BlackDragon/ansible
1
0
Fork 0
forked from bitlair/ansible
Code Pull requests Activity

Compare commits

base: BlackDragon:main
Branches Tags
BlackDragon:main
BlackDragon:linting
bitlair:main
bitlair:ldap-van-revspace
bitlair:linting
..
compare: BlackDragon:linting
Branches Tags
BlackDragon:main
BlackDragon:linting
bitlair:main
bitlair:ldap-van-revspace
bitlair:linting

3 commits
main ... linting

Author SHA1 Message Date
Mark Janssen
a30d388422
Owner/group strings 2025-04-19 16:45:08 +02:00
Mark Janssen
77c1732623
Linting 2025-04-19 16:42:53 +02:00
Mark Janssen
d0cd352b4a
Linting 2025-04-19 16:24:47 +02:00
68 changed files with 362 additions and 669 deletions
Download patch file Download diff file Expand all files Collapse all files

14
.ansible-lint Normal file
View file

@ -0,0 +1,14 @@
#warn_list: # or 'skip_list' to silence them completely
skip_list:
- experimental
- var-naming[no-role-prefix]
- name
warn_list:
- '204' # Lines should be no longer than 160 chars
- no-handler
- ignore-errors
- fqcn-builtins
- fqcn
- partial-become[task]
- template-instead-of-copy
offline: true

3
.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
.password-store
.gitignore
.envrc

5
.yamllint.yaml
View file

@ -15,3 +15,8 @@ rules:
max-spaces-after: -1 max-spaces-after: -1
commas: commas:
max-spaces-after: -1 max-spaces-after: -1
comments:
min-spaces-from-content: 1
octal-values:
forbid-implicit-octal: true
forbid-explicit-octal: true

1
authorized_keys/blackdragon.keys
View file

@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICLZGbt/we3JQ482/NYcdOKGoKDOj1MgmYFP2GDmjLw/ kyan@flandre

47
bitlair.yaml
View file

@ -1,73 +1,80 @@
--- ---
- hosts: all - name: common
hosts: all
gather_facts: true gather_facts: true
roles: roles:
- { role: "common", tags: ["common"] } - { role: "common", tags: ["common"] }
- { role: "nft", tags: ["nft"] } - { role: "nft", tags: ["nft"] }
- hosts: bank - name: bank
hosts: bank
roles: roles:
- { role: "bank", tags: ["bank"] } - { role: "bank", tags: ["bank"] }
- hosts: homeassistant - name: homeassistant
hosts: homeassistant
roles: roles:
- { role: "acme", tags: ["acme"] } - { role: "acme", tags: ["acme"] }
- { role: "nginx", tags: ["nginx"] } - { role: "nginx", tags: ["nginx"] }
- hosts: raspi - name: raspi
hosts: raspi
roles: roles:
- { role: "raspi", tags: ["raspi"] } - { role: "raspi", tags: ["raspi"] }
- { role: "bank-terminal", tags: ["bank-terminal"] } - { role: "bank-terminal", tags: ["bank-terminal"] }
- hosts: fotos - name: fotos
hosts: fotos
roles: roles:
- { role: "photos", tags: ["photos"] } - { role: "photos", tags: ["photos"] }
- hosts: git-ci - name: CI
hosts: git-ci
roles: roles:
- { role: "git_ci", tags: ["git_ci"] } - { role: "git-ci", tags: ["git-ci"] }
- hosts: git - name: git
hosts: git
roles: roles:
- { role: "acme", tags: ["acme"] } - { role: "acme", tags: ["acme"] }
- { role: "nginx", tags: ["nginx"] } - { role: "nginx", tags: ["nginx"] }
- { role: "git-server", tags: ["git-server"] } - { role: "git-server", tags: ["git-server"] }
- hosts: monitoring - name: monitoring
hosts: monitoring
roles: roles:
- { role: "acme", tags: ["acme"] } - { role: "acme", tags: ["acme"] }
- { role: "nginx", tags: ["nginx"] } - { role: "nginx", tags: ["nginx"] }
- { role: "monitoring", tags: ["monitoring"] } - { role: "monitoring", tags: ["monitoring"] }
- hosts: mqtt - name: mqtt
hosts: mqtt
roles: roles:
- { role: "mqtt", tags: ["mqtt"] } - { role: "mqtt", tags: ["mqtt"] }
- hosts: music - name: music
hosts: music
roles: roles:
- { role: "acme", tags: ["acme"] } - { role: "acme", tags: ["acme"] }
- { role: "go", tags: ["go"] } - { role: "go", tags: ["go"] }
- { role: "music", tags: ["music"] } - { role: "music", tags: ["music"] }
- hosts: pad - name: pad
hosts: pad
roles: roles:
- { role: "acme", tags: ["acme"] } - { role: "acme", tags: ["acme"] }
- { role: "nginx", tags: ["nginx"] } - { role: "nginx", tags: ["nginx"] }
- { role: "etherpad", tags: ["etherpad"] } - { role: "etherpad", tags: ["etherpad"] }
- hosts: services - name: services
hosts: services
roles: roles:
- { role: "services", tags: ["services"] } - { role: "services", tags: ["services"] }
- hosts: wiki - name: wiki
hosts: wiki
roles: roles:
- { role: "acme", tags: ["acme"] } - { role: "acme", tags: ["acme"] }
- { role: "nginx", tags: ["nginx"] } - { role: "nginx", tags: ["nginx"] }
- { role: "www", tags: ["www"] } - { role: "www", tags: ["www"] }
- hosts: chat
roles:
- { role: "acme", tags: [ "acme" ] }
- { role: "nginx", tags: [ "nginx" ] }
- { role: "chat", tags: [ "chat" ] }

9
chat.yaml
View file

@ -1,9 +0,0 @@
---
- hosts: chat
roles:
- { role: "common", tags: [ "common" ] }
- { role: "nft", tags: [ "nft" ] }
- { role: "nginx", tags: [ "nginx" ] }
- { role: "acme", tags: [ "acme" ] }
- { role: "chat", tags: [ "chat" ] }

