Update new stuff, i am not writing the fuckton of changes here
This commit is contained in:
Alex
parent
cf3aac26bf
commit
6cdc975215
GPG Key ID:
F92BA85F61F4C173
63
.gitmodules
vendored
63
.gitmodules
vendored
@ -1,39 +1,36 @@
|
||||
[submodule "roles/database"]
|
||||
path = roles/database
|
||||
url = https://git.redxen.eu/RedXen/ansible-database
|
||||
[submodule "roles/common"]
|
||||
path = roles/common
|
||||
url = https://git.redxen.eu/RedXen/ansible-common
|
||||
[submodule "roles/dns"]
|
||||
path = roles/dns
|
||||
url = https://git.redxen.eu/RedXen/ansible-dns
|
||||
[submodule "roles/web"]
|
||||
path = roles/web
|
||||
url = https://git.redxen.eu/RedXen/ansible-web
|
||||
[submodule "roles/monitoring"]
|
||||
path = roles/monitoring
|
||||
url = https://git.redxen.eu/RedXen/ansible-monitoring
|
||||
[submodule "roles/git"]
|
||||
path = roles/git
|
||||
url = https://git.redxen.eu/RedXen/ansible-git
|
||||
[submodule "roles/mumble"]
|
||||
path = roles/mumble
|
||||
url = https://git.redxen.eu/RedXen/ansible-mumble
|
||||
[submodule "roles/unbound"]
|
||||
path = roles/unbound
|
||||
url = https://git.redxen.eu/RedXen/ansible-unbound
|
||||
[submodule "roles/haproxy"]
|
||||
path = roles/haproxy
|
||||
url = https://git.redxen.eu/RedXen/ansible-haproxy
|
||||
[submodule "roles/wireguard"]
|
||||
path = roles/wireguard
|
||||
url = https://git.redxen.eu/RedXen/ansible-wireguard
|
||||
[submodule "roles/apt"]
|
||||
path = roles/apt
|
||||
url = https://git.redxen.eu/RedXen/ansible-apt
|
||||
[submodule "roles/file"]
|
||||
path = roles/file
|
||||
url = https://git.redxen.eu/RedXen/ansible-file
|
||||
[submodule "roles/firewall"]
|
||||
path = roles/firewall
|
||||
url = https://git.redxen.eu/RedXen/ansible-firewall
|
||||
[submodule "roles/systemd"]
|
||||
path = roles/systemd
|
||||
url = https://git.redxen.eu/RedXen/ansible-systemd
|
||||
[submodule "roles/vault"]
|
||||
path = roles/vault
|
||||
url = https://git.redxen.eu/RedXen/ansible-vault
|
||||
[submodule "roles/tor"]
|
||||
path = roles/tor
|
||||
url = https://git.redxen.eu/RedXen/ansible-tor
|
||||
[submodule "roles/minecraft"]
|
||||
path = roles/minecraft
|
||||
url = https://git.redxen.eu/RedXen/ansible-minecraft
|
||||
[submodule "roles/pleroma"]
|
||||
path = roles/pleroma
|
||||
url = https://git.redxen.eu/RedXen/ansible-pleroma
|
||||
[submodule "roles/seedbox"]
|
||||
path = roles/seedbox
|
||||
url = https://git.redxen.eu/RedXen/ansible-seedbox
|
||||
[submodule "roles/ircd"]
|
||||
path = roles/ircd
|
||||
url = https://git.redxen.eu/RedXen/ansible-ircd
|
||||
[submodule "roles/postgresql"]
|
||||
path = roles/postgresql
|
||||
url = https://git.redxen.eu/RedXen/ansible-postgresql
|
||||
[submodule "roles/redis"]
|
||||
path = roles/redis
|
||||
url = https://git.redxen.eu/RedXen/ansible-redis
|
||||
[submodule "roles/influxdb"]
|
||||
path = roles/influxdb
|
||||
url = https://git.redxen.eu/RedXen/ansible-influxdb
|
||||
|
||||
@ -3,3 +3,4 @@ gathering = smart
|
||||
fact_caching = jsonfile
|
||||
fact_caching_connection = ~/.ansible-fax
|
||||
fact_caching_timeout = 86400
|
||||
hash_behavior=merge
|
||||
|
||||
22
backend.yml
Normal file
22
backend.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
- hosts: backend
|
||||
vars:
|
||||
apt_packages:
|
||||
- { package: "postgresql", state: present }
|
||||
- { package: "python3-psycopg2", state: present }
|
||||
- { package: "redis", state: present }
|
||||
- { package: "influxdb", state: present }
|
||||
systemd:
|
||||
services:
|
||||
- { name: "postgres@12-main", enabled: true, action: reloaded }
|
||||
- { name: "redis", enabled: true, action: restarted }
|
||||
- { name: "influxdb", enabled: true, action: restarted }
|
||||
overrides:
|
||||
- "influxdb"
|
||||
roles:
|
||||
- vault
|
||||
- apt
|
||||
- postgresql
|
||||
- influxdb
|
||||
- redis
|
||||
- systemd
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: all
|
||||
roles:
|
||||
- common
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: database
|
