/copy-config/tasks/main.yml rename to roles/archive/k3s/copy-config/tasks/main.yml diff --git a/roles/k3s/dashboard/tasks/main.yml b/roles/archive/k3s/dashboard/tasks/main.yml similarity index 100% rename from roles/k3s/dashboard/tasks/main.yml rename to roles/archive/k3s/dashboard/tasks/main.yml diff --git a/roles/k3s/dashboard/templates/dashboard.admin-user-role.yml b/roles/archive/k3s/dashboard/templates/dashboard.admin-user-role.yml similarity index 100% rename from roles/k3s/dashboard/templates/dashboard.admin-user-role.yml rename to roles/archive/k3s/dashboard/templates/dashboard.admin-user-role.yml diff --git a/roles/k3s/dashboard/templates/dashboard.admin-user.yml b/roles/archive/k3s/dashboard/templates/dashboard.admin-user.yml similarity index 100% rename from roles/k3s/dashboard/templates/dashboard.admin-user.yml rename to roles/archive/k3s/dashboard/templates/dashboard.admin-user.yml diff --git a/roles/k3s/master/defaults/main.yml b/roles/archive/k3s/master/defaults/main.yml similarity index 100% rename from roles/k3s/master/defaults/main.yml rename to roles/archive/k3s/master/defaults/main.yml diff --git a/roles/k3s/master/tasks/fetch_k3s_init_logs.yml b/roles/archive/k3s/master/tasks/fetch_k3s_init_logs.yml similarity index 100% rename from roles/k3s/master/tasks/fetch_k3s_init_logs.yml rename to roles/archive/k3s/master/tasks/fetch_k3s_init_logs.yml diff --git a/roles/k3s/master/tasks/main.yml b/roles/archive/k3s/master/tasks/main.yml similarity index 100% rename from roles/k3s/master/tasks/main.yml rename to roles/archive/k3s/master/tasks/main.yml diff --git a/roles/k3s/master/templates/content.j2 b/roles/archive/k3s/master/templates/content.j2 similarity index 100% rename from roles/k3s/master/templates/content.j2 rename to roles/archive/k3s/master/templates/content.j2 diff --git a/roles/k3s/master/templates/k3s.service.j2 b/roles/archive/k3s/master/templates/k3s.service.j2 similarity index 100% rename from roles/k3s/master/templates/k3s.service.j2 rename to roles/archive/k3s/master/templates/k3s.service.j2 diff --git a/roles/k3s/master/templates/metallb.crds.j2 b/roles/archive/k3s/master/templates/metallb.crds.j2 similarity index 100% rename from roles/k3s/master/templates/metallb.crds.j2 rename to roles/archive/k3s/master/templates/metallb.crds.j2 diff --git a/roles/k3s/master/templates/metallb.namespace.j2 b/roles/archive/k3s/master/templates/metallb.namespace.j2 similarity index 100% rename from roles/k3s/master/templates/metallb.namespace.j2 rename to roles/archive/k3s/master/templates/metallb.namespace.j2 diff --git a/roles/k3s/master/templates/vip.rbac.yaml.j2 b/roles/archive/k3s/master/templates/vip.rbac.yaml.j2 similarity index 100% rename from roles/k3s/master/templates/vip.rbac.yaml.j2 rename to roles/archive/k3s/master/templates/vip.rbac.yaml.j2 diff --git a/roles/k3s/master/templates/vip.yaml.j2 b/roles/archive/k3s/master/templates/vip.yaml.j2 similarity index 100% rename from roles/k3s/master/templates/vip.yaml.j2 rename to roles/archive/k3s/master/templates/vip.yaml.j2 diff --git a/roles/k3s/node/tasks/main.yml b/roles/archive/k3s/node/tasks/main.yml similarity index 100% rename from roles/k3s/node/tasks/main.yml rename to roles/archive/k3s/node/tasks/main.yml diff --git a/roles/k3s/node/templates/k3s.service.j2 b/roles/archive/k3s/node/templates/k3s.service.j2 similarity index 100% rename from roles/k3s/node/templates/k3s.service.j2 rename to roles/archive/k3s/node/templates/k3s.service.j2 diff --git a/roles/k3s/post/defaults/main.yml b/roles/archive/k3s/post/defaults/main.yml similarity index 100% rename from roles/k3s/post/defaults/main.yml rename to roles/archive/k3s/post/defaults/main.yml diff --git a/roles/k3s/post/tasks/main.yml b/roles/archive/k3s/post/tasks/main.yml similarity index 100% rename from roles/k3s/post/tasks/main.yml rename to roles/archive/k3s/post/tasks/main.yml diff --git a/roles/k3s/post/templates/metallb.crs.j2 b/roles/archive/k3s/post/templates/metallb.crs.j2 similarity index 100% rename from roles/k3s/post/templates/metallb.crs.j2 