RedXen/ansible
RedXen/ansible
Archived
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

Add homepage, pleroma stuff, ssh service and mounts

Browse Source
This commit is contained in:
Alex 2020-06-04 20:19:59 +02:00
parent c15cba2d24
commit 34446e5a56
Signed by: caskd
GPG Key ID: F92BA85F61F4C173
12 changed files with 76 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
base.yml
View File

@ -18,6 +18,7 @@
services:
- { name: "netfilter-persistent", enabled: true, action: restarted }
- { name: "fail2ban", enabled: true, action: restarted }
- { name: "ssh", enabled: true, action: restarted }
vault:
roles:
- "common"

19
dns.yml
View File

@ -42,12 +42,12 @@
- { service: "seedown", port: "{{ global.seedbox.darkhttpd.port }}", group: "seedbox" }
- { service: "transmission", port: "{{ global.seedbox.transmission.port }}", group: "seedbox" }
- { service: "grafana", port: "{{ global.monitoring.grafana.port }}", group: "monitoring" }
- { service: "pleroma", port: "{{ global.social.pleroma.listen.port }}", group: "social" }
- { service: "homepage", port: "{{ global.homepage.port }}", group: "homepage" }
A: # Wish these would support SRV, would ease a lot of configuration management
- { service: "postgres", group: "backend" }
- { service: "redis", group: "backend" }
- { service: "influxdb", group: "backend" }
remote:
- { service: "homepage", port: "80", domain: "rxhome.s3-website.eu-central-1.amazonaws.com." }
public:
SRV:
- { service: "mumble", proto: "tcp", host: "n0.redxen.eu", port: 64738 }
@ -60,26 +60,23 @@
- { name: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.", pointer: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com" }
- { name: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.", pointer: "edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com" }
A:
- { name: "", addr: "88.198.95.52" }
- { name: "nbg0.", addr: "88.198.95.52" }
- { name: "", addr: "88.198.95.107" }
- { name: "nbg1.", addr: "88.198.95.107" }
- { name: "", addr: "88.198.95.106" }
- { name: "nbg2.", addr: "88.198.95.106" }
- { name: "", addr: "88.198.95.100" }
- { name: "nbg3.", addr: "88.198.95.100" }
- { name: "", addr: "88.198.95.63" }
- { name: "nbg4.", addr: "88.198.95.63" }
group:
A:
- { domain: "stats", group: "frontend" }
- { domain: "git", group: "frontend" }
- { domain: "seed", group: "frontend" }
- { domain: "sd", group: "frontend" }
- { domain: "stats.", group: "frontend" }
- { domain: "git.", group: "frontend" }
- { domain: "seed.", group: "frontend" }
- { domain: "sd.", group: "frontend" }
- { domain: "social.", group: "frontend" }
- { domain: "", group: "frontend" }
roles:
- file
- apt

3
frontend.yml
View File

@ -39,10 +39,11 @@
public:
# These are load balanced, it doesn't matter what IP they point to
- {domain: "stats", count: 5, service: "grafana", httpchk: true}
- {domain: "social", count: 1, service: "pleroma", httpchk: true}
- {domain: "git", count: 1, service: "gitea", httpchk: true}
- {domain: "seed", count: 1, service: "transmission", httpchk: false}
- {domain: "sd", count: 1, service: "seedown", httpchk: true}
- {domain: "social", count: 1, service: "pleroma", httpchk: true}
- {domain: "root", count: 1, service: "homepage", httpchk: true} # Homepage
varnish:
backend:
sock: '{{ haproxy.socketroot }}/haproxy.sock'

6
group_vars/all
View File

@ -13,11 +13,17 @@ global:
murmur:
configpath: "/etc/murmur"
port: 6401
pleroma:
listen:
domain: "social.redxen.eu"
port: "8088"
seedbox:
darkhttpd:
port: 8082
transmission:
port: 8081
homepage:
port: 5353
dev:
gitea:
user: "git"

11
homepage.yml
View File

@ -1,11 +1,15 @@
---
- hosts: homepage
vars:
apt:
packages:
- { package: "make", state: present }
- { package: "gcc", state: present }
systemd:
services:
- { name: "darkhttpd", enabled: true, action: restarted }
file:
- { path: "{{ homepage.root }}", owner: "nobody", group: "nogroup", mode: "655", state: directory }
- { path: "{{ homepage.root }}", owner: "root", group: "root", mode: "655", state: directory }
darkhttpd:
port: "{{ global.homepage.port }}"
@ -13,8 +17,11 @@
servepath: "{{ homepage.root }}"
homepage:
root: "/srv/homepage"
git_clone:
- { dest: "{{ homepage.root }}", repo: "https://git.redxen.eu/RedXen/Homepage", branch: "master" }
roles:
- apt
- git-clone
- darkhttpd
- file
- homepage
- systemd

3
production
View File

@ -42,3 +42,6 @@ n4
[social]
n0
[homepage]
n1

2
roles/common

@ -1 +1 @@
Subproject commit bad44f0d33f85e9d119628ac39d2090e36b0e6b0
Subproject commit de20aa655ac266eb57c06cc0b99042359ac0db83