2
git-ci.yaml
View file

@ -3,4 +3,4 @@
- hosts: git-ci - hosts: git-ci
roles: roles:
- { role: "common", tags: [ "common" ] } - { role: "common", tags: [ "common" ] }
- { role: "git_ci", tags: [ "git_ci" ] } - { role: "git-ci", tags: [ "git-ci" ] }

3
group_vars/all.yaml
View file

@ -36,6 +36,3 @@ mqtt_public_host: bitlair.nl
debian_repourl: "http://deb.debian.org/debian/" debian_repourl: "http://deb.debian.org/debian/"
debian_securityurl: "http://security.debian.org/debian-security" debian_securityurl: "http://security.debian.org/debian-security"
deb_forgejo_repos:
- host: git.polyfloyd.net
owner: polyfloyd

36
group_vars/chat.yaml
View file

@ -1,36 +0,0 @@
---
root_access:
- blackdragon
- ak
- foobar
- polyfloyd
nodejs_version: 22.x
thelounge_version: "4.4.3"
thelounge_ldap_url: ldaps://ldap.bitlair.nl
thelounge_ldap_filter: (objectClass=inetOrgPerson)
thelounge_ldap_base: ou=Members,dc=bitlair,dc=nl
chat_hostname: chat.bitlair.nl
acme_domains:
- "{{ chat_hostname }}"
nginx_sites:
- server_name: "{{ chat_hostname }}"
config:
- |-
location / {
proxy_pass http://127.0.0.1:9000/;
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
# by default nginx times out connections in one minute
proxy_read_timeout 1d;
}
group_nft_input:
- "tcp dport { http, https } accept # Allow web-traffic from world"

3
inventory
View file

@ -17,8 +17,7 @@ blockchain.bitlair.nl
git.bitlair.nl git.bitlair.nl
[git-ci] [git-ci]
git-ci01.bitlair.nl git-ci.bitlair.nl
git-ci02.bitlair.nl
[pad] [pad]
pad.bitlair.nl pad.bitlair.nl

1
lint.sh
View file

@ -1,5 +1,6 @@
#!/bin/bash #!/bin/bash
j2lint `find ./ -type f -name '*.j2'` j2lint `find ./ -type f -name '*.j2'`
yamllint -c .yamllint.yaml .
ansible-lint bitlair.yaml ansible-lint bitlair.yaml

1
monitoring.yaml
View file

@ -4,6 +4,5 @@
roles: roles:
- { role: "common", tags: [ "common" ] } - { role: "common", tags: [ "common" ] }
- { role: "acme", tags: [ "acme" ] } - { role: "acme", tags: [ "acme" ] }
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
- { role: "nginx", tags: [ "nginx" ] } - { role: "nginx", tags: [ "nginx" ] }
- { role: "monitoring", tags: [ "monitoring" ] } - { role: "monitoring", tags: [ "monitoring" ] }

1
music.yaml
View file

@ -4,7 +4,6 @@
roles: roles:
- { role: "common", tags: [ "common" ] } - { role: "common", tags: [ "common" ] }
- { role: "acme", tags: [ "acme" ] } - { role: "acme", tags: [ "acme" ] }
- { role: "deb_forgejo", tags: [ "deb_forgejo" ] }
- { role: "go", tags: [ "go" ] } - { role: "go", tags: [ "go" ] }
# - { role: "nginx", tags: [ "nginx" ] } # - { role: "nginx", tags: [ "nginx" ] }
- { role: "music", tags: [ "music" ] } - { role: "music", tags: [ "music" ] }

4
roles/acme/handlers/main.yaml
View file

@ -1,9 +1,5 @@
--- ---
- name: update_contact_info
ansible.builtin.command:
cmd: dehydrated --account
- name: run dehydrated - name: run dehydrated
ansible.builtin.command: ansible.builtin.command:
cmd: dehydrated --cron cmd: dehydrated --cron

39
roles/bank-terminal/tasks/main.yaml
View file

@ -4,11 +4,11 @@
block: block:
- name: Add user - name: Add user
ansible.builtin.user: ansible.builtin.user:
name: bank-terminal name: "bank-terminal"
home: /home/{{ bank_terminal_user }} home: "/home/{{ bank_terminal_user }}"
shell: /home/{{ bank_terminal_user }}/login shell: "/home/{{ bank_terminal_user }}/login"
generate_ssh_key: yes generate_ssh_key: yes
ssh_key_type: ed25519 ssh_key_type: "ed25519"
- name: Locate agetty - name: Locate agetty
ansible.builtin.command: ansible.builtin.command:
@ -16,34 +16,35 @@
register: agetty_location_cmd register: agetty_location_cmd
- name: Set agetty var - name: Set agetty var
ansible.builtin.set_fact: agetty_location="{{ agetty_location_cmd.stdout_lines | join }}" ansible.builtin.set_fact:
agetty_location: "{{ agetty_location_cmd.stdout_lines | join }}"
- name: Install login script - name: Install login script
ansible.builtin.template: ansible.builtin.template:
src: login src: "login"
dest: /home/{{ bank_terminal_user }}/login dest: "/home/{{ bank_terminal_user }}/login"
owner: bank-terminal owner: "bank-terminal"
group: bank-terminal group: "bank-terminal"
mode: 0755 mode: "0755"
- name: Autologin User - name: Autologin User
ansible.builtin.template: ansible.builtin.template:
src: tty_autologin.conf src: "tty_autologin.conf"
dest: /etc/systemd/system/getty@tty1.service.d/override.conf dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: daemon_reload notify: daemon_reload
- name: Clear MOTD - name: Clear MOTD
ansible.builtin.copy: ansible.builtin.copy:
content: "" content: ""
dest: /etc/motd dest: "/etc/motd"
# Set console font so the Revbank QR codes are rendered correctly. # Set console font so the Revbank QR codes are rendered correctly.
- name: Console setup - name: Console setup
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/default/console-setup path: "/etc/default/console-setup"
line: '{{ item.k }}="{{ item.v }}"' line: '{{ item.k }}="{{ item.v }}"'
regexp: "^#?{{ item.k }}" regexp: "^#?{{ item.k }}"
with_items: with_items:
@ -56,8 +57,8 @@
- name: Console Setup Management Note - name: Console Setup Management Note
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/default/console-setup path: "/etc/default/console-setup"
line: '# Managed by Ansible' line: "# Managed by Ansible"
insertafter: "CONFIGURATION FILE" insertafter: "CONFIGURATION FILE"
- name: Read pubkey - name: Read pubkey

