From 6cdc9752155f0a5d8b9f59578d3e7414511c69c7 Mon Sep 17 00:00:00 2001 From: Alex Date: Sat, 16 May 2020 23:47:54 +0200 Subject: [PATCH] Update new stuff, i am not writing the fuckton of changes here --- .gitmodules | 63 +++++++++++++++++++++++------------------------- ansible.cfg | 1 + backend.yml | 22 +++++++++++++++++ common.yml | 4 --- database.yml | 4 --- dns.yml | 5 +++- frontend.yml | 6 +++++ git.yml | 4 --- group_vars/all | 5 ++++ ircd.yml | 4 --- minecraft.yml | 4 --- monitoring.yml | 4 --- mumble.yml | 4 --- net.yml | 25 +++++++++++++++++++ pleroma.yml | 4 --- production | 19 +++++---------- roles/common | 1 - roles/database | 1 - roles/dns | 1 - roles/git | 1 - roles/ircd | 1 - roles/minecraft | 1 - roles/monitoring | 1 - roles/mumble | 1 - roles/pleroma | 1 - roles/seedbox | 1 - roles/tor | 1 - roles/web | 1 - roles/wireguard | 1 - seedbox.yml | 4 --- tor.yml | 4 --- web.yml | 4 --- wireguard.yml | 4 --- 33 files changed, 99 insertions(+), 108 deletions(-) create mode 100644 backend.yml delete mode 100644 common.yml delete mode 100644 database.yml create mode 100644 frontend.yml delete mode 100644 git.yml delete mode 100644 ircd.yml delete mode 100644 minecraft.yml delete mode 100644 monitoring.yml delete mode 100644 mumble.yml create mode 100644 net.yml delete mode 100644 pleroma.yml delete mode 160000 roles/common delete mode 160000 roles/database delete mode 160000 roles/dns delete mode 160000 roles/git delete mode 160000 roles/ircd delete mode 160000 roles/minecraft delete mode 160000 roles/monitoring delete mode 160000 roles/mumble delete mode 160000 roles/pleroma delete mode 160000 roles/seedbox delete mode 160000 roles/tor delete mode 160000 roles/web delete mode 160000 roles/wireguard delete mode 100644 seedbox.yml delete mode 100644 tor.yml delete mode 100644 web.yml delete mode 100644 wireguard.yml diff --git a/.gitmodules b/.gitmodules index 402b62a..16694ad 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,39 +1,36 @@ -[submodule "roles/database"] - path = roles/database - url = https://git.redxen.eu/RedXen/ansible-database -[submodule "roles/common"] - path = roles/common - url = https://git.redxen.eu/RedXen/ansible-common -[submodule "roles/dns"] - path = roles/dns - url = https://git.redxen.eu/RedXen/ansible-dns -[submodule "roles/web"] - path = roles/web - url = https://git.redxen.eu/RedXen/ansible-web -[submodule "roles/monitoring"] - path = roles/monitoring - url = https://git.redxen.eu/RedXen/ansible-monitoring -[submodule "roles/git"] - path = roles/git - url = https://git.redxen.eu/RedXen/ansible-git -[submodule "roles/mumble"] - path = roles/mumble - url = https://git.redxen.eu/RedXen/ansible-mumble +[submodule "roles/unbound"] + path = roles/unbound + url = https://git.redxen.eu/RedXen/ansible-unbound +[submodule "roles/haproxy"] + path = roles/haproxy + url = https://git.redxen.eu/RedXen/ansible-haproxy [submodule "roles/wireguard"] path = roles/wireguard url = https://git.redxen.eu/RedXen/ansible-wireguard +[submodule "roles/apt"] + path = roles/apt + url = https://git.redxen.eu/RedXen/ansible-apt +[submodule "roles/file"] + path = roles/file + url = https://git.redxen.eu/RedXen/ansible-file +[submodule "roles/firewall"] + path = roles/firewall + url = https://git.redxen.eu/RedXen/ansible-firewall +[submodule "roles/systemd"] + path = roles/systemd + url = https://git.redxen.eu/RedXen/ansible-systemd +[submodule "roles/vault"] + path = roles/vault + url = https://git.redxen.eu/RedXen/ansible-vault [submodule "roles/tor"] path = roles/tor url = https://git.redxen.eu/RedXen/ansible-tor -[submodule "roles/minecraft"] - path = roles/minecraft - url = https://git.redxen.eu/RedXen/ansible-minecraft -[submodule "roles/pleroma"] - path = roles/pleroma - url = https://git.redxen.eu/RedXen/ansible-pleroma -[submodule "roles/seedbox"] - path = roles/seedbox - url = https://git.redxen.eu/RedXen/ansible-seedbox -[submodule "roles/ircd"] - path = roles/ircd - url = https://git.redxen.eu/RedXen/ansible-ircd +[submodule "roles/postgresql"] + path = roles/postgresql + url = https://git.redxen.eu/RedXen/ansible-postgresql +[submodule "roles/redis"] + path = roles/redis + url = https://git.redxen.eu/RedXen/ansible-redis +[submodule "roles/influxdb"] + path = roles/influxdb + url = https://git.redxen.eu/RedXen/ansible-influxdb diff --git a/ansible.cfg b/ansible.cfg index ef00069..5545f66 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -3,3 +3,4 @@ gathering = smart fact_caching = jsonfile fact_caching_connection = ~/.ansible-fax fact_caching_timeout = 86400 +hash_behavior=merge diff --git a/backend.yml b/backend.yml new file mode 100644 index 0000000..6952263 --- /dev/null +++ b/backend.yml @@ -0,0 +1,22 @@ +--- +- hosts: backend + vars: + apt_packages: + - { package: "postgresql", state: present } + - { package: "python3-psycopg2", state: present } + - { package: "redis", state: present } + - { package: "influxdb", state: present } + systemd: + services: + - { name: "postgres@12-main", enabled: true, action: reloaded } + - { name: "redis", enabled: true, action: restarted } + - { name: "influxdb", enabled: true, action: restarted } + overrides: + - "influxdb" + roles: + - vault + - apt + - postgresql + - influxdb + - redis + - systemd diff --git a/common.yml b/common.yml deleted file mode 100644 index a19e92d..0000000 --- a/common.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: all - roles: - - common diff --git a/database.yml b/database.yml deleted file mode 100644 index 16fabc2..0000000 --- a/database.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: database - roles: - - database diff --git a/dns.yml b/dns.yml index 2df978f..277f6e7 100644 --- a/dns.yml +++ b/dns.yml @@ -1,4 +1,7 @@ --- - hosts: dns roles: - - dns + - apt + - unbound + - systemd + - firewall diff --git a/frontend.yml b/frontend.yml new file mode 100644 index 0000000..7ed83ae --- /dev/null +++ b/frontend.yml @@ -0,0 +1,6 @@ +--- +- hosts: frontend + roles: + - apt + - haproxy + - systemd diff --git a/git.yml b/git.yml deleted file mode 100644 index e7ec085..0000000 --- a/git.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: git - roles: - - git diff --git a/group_vars/all b/group_vars/all index 3058bf5..5e00228 100644 --- a/group_vars/all +++ b/group_vars/all @@ -32,6 +32,11 @@ services: postgres: host: "postgres.redxen.localhost" port: 5432 + databases: + - grafana + - pleroma + - gitea + - murmur redis: host: "redis.redxen.localhost" port: 6379 diff --git a/ircd.yml b/ircd.yml deleted file mode 100644 index 8b55dc9..0000000 --- a/ircd.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: ircd - roles: - - ircd diff --git a/minecraft.yml b/minecraft.yml deleted file mode 100644 index 4e15e34..0000000 --- a/minecraft.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: minecraft - roles: - - minecraft diff --git a/monitoring.yml b/monitoring.yml deleted file mode 100644 index cf88804..0000000 --- a/monitoring.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: monitoring - roles: - - monitoring diff --git a/mumble.yml b/mumble.yml deleted file mode 100644 index 7ed582c..0000000 --- a/mumble.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: mumble - roles: - - mumble diff --git a/net.yml b/net.yml new file mode 100644 index 0000000..de9b5a3 --- /dev/null +++ b/net.yml @@ -0,0 +1,25 @@ +--- +- hosts: net + vars: + file: + - { path: '/etc/tor', owner: 'root', group: 'root', mode: '600', state: directory } + - { path: '/etc/wireguard', owner: 'root', group: 'root', mode: '600', state: directory } + apt_packages: + - { package: "tor", state: present } + - { package: "wireguard-tools", state: present } + - { package: "wireguard", state: present } + systemd: + services: + - { name: "tor@default", enabled: true, action: restarted } + - { name: "wg-quick@wg0", enabled: true, action: restarted } + firewall: + - { port: "{{ services.wireguard.port }}", ipv: "v4", proto: "tcp" } + - { port: "{{ services.wireguard.port }}", ipv: "v6", proto: "tcp" } + roles: + - vault + - file + - apt + - wireguard + - tor + - systemd + - firewall diff --git a/pleroma.yml b/pleroma.yml deleted file mode 100644 index cdafc18..0000000 --- a/pleroma.