diff --git a/.ansible-lint b/.ansible-lint deleted file mode 100644 index c6123e8..0000000 --- a/.ansible-lint +++ /dev/null @@ -1,14 +0,0 @@ -#warn_list: # or 'skip_list' to silence them completely -skip_list: - - experimental - - var-naming[no-role-prefix] - - name -warn_list: - - '204' # Lines should be no longer than 160 chars - - no-handler - - ignore-errors - - fqcn-builtins - - fqcn - - partial-become[task] - - template-instead-of-copy -offline: true diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 781c027..0000000 --- a/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -.password-store -.gitignore -.envrc diff --git a/.yamllint.yaml b/.yamllint.yaml index 2d3284c..d932357 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -15,8 +15,3 @@ rules: max-spaces-after: -1 commas: max-spaces-after: -1 - comments: - min-spaces-from-content: 1 - octal-values: - forbid-implicit-octal: true - forbid-explicit-octal: true diff --git a/authorized_keys/blackdragon.keys b/authorized_keys/blackdragon.keys new file mode 100644 index 0000000..d488f52 --- /dev/null +++ b/authorized_keys/blackdragon.keys @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICLZGbt/we3JQ482/NYcdOKGoKDOj1MgmYFP2GDmjLw/ kyan@flandre diff --git a/bitlair.yaml b/bitlair.yaml index d09757f..19de646 100644 --- a/bitlair.yaml +++ b/bitlair.yaml @@ -1,80 +1,73 @@ --- -- name: common - hosts: all +- hosts: all gather_facts: true roles: - { role: "common", tags: ["common"] } - { role: "nft", tags: ["nft"] } -- name: bank - hosts: bank +- hosts: bank roles: - { role: "bank", tags: ["bank"] } -- name: homeassistant - hosts: homeassistant +- hosts: homeassistant roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } -- name: raspi - hosts: raspi +- hosts: raspi roles: - { role: "raspi", tags: ["raspi"] } - { role: "bank-terminal", tags: ["bank-terminal"] } -- name: fotos - hosts: fotos +- hosts: fotos roles: - { role: "photos", tags: ["photos"] } -- name: CI - hosts: git-ci +- hosts: git-ci roles: - - { role: "git-ci", tags: ["git-ci"] } + - { role: "git_ci", tags: ["git_ci"] } -- name: git - hosts: git +- hosts: git roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "git-server", tags: ["git-server"] } -- name: monitoring - hosts: monitoring +- hosts: monitoring roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "monitoring", tags: ["monitoring"] } -- name: mqtt - hosts: mqtt +- hosts: mqtt roles: - { role: "mqtt", tags: ["mqtt"] } -- name: music - hosts: music +- hosts: music roles: - { role: "acme", tags: ["acme"] } - { role: "go", tags: ["go"] } - { role: "music", tags: ["music"] } -- name: pad - hosts: pad +- hosts: pad roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "etherpad", tags: ["etherpad"] } -- name: services - hosts: services +- hosts: services roles: - { role: "services", tags: ["services"] } -- name: wiki - hosts: wiki +- hosts: wiki roles: - { role: "acme", tags: ["acme"] } - { role: "nginx", tags: ["nginx"] } - { role: "www", tags: ["www"] } + +- hosts: chat + roles: + - { role: "acme", tags: [ "acme" ] } + - { role: "nginx", tags: [ "nginx" ] } + - { role: "chat", tags: [ "chat" ] } diff --git a/chat.yaml b/chat.yaml new file mode 100644 index 0000000..a5b4c42 --- /dev/null +++ b/chat.yaml @@ -0,0 +1,9 @@ +--- + +- hosts: chat + roles: + - { role: "common", tags: [ "common" ] } + - { role: "nft", tags: [ "nft" ] } + - { role: "nginx", tags: [ "nginx" ] } + - { role: "acme", tags: [ "acme" ] } + - { role: "chat", tags: [ "chat" ] } diff --git a/git-ci.yaml b/git-ci.yaml index 711dac4..4a53a08 100644 --- a/git-ci.yaml +++ b/git-ci.yaml @@ -3,4 +3,4 @@ - hosts: git-ci roles: - { role: "common", tags: [ "common" ] } - - { role: "git-ci", tags: [ "git-ci" ] } + - { role: "git_ci", tags: [ "git_ci" ] } diff --git a/group_vars/all.yaml b/group_vars/all.yaml index 3deb227..39de4c0 100644 --- a/group_vars/all.yaml +++ b/group_vars/all.yaml @@ -36,3 +36,6 @@ mqtt_public_host: bitlair.nl debian_repourl: "http://deb.debian.org/debian/" debian_securityurl: "http://security.debian.org/debian-security" +deb_forgejo_repos: + - host: git.polyfloyd.net + owner: polyfloyd diff --git a/group_vars/chat.yaml b/group_vars/chat.yaml new file mode 100644 index 0000000..08a3480 --- /dev/null +++ b/group_vars/chat.yaml @@ -0,0 +1,36 @@ +--- + +root_access: + - blackdragon + - ak + - foobar + - polyfloyd + +nodejs_version: 22.x +thelounge_version: "4.4.3" +thelounge_ldap_url: ldaps://ldap.bitlair.nl +thelounge_ldap_filter: (objectClass=inetOrgPerson) +thelounge_ldap_base: ou=Members,dc=bitlair,dc=nl +chat_hostname: chat.bitlair.nl + +acme_domains: + - "{{ chat_hostname }}" + +nginx_sites: + - server_name: "{{ chat_hostname }}" + config: + - |- + location / { + proxy_pass http://127.0.0.1:9000/; + proxy_http_version 1.1; + proxy_set_header Connection "upgrade"; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + + # by default nginx times out connections in one minute + proxy_read_timeout 1d; + } + +group_nft_input: + - "tcp dport { http, https } accept # Allow web-traffic from world" diff --git a/inventory b/inventory index c380b07..86d1bea 100644 --- a/inventory +++ b/inventory @@ -17,7 +17,8 @@ blockchain.bitlair.nl git.bitlair.nl [git-ci] -git-ci.bitlair.nl +git-ci01.bitlair.nl +git-ci02.bitlair.nl [pad] pad.bitlair.nl diff --git a/lint.sh b/lint.sh index 296c955..bc0183d 100755 --- a/lint.sh +++ b/lint.sh @@ -1,6 +1,5 @@ #!