12
roles/bank/tasks/login.yaml
View file

@ -41,14 +41,14 @@
- name: Create getty dir - name: Create getty dir
ansible.builtin.file: ansible.builtin.file:
path: /etc/systemd/system/getty@tty1.service.d path: "/etc/systemd/system/getty@tty1.service.d"
state: directory state: directory
- name: Autologin User - name: Autologin User
ansible.builtin.template: ansible.builtin.template:
src: tty_autologin.conf src: "tty_autologin.conf"
dest: /etc/systemd/system/getty@tty1.service.d/override.conf dest: "/etc/systemd/system/getty@tty1.service.d/override.conf"
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: daemon reload notify: daemon reload

14
roles/bank/tasks/revbank-deposit.yaml
View file

@ -23,18 +23,18 @@
ansible.builtin.template: ansible.builtin.template:
src: revbank-deposit.conf src: revbank-deposit.conf
dest: /etc/revbank-deposit.conf dest: /etc/revbank-deposit.conf
owner: root owner: "root"
group: root group: "root"
mode: 0600 mode: "0600"
notify: Restart revbank-deposit notify: Restart revbank-deposit
- name: Install revbank-deposit service - name: Install revbank-deposit service
ansible.builtin.template: ansible.builtin.template:
src: revbank-deposit.service src: revbank-deposit.service
dest: /etc/systemd/system/revbank-deposit.service dest: /etc/systemd/system/revbank-deposit.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart revbank-deposit notify: Restart revbank-deposit
- name: Start revbank-deposit - name: Start revbank-deposit
@ -44,4 +44,4 @@
state: started state: started
enabled: true enabled: true
- meta: flush_handlers - ansible.builtin.meta: flush_handlers

2
roles/bank/tasks/revbank.yaml
View file

@ -26,7 +26,7 @@
state: touch state: touch
owner: "{{ bank_user }}" owner: "{{ bank_user }}"
group: "{{ bank_user }}" group: "{{ bank_user }}"
mode: 0644 mode: "0644"
with_items: with_items:
- revbank.accounts - revbank.accounts
- revbank.market - revbank.market

4
roles/bank/templates/git.cron
View file

@ -1,4 +1,4 @@
SHELL=/bin/bash SHELL=/bin/bash
#m h dom mon dow user command #m h dom mon dow user command
*/10 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) 0 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products)

5
roles/chat/defaults/main.yaml
View file

@ -1,5 +0,0 @@
---
chat_user: thelounge
chat_group: thelounge
chat_configdir: "/etc/thelounge"

11
roles/chat/handlers/main.yaml
View file

@ -1,11 +0,0 @@
---
- name: Reload systemd
ansible.builtin.systemd:
daemon_reload: yes
- name: Restart thelounge
ansible.builtin.systemd:
name: thelounge
state: restarted
enabled: true

112
roles/chat/tasks/main.yaml
View file

@ -1,112 +0,0 @@
---
- name: Install dependencies
ansible.builtin.apt:
state: present
pkg:
- gpg
- apt-transport-https
- build-essential
- name: Import nodesource signing key
ansible.builtin.shell:
cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor
-o /usr/share/keyrings/nodesource.gpg
args:
creates: /usr/share/keyrings/nodesource.gpg
notify: Apt update
- name: Ensure directories are present
ansible.builtin.file:
path: "{{ item.path }}"
owner: "{{ chat_user }}"
group: "{{ chat_group }}"
state: "{{ item.state | default('directory') }}"
mode: "{{ item.mode | default('0770') }}"
with_items:
- { path: "{{ chat_configdir }}" }
- { path: "/var/local/thelounge/users" }
- { path: "/var/local/thelounge/storage" }
notify:
- Restart thelounge
- name: Configure templates
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner | default( chat_user ) }}"
group: "{{ item.group | default( chat_group ) }}"
mode: "{{ item.mode | default('0640') }}"
with_items:
- { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list", owner: root, group: root }
- { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs", owner: root, group: root }
- name: Install nodejs
ansible.builtin.apt:
name: nodejs
- name: Install yarn
ansible.builtin.shell:
cmd: npm install --global yarn
- stat: path=/opt/thelounge
register: src_path
- name: Retreive thelounge source
block:
- name: Checkout source
ansible.builtin.git:
repo: 'https://github.com/revspace/thelounge.git'
dest: /opt/thelounge
version: 9d6dc83
force: true
- name: Copy patch
ansible.builtin.template:
src: thelounge-bitlair.patch
dest: /tmp/thelounge-bitlair.patch
- name: Apply patch
ansible.builtin.shell:
chdir: /opt/thelounge
cmd: git apply /tmp/thelounge-bitlair.patch
when: not src_path.stat.exists
- name: Build and install thelounge
ansible.builtin.shell:
chdir: /opt/thelounge
cmd: yarn add sharp --ignore-engines && yarn install --include-optional sharp && NODE_ENV=production yarn build && ln -sf $(pwd)/index.js /usr/local/bin/thelounge
notify:
- Restart thelounge
- name: Ensure user thelounge is present
ansible.builtin.user:
name: thelounge
createhome: no
comment: The Lounge (IRC client)
system: yes
state: present
- name: Ensure JS and JSON syntax checking packages are installed
yarn:
name: "{{ item }}"
global: yes
state: latest # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in
with_items:
- esprima
- jsonlint
changed_when: no # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in
- name: Configure templates
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner | default( chat_user ) }}"
group: "{{ item.group | default( chat_group ) }}"
mode: "{{ item.mode | default('0640') }}"
validate: "{{ item.validate | default([]) }}"
with_items:
- { src: "config.js.j2", dest: "/etc/thelounge/config.js", validate: 'esvalidate %s' }
- { src: "thelounge.service", dest: "/etc/systemd/system/thelounge.service", owner: root, group: root, notify: "Reload systemd" }
notify: "{{ item.notify | default('Restart thelounge') }}"