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: pleroma - roles: - - pleroma diff --git a/production b/production index 9e13735..5d49578 100644 --- a/production +++ b/production @@ -1,11 +1,11 @@ n0 n1 -[web] +[frontend] n0 n1 -[database] +[backend] n0 [monitoring] @@ -15,24 +15,17 @@ n0 n0 n1 -[git] +[dev] n0 -[mumble] -n0 -n1 - -[wireguard] +[net] n0 -[tor] -n0 - -[minecraft] +[games] n0 [seedbox] n0 -[pleroma] +[social] n0 diff --git a/roles/common b/roles/common deleted file mode 160000 index 4256189..0000000 --- a/roles/common +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 42561893f32b7c9cfcdcaacb50202badb4207b58 diff --git a/roles/database b/roles/database deleted file mode 160000 index c724c33..0000000 --- a/roles/database +++ /dev/null @@ -1 +0,0 @@ -Subproject commit c724c33058fa856ad39a5c547147bad8f69328ae diff --git a/roles/dns b/roles/dns deleted file mode 160000 index 7e4eba3..0000000 --- a/roles/dns +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 7e4eba3ac9525edfed9a69b0f16ea0f343a2491e diff --git a/roles/git b/roles/git deleted file mode 160000 index 8138afd..0000000 --- a/roles/git +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 8138afd23714239c283d7ec7dbe3d1932084125a diff --git a/roles/ircd b/roles/ircd deleted file mode 160000 index 15d48d1..0000000 --- a/roles/ircd +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 15d48d1b6226b68115283ed764868c80a5a77807 diff --git a/roles/minecraft b/roles/minecraft deleted file mode 160000 index cd9b292..0000000 --- a/roles/minecraft +++ /dev/null @@ -1 +0,0 @@ -Subproject commit cd9b29238316025b7f059b81a9abe319932f37d0 diff --git a/roles/monitoring b/roles/monitoring deleted file mode 160000 index c7b5c38..0000000 --- a/roles/monitoring +++ /dev/null @@ -1 +0,0 @@ -Subproject commit c7b5c388b81fde50ba2b6fc96b1e24344dd71dee diff --git a/roles/mumble b/roles/mumble deleted file mode 160000 index fb85a1d..0000000 --- a/roles/mumble +++ /dev/null @@ -1 +0,0 @@ -Subproject commit fb85a1d3fc0d0e3fb321620da1b599cca48aa344 diff --git a/roles/pleroma b/roles/pleroma deleted file mode 160000 index 601f404..0000000 --- a/roles/pleroma +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 601f4041a0ba471604f9d6ee9329dfb934f10968 diff --git a/roles/seedbox b/roles/seedbox deleted file mode 160000 index cb39925..0000000 --- a/roles/seedbox +++ /dev/null @@ -1 +0,0 @@ -Subproject commit cb39925ad6cb4d5d85e8b175766a9e6b3142a073 diff --git a/roles/tor b/roles/tor deleted file mode 160000 index ecc6fc9..0000000 --- a/roles/tor +++ /dev/null @@ -1 +0,0 @@ -Subproject commit ecc6fc928de5ada2564f3be2187d4bc7db9857b9 diff --git a/roles/web b/roles/web deleted file mode 160000 index be37b98..0000000 --- a/roles/web +++ /dev/null @@ -1 +0,0 @@ -Subproject commit be37b988c474a852c1d4f8d58f9ab09497873636 diff --git a/roles/wireguard b/roles/wireguard deleted file mode 160000 index 01d272f..0000000 --- a/roles/wireguard +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 01d272f0522d01f681c0180ffa0a80322a91d302 diff --git a/seedbox.yml b/seedbox.yml deleted file mode 100644 index 592ca3e..0000000 --- a/seedbox.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: seedbox - roles: - - seedbox diff --git a/tor.yml b/tor.yml deleted file mode 100644 index 1a0602b..0000000 --- a/tor.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: tor - roles: - - tor diff --git a/web.yml b/web.yml deleted file mode 100644 index 94eaccb..0000000 --- a/web.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: web - roles: - - web diff --git a/wireguard.yml b/wireguard.yml deleted file mode 100644 index ff76432..0000000 --- a/wireguard.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: wireguard - roles: - - wireguard