rename to roles/archive/k3s/post/templates/metallb.crs.j2 diff --git a/roles/k3s/provision/cgroup/tasks/main.yml b/roles/archive/k3s/provision/cgroup/tasks/main.yml similarity index 100% rename from roles/k3s/provision/cgroup/tasks/main.yml rename to roles/archive/k3s/provision/cgroup/tasks/main.yml diff --git a/roles/k3s/provision/cloud-init/tasks/main.yml b/roles/archive/k3s/provision/cloud-init/tasks/main.yml similarity index 100% rename from roles/k3s/provision/cloud-init/tasks/main.yml rename to roles/archive/k3s/provision/cloud-init/tasks/main.yml diff --git a/roles/k3s/provision/create/tasks/main.yml b/roles/archive/k3s/provision/create/tasks/main.yml similarity index 100% rename from roles/k3s/provision/create/tasks/main.yml rename to roles/archive/k3s/provision/create/tasks/main.yml diff --git a/roles/k3s/provision/delete/tasks/main.yml b/roles/archive/k3s/provision/delete/tasks/main.yml similarity index 100% rename from roles/k3s/provision/delete/tasks/main.yml rename to roles/archive/k3s/provision/delete/tasks/main.yml diff --git a/roles/k3s/provision/enable-ssh/tasks/main.yml b/roles/archive/k3s/provision/enable-ssh/tasks/main.yml similarity index 100% rename from roles/k3s/provision/enable-ssh/tasks/main.yml rename to roles/archive/k3s/provision/enable-ssh/tasks/main.yml diff --git a/roles/k3s/provision/pre/tasks/main.yml b/roles/archive/k3s/provision/pre/tasks/main.yml similarity index 100% rename from roles/k3s/provision/pre/tasks/main.yml rename to roles/archive/k3s/provision/pre/tasks/main.yml diff --git a/roles/k3s/provision/start/tasks/main.yml b/roles/archive/k3s/provision/start/tasks/main.yml similarity index 100% rename from roles/k3s/provision/start/tasks/main.yml rename to roles/archive/k3s/provision/start/tasks/main.yml diff --git a/roles/nginx/tasks/main.yml b/roles/archive/nginx/tasks/main.yml similarity index 100% rename from roles/nginx/tasks/main.yml rename to roles/archive/nginx/tasks/main.yml diff --git a/roles/nginx/templates/deployment.yml b/roles/archive/nginx/templates/deployment.yml similarity index 100% rename from roles/nginx/templates/deployment.yml rename to roles/archive/nginx/templates/deployment.yml diff --git a/roles/nginx/templates/ingress.yml b/roles/archive/nginx/templates/ingress.yml similarity index 100% rename from roles/nginx/templates/ingress.yml rename to roles/archive/nginx/templates/ingress.yml diff --git a/roles/nginx/templates/middleware-forwardauth.yml b/roles/archive/nginx/templates/middleware-forwardauth.yml similarity index 100% rename from roles/nginx/templates/middleware-forwardauth.yml rename to roles/archive/nginx/templates/middleware-forwardauth.yml diff --git a/roles/nginx/templates/service.yml b/roles/archive/nginx/templates/service.yml similarity index 100% rename from roles/nginx/templates/service.yml rename to roles/archive/nginx/templates/service.yml diff --git a/roles/prereq/tasks/main.yml b/roles/archive/prereq/tasks/main.yml similarity index 100% rename from roles/prereq/tasks/main.yml rename to roles/archive/prereq/tasks/main.yml diff --git a/roles/prereq/templates/rclocal.j2 b/roles/archive/prereq/templates/rclocal.j2 similarity index 100% rename from roles/prereq/templates/rclocal.j2 rename to roles/archive/prereq/templates/rclocal.j2 diff --git a/roles/redis/tasks/main.yml b/roles/archive/redis/tasks/main.yml similarity index 100% rename from roles/redis/tasks/main.yml rename to roles/archive/redis/tasks/main.yml diff --git a/roles/redis/templates/deployment.yml b/roles/archive/redis/templates/deployment.yml similarity index 100% rename from roles/redis/templates/deployment.yml rename to roles/archive/redis/templates/deployment.yml diff --git a/roles/redis/templates/pvc.yml b/roles/archive/redis/templates/pvc.yml similarity index 100% rename from roles/redis/templates/pvc.yml rename to roles/archive/redis/templates/pvc.yml diff --git a/roles/redis/templates/service.yml b/roles/archive/redis/templates/service.yml similarity index 100% rename from roles/redis/templates/service.yml rename to