59
roles/chat/templates/config.js.j2
View file

@ -1,59 +0,0 @@
"use strict";
module.exports = {
public: false,
port: 9000,
bind: "0.0.0.0",
host: "127.0.0.1",
reverseProxy: true,
lockNetwork: true,
maxHistory: 10000,
leaveMessage: "Doei!",
defaults: {
name: "Smurfnet",
password: "",
rejectUnauthorized: true,
nick: "",
username: "",
realname: "",
join: "#bitlair",
},
messageStorage: ["sqlite", "text"],
fileUpload: {
enable: true,
},
networks: {
Smurfnet: {
host: "irc.smurfnet.ch",
port: 6697,
tls: true,
rejectUnauthorized: false,
},
"Libera.Chat": {
host: "irc.libera.chat",
port: 6697,
tls: true,
rejectUnauthorized: true,
},
OFTC: {
host: "irc.oftc.net",
port: 6697,
tls: true,
rejectUnauthorized: true,
},
},
identd: {
enable: false,
},
ldap: {
enable: true,
url: "{{ thelounge_ldap_url }}",
primaryKey: "uid",
searchDN: {
rootDN: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN subkey=binddn') }}",
rootPassword: "{{ lookup('passwordstore', 'chat/thelounge/ldap_rootDN') }}",
filter: "{{ thelounge_ldap_filter }}",
base: "{{ thelounge_ldap_base }}",
},
},
};

5
roles/chat/templates/nodejs-apt-pref
View file

@ -1,5 +0,0 @@
# {{ ansible_managed }}
Package: nodejs
Pin: origin deb.nodesource.com
Pin-Priority: 1000

3
roles/chat/templates/nodesource.list
View file

@ -1,3 +0,0 @@
# {{ ansible_managed }}
deb [arch=amd64 signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodejs_version }} nodistro main

28
roles/chat/templates/thelounge-bitlair.patch
View file

@ -1,28 +0,0 @@
diff --git a/package.json b/package.json
index 2991a6ec..dac43f16 100644
--- a/package.json
+++ b/package.json
@@ -84,9 +84,7 @@
"ua-parser-js": "1.0.33",
"uuid": "8.3.2",
"web-push": "3.4.5",
- "yarn": "1.22.17"
- },
- "optionalDependencies": {
+ "yarn": "1.22.17",
"sqlite3": "5.1.7"
},
"devDependencies": {
diff --git a/server/plugins/auth/ldap.ts b/server/plugins/auth/ldap.ts
index e6093b0f..d30b9a1c 100644
--- a/server/plugins/auth/ldap.ts
+++ b/server/plugins/auth/ldap.ts
@@ -134,7 +134,7 @@ const ldapAuth: AuthHandler = (manager, client, user, password, callback) => {
// auth plugin API
function callbackWrapper(valid: boolean) {
if (valid && !client) {
- manager.addUser(user, null, false);
+ manager.addUser(user, null, true);
}
callback(valid);

17
roles/chat/templates/thelounge.service
View file

@ -1,17 +0,0 @@
[Unit]
Description=The Lounge (IRC client)
After=network-online.target
Wants=network-online.target
[Service]
User={{ chat_user }}
Group={{ chat_group }}
Type=simple
Environment=THELOUNGE_HOME=/var/local/thelounge
ExecStart=/usr/local/bin/thelounge start
ProtectSystem=yes
ProtectHome=yes
PrivateTmp=yes
[Install]
WantedBy=multi-user.target

2
roles/common/handlers/main.yaml
View file

@ -3,7 +3,7 @@
ansible.builtin.command: ansible.builtin.command:
cmd: update-grub cmd: update-grub
- name: apt update - name: Apt update
ansible.builtin.apt: ansible.builtin.apt:
update_cache: true update_cache: true

6
roles/common/tasks/debian-upgrade.yaml
View file

@ -4,9 +4,9 @@
ansible.builtin.template: ansible.builtin.template:
src: stable-sources.list src: stable-sources.list
dest: /etc/apt/sources.list dest: /etc/apt/sources.list
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
- name: Remove backports - name: Remove backports
ansible.builtin.file: ansible.builtin.file:

2
roles/common/tasks/main.yaml
View file

@ -30,7 +30,7 @@
ansible.builtin.template: ansible.builtin.template:
src: authorized_keys.j2 src: authorized_keys.j2
dest: /root/.ssh/authorized_keys dest: /root/.ssh/authorized_keys
mode: 0600 mode: "0600"
when: root_access is defined and root_access when: root_access is defined and root_access
tags: authorized_keys tags: authorized_keys

6
roles/common/tasks/network.yaml
View file

@ -28,9 +28,9 @@
ansible.builtin.template: ansible.builtin.template:
src: network-interfaces src: network-interfaces
dest: /etc/network/interfaces dest: /etc/network/interfaces
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
when: network_br or network_dhcp or network_static when: network_br or network_dhcp or network_static
- ansible.builtin.meta: flush_handlers - ansible.builtin.meta: flush_handlers

1
roles/deb_forgejo/defaults/main.yaml
View file

@ -1 +0,0 @@
deb_private_host: git.polyfloyd.net

3
roles/deb_forgejo/handlers/default.yaml
View file

@ -1,3 +0,0 @@
---
- ansible.builtin.import_tasks:
file: ../../common/handlers/main.yaml

26
roles/deb_forgejo/tasks/main.yaml
View file

@ -1,26 +0,0 @@
---
- tags: deb_forgejo
block:
- name: Install dependencies
apt:
name: apt-transport-https
state: present
- name: Install packaging key
get_url:
url: https://{{ item.host }}/api/packages/{{ item.owner }}/debian/repository.key
dest: /etc/apt/keyrings/{{ item.host }}-{{ item.owner }}.asc
mode: "0644"
with_items: "{{ deb_forgejo_repos }}"
notify: apt update
- name: Install sources.list
template:
src: sources.list
dest: /etc/apt/sources.list.d/deb-forgejo.list
owner: root
group: root
mode: "0644"
notify: apt update
- meta: flush_handlers