/bin/bash j2lint `find ./ -type f -name '*.j2'` -yamllint -c .yamllint.yaml . ansible-lint bitlair.yaml diff --git a/monitoring.yaml b/monitoring.yaml index 9e05df0..202cb58 100644 --- a/monitoring.yaml +++ b/monitoring.yaml @@ -4,5 +4,6 @@ roles: - { role: "common", tags: [ "common" ] } - { role: "acme", tags: [ "acme" ] } + - { role: "deb_forgejo", tags: [ "deb_forgejo" ] } - { role: "nginx", tags: [ "nginx" ] } - { role: "monitoring", tags: [ "monitoring" ] } diff --git a/music.yaml b/music.yaml index e4ea70b..17666f3 100644 --- a/music.yaml +++ b/music.yaml @@ -4,6 +4,7 @@ roles: - { role: "common", tags: [ "common" ] } - { role: "acme", tags: [ "acme" ] } + - { role: "deb_forgejo", tags: [ "deb_forgejo" ] } - { role: "go", tags: [ "go" ] } # - { role: "nginx", tags: [ "nginx" ] } - { role: "music", tags: [ "music" ] } diff --git a/roles/acme/handlers/main.yaml b/roles/acme/handlers/main.yaml index 3b4b5d1..7ff2509 100644 --- a/roles/acme/handlers/main.yaml +++ b/roles/acme/handlers/main.yaml @@ -1,5 +1,9 @@ --- +- name: update_contact_info + ansible.builtin.command: + cmd: dehydrated --account + - name: run dehydrated ansible.builtin.command: cmd: dehydrated --cron diff --git a/roles/bank-terminal/tasks/main.yaml b/roles/bank-terminal/tasks/main.yaml index d035da3..7a01ccb 100644 --- a/roles/bank-terminal/tasks/main.yaml +++ b/roles/bank-terminal/tasks/main.yaml @@ -4,11 +4,11 @@ block: - name: Add user ansible.builtin.user: - name: "bank-terminal" - home: "/home/{{ bank_terminal_user }}" - shell: "/home/{{ bank_terminal_user }}/login" + name: bank-terminal + home: /home/{{ bank_terminal_user }} + shell: /home/{{ bank_terminal_user }}/login generate_ssh_key: yes - ssh_key_type: "ed25519" + ssh_key_type: ed25519 - name: Locate agetty ansible.builtin.command: @@ -16,35 +16,34 @@ register: agetty_location_cmd - name: Set agetty var - ansible.builtin.set_fact: - agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}" + ansible.builtin.set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}" - name: Install login script ansible.builtin.template: - src: "login" - dest: "/home/{{ bank_terminal_user }}/login" - owner: "bank-terminal" - group: "bank-terminal" - mode: "0755" + src: login + dest: /home/{{ bank_terminal_user }}/login + owner: bank-terminal + group: bank-terminal + mode: 0755 - name: Autologin User ansible.builtin.template: - src: "tty_autologin.conf" - dest: "/etc/systemd/system/getty@tty1.service.d/override.conf" - owner: "root" - group: "root" - mode: "0644" + src: tty_autologin.conf + dest: /etc/systemd/system/getty@tty1.service.d/override.conf + owner: root + group: root + mode: 0644 notify: daemon_reload - name: Clear MOTD ansible.builtin.copy: content: "" - dest: "/etc/motd" + dest: /etc/motd # Set console font so the Revbank QR codes are rendered correctly. - name: Console setup ansible.builtin.lineinfile: - path: "/etc/default/console-setup" + path: /etc/default/console-setup line: '{{ item.k }}="{{ item.v }}"' regexp: "^#?{{ item.k }}" with_items: @@ -57,8 +56,8 @@ - name: Console Setup Management Note ansible.builtin.lineinfile: - path: "/etc/default/console-setup" - line: "# Managed by Ansible" + path: /etc/default/console-setup + line: '# Managed by Ansible' insertafter: "CONFIGURATION FILE" - name: Read pubkey diff --git a/roles/bank/tasks/login.yaml b/roles/bank/tasks/login.yaml index 029f826..7ed568e 100644 --- a/roles/bank/tasks/login.yaml +++ b/roles/bank/tasks/login.yaml @@ -41,14 +41,14 @@ - name: Create getty dir ansible.builtin.file: - path: "/etc/systemd/system/getty@tty1.service.d" + path: /etc/systemd/system/getty@tty1.service.d state: directory - name: Autologin User ansible.builtin.template: - src: "tty_autologin.conf" - dest: "/etc/systemd/system/getty@tty1.service.d/override.conf" - owner: "root" - group: "root" - mode: "0644" + src: tty_autologin.conf + dest: /etc/systemd/system/getty@tty1.service.d/override.conf + owner: root + group: root + mode: 0644 notify: daemon reload diff --git a/roles/bank/tasks/revbank-deposit.yaml b/roles/bank/tasks/revbank-deposit.yaml index 97c3593..1190a53 100644 --- a/roles/bank/tasks/revbank-deposit.yaml +++ b/roles/bank/tasks/revbank-deposit.yaml @@ -23,18 +23,18 @@ ansible.builtin.template: src: revbank-deposit.conf dest: /etc/revbank-deposit.conf - owner: "root" - group: "root" - mode: "0600" + owner: root + group: root + mode: 0600 notify: Restart revbank-deposit - name: Install revbank-deposit service ansible.builtin.template: src: revbank-deposit.service dest: /etc/systemd/system/revbank-deposit.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart revbank-deposit - name: Start revbank-deposit @@ -44,4 +44,4 @@ state: started enabled: true -- ansible.builtin.meta: flush_handlers +- meta: flush_handlers diff --git a/roles/bank/tasks/revbank.yaml b/roles/bank/tasks/revbank.yaml index 9ffb91c..ec283d1 100644 --- a/roles/bank/tasks/revbank.yaml +++ b/roles/bank/tasks/revbank.yaml @@ -26,7 +26,7 @@ state: touch owner: "{{ bank_user }}" group: "{{ bank_user }}" - mode: "0644" + mode: 0644 with_items: - revbank.accounts - revbank.market diff --git a/roles/bank/templates/git.cron b/roles/bank/templates/git.cron index b703657..b334260 100644 --- a/roles/bank/templates/git.cron +++ b/roles/bank/templates/git.cron @@ -1,4 +1,4 @@ SHELL=/bin/bash -#m h dom mon dow user command - 0 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) +#m h dom mon dow user command + */10 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) diff --git a/roles/chat/defaults/main.yaml b/roles/chat/defaults/main.yaml new file mode 100644 index 0000000..4e52991 --- /dev/null +++ b/roles/chat/defaults/main.yaml @@ -0,0 +1,5 @@ +--- + +chat_user: thelounge +chat_group: thelounge +chat_configdir: "/etc/thelounge" diff --git a/roles/chat/handlers/main.yaml b/roles/chat/handlers/main.yaml new file mode 100644 index 0000000..e03963e --- /dev/null +++ b/roles/chat/handlers/main.yaml @@ -0,0 +1,11 @@ +--- + +- name: Reload systemd + ansible.builtin.systemd: + daemon_reload: yes + +- name: Restart thelounge + ansible.builtin.systemd: + name: thelounge + state: restarted + enabled: true diff --git a/roles/chat/tasks/main.yaml b/roles/chat/tasks/main.yaml new file mode 100644 index 0000000..7b74982 --- /dev/null +++ b/roles/chat/tasks/main.yaml @@ -0,0 +1,112 @@ +--- + +- name: Install dependencies + ansible.builtin.apt: + state: present + pkg: + - gpg + - apt-transport-https + - build-essential + +- name: Import nodesource signing key + ansible.builtin.shell: + cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor + -o /usr/share/keyrings/nodesource.gpg + args: + creates: /usr/share/keyrings/nodesource.gpg + notify: Apt update + +- name: Ensure directories are present + ansible.builtin.file: + path: "{{ item.path }}" + owner: "{{ chat_user }}" + group: "{{ chat_group }}" + state: "{{ item.state | default('directory') }}" + mode: "{{ item.mode | default('0770') }}" + with_items: + - { path: "{{ chat_configdir }}" } + - { path: "/var/local/thelounge/users" } + - { path: "/var/local/thelounge/storage" } + notify: + - Restart thelounge + +- name: Configure templates + ansible.builtin.template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner | default( chat_user ) }}" + group: "{{ item.group | default( chat_group ) }}" + mode: "{{ item.mode | default('0640') }}" + with_items: + - { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list", owner: root, group: root } + - { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs", owner: root, group: root } + +- name: Install nodejs + ansible.builtin.apt: + name: nodejs + +- name: Install yarn + ansible.builtin.shell: + cmd: npm install --global yarn + +- stat: path=/opt/thelounge + register: src_path + +- name: Retreive thelounge source + block: + - name: Checkout source + ansible.builtin.git: + repo: 'https://github.com/revspace/thelounge.git' + dest: /opt/thelounge + version: 9d6dc83 + force: true + + - name: Copy patch + ansible.builtin.template: + src: thelounge-bitlair.patch + dest: /tmp/thelounge-bitlair.patch + + - name: Apply patch + ansible.builtin.shell: + chdir: /opt/thelounge + cmd: git apply /tmp/thelounge-bitlair.patch + when: not src_path.stat.exists + +- name: Build and install thelounge + ansible.builtin.shell: + chdir: /opt/thelounge + cmd: yarn add sharp --ignore-engines && yarn install --include-optional sharp && NODE_ENV=production yarn build && ln -sf $(pwd)/index.js /usr/local/bin/thelounge + notify: + - Restart thelounge + +- name: Ensure user thelounge is present + ansible.builtin.user: + name: thelounge + createhome: no + comment: The Lounge (IRC client) + system: yes + state: present + +- name: Ensure JS and JSON syntax checking packages are installed + yarn: + name: "{{ item }}" + global: yes + state: latest # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in + with_items: + - esprima + - jsonlint + changed_when: no # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in + +- name: Configure templates + ansible.builtin.template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner | default( chat_user ) }}" + group: "{{ item.group | default( chat_group ) }}" + mode: "{{ item.mode | default('0640') }}" + validate: "{{ item.validate | default([]) }}" + with_items: + - { src: "config.js.j2", dest: "/etc/thelounge/config.js", validate: 'esvalidate %s' } + - { src: "thelounge.service", dest: "/etc/systemd/system/thelounge.service", owner: root, group: root, notify: "Reload systemd" } + notify: "{{ item.notify | default('Restart thelounge') }}" + diff --git a/roles/chat/templates/config.js.j2 b/roles/chat/templates/config.js.j2 new file mode 100644 index 0000000..69b1727 --- /dev/null +++ b/roles/chat/templates/config.js.j2 @@ -0,0 +1,59 @@ +"use strict"; + +module.exports = { + public: false, + port: 9000, + bind: "0.0.0.0", + host: "127.0.0.1", + reverseProxy: true, + lockNetwork: true, + maxHistory: 10000, + leaveMessage: "Doei!", + defaults: { + name: "Smurfnet", + password: "", + rejectUnauthorized: true, + nick: "", + username: "", + realname: "", + join: "#bitlair", + }, + messageStorage: ["sqlite", "text"], + fileUpload: { + enable: true, + }, + networks: { + Smurfnet: { + host: "irc.smurfnet.ch", + port: 6697, + tls: true, + rejectUnauthorized: false, + }, + "Libera.Chat": { + host: "irc.libera.chat", + port: 6697, + tls: true, + rejectUnauthorized: true, + }, + OFTC: { + host: "irc.oftc.net", + port: 6697, + tls: true, + rejectUnauthorized: true, + }, + }, + identd: { + enable: false, + }, + ldap: { + enable: true, + url: "{{ thelounge_ldap_url }}", + primaryKey: "uid", + searchDN: { + rootDN: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN subkey=binddn') }}", + rootPassword: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN') }}", + filter: "{{ thelounge_ldap_filter }}", + base: "{{ thelounge_ldap_base }}", + }, + }, +}; diff --git a/roles/chat/templates/nodejs-apt-pref b/roles/chat/templates/nodejs-apt-pref new file mode 100644 index 0000000..6193912 --- /dev/null +++ b/roles/chat/templates/nodejs-apt-pref @@ -0,0 +1,5 @@ +# {{ ansible_managed }} + +Package: nodejs +Pin: origin deb.nodesource.com +Pin-Priority: 1000 diff --git a/roles/chat/templates/nodesource.list b/roles/chat/templates/nodesource.list new file mode 100644 index 0000000..6ac9322 --- /dev/null +++ b/roles/chat/templates/nodesource.list @@ -0,0 +1,3 @@ +# {{ ansible_managed }} + +deb [arch=amd64 signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodejs_version }} nodistro main diff --git a/roles/chat/templates/thelounge-bitlair.patch b/roles/chat/templates/thelounge-bitlair.patch new file mode 100644 index 0000000..fdfb795 --- /dev/null +++ b/roles/chat/templates/thelounge-bitlair.patch @@ -0,0 +1,28 @@ +diff --git a/package.json b/package.json +index 2991a6ec..dac43f16 100644 +--- a/package.json ++++ b/package.json +@@ -84,9 +84,7 @@ + "ua-parser-js": "1.0.33", + "uuid": "8.3.2", + "web-push": "3.4.5", +- "yarn": "1.22.17" +- }, +- "optionalDependencies": { ++ "yarn": "1.22.17", + "sqlite3": "5.1.7" + }, + "devDependencies": { +diff --git a/server/plugins/auth/ldap.ts b/server/plugins/auth/ldap.ts +index e6093b0f..d30b9a1c 100644 +--- a/server/plugins/auth/ldap.ts ++++ b/server/plugins/auth/ldap.ts +@@ -134,7 +134,7 @@ const ldapAuth: AuthHandler = (manager, client, user, password, callback) => { + // auth plugin API + function callbackWrapper(valid: boolean) { + if (valid && !client) { +- manager.addUser(user, null, false); ++ manager.addUser(user, null, true); + } + + callback(valid); diff --git a/roles/chat/templates/thelounge.service b/roles/chat/templates/thelounge.service new file mode 100644 index 0000000..26a11ea --- /dev/null +++ b/roles/chat/templates/thelounge.service @@ -0,0 +1,17 @@ +[Unit] +Description=The Lounge (IRC client) +After=network-online.target +Wants=network-online.target + +[Service] +User={{ chat_user }} +Group={{ chat_group }} +Type=simple +Environment=THELOUNGE_HOME=/var/local/thelounge +ExecStart=/usr/local/bin/thelounge start +ProtectSystem=yes +ProtectHome=yes +PrivateTmp=yes + +[Install] +WantedBy=multi-user.target diff --git a/roles/common/handlers/main.yaml b/roles/common/handlers/main.yaml index 3f6d5b8..b35b8d8 100644 --- a/roles/common/handlers/main.yaml +++ b/roles/common/handlers/main.yaml @@ -3,7 +3,7 @@ ansible.builtin.command: cmd: update-grub -- name: Apt update +- name: apt update ansible.builtin.apt: update_cache: true diff --git a/roles/common/tasks/debian-upgrade.yaml b/roles/common/tasks/debian-upgrade.yaml index b480bea..f986713 100644 --- a/roles/common/tasks/debian-upgrade.yaml +++ b/roles/common/tasks/debian-upgrade.yaml @@ -4,9 +4,9 @@ ansible.builtin.template: src: stable-sources.list dest: /etc/apt/sources.list - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 - name: Remove backports ansible.builtin.file: diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml index 4f82e2f..29f7744 100644 --- a/roles/common/tasks/main.yaml +++ b/roles/common/tasks/main.yaml @@ -30,7 +30,7 @@ ansible.builtin.template: src: authorized_keys.j2 dest: /root/.ssh/authorized_keys - mode: "0600" + mode: 0600 when: root_access is defined and root_access tags: authorized_keys diff --git a/roles/common/tasks/network.yaml b/roles/common/tasks/network.yaml index fae4ed5..7e2a75b 100644 --- a/roles/common/tasks/network.yaml +++ b/roles/common/tasks/network.yaml @@ -28,9 +28,9 @@ ansible.builtin.template: src: network-interfaces dest: /etc/network/interfaces - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 when: network_br or network_dhcp or network_static - ansible.builtin.meta: flush_handlers diff --git a/roles/deb_forgejo/defaults/main.yaml b/roles/deb_forgejo/defaults/main.yaml new file mode 100644 index 0000000..21082e1 --- /dev/null +++ b/roles/deb_forgejo/defaults/main.yaml @@ -0,0 +1 @@ +deb_private_host: git.polyfloyd.net diff --git a/roles/deb_forgejo/handlers/default.yaml b/roles/deb_forgejo/handlers/default.yaml new file mode 100644 index 0000000..e7a11ce --- /dev/null +++ b/roles/deb_forgejo/handlers/default.yaml @@ -0,0 +1,3 @@ +--- +- ansible.builtin.import_tasks: + file: ../../common/handlers/main.yaml diff --git a/roles/deb_forgejo/tasks/main.yaml b/roles/deb_forgejo/tasks/main.yaml new file mode 100644 index 0000000..68c3c44 --- /dev/null +++ b/roles/deb_forgejo/tasks/main.yaml @@ -0,0 +1,26 @@ +--- +- tags: deb_forgejo + block: + - name: Install dependencies + apt: + name: apt-transport-https + state: present + + - name: Install packaging key + get_url: + url: https://{{ item.host }}/api/packages/{{ item.owner }}/debian/repository.key + dest: /etc/apt/keyrings/{{ item.host }}-{{ item.owner }}.asc + mode: "0644" + with_items: "{{ deb_forgejo_repos }}" + notify: apt update + + - name: Install sources.list + template: + src: sources.list + dest: /etc/apt/sources.list.d/deb-forgejo.list + owner: root + group: root + mode: "0644" + notify: apt update + + - meta: flush_handlers diff --git a/roles/deb_forgejo/templates/sources.list b/roles/deb_forgejo/templates/sources.list new file mode 100644 index 0000000..9400fd3 --- /dev/null +++ b/roles/deb_forgejo/templates/sources.list @@ -0,0 +1,5 @@ +# {{ ansible_managed }} + +{% for repo in deb_forgejo_repos %} +deb [signed-by=/etc/apt/keyrings/{{ repo.host }}-{{ repo.owner }}.asc] https://{{ repo.host }}/api/packages/{{ repo.owner }}/debian {{ repo.distro | default('stable') }} {{ repo.component | default('main') }} +{% endfor %} diff --git a/roles/etherpad/tasks/main.yaml b/roles/etherpad/tasks/main.yaml index c7b1521..38dc4d3 100644 --- a/roles/etherpad/tasks/main.yaml +++ b/roles/etherpad/tasks/main.yaml @@ -15,18 +15,25 @@ -o /usr/share/keyrings/nodesource.gpg args: creates: /usr/share/keyrings/nodesource.gpg - notify: Apt update + notify: apt update - name: Install nodesource source list ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: "{{ item.owner | default('root') }}" - group: "{{ item.group | default('root') }}" - with_items: - - { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list" } - - { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs" } - notify: Apt update + src: nodesource.list + dest: /etc/apt/sources.list.d/nodesource.list + owner: root + group: root + mode: 0644 + notify: apt update + +- name: Install nodejs apt preference + ansible.builtin.template: + src: nodejs-apt-pref + dest: /etc/apt/preferences.d/nodejs + owner: root + group: root + mode: 0644 + notify: apt update - ansible.builtin.meta: flush_handlers @@ -60,17 +67,17 @@ ansible.builtin.file: path: /var/log/etherpad.log state: touch - owner: "etherpad" - group: "etherpad" - mode: "0644" + owner: etherpad + group: etherpad + mode: 0644 - name: Create source directory ansible.builtin.file: path: /opt/etherpad state: directory - owner: "etherpad" - group: "etherpad" - mode: "0755" + owner: etherpad + group: etherpad + mode: 0755 - name: Clone etherpad source become: yes @@ -87,18 +94,18 @@ ansible.builtin.template: src: settings.json dest: /opt/etherpad/settings.json - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart etherpad - name: Install etherpad service ansible.builtin.template: src: etherpad.service dest: /etc/systemd/system/etherpad.