2
roles/haproxy

@ -1 +1 @@
Subproject commit 7100274321bf0cf46288f7fb9bc124b97a31a84c
Subproject commit 70eb2a6e5730aa7188d1835b8b80e39549639e3d

1
roles/homepage

@ -1 +0,0 @@
Subproject commit 1ba7d5996bfc8d597f1fbff2d4dc6cb919c6d7b5

2
roles/pleroma

@ -1 +1 @@
Subproject commit 8c8ee895ea8312e890d3603ac2d5cecaf6adfb3d
Subproject commit b1b681d8a0e373a70d4d92a4103b38ce4b5131d7

2
roles/unbound

@ -1 +1 @@
Subproject commit 5e0c3647e4ac083898b13fb784cf5e5ac2fa554a
Subproject commit 1af5356b4d580997e1f007cb1a8f74f363bfa425

63
social.yml
View File

@ -2,28 +2,28 @@
- hosts: social
vars:
git_clone:
# - { dest: "/home/repositories/pleroma", repo: "https://git.pleroma.social/pleroma/pleroma.git", branch: "develop" }
- { dest: "/home/repositories/pleroma", repo: "https://git.pleroma.social/pleroma/pleroma.git", branch: "develop" }
# - { dest: "{{ inspircd.paths.build }}", repo: "https://github.com/inspircd/inspircd.git", branch: "insp3" }
file:
- { path: '/etc/murmur', owner: 'root', group: 'root', mode: '600', state: directory }
# - { path: '{{ inspircd.paths.build }}/.configure', owner: 'root', group: 'root', mode: '600', state: directory }
# - { path: '{{ inspircd.paths.config }}/conf', owner: 'nobody', group: 'nogroup', mode: '600', state: directory }
apt:
# sign_keys:
# - "https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc"
sign_keys:
- "https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc"
packages:
- { package: "git", state: present }
- { package: "gcc", state: present }
- { package: "build-essential", state: present }
# - { package: "musl-dev", state: present }
# Pleroma (Elixir)
# - { package: "libncurses6", state: present }
# - { package: "postgresql-client", state: present }
# - { package: "elixir", state: present }
# - { package: "erlang-dev", state: present }
# - { package: "erlang-parsetools", state: present }
# - { package: "erlang-eldap", state: present }
# - { package: "erlang-xmerl", state: present }
- { package: "libncurses6", state: present }
- { package: "postgresql-client", state: present }
- { package: "elixir", state: present }
- { package: "erlang-dev", state: present }
- { package: "erlang-parsetools", state: present }
- { package: "erlang-eldap", state: present }
- { package: "erlang-xmerl", state: present }
# Mumble
- { package: "libqt5sql5-psql", state: present }
- { package: "mumble-server", state: present }
@ -33,7 +33,7 @@
# - { package: "libpq-dev", state: present }
systemd:
services:
# - { name: "pleroma", enabled: true, action: restarted }
- { name: "pleroma", enabled: true, action: restarted }
- { name: "murmur", enabled: true, action: restarted }
- { name: "mumble-server", action: stopped }
# - { name: "inspircd", enabled: true, action: restarted }
@ -63,9 +63,31 @@
Enjoy your stay!<br />
Have a group that you want to represent or a question? Contact me at caskd@gmx.de<br />
</center>
# pleroma:
# root: "/etc/pleroma"
# data: "/mnt/pleroma"
pleroma:
root: "/etc/pleroma"
data: "/var/lib/pleroma"
listen:
domain: "{{ global.social.pleroma.listen.domain }}"
port: "{{ global.social.pleroma.listen.port }}"
instance:
name: "RedXen Fedi"
email:
admin: "caskd@420blaze.it"
notify: "fedi@redxen.eu"
description: "The social center for the fediverse"
federating: "true"
invites: "true"
registrations: "false"
frontend:
theme: "redxen"
logo: "/static/logo.png"
logomask: "false"
bg: "/static/background.jpg"
media_proxy: "true"
database_configurable: "false"
imports:
- "/etc/pleroma/secret.exs"
- "/etc/pleroma/mrf.exs"
# inspircd:
# server:
# name: "redxen.eu"
@ -75,7 +97,7 @@
# - { address: "", port: 6667, tls: false, type: "clients" }
# - { address: "", port: 6697, tls: true, type: "clients" }
# #- { address: "", port: 7000, tls: false, type: "servers" }
# #- { address: "", port: 70001, tls: true, type: "servers" }
# #- { address: "", port: 7001, tls: true, type: "servers" }
# paths:
# config: '/etc/inspircd'
# build: '/home/repositories/inspircd'
@ -84,17 +106,18 @@
# - { channel: "support", topic: "Have patience when asking, it can take some time until someone answers your question", modes: "+nt *!*@*!*" }
vault:
roles:
# - "pleroma"
- "murmur"
- "postgresql"
# - "inspircd"
#
#- "inspircd"
mounts:
- { uuid: '01ce4924-7200-41bd-ba0e-b52ec9f58a00', dest: "{{ pleroma.data }}", state: 'mounted', fstype: "xfs" }
roles:
- mounts
- vault
#- git-clone
- git-clone
- apt
- file
- murmur
# - pleroma
- pleroma
# - inspircd
- systemd