5
roles/deb_forgejo/templates/sources.list
View file

@ -1,5 +0,0 @@
# {{ ansible_managed }}
{% for repo in deb_forgejo_repos %}
deb [signed-by=/etc/apt/keyrings/{{ repo.host }}-{{ repo.owner }}.asc] https://{{ repo.host }}/api/packages/{{ repo.owner }}/debian {{ repo.distro | default('stable') }} {{ repo.component | default('main') }}
{% endfor %}

55
roles/etherpad/tasks/main.yaml
View file

@ -15,25 +15,18 @@
-o /usr/share/keyrings/nodesource.gpg -o /usr/share/keyrings/nodesource.gpg
args: args:
creates: /usr/share/keyrings/nodesource.gpg creates: /usr/share/keyrings/nodesource.gpg
notify: apt update notify: Apt update
- name: Install nodesource source list - name: Install nodesource source list
ansible.builtin.template: ansible.builtin.template:
src: nodesource.list src: "{{ item.src }}"
dest: /etc/apt/sources.list.d/nodesource.list dest: "{{ item.dest }}"
owner: root owner: "{{ item.owner | default('root') }}"
group: root group: "{{ item.group | default('root') }}"
mode: 0644 with_items:
notify: apt update - { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list" }
- { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs" }
- name: Install nodejs apt preference notify: Apt update
ansible.builtin.template:
src: nodejs-apt-pref
dest: /etc/apt/preferences.d/nodejs
owner: root
group: root
mode: 0644
notify: apt update
- ansible.builtin.meta: flush_handlers - ansible.builtin.meta: flush_handlers
@ -67,17 +60,17 @@
ansible.builtin.file: ansible.builtin.file:
path: /var/log/etherpad.log path: /var/log/etherpad.log
state: touch state: touch
owner: etherpad owner: "etherpad"
group: etherpad group: "etherpad"
mode: 0644 mode: "0644"
- name: Create source directory - name: Create source directory
ansible.builtin.file: ansible.builtin.file:
path: /opt/etherpad path: /opt/etherpad
state: directory state: directory
owner: etherpad owner: "etherpad"
group: etherpad group: "etherpad"
mode: 0755 mode: "0755"
- name: Clone etherpad source - name: Clone etherpad source
become: yes become: yes
@ -94,18 +87,18 @@
ansible.builtin.template: ansible.builtin.template:
src: settings.json src: settings.json
dest: /opt/etherpad/settings.json dest: /opt/etherpad/settings.json
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart etherpad notify: Restart etherpad
- name: Install etherpad service - name: Install etherpad service
ansible.builtin.template: ansible.builtin.template:
src: etherpad.service src: etherpad.service
dest: /etc/systemd/system/etherpad.service dest: /etc/systemd/system/etherpad.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart etherpad notify: Restart etherpad
- name: Start etherpad - name: Start etherpad
@ -119,8 +112,8 @@
ansible.builtin.template: ansible.builtin.template:
src: nginx-site.conf src: nginx-site.conf
dest: /etc/nginx/sites-enabled/etherpad dest: /etc/nginx/sites-enabled/etherpad
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Reload nginx notify: Reload nginx

2
roles/git-ci/defaults/main.yaml Normal file
View file

@ -0,0 +1,2 @@
runner_wd: /var/lib/forgejo-runner
runner_version: 6.3.0

2
roles/git_ci/handlers/main.yaml → roles/git-ci/handlers/main.yaml
View file

@ -3,6 +3,6 @@
file: ../../common/handlers/main.yaml file: ../../common/handlers/main.yaml
- name: restart forgejo-runner - name: restart forgejo-runner
systemd: ansible.builtin.systemd:
name: forgejo-runner name: forgejo-runner
state: restarted state: restarted

50
roles/git-ci/tasks/main.yaml Normal file
View file

@ -0,0 +1,50 @@
---
- name: Install dependencies
ansible.builtin.apt:
name: docker.io
- name: Download forgejo-runner
ansible.builtin.get_url:
url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ runner_version }}/forgejo-runner-{{ runner_version }}-linux-amd64"
dest: /usr/local/bin/forgejo-runner
mode: "0755"
notify: restart forgejo-runner
- name: Create runner dir
ansible.builtin.file:
state: directory
path: "{{ runner_wd }}"
owner: "root"
group: "root"
mode: "0755"
- name: Register runner
ansible.builtin.command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}"
args:
chdir: "{{ runner_wd }}"
creates: "{{ runner_wd }}/.runner"
- name: Install service file
ansible.builtin.template:
src: forgejo-runner.service
dest: /etc/systemd/system/forgejo-runner.service
owner: "root"
group: "root"
mode: "0644"
notify: restart forgejo-runner
- name: Enable service
ansible.builtin.systemd:
name: forgejo-runner
enabled: true
daemon_reload: true
- name: Start service
ansible.builtin.systemd:
name: forgejo-runner
state: started
daemon_reload: true
- name: Flush handlers
ansible.builtin.meta: flush_handlers

2
roles/git_ci/templates/forgejo-runner.service → roles/git-ci/templates/forgejo-runner.service
View file

@ -6,7 +6,7 @@ After=network.target
[Service] [Service]
ExecStart=/usr/local/bin/forgejo-runner daemon ExecStart=/usr/local/bin/forgejo-runner daemon
WorkingDirectory={{ git_ci_runner_wd }} WorkingDirectory={{ runner_wd }}
Restart=on-failure Restart=on-failure
RestartSec=10s RestartSec=10s

