Add seedbox and tweak a few stuff around in roles
This commit is contained in:
parent
3cc61f9172
commit
b86817fe2b
|
@ -34,3 +34,12 @@
|
||||||
[submodule "roles/influxdb"]
|
[submodule "roles/influxdb"]
|
||||||
path = roles/influxdb
|
path = roles/influxdb
|
||||||
url = https://git.redxen.eu/RedXen/ansible-influxdb
|
url = https://git.redxen.eu/RedXen/ansible-influxdb
|
||||||
|
[submodule "roles/sftp-chroot"]
|
||||||
|
path = roles/sftp-chroot
|
||||||
|
url = https://git.redxen.eu/RedXen/ansible-sftp-chroot
|
||||||
|
[submodule "roles/transmission"]
|
||||||
|
path = roles/transmission
|
||||||
|
url = https://git.redxen.eu/RedXen/ansible-transmission
|
||||||
|
[submodule "roles/darkhttpd"]
|
||||||
|
path = roles/darkhttpd
|
||||||
|
url = https://git.redxen.eu/RedXen/ansible-darkhttpd
|
||||||
|
|
12
dns.yml
12
dns.yml
|
@ -1,5 +1,17 @@
|
||||||
---
|
---
|
||||||
- hosts: dns
|
- hosts: dns
|
||||||
|
vars:
|
||||||
|
firewall:
|
||||||
|
- { port: 53, ipv: "v4", proto: "tcp" }
|
||||||
|
- { port: 53, ipv: "v4", proto: "udp" }
|
||||||
|
- { port: 53, ipv: "v6", proto: "tcp" }
|
||||||
|
- { port: 53, ipv: "v6", proto: "udp" }
|
||||||
|
systemd:
|
||||||
|
services:
|
||||||
|
- { name: "systemd-resolved", state: stopped }
|
||||||
|
- { name: "unbound", enabled: true, state: reloaded }
|
||||||
|
apt_packages:
|
||||||
|
- { package: "unbound", state: present }
|
||||||
roles:
|
roles:
|
||||||
- apt
|
- apt
|
||||||
- unbound
|
- unbound
|
||||||
|
|
|
@ -55,14 +55,6 @@ services:
|
||||||
register:
|
register:
|
||||||
host: "redxen.eu"
|
host: "redxen.eu"
|
||||||
url: "redxen.eu"
|
url: "redxen.eu"
|
||||||
transmission:
|
|
||||||
root_dir: "/mnt/seedbox" # TODO: Use device UUIDs
|
|
||||||
port:
|
|
||||||
peer: 51413
|
|
||||||
rpc: 8081
|
|
||||||
darkhttpd:
|
|
||||||
path: "/etc/darkhttpd"
|
|
||||||
port: 8082
|
|
||||||
influxdb:
|
influxdb:
|
||||||
port: 8086
|
port: 8086
|
||||||
tor:
|
tor:
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 8e9736435e7270b843384be581f9844027d543a6
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 1da390b50c30db7898899f7c192e931f9bfde6fc
|
|
@ -1 +1 @@
|
||||||
Subproject commit 3d24de992db8a475159cb6cd80597bccb242bcf5
|
Subproject commit 95fbf873af3121d145f8da64c3121132cd21ce4d
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit a03598399e232309d913f6dcafca284769e82ef7
|
|
@ -1 +1 @@
|
||||||
Subproject commit ff6c5430cca252fb116146cf19a100908ad27f9d
|
Subproject commit 5d359caeea0655d5fa2efd8c4785fcbd8dc39fa5
|
|
@ -0,0 +1,41 @@
|
||||||
|
---
|
||||||
|
- hosts: net
|
||||||
|
vars:
|
||||||
|
apt_packages:
|
||||||
|
- { package: "transmission-daemon", state: present }
|
||||||
|
- { package: "git", state: present }
|
||||||
|
- { package: "make", state: present }
|
||||||
|
- { package: "gcc", state: present }
|
||||||
|
systemd:
|
||||||
|
services:
|
||||||
|
- { name: "darkhttpd", enabled: true, action: restarted }
|
||||||
|
- { name: "transmission-daemon", enabled: true, action: restarted }
|
||||||
|
- { name: "sshd", enabled: true, action: restarted }
|
||||||
|
overrides:
|
||||||
|
- "transmission-daemon"
|
||||||
|
file:
|
||||||
|
- { path: "/etc/ssh/authorized_keys", owner: "root", group: "root", mode: "655", state: directory }
|
||||||
|
- { path: "{{ transmission.root_dir }}/downloads", owner: "root", group: "root", mode: "755", state: directory }
|
||||||
|
- { path: "{{ transmission.root_dir }}/.config", owner: "root", group: "root", mode: "600", state: directory}
|
||||||
|
darkhttpd:
|
||||||
|
port: 8082
|
||||||
|
path: "/etc/darkhttpd" # Where to build and run the daemon from
|
||||||
|
servepath: "{{ transmission.root_dir }}/downloads"
|
||||||
|
transmission:
|
||||||
|
port:
|
||||||
|
peer: 51413
|
||||||
|
rpc: 8081
|
||||||
|
root_dir: "/mnt/seedbox" # TODO: Use device UUIDs
|
||||||
|
sftp_chroot:
|
||||||
|
- { user: "seedbox",
|
||||||
|
home: "{{ transmission.root_dir }}/downloads",
|
||||||
|
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsD58tySBudDE7dw4aDttDv7rLWCqZ2c6N+GnrbSzqAxTcMxxn3GZeozXuz4pkl8NrGEKFk22AlB1hUl0gqnpAr0roL72mXE1WmjVc4EvEVYXLdHnm+rEi/FqvEK8D5mj1vs/ALGqtKGmY1363a8JRR7jSlBa45HkdC7IyJP0stpIkcriPS4kj/lEW0+J5KZ4NuKocjTbyVDoX67fLwBeu/YG4pz0ETKKU1/5xfBN+AxeD8brWvMMwrQzqJoAoRfLKCuD2yTSTPxek/Oa3lbNLUBF6o114gyxsc7zAWMpyNCPvstZoLCdQYqZ0sqVvcFGt0vmlrCtcQozkDVChz1E3 none"
|
||||||
|
}
|
||||||
|
roles:
|
||||||
|
- vault
|
||||||
|
- apt
|
||||||
|
- darkhttpd
|
||||||
|
- transmission
|
||||||
|
- file
|
||||||
|
- sftp-chroot
|
||||||
|
- systemd
|
Reference in New Issue