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart etherpad - name: Start etherpad @@ -112,8 +119,8 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-enabled/etherpad - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Reload nginx diff --git a/roles/git-ci/defaults/main.yaml b/roles/git-ci/defaults/main.yaml deleted file mode 100644 index 2e805ee..0000000 --- a/roles/git-ci/defaults/main.yaml +++ /dev/null @@ -1,2 +0,0 @@ -runner_wd: /var/lib/forgejo-runner -runner_version: 6.3.0 diff --git a/roles/git-ci/tasks/main.yaml b/roles/git-ci/tasks/main.yaml deleted file mode 100644 index ea688fa..0000000 --- a/roles/git-ci/tasks/main.yaml +++ /dev/null @@ -1,50 +0,0 @@ ---- - -- name: Install dependencies - ansible.builtin.apt: - name: docker.io - -- name: Download forgejo-runner - ansible.builtin.get_url: - url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ runner_version }}/forgejo-runner-{{ runner_version }}-linux-amd64" - dest: /usr/local/bin/forgejo-runner - mode: "0755" - notify: restart forgejo-runner - -- name: Create runner dir - ansible.builtin.file: - state: directory - path: "{{ runner_wd }}" - owner: "root" - group: "root" - mode: "0755" - -- name: Register runner - ansible.builtin.command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}" - args: - chdir: "{{ runner_wd }}" - creates: "{{ runner_wd }}/.runner" - -- name: Install service file - ansible.builtin.template: - src: forgejo-runner.service - dest: /etc/systemd/system/forgejo-runner.service - owner: "root" - group: "root" - mode: "0644" - notify: restart forgejo-runner - -- name: Enable service - ansible.builtin.systemd: - name: forgejo-runner - enabled: true - daemon_reload: true - -- name: Start service - ansible.builtin.systemd: - name: forgejo-runner - state: started - daemon_reload: true - -- name: Flush handlers - ansible.builtin.meta: flush_handlers diff --git a/roles/git-server/tasks/main.yaml b/roles/git-server/tasks/main.yaml index 847d850..5104ef5 100644 --- a/roles/git-server/tasks/main.yaml +++ b/roles/git-server/tasks/main.yaml @@ -11,9 +11,9 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-available/forgejo - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Reload nginx - name: Enable nginx site @@ -36,7 +36,7 @@ path: /var/log/forgejo owner: "{{ git_server_user }}" group: "{{ git_server_user }}" - mode: "0755" + mode: 0755 # TODO: Install initial config @@ -44,9 +44,9 @@ ansible.builtin.template: src: forgejo.service dest: /etc/systemd/system/forgejo.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Reload forgejo - name: Install update script @@ -55,7 +55,7 @@ dest: "{{ git_server_working_dir }}/update.sh" owner: "{{ git_server_user }}" group: "{{ git_server_user }}" - mode: "0755" + mode: 0755 - name: Perform initial update ansible.builtin.command: "{{ git_server_working_dir }}/update.sh" diff --git a/roles/git_ci/defaults/main.yaml b/roles/git_ci/defaults/main.yaml new file mode 100644 index 0000000..2c54fd9 --- /dev/null +++ b/roles/git_ci/defaults/main.yaml @@ -0,0 +1,2 @@ +--- +git_ci_runner_wd: /var/lib/forgejo-runner diff --git a/roles/git-ci/handlers/main.yaml b/roles/git_ci/handlers/main.yaml similarity index 85% rename from roles/git-ci/handlers/main.yaml rename to roles/git_ci/handlers/main.yaml index 361ba38..05f3913 100644 --- a/roles/git-ci/handlers/main.yaml +++ b/roles/git_ci/handlers/main.yaml @@ -3,6 +3,6 @@ file: ../../common/handlers/main.yaml - name: restart forgejo-runner - ansible.builtin.systemd: + systemd: name: forgejo-runner state: restarted diff --git a/roles/git_ci/tasks/main.yaml b/roles/git_ci/tasks/main.yaml new file mode 100644 index 0000000..c2c4002 --- /dev/null +++ b/roles/git_ci/tasks/main.yaml @@ -0,0 +1,83 @@ +--- +- tags: git_ci + block: + - name: Install dependencies + apt: + name: docker.io + + - name: Query latest forgejo-runner version + uri: + url: https://code.forgejo.org/api/v1/repos/forgejo/runner/tags + return_content: true + register: response + changed_when: false + check_mode: false + failed_when: "response is failed or 'json' not in response" + + - name: Format forgejo-runner latest version + set_fact: + forgejo_runner_version: "{{ response['json'][0]['name'] | trim('v') }}" + + - name: Detect installed forgejo-runner version + shell: + cmd: | + set -o pipefail + forgejo-runner --version | grep --color=never -Po '\d\.\d+(\.\d+)?' || echo none + executable: /bin/bash + register: forgejo_runner_installed_version_shell + changed_when: false + check_mode: false + + - name: Format installed forgejo-runner version + set_fact: + forgejo_runner_installed_version: "{{ forgejo_runner_installed_version_shell.stdout }}" + + - debug: + msg: + - "Forgejo Runner latest version: {{ forgejo_runner_version }}" + - "Forgejo Runner installed version: {{ forgejo_runner_installed_version }}" + + - name: Download forgejo-runner + get_url: + url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ forgejo_runner_version }}/forgejo-runner-{{ forgejo_runner_version }}-linux-amd64" + dest: /usr/local/bin/forgejo-runner + mode: "0755" + notify: restart forgejo-runner + when: forgejo_runner_installed_version != forgejo_runner_version + + - name: Create runner dir + file: + state: directory + path: "{{ git_ci_runner_wd }}" + owner: root + group: root + mode: "0755" + + - name: Register runner + command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}" + args: + chdir: "{{ git_ci_runner_wd }}" + creates: "{{ git_ci_runner_wd }}/.runner" + + - name: Install service file + template: + src: forgejo-runner.service + dest: /etc/systemd/system/forgejo-runner.service + owner: root + group: root + mode: "0644" + notify: restart forgejo-runner + + - name: Enable service + systemd: + name: forgejo-runner + enabled: true + daemon_reload: true + + - name: Start service + systemd: + name: forgejo-runner + state: started + daemon_reload: true + + - meta: flush_handlers diff --git a/roles/git-ci/templates/forgejo-runner.service b/roles/git_ci/templates/forgejo-runner.service similarity index 84% rename from roles/git-ci/templates/forgejo-runner.service rename to roles/git_ci/templates/forgejo-runner.service index c9550d2..9cd5b5b 100644 --- a/roles/git-ci/templates/forgejo-runner.service +++ b/roles/git_ci/templates/forgejo-runner.service @@ -6,7 +6,7 @@ After=network.target [Service] ExecStart=/usr/local/bin/forgejo-runner daemon -WorkingDirectory={{ runner_wd }} +WorkingDirectory={{ git_ci_runner_wd }} Restart=on-failure RestartSec=10s diff --git a/roles/go/tasks/main.yaml b/roles/go/tasks/main.yaml index ebd93c7..ab16901 100644 --- a/roles/go/tasks/main.yaml +++ b/roles/go/tasks/main.yaml @@ -48,17 +48,17 @@ src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz dest: /usr/local remote_src: yes - owner: "root" - group: "root" + owner: root + group: root when: go_installed_version != go_latest_version - name: Configure Go environment ansible.builtin.template: src: go.profile dest: /etc/profile.d/go.sh - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 - name: Link go binary ansible.builtin.file: diff --git a/roles/monitoring/tasks/grafana.yaml b/roles/monitoring/tasks/grafana.yaml index 974551b..3e09b8f 100644 --- a/roles/monitoring/tasks/grafana.yaml +++ b/roles/monitoring/tasks/grafana.yaml @@ -21,9 +21,9 @@ ansible.builtin.template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: restart grafana with_items: - { src: grafana.ini, dest: /etc/grafana/grafana.ini } @@ -33,9 +33,9 @@ ansible.builtin.template: src: grafana-data-source.yml dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml" - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: restart grafana with_items: - name: Prometheus diff --git a/roles/monitoring/tasks/main.yaml b/roles/monitoring/tasks/main.yaml index a2878a7..2017d5b 100644 --- a/roles/monitoring/tasks/main.yaml +++ b/roles/monitoring/tasks/main.yaml @@ -4,9 +4,9 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-available/monitoring - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Reload nginx - name: Enable nginx site diff --git a/roles/monitoring/tasks/mqtt_exporter.yaml b/roles/monitoring/tasks/mqtt_exporter.yaml index b0350f4..481d2c1 100644 --- a/roles/monitoring/tasks/mqtt_exporter.yaml +++ b/roles/monitoring/tasks/mqtt_exporter.yaml @@ -1,47 +1,22 @@ --- -- name: Clone source - ansible.builtin.git: - repo: https://github.com/polyfloyd/mqtt-exporter.git - version: main - dest: /opt/mqtt_exporter - accept_hostkey: yes - notify: restart mqtt_exporter - - name: Install apt dependencies ansible.builtin.apt: - name: - - jq - - python3-paho-mqtt - - python3-prometheus-client - - python3-yaml + name: mqtt-exporter state: present -- name: Install service - ansible.builtin.template: - src: mqtt_exporter.service - dest: /etc/systemd/system/mqtt_exporter.service - owner: "root" - group: "root" - mode: "0644" - notify: - - Daemon reload - - restart mqtt_exporter - - name: Install config file ansible.builtin.template: src: mqtt_exporter_config.yaml - dest: /etc/mqtt_exporter.yaml - owner: "root" - group: "root" - mode: "0644" - notify: - - Daemon reload - - restart mqtt_exporter + dest: /etc/mqtt-exporter.yaml + owner: root + group: root + mode: 0644 + notify: restart mqtt_exporter - ansible.builtin.meta: flush_handlers - name: Start service ansible.builtin.systemd: - name: mqtt_exporter + name: mqtt-exporter state: started enabled: true diff --git a/roles/monitoring/tasks/prometheus.yaml b/roles/monitoring/tasks/prometheus.yaml index 3c86a0f..30522b5 100644 --- a/roles/monitoring/tasks/prometheus.yaml +++ b/roles/monitoring/tasks/prometheus.yaml @@ -7,9 +7,9 @@ ansible.builtin.template: src: prometheus.yml dest: "{{ prometheus_config_dir }}/prometheus.yml" - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: restart prometheus - name: Configure Prometheus args diff --git a/roles/mqtt/tasks/main.yaml b/roles/mqtt/tasks/main.yaml index 727cca3..498f49c 100644 --- a/roles/mqtt/tasks/main.yaml +++ b/roles/mqtt/tasks/main.yaml @@ -16,9 +16,9 @@ ansible.builtin.template: src: "{{ item }}" dest: "/etc/mosquitto/conf.d/{{ item }}" - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: restart mosquitto with_items: - bambulab.conf diff --git a/roles/music/tasks/librespot.yaml b/roles/music/tasks/librespot.yaml index 8b7ea51..2a8d19b 100644 --- a/roles/music/tasks/librespot.yaml +++ b/roles/music/tasks/librespot.yaml @@ -18,9 +18,9 @@ ansible.builtin.template: src: librespot.service dest: /etc/systemd/system/librespot.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart librespot - name: Enable Librespot diff --git a/roles/music/tasks/main.yaml b/roles/music/tasks/main.yaml index c57393f..e8a751c 100644 --- a/roles/music/tasks/main.yaml +++ b/roles/music/tasks/main.yaml @@ -28,7 +28,7 @@ ansible.builtin.template: src: nginx-site.conf dest: /etc/nginx/sites-enabled/trollibox - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Reload nginx diff --git a/roles/music/tasks/mpd.yaml b/roles/music/tasks/mpd.yaml index 3e7abeb..eb88133 100644 --- a/roles/music/tasks/mpd.yaml +++ b/roles/music/tasks/mpd.yaml @@ -13,18 +13,18 @@ ansible.builtin.template: src: mpd-volume-to-mqtt.sh dest: /opt/mpd-volume-to-mqtt.sh - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart mpd-volume-to-mqtt - name: Install mpd-volume-to-mqtt service ansible.builtin.template: src: mpd-volume-to-mqtt.service dest: /etc/systemd/system/mpd-volume-to-mqtt.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart mpd-volume-to-mqtt - name: Enable mpd-volume-to-mqtt @@ -46,9 +46,9 @@ ansible.builtin.template: src: skipbutton.service dest: /etc/systemd/system/skipbutton.