16
roles/git-server/tasks/main.yaml
View file

@ -11,9 +11,9 @@
ansible.builtin.template: ansible.builtin.template:
src: nginx-site.conf src: nginx-site.conf
dest: /etc/nginx/sites-available/forgejo dest: /etc/nginx/sites-available/forgejo
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Reload nginx notify: Reload nginx
- name: Enable nginx site - name: Enable nginx site
@ -36,7 +36,7 @@
path: /var/log/forgejo path: /var/log/forgejo
owner: "{{ git_server_user }}" owner: "{{ git_server_user }}"
group: "{{ git_server_user }}" group: "{{ git_server_user }}"
mode: 0755 mode: "0755"
# TODO: Install initial config # TODO: Install initial config
@ -44,9 +44,9 @@
ansible.builtin.template: ansible.builtin.template:
src: forgejo.service src: forgejo.service
dest: /etc/systemd/system/forgejo.service dest: /etc/systemd/system/forgejo.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Reload forgejo notify: Reload forgejo
- name: Install update script - name: Install update script
@ -55,7 +55,7 @@
dest: "{{ git_server_working_dir }}/update.sh" dest: "{{ git_server_working_dir }}/update.sh"
owner: "{{ git_server_user }}" owner: "{{ git_server_user }}"
group: "{{ git_server_user }}" group: "{{ git_server_user }}"
mode: 0755 mode: "0755"
- name: Perform initial update - name: Perform initial update
ansible.builtin.command: "{{ git_server_working_dir }}/update.sh" ansible.builtin.command: "{{ git_server_working_dir }}/update.sh"

2
roles/git_ci/defaults/main.yaml
View file

@ -1,2 +0,0 @@
---
git_ci_runner_wd: /var/lib/forgejo-runner

83
roles/git_ci/tasks/main.yaml
View file

@ -1,83 +0,0 @@
---
- tags: git_ci
block:
- name: Install dependencies
apt:
name: docker.io
- name: Query latest forgejo-runner version
uri:
url: https://code.forgejo.org/api/v1/repos/forgejo/runner/tags
return_content: true
register: response
changed_when: false
check_mode: false
failed_when: "response is failed or 'json' not in response"
- name: Format forgejo-runner latest version
set_fact:
forgejo_runner_version: "{{ response['json'][0]['name'] | trim('v') }}"
- name: Detect installed forgejo-runner version
shell:
cmd: |
set -o pipefail
forgejo-runner --version | grep --color=never -Po '\d\.\d+(\.\d+)?' || echo none
executable: /bin/bash
register: forgejo_runner_installed_version_shell
changed_when: false
check_mode: false
- name: Format installed forgejo-runner version
set_fact:
forgejo_runner_installed_version: "{{ forgejo_runner_installed_version_shell.stdout }}"
- debug:
msg:
- "Forgejo Runner latest version: {{ forgejo_runner_version }}"
- "Forgejo Runner installed version: {{ forgejo_runner_installed_version }}"
- name: Download forgejo-runner
get_url:
url: "https://code.forgejo.org/forgejo/runner/releases/download/v{{ forgejo_runner_version }}/forgejo-runner-{{ forgejo_runner_version }}-linux-amd64"
dest: /usr/local/bin/forgejo-runner
mode: "0755"
notify: restart forgejo-runner
when: forgejo_runner_installed_version != forgejo_runner_version
- name: Create runner dir
file:
state: directory
path: "{{ git_ci_runner_wd }}"
owner: root
group: root
mode: "0755"
- name: Register runner
command: "forgejo-runner register --no-interactive --instance={{ forgejo_url }} --token={{ lookup('passwordstore', 'git/ci subkey=runner_token') }}"
args:
chdir: "{{ git_ci_runner_wd }}"
creates: "{{ git_ci_runner_wd }}/.runner"
- name: Install service file
template:
src: forgejo-runner.service
dest: /etc/systemd/system/forgejo-runner.service
owner: root
group: root
mode: "0644"
notify: restart forgejo-runner
- name: Enable service
systemd:
name: forgejo-runner
enabled: true
daemon_reload: true
- name: Start service
systemd:
name: forgejo-runner
state: started
daemon_reload: true
- meta: flush_handlers

10
roles/go/tasks/main.yaml
View file

@ -48,17 +48,17 @@
src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz src: https://go.dev/dl/go{{ go_latest_version }}.linux-{{ go_arch }}.tar.gz
dest: /usr/local dest: /usr/local
remote_src: yes remote_src: yes
owner: root owner: "root"
group: root group: "root"
when: go_installed_version != go_latest_version when: go_installed_version != go_latest_version
- name: Configure Go environment - name: Configure Go environment
ansible.builtin.template: ansible.builtin.template:
src: go.profile src: go.profile
dest: /etc/profile.d/go.sh dest: /etc/profile.d/go.sh
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
- name: Link go binary - name: Link go binary
ansible.builtin.file: ansible.builtin.file:

12
roles/monitoring/tasks/grafana.yaml
View file

@ -21,9 +21,9 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart grafana notify: restart grafana
with_items: with_items:
- { src: grafana.ini, dest: /etc/grafana/grafana.ini } - { src: grafana.ini, dest: /etc/grafana/grafana.ini }
@ -33,9 +33,9 @@
ansible.builtin.template: ansible.builtin.template:
src: grafana-data-source.yml src: grafana-data-source.yml
dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml" dest: "/etc/grafana/provisioning/datasources/{{ item.name | lower }}.yaml"
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart grafana notify: restart grafana
with_items: with_items:
- name: Prometheus - name: Prometheus

6
roles/monitoring/tasks/main.yaml
View file

@ -4,9 +4,9 @@
ansible.builtin.template: ansible.builtin.template:
src: nginx-site.conf src: nginx-site.conf
dest: /etc/nginx/sites-available/monitoring dest: /etc/nginx/sites-available/monitoring
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Reload nginx notify: Reload nginx
- name: Enable nginx site - name: Enable nginx site

39
roles/monitoring/tasks/mqtt_exporter.yaml
View file

@ -1,22 +1,47 @@
--- ---
- name: Clone source
ansible.builtin.git:
repo: https://github.com/polyfloyd/mqtt-exporter.git
version: main
dest: /opt/mqtt_exporter
accept_hostkey: yes
notify: restart mqtt_exporter
- name: Install apt dependencies - name: Install apt dependencies
ansible.builtin.apt: ansible.builtin.apt:
name: mqtt-exporter name:
- jq
- python3-paho-mqtt
- python3-prometheus-client
- python3-yaml
state: present state: present
- name: Install service
ansible.builtin.template:
src: mqtt_exporter.service
dest: /etc/systemd/system/mqtt_exporter.service
owner: "root"
group: "root"
mode: "0644"
notify:
- Daemon reload
- restart mqtt_exporter
- name: Install config file - name: Install config file
ansible.builtin.template: ansible.builtin.template:
src: mqtt_exporter_config.yaml src: mqtt_exporter_config.yaml
dest: /etc/mqtt-exporter.yaml dest: /etc/mqtt_exporter.yaml
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart mqtt_exporter notify:
- Daemon reload
- restart mqtt_exporter
- ansible.builtin.meta: flush_handlers - ansible.builtin.meta: flush_handlers
- name: Start service - name: Start service
ansible.builtin.systemd: ansible.builtin.systemd:
name: mqtt-exporter name: mqtt_exporter
state: started state: started
enabled: true enabled: true