roles/archive/redis/templates/service.yml diff --git a/roles/reset/tasks/main.yml b/roles/archive/reset/tasks/main.yml similarity index 100% rename from roles/reset/tasks/main.yml rename to roles/archive/reset/tasks/main.yml diff --git a/roles/reset/tasks/umount_with_children.yml b/roles/archive/reset/tasks/umount_with_children.yml similarity index 100% rename from roles/reset/tasks/umount_with_children.yml rename to roles/archive/reset/tasks/umount_with_children.yml diff --git a/roles/cloudflare-ddns/install-app/tasks/main.yml b/roles/cloudflare-ddns/install-app/tasks/main.yml new file mode 100644 index 0000000..d2f41d7 --- /dev/null +++ b/roles/cloudflare-ddns/install-app/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: Create directory for docker-compose + ansible.builtin.file: + path: /root/docker/swag/ + state: directory + mode: "0755" + +- name: Copy docker-compose file + template: + src: "docker-compose.yml" + dest: /root/docker/swag/docker-compose.yml + owner: root + group: root + mode: 0755 + +- name: Run docker-compose + ansible.builtin.shell: + args: + cmd: docker compose up -d + chdir: /root/docker/swag/ diff --git a/roles/cloudflare-ddns/install-app/templates/docker-compose.yml b/roles/cloudflare-ddns/install-app/templates/docker-compose.yml new file mode 100644 index 0000000..5078230 --- /dev/null +++ b/roles/cloudflare-ddns/install-app/templates/docker-compose.yml @@ -0,0 +1,11 @@ +version: '3' + +services: + app: + image: oznu/cloudflare-ddns:latest + container_name: cloudflare-ddns + restart: always + environment: + - API_KEY={{ cloudflare_ddns_api_key }} + - ZONE=lino.cooking + - PROXIED=false diff --git a/roles/cloudflare-ddns/install-docker/tasks/main.yml b/roles/cloudflare-ddns/install-docker/tasks/main.yml new file mode 100644 index 0000000..d5baba9 --- /dev/null +++ b/roles/cloudflare-ddns/install-docker/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Get convenience script + uri: + url: "https://get.docker.com" + method: GET + dest: /tmp/get-docker.sh + mode: a+x + creates: /tmp/get-docker.sh + +- name: Execute script + ansible.builtin.shell: /tmp/get-docker.sh + +- name: Ensure group "docker" exists + ansible.builtin.group: + name: docker + state: present + +- name: Add root user to docker group + ansible.builtin.user: + name: root + groups: docker + append: yes + +- name: Enable docker on startup + ansible.builtin.shell: | + systemctl enable docker.service + systemctl enable containerd.service diff --git a/roles/cloudflare-ddns/provision/create/tasks/main.yml b/roles/cloudflare-ddns/provision/create/tasks/main.yml new file mode 100644 index 0000000..9dfa466 --- /dev/null +++ b/roles/cloudflare-ddns/provision/create/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Create container + community.general.proxmox: + vmid: 607 + node: revali + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + password: "{{ lxc_password }}" + hostname: cloudflare-ddns + ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst" + netif: "{'net0':'name=eth0,\ + gw=10.0.0.1,\ + ip=10.0.2.16/21,\ + hwaddr=cc:c6:cf:de:17:76,\ + bridge=vmbr0'}" + cores: 1 + memory: 512 + unprivileged: no + swap: 0 + searchdomain: "home" + onboot: 1 + features: + - nesting=1 + - keyctl=1 + disk: local-lvm:10 + force: yes diff --git a/roles/cloudflare-ddns/provision/delete/tasks/main.yml b/roles/cloudflare-ddns/provision/delete/tasks/main.yml new file mode 100644 index 0000000..17f0174 --- /dev/null +++ b/roles/cloudflare-ddns/provision/delete/tasks/main.yml @@ -0,0 +1,26 @@ +--- +- name: Stop container + community.general.proxmox: + vmid: 607 + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: stopped + ignore_errors: true + timeout: 90 + +- name: Remove containers + community.general.proxmox: + vmid: 607 + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: absent + ignore_errors: true + timeout: 90 + +- name: Remove .ssh/known_hosts lines + ansible.builtin.lineinfile: + path: /Users/lino.silva/.ssh/known_hosts + state: absent + regexp: "^10.0.2.16" diff --git