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart skipbutton - name: Enable skipbutton diff --git a/roles/music/tasks/soundboard.yaml b/roles/music/tasks/soundboard.yaml index fa5ace0..1b72dbf 100644 --- a/roles/music/tasks/soundboard.yaml +++ b/roles/music/tasks/soundboard.yaml @@ -1,45 +1,25 @@ --- - name: Install dependencies ansible.builtin.apt: - name: virtualenv + name: + - mqtt-soundboard + - mplayer state: present -- name: Clone soundboard source - ansible.builtin.git: - repo: https://github.com/polyfloyd/mqtt-soundboard.git - version: main - dest: /opt/soundboard - accept_hostkey: yes - notify: Restart soundboard - -- name: Create virtualenv - ansible.builtin.command: - cmd: virtualenv /opt/soundboard/.venv - args: - creates: /opt/soundboard/.venv - -- name: Install Python dependencies - ansible.builtin.shell: - cmd: . .venv/bin/activate && pip install -r requirements.txt - args: - chdir: /opt/soundboard +- ansible.builtin.file: + path: "{{ item }}" + state: absent + with_items: + - /opt/soundboard + - /etc/systemd/system/soundboard.service - name: Install soundboard config file ansible.builtin.template: src: soundboard.yaml dest: /etc/soundboard.yaml - owner: "root" - group: "root" - mode: "0644" - notify: Restart soundboard - -- name: Install soundboard service file - ansible.builtin.template: - src: soundboard.service - dest: /etc/systemd/system/soundboard.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart soundboard - name: Enable soundboard diff --git a/roles/music/tasks/trollibox.yaml b/roles/music/tasks/trollibox.yaml index 717c235..0b20b4a 100644 --- a/roles/music/tasks/trollibox.yaml +++ b/roles/music/tasks/trollibox.yaml @@ -3,8 +3,8 @@ ansible.builtin.template: src: trollibox.yaml dest: /etc/trollibox.yaml - owner: "root" - group: "root" + owner: root + group: root mode: "0644" notify: Restart trollibox @@ -32,8 +32,8 @@ ansible.builtin.template: src: trollibox.service dest: /etc/systemd/system/trollibox.service - owner: "root" - group: "root" + owner: root + group: root mode: "0644" notify: Restart trollibox diff --git a/roles/photos/tasks/bambulab-fetch.yaml b/roles/photos/tasks/bambulab-fetch.yaml index dfcf3b5..b050af9 100644 --- a/roles/photos/tasks/bambulab-fetch.yaml +++ b/roles/photos/tasks/bambulab-fetch.yaml @@ -5,16 +5,28 @@ - name: Install fetch script ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: "{{ item.owner | default('root') }}" - group: "{{ item.group | default('root') }}" - mode: "{{ item.mode | default('0644') }}" - force: "{{ item.force | default('yes') }}" - with_items: - - { src: "bambulab-fetch.sh", dest: "/opt/bambulab-fetch.sh", mode: "0755" } - - { src: "bambulab-fetch.service", dest: "/etc/systemd/system/bambulab-fetch.service" } - - { src: "bambulab-fetch.timer", dest: "/etc/systemd/system/bambulab-fetch.timer" } + src: bambulab-fetch.sh + dest: /opt/bambulab-fetch.sh + owner: root + group: root + mode: 0755 + +- name: Install service + ansible.builtin.template: + src: bambulab-fetch.service + dest: /etc/systemd/system/bambulab-fetch.service + owner: root + group: root + mode: 0644 + notify: daemon reload + +- name: Install timer + ansible.builtin.template: + src: bambulab-fetch.timer + dest: /etc/systemd/system/bambulab-fetch.timer + owner: root + group: root + mode: 0644 notify: daemon reload - name: Enable timer diff --git a/roles/photos/tasks/photo-gallery.yaml b/roles/photos/tasks/photo-gallery.yaml index 95eb800..5a6cfff 100644 --- a/roles/photos/tasks/photo-gallery.yaml +++ b/roles/photos/tasks/photo-gallery.yaml @@ -15,18 +15,18 @@ ansible.builtin.template: src: photo-gallery-config.json dest: /opt/photo-gallery/config.json - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: restart photo-gallery - name: Install photo-gallery service file ansible.builtin.template: src: photo-gallery.service dest: /etc/systemd/system/photo-gallery.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: restart photo-gallery - name: Start photo-gallery diff --git a/roles/photos/tasks/photos2mqtt.yaml b/roles/photos/tasks/photos2mqtt.yaml index 1fedc06..d9f2e05 100644 --- a/roles/photos/tasks/photos2mqtt.yaml +++ b/roles/photos/tasks/photos2mqtt.yaml @@ -14,18 +14,18 @@ ansible.builtin.template: src: photos2mqtt.pl dest: /opt/photos2mqtt.pl - owner: "root" - group: "root" - mode: "0755" + owner: root + group: root + mode: 0755 notify: restart photos2mqtt - name: Install photos2mqtt service file ansible.builtin.template: src: photos2mqtt.service dest: /etc/systemd/system/photos2mqtt.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: restart photos2mqtt - name: Start photos2mqtt diff --git a/roles/services/tasks/discord_bot.yaml b/roles/services/tasks/discord_bot.yaml index 7f64a01..19a659f 100644 --- a/roles/services/tasks/discord_bot.yaml +++ b/roles/services/tasks/discord_bot.yaml @@ -21,7 +21,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/discord-bot.git + repo: https://git.bitlair.nl/bitlair/discord-bot.git version: main dest: /var/lib/discord-bot accept_hostkey: yes @@ -32,8 +32,8 @@ ansible.builtin.template: src: discord-bot.service dest: /etc/systemd/system/discord-bot.service - owner: "root" - group: "root" + owner: root + group: root mode: "0644" notify: Restart discord-bot diff --git a/roles/services/tasks/ircbot.yaml b/roles/services/tasks/ircbot.yaml index 83a8f72..e635302 100644 --- a/roles/services/tasks/ircbot.yaml +++ b/roles/services/tasks/ircbot.yaml @@ -18,9 +18,9 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-bot.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 vars: description: Bitlair IRC bot exec: /bin/bash /var/lib/irc-bot/irc-bot @@ -42,18 +42,18 @@ ansible.builtin.template: src: irc-photos.sh dest: /var/lib/irc-helpers/photos.sh - owner: "root" - group: "root" - mode: "0755" + owner: root + group: root + mode: 0755 notify: Restart irc-photos - name: Install photos notification service ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-photos.