6
roles/monitoring/tasks/prometheus.yaml
View file

@ -7,9 +7,9 @@
ansible.builtin.template: ansible.builtin.template:
src: prometheus.yml src: prometheus.yml
dest: "{{ prometheus_config_dir }}/prometheus.yml" dest: "{{ prometheus_config_dir }}/prometheus.yml"
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart prometheus notify: restart prometheus
- name: Configure Prometheus args - name: Configure Prometheus args

6
roles/mqtt/tasks/main.yaml
View file

@ -16,9 +16,9 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}" src: "{{ item }}"
dest: "/etc/mosquitto/conf.d/{{ item }}" dest: "/etc/mosquitto/conf.d/{{ item }}"
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart mosquitto notify: restart mosquitto
with_items: with_items:
- bambulab.conf - bambulab.conf

6
roles/music/tasks/librespot.yaml
View file

@ -18,9 +18,9 @@
ansible.builtin.template: ansible.builtin.template:
src: librespot.service src: librespot.service
dest: /etc/systemd/system/librespot.service dest: /etc/systemd/system/librespot.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart librespot notify: Restart librespot
- name: Enable Librespot - name: Enable Librespot

6
roles/music/tasks/main.yaml
View file

@ -28,7 +28,7 @@
ansible.builtin.template: ansible.builtin.template:
src: nginx-site.conf src: nginx-site.conf
dest: /etc/nginx/sites-enabled/trollibox dest: /etc/nginx/sites-enabled/trollibox
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Reload nginx notify: Reload nginx

18
roles/music/tasks/mpd.yaml
View file

@ -13,18 +13,18 @@
ansible.builtin.template: ansible.builtin.template:
src: mpd-volume-to-mqtt.sh src: mpd-volume-to-mqtt.sh
dest: /opt/mpd-volume-to-mqtt.sh dest: /opt/mpd-volume-to-mqtt.sh
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart mpd-volume-to-mqtt notify: Restart mpd-volume-to-mqtt
- name: Install mpd-volume-to-mqtt service - name: Install mpd-volume-to-mqtt service
ansible.builtin.template: ansible.builtin.template:
src: mpd-volume-to-mqtt.service src: mpd-volume-to-mqtt.service
dest: /etc/systemd/system/mpd-volume-to-mqtt.service dest: /etc/systemd/system/mpd-volume-to-mqtt.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart mpd-volume-to-mqtt notify: Restart mpd-volume-to-mqtt
- name: Enable mpd-volume-to-mqtt - name: Enable mpd-volume-to-mqtt
@ -46,9 +46,9 @@
ansible.builtin.template: ansible.builtin.template:
src: skipbutton.service src: skipbutton.service
dest: /etc/systemd/system/skipbutton.service dest: /etc/systemd/system/skipbutton.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart skipbutton notify: Restart skipbutton
- name: Enable skipbutton - name: Enable skipbutton

44
roles/music/tasks/soundboard.yaml
View file

@ -1,25 +1,45 @@
--- ---
- name: Install dependencies - name: Install dependencies
ansible.builtin.apt: ansible.builtin.apt:
name: name: virtualenv
- mqtt-soundboard
- mplayer
state: present state: present
- ansible.builtin.file: - name: Clone soundboard source
path: "{{ item }}" ansible.builtin.git:
state: absent repo: https://github.com/polyfloyd/mqtt-soundboard.git
with_items: version: main
- /opt/soundboard dest: /opt/soundboard
- /etc/systemd/system/soundboard.service accept_hostkey: yes
notify: Restart soundboard
- name: Create virtualenv
ansible.builtin.command:
cmd: virtualenv /opt/soundboard/.venv
args:
creates: /opt/soundboard/.venv
- name: Install Python dependencies
ansible.builtin.shell:
cmd: . .venv/bin/activate && pip install -r requirements.txt
args:
chdir: /opt/soundboard
- name: Install soundboard config file - name: Install soundboard config file
ansible.builtin.template: ansible.builtin.template:
src: soundboard.yaml src: soundboard.yaml
dest: /etc/soundboard.yaml dest: /etc/soundboard.yaml
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart soundboard
- name: Install soundboard service file
ansible.builtin.template:
src: soundboard.service
dest: /etc/systemd/system/soundboard.service
owner: "root"
group: "root"
mode: "0644"
notify: Restart soundboard notify: Restart soundboard
- name: Enable soundboard - name: Enable soundboard

8
roles/music/tasks/trollibox.yaml
View file

@ -3,8 +3,8 @@
ansible.builtin.template: ansible.builtin.template:
src: trollibox.yaml src: trollibox.yaml
dest: /etc/trollibox.yaml dest: /etc/trollibox.yaml
owner: root owner: "root"
group: root group: "root"
mode: "0644" mode: "0644"
notify: Restart trollibox notify: Restart trollibox
@ -32,8 +32,8 @@
ansible.builtin.template: ansible.builtin.template:
src: trollibox.service src: trollibox.service
dest: /etc/systemd/system/trollibox.service dest: /etc/systemd/system/trollibox.service
owner: root owner: "root"
group: root group: "root"
mode: "0644" mode: "0644"
notify: Restart trollibox notify: Restart trollibox