a/roles/cloudflare-ddns/provision/start/tasks/main.yml b/roles/cloudflare-ddns/provision/start/tasks/main.yml new file mode 100644 index 0000000..19308d1 --- /dev/null +++ b/roles/cloudflare-ddns/provision/start/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- name: Start deployments + community.general.proxmox: + vmid: 607 + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: started diff --git a/roles/cloudflare-ddns/update/tasks/main.yml b/roles/cloudflare-ddns/update/tasks/main.yml new file mode 100644 index 0000000..8227bf4 --- /dev/null +++ b/roles/cloudflare-ddns/update/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Update all packages to their latest version + become: true + ansible.builtin.apt: + update_cache: yes + upgrade: full diff --git a/roles/frigate/provision/enable-ssh/tasks/main.yml b/roles/dahua-to-mqtt/enable-ssh/tasks/main.yml similarity index 67% rename from roles/frigate/provision/enable-ssh/tasks/main.yml rename to roles/dahua-to-mqtt/enable-ssh/tasks/main.yml index a42bd32..17275d1 100644 --- a/roles/frigate/provision/enable-ssh/tasks/main.yml +++ b/roles/dahua-to-mqtt/enable-ssh/tasks/main.yml @@ -2,7 +2,7 @@ # Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh) - name: Allow SSH into LXC - ansible.builtin.command: lxc-attach -n 605 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config + ansible.builtin.command: lxc-attach -n 608 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config - name: Restart SSH Service - ansible.builtin.command: lxc-attach -n 605 service ssh restart + ansible.builtin.command: lxc-attach -n 608 service ssh restart diff --git a/roles/dahua-to-mqtt/install-app/tasks/main.yml b/roles/dahua-to-mqtt/install-app/tasks/main.yml new file mode 100644 index 0000000..d2f41d7 --- /dev/null +++ b/roles/dahua-to-mqtt/install-app/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: Create directory for docker-compose + ansible.builtin.file: + path: /root/docker/swag/ + state: directory + mode: "0755" + +- name: Copy docker-compose file + template: + src: "docker-compose.yml" + dest: /root/docker/swag/docker-compose.yml + owner: root + group: root + mode: 0755 + +- name: Run docker-compose + ansible.builtin.shell: + args: + cmd: docker compose up -d + chdir: /root/docker/swag/ diff --git a/roles/dahua-to-mqtt/install-app/templates/docker-compose.yml b/roles/dahua-to-mqtt/install-app/templates/docker-compose.yml new file mode 100644 index 0000000..5a142c6 --- /dev/null +++ b/roles/dahua-to-mqtt/install-app/templates/docker-compose.yml @@ -0,0 +1,18 @@ +version: '3' +services: + dahuavto2mqtt: + image: "registry.gitlab.com/elad.bar/dahuavto2mqtt:latest" + container_name: "dahua2mqtt" + hostname: "dahua2mqtt" + restart: "unless-stopped" + environment: + - DAHUA_VTO_HOST=10.0.0.100 + - DAHUA_VTO_USERNAME=admin + - DAHUA_VTO_PASSWORD=admin1234 + - MQTT_BROKER_HOST=10.0.2.100 + - MQTT_BROKER_PORT=1883 + - MQTT_BROKER_USERNAME=lino + - MQTT_BROKER_PASSWORD={{ homeassistant_pwd }} + - MQTT_BROKER_TOPIC_PREFIX=DahuaVTO + - MQTT_BROKER_CLIENT_ID=DahuaVTO2MQTT + - DEBUG=False diff --git a/roles/dahua-to-mqtt/install-docker/tasks/main.yml b/roles/dahua-to-mqtt/install-docker/tasks/main.yml new file mode 100644 index 0000000..d5baba9 --- /dev/null +++ b/roles/dahua-to-mqtt/install-docker/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Get convenience script + uri: + url: "https://get.docker.com" + method: GET + dest: /tmp/get-docker.sh + mode: a+x + creates: /tmp/get-docker.sh + +- name: Execute script + ansible.builtin.shell: /tmp/get-docker.sh + +- name: Ensure group "docker" exists + ansible.builtin.group: + name: docker + state: present + +- name: Add root user to docker group + ansible.builtin.user: + name: root + groups: docker + append: yes + +- name: Enable docker on startup + ansible.builtin.shell: | + systemctl enable docker.service + systemctl enable containerd.service diff --git a/roles/dahua-to-mqtt/provision/create/tasks/main.yml b/roles/dahua-to-mqtt/provision/create/tasks/main.yml new file mode 100644 index 0000000..ac6fd2f --- /dev/null +++ b/roles/dahua-to-mqtt/provision/create/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Create container + community.general.proxmox: + vmid: 608 + node: revali + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + password: "{{ lxc_password }}" + hostname: dahua-to-mqtt + ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst" + netif: "{'net0':'name=eth0,\ + gw=10.0.0.1,\ + ip=10.0.2.17/21,\ + hwaddr=cc:c6:cf:de:17:77,\ + bridge=vmbr0'}" + cores: 1 + memory: 256 + unprivileged: no + swap: 0 + searchdomain: "home" + onboot: 1 + features: + - nesting=1 + - keyctl=1 + disk: local-lvm:5 + force: yes diff --git a/roles/dahua-to-mqtt/provision/delete/tasks/main.yml b/roles/dahua-to-mqtt/provision/delete/tasks/main.yml new file mode 100644 index 0000000..13e7bf1 --- /dev/null +++ b/roles/dahua-to-mqtt/provision/delete/tasks/main.yml @@ -0,0 +1,26 @@ +--- +- name: Stop container + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: stopped + ignore_errors: true + timeout: 90 + +- name: Remove containers + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: absent + ignore_errors: true + timeout: 90 + +- name: Remove .ssh/known_hosts lines + ansible.builtin.lineinfile: + path: /Users/lino.silva/.ssh/known_hosts + state: absent + regexp: "^10.0.2.16" diff --git a/roles/dahua-to-mqtt/provision/start/tasks/main.yml b/roles/dahua-to-mqtt/provision/start/tasks/main.yml new file mode 100644 index 0000000..de86b9b --- /dev/null +++ b/roles/dahua-to-mqtt/provision/start/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- name: Start deployments + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: started diff --git a/roles/dahua-to-mqtt/update/tasks/main.yml b/roles/dahua-to-mqtt/update/tasks/main.yml new file mode 100644 index 0000000..8227bf4 --- /dev/null +++ b/roles/dahua-to-mqtt/update/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Update all packages to their latest version + become: true + ansible.builtin.apt: + update_cache: yes + upgrade: full diff --git a/roles/pihole/provision/enable-ssh/tasks/main.yml b/roles/pihole/provision/enable-ssh/tasks/main.yml deleted file mode 100644 index 36efd21..0000000 --- a/roles/pihole/provision/enable-ssh/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh) - -- name: Allow SSH into LXC - ansible.builtin.command: lxc-attach -n "{{ vmid }}" -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config - -- name: Restart SSH Service - ansible.builtin.command: lxc-attach -n "{{ vmid }}" service ssh restart diff --git a/roles/swag/install-app/templates/docker-compose.yml b/roles/swag/install-app/templates/docker-compose.yml index f95539b..a1dacff 100644 --- a/roles/swag/install-app/templates/docker-compose.yml +++ b/roles/swag/install-app/templates/docker-compose.yml @@ -24,8 +24,6 @@ services: - 443:443 - 80:80 restart: unless-stopped - networks: - - reverse-proxy authelia: image: authelia/authelia:latest @@ -37,9 +35,3 @@ services: volumes: - /data/authelia/config:/config restart: unless-stopped - networks: - - reverse-proxy - -networks: - reverse-proxy: - external: true \ No newline at end of file diff --git a/roles/swag/install-docker/tasks/main.yml b/roles/swag/install-docker/tasks/main.yml index e149f35..d5baba9 100644 --- a/roles/swag/install-docker/tasks/main.yml +++ b/roles/swag/install-docker/tasks/main.yml @@ -25,7 +25,3 @@ ansible.builtin.shell: | systemctl enable docker.service systemctl enable containerd.service - -- name: Create reverse-proxy network - ansible.builtin.shell: | - docker network create reverse-proxy diff --git a/roles/swag/provision/enable-ssh/tasks/main.yml b/roles/swag/provision/enable-ssh/tasks/main.yml deleted file mode 100644 index 88dae36..0000000 --- a/roles/swag/provision/enable-ssh/tasks/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh) - -- name: Allow SSH into LXC - ansible.builtin.command: lxc-attach -n 606 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config - -- name: Restart SSH Service - ansible.builtin.command: lxc-attach -n 606 service ssh restart