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 vars: description: Bitlair IRC photos notification requires: irc-bot.service @@ -71,18 +71,18 @@ ansible.builtin.template: src: irc-doorduino.sh dest: /var/lib/irc-helpers/doorduino.sh - owner: "root" - group: "root" - mode: "0755" + owner: root + group: root + mode: 0755 notify: Restart irc-doorduino - name: Install doorduino notification service ansible.builtin.template: src: generic.service dest: /etc/systemd/system/irc-doorduino.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 vars: description: Bitlair IRC doorduino notification requires: irc-bot.service diff --git a/roles/services/tasks/mastodon_spacestate.yaml b/roles/services/tasks/mastodon_spacestate.yaml index 8d2175a..9babbbd 100644 --- a/roles/services/tasks/mastodon_spacestate.yaml +++ b/roles/services/tasks/mastodon_spacestate.yaml @@ -7,7 +7,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/mastodon-spacestate.git + repo: https://git.bitlair.nl/bitlair/mastodon-spacestate.git version: main dest: /var/lib/mastodon-spacestate accept_hostkey: yes @@ -18,18 +18,18 @@ ansible.builtin.template: src: mastodon-spacestate-config.py dest: /var/lib/mastodon-spacestate/config.py - owner: "root" - group: "root" - mode: "0655" + owner: root + group: root + mode: 0655 notify: Restart mastodon-spacestate - name: Install service file ansible.builtin.template: src: mastodon-spacestate.service dest: /etc/systemd/system/mastodon-spacestate.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart mastodon-spacestate - name: Start mastodon-spacestate diff --git a/roles/services/tasks/power_mqtt.yaml b/roles/services/tasks/power_mqtt.yaml index 1ca1e7f..5c18589 100644 --- a/roles/services/tasks/power_mqtt.yaml +++ b/roles/services/tasks/power_mqtt.yaml @@ -7,9 +7,9 @@ ansible.builtin.template: src: power-mqtt.py dest: /var/lib/power-mqtt.py - owner: "root" - group: "root" - mode: "0755" + owner: root + group: root + mode: 0755 notify: Restart power-mqtt - name: Remove old service @@ -21,9 +21,9 @@ ansible.builtin.template: src: generic.service dest: /etc/systemd/system/power-mqtt@.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 vars: description: "SMD630 to MQTT Probe" exec: "/var/lib/power-mqtt.py %i" diff --git a/roles/services/tasks/siahsd.yaml b/roles/services/tasks/siahsd.yaml index a1e59a9..c7c3b0b 100644 --- a/roles/services/tasks/siahsd.yaml +++ b/roles/services/tasks/siahsd.yaml @@ -16,8 +16,8 @@ ansible.builtin.template: src: siahsd.conf dest: /etc/siahsd.conf - owner: "root" - group: "root" + owner: root + group: root mode: "0644" notify: Restart siahsd @@ -25,8 +25,8 @@ ansible.builtin.template: src: siahsd.service dest: /etc/systemd/system/siahsd.service - owner: "root" - group: "root" + owner: root + group: root mode: "0644" notify: Restart siahsd diff --git a/roles/services/tasks/spacestated.yaml b/roles/services/tasks/spacestated.yaml index 8f22309..e35851e 100644 --- a/roles/services/tasks/spacestated.yaml +++ b/roles/services/tasks/spacestated.yaml @@ -21,7 +21,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/spacestated.git + repo: https://git.bitlair.nl/bitlair/spacestated.git version: main dest: /var/lib/spacestated/spacestated accept_hostkey: yes @@ -32,9 +32,9 @@ ansible.builtin.template: src: spacestated.service dest: /etc/systemd/system/spacestated.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: Restart spacestated - name: Start spacestated diff --git a/roles/services/tasks/wifi_mqtt.yaml b/roles/services/tasks/wifi_mqtt.yaml index 1f10c64..d69aa34 100644 --- a/roles/services/tasks/wifi_mqtt.yaml +++ b/roles/services/tasks/wifi_mqtt.yaml @@ -8,7 +8,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/wifi-mqtt.git + repo: https://git.bitlair.nl/bitlair/wifi-mqtt.git version: main dest: /var/lib/wifi-mqtt accept_hostkey: yes @@ -19,8 +19,8 @@ ansible.builtin.template: src: wifi-mqtt.service dest: /etc/systemd/system/wifi-mqtt.service - owner: "root" - group: "root" + owner: root + group: root mode: "0644" notify: Restart wifi-mqtt diff --git a/roles/www/tasks/calendar.yaml b/roles/www/tasks/calendar.yaml index 8f42b06..16c027e 100644 --- a/roles/www/tasks/calendar.yaml +++ b/roles/www/tasks/calendar.yaml @@ -5,7 +5,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/calendar-parser.git + repo: https://git.bitlair.nl/bitlair/wiki-calendar-exporter.git version: main dest: /usr/local/src/bitlair-calendar accept_hostkey: yes @@ -19,6 +19,6 @@ ansible.builtin.template: src: calendar.cron dest: /etc/cron.d/bitlair-calendar - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 diff --git a/roles/www/tasks/mediawiki.yaml b/roles/www/tasks/mediawiki.yaml index 0508e32..2eb69f4 100644 --- a/roles/www/tasks/mediawiki.yaml +++ b/roles/www/tasks/mediawiki.yaml @@ -9,7 +9,7 @@ ansible.builtin.template: src: security.txt dest: /opt/security.txt - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 diff --git a/roles/www/tasks/mqtt.yaml b/roles/www/tasks/mqtt.yaml index ed097d6..63d1dee 100644 --- a/roles/www/tasks/mqtt.yaml +++ b/roles/www/tasks/mqtt.yaml @@ -24,9 +24,9 @@ ansible.builtin.template: src: mqtt2web.service dest: /etc/systemd/system/mqtt2web.service - owner: "root" - group: "root" - mode: "0644" + owner: root + group: root + mode: 0644 notify: - Daemon reload - Restart mqtt2web diff --git a/roles/www/tasks/spaceapi.yaml b/roles/www/tasks/spaceapi.yaml index 1c5c3ec..e6b7954 100644 --- a/roles/www/tasks/spaceapi.yaml +++ b/roles/www/tasks/spaceapi.yaml @@ -1,7 +1,7 @@ --- - name: Clone spaceapi source ansible.builtin.git: - repo: https://github.com/bitlair/spaceapi.git + repo: https://git.bitlair.nl/bitlair/spaceapi.git version: main dest: /opt/spaceapi accept_hostkey: true @@ -11,8 +11,8 @@ ansible.builtin.template: src: spaceapi.service dest: /etc/systemd/system/spaceapi.service - owner: "root" - group: "root" + owner: root + group: root mode: "0644" notify: Restart spaceapi