||||
roles:
|
||||
- database
|
||||
5
dns.yml
5
dns.yml
@ -1,4 +1,7 @@
|
||||
---
|
||||
- hosts: dns
|
||||
roles:
|
||||
- dns
|
||||
- apt
|
||||
- unbound
|
||||
- systemd
|
||||
- firewall
|
||||
|
||||
6
frontend.yml
Normal file
6
frontend.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
- hosts: frontend
|
||||
roles:
|
||||
- apt
|
||||
- haproxy
|
||||
- systemd
|
||||
@ -32,6 +32,11 @@ services:
|
||||
postgres:
|
||||
host: "postgres.redxen.localhost"
|
||||
port: 5432
|
||||
databases:
|
||||
- grafana
|
||||
- pleroma
|
||||
- gitea
|
||||
- murmur
|
||||
redis:
|
||||
host: "redis.redxen.localhost"
|
||||
port: 6379
|
||||
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: minecraft
|
||||
roles:
|
||||
- minecraft
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: monitoring
|
||||
roles:
|
||||
- monitoring
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: mumble
|
||||
roles:
|
||||
- mumble
|
||||
25
net.yml
Normal file
25
net.yml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
- hosts: net
|
||||
vars:
|
||||
file:
|
||||
- { path: '/etc/tor', owner: 'root', group: 'root', mode: '600', state: directory }
|
||||
- { path: '/etc/wireguard', owner: 'root', group: 'root', mode: '600', state: directory }
|
||||
apt_packages:
|
||||
- { package: "tor", state: present }
|
||||
- { package: "wireguard-tools", state: present }
|
||||
- { package: "wireguard", state: present }
|
||||
systemd:
|
||||
services:
|
||||
- { name: "tor@default", enabled: true, action: restarted }
|
||||
- { name: "wg-quick@wg0", enabled: true, action: restarted }
|
||||
firewall:
|
||||
- { port: "{{ services.wireguard.port }}", ipv: "v4", proto: "tcp" }
|
||||
- { port: "{{ services.wireguard.port }}", ipv: "v6", proto: "tcp" }
|
||||
roles:
|
||||
- vault
|
||||
- file
|
||||
- apt
|
||||
- wireguard
|
||||
- tor
|
||||
- systemd
|
||||
- firewall
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: pleroma
|
||||
roles:
|
||||
- pleroma
|
||||
19
production
19
production
@ -1,11 +1,11 @@
|
||||
n0
|
||||
n1
|
||||
|
||||
[web]
|
||||
[frontend]
|
||||
n0
|
||||
n1
|
||||
|
||||
[database]
|
||||
[backend]
|
||||
n0
|
||||
|
||||
[monitoring]
|
||||
@ -15,24 +15,17 @@ n0
|
||||
n0
|
||||
n1
|
||||
|
||||
[git]
|
||||
[dev]
|
||||
n0
|
||||
|
||||
[mumble]
|
||||
n0
|
||||
n1
|
||||
|
||||
[wireguard]
|
||||
[net]
|
||||
n0
|
||||
|
||||
[tor]
|
||||
n0
|
||||
|
||||
[minecraft]
|
||||
[games]
|
||||
n0
|
||||
|
||||
[seedbox]
|
||||
n0
|
||||
|
||||
[pleroma]
|
||||
[social]
|
||||
n0
|
||||
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit 42561893f32b7c9cfcdcaacb50202badb4207b58
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit c724c33058fa856ad39a5c547147bad8f69328ae
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit 7e4eba3ac9525edfed9a69b0f16ea0f343a2491e
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit 8138afd23714239c283d7ec7dbe3d1932084125a
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit 15d48d1b6226b68115283ed764868c80a5a77807
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit cd9b29238316025b7f059b81a9abe319932f37d0
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit c7b5c388b81fde50ba2b6fc96b1e24344dd71dee
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit fb85a1d3fc0d0e3fb321620da1b599cca48aa344
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit 601f4041a0ba471604f9d6ee9329dfb934f10968
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit cb39925ad6cb4d5d85e8b175766a9e6b3142a073
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit ecc6fc928de5ada2564f3be2187d4bc7db9857b9
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit be37b988c474a852c1d4f8d58f9ab09497873636
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit 01d272f0522d01f681c0180ffa0a80322a91d302
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: seedbox
|
||||
roles:
|
||||
- seedbox
|
||||
@ -1,4 +0,0 @@
|
||||
---
|
||||
- hosts: wireguard
|
||||
roles:
|
||||
- wireguard
|
||||
Reference in New Issue
Block a user