32
roles/photos/tasks/bambulab-fetch.yaml
View file

@ -5,28 +5,16 @@
- name: Install fetch script - name: Install fetch script
ansible.builtin.template: ansible.builtin.template:
src: bambulab-fetch.sh src: "{{ item.src }}"
dest: /opt/bambulab-fetch.sh dest: "{{ item.dest }}"
owner: root owner: "{{ item.owner | default('root') }}"
group: root group: "{{ item.group | default('root') }}"
mode: 0755 mode: "{{ item.mode | default('0644') }}"
force: "{{ item.force | default('yes') }}"
- name: Install service with_items:
ansible.builtin.template: - { src: "bambulab-fetch.sh", dest: "/opt/bambulab-fetch.sh", mode: "0755" }
src: bambulab-fetch.service - { src: "bambulab-fetch.service", dest: "/etc/systemd/system/bambulab-fetch.service" }
dest: /etc/systemd/system/bambulab-fetch.service - { src: "bambulab-fetch.timer", dest: "/etc/systemd/system/bambulab-fetch.timer" }
owner: root
group: root
mode: 0644
notify: daemon reload
- name: Install timer
ansible.builtin.template:
src: bambulab-fetch.timer
dest: /etc/systemd/system/bambulab-fetch.timer
owner: root
group: root
mode: 0644
notify: daemon reload notify: daemon reload
- name: Enable timer - name: Enable timer

12
roles/photos/tasks/photo-gallery.yaml
View file

@ -15,18 +15,18 @@
ansible.builtin.template: ansible.builtin.template:
src: photo-gallery-config.json src: photo-gallery-config.json
dest: /opt/photo-gallery/config.json dest: /opt/photo-gallery/config.json
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart photo-gallery notify: restart photo-gallery
- name: Install photo-gallery service file - name: Install photo-gallery service file
ansible.builtin.template: ansible.builtin.template:
src: photo-gallery.service src: photo-gallery.service
dest: /etc/systemd/system/photo-gallery.service dest: /etc/systemd/system/photo-gallery.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart photo-gallery notify: restart photo-gallery
- name: Start photo-gallery - name: Start photo-gallery

12
roles/photos/tasks/photos2mqtt.yaml
View file

@ -14,18 +14,18 @@
ansible.builtin.template: ansible.builtin.template:
src: photos2mqtt.pl src: photos2mqtt.pl
dest: /opt/photos2mqtt.pl dest: /opt/photos2mqtt.pl
owner: root owner: "root"
group: root group: "root"
mode: 0755 mode: "0755"
notify: restart photos2mqtt notify: restart photos2mqtt
- name: Install photos2mqtt service file - name: Install photos2mqtt service file
ansible.builtin.template: ansible.builtin.template:
src: photos2mqtt.service src: photos2mqtt.service
dest: /etc/systemd/system/photos2mqtt.service dest: /etc/systemd/system/photos2mqtt.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: restart photos2mqtt notify: restart photos2mqtt
- name: Start photos2mqtt - name: Start photos2mqtt

6
roles/services/tasks/discord_bot.yaml
View file

@ -21,7 +21,7 @@
- name: Clone source - name: Clone source
ansible.builtin.git: ansible.builtin.git:
repo: https://git.bitlair.nl/bitlair/discord-bot.git repo: https://github.com/bitlair/discord-bot.git
version: main version: main
dest: /var/lib/discord-bot dest: /var/lib/discord-bot
accept_hostkey: yes accept_hostkey: yes
@ -32,8 +32,8 @@
ansible.builtin.template: ansible.builtin.template:
src: discord-bot.service src: discord-bot.service
dest: /etc/systemd/system/discord-bot.service dest: /etc/systemd/system/discord-bot.service
owner: root owner: "root"
group: root group: "root"
mode: "0644" mode: "0644"
notify: Restart discord-bot notify: Restart discord-bot

30
roles/services/tasks/ircbot.yaml
View file

@ -18,9 +18,9 @@
ansible.builtin.template: ansible.builtin.template:
src: generic.service src: generic.service
dest: /etc/systemd/system/irc-bot.service dest: /etc/systemd/system/irc-bot.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
vars: vars:
description: Bitlair IRC bot description: Bitlair IRC bot
exec: /bin/bash /var/lib/irc-bot/irc-bot exec: /bin/bash /var/lib/irc-bot/irc-bot
@ -42,18 +42,18 @@
ansible.builtin.template: ansible.builtin.template:
src: irc-photos.sh src: irc-photos.sh
dest: /var/lib/irc-helpers/photos.sh dest: /var/lib/irc-helpers/photos.sh
owner: root owner: "root"
group: root group: "root"
mode: 0755 mode: "0755"
notify: Restart irc-photos notify: Restart irc-photos
- name: Install photos notification service - name: Install photos notification service
ansible.builtin.template: ansible.builtin.template:
src: generic.service src: generic.service
dest: /etc/systemd/system/irc-photos.service dest: /etc/systemd/system/irc-photos.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
vars: vars:
description: Bitlair IRC photos notification description: Bitlair IRC photos notification
requires: irc-bot.service requires: irc-bot.service
@ -71,18 +71,18 @@
ansible.builtin.template: ansible.builtin.template:
src: irc-doorduino.sh src: irc-doorduino.sh
dest: /var/lib/irc-helpers/doorduino.sh dest: /var/lib/irc-helpers/doorduino.sh
owner: root owner: "root"
group: root group: "root"
mode: 0755 mode: "0755"
notify: Restart irc-doorduino notify: Restart irc-doorduino
- name: Install doorduino notification service - name: Install doorduino notification service
ansible.builtin.template: ansible.builtin.template:
src: generic.service src: generic.service
dest: /etc/systemd/system/irc-doorduino.service dest: /etc/systemd/system/irc-doorduino.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
vars: vars:
description: Bitlair IRC doorduino notification description: Bitlair IRC doorduino notification
requires: irc-bot.service requires: irc-bot.service

14
roles/services/tasks/mastodon_spacestate.yaml
View file

@ -7,7 +7,7 @@
- name: Clone source - name: Clone source
ansible.builtin.git: ansible.builtin.git:
repo: https://git.bitlair.nl/bitlair/mastodon-spacestate.git repo: https://github.com/bitlair/mastodon-spacestate.git
version: main version: main
dest: /var/lib/mastodon-spacestate dest: /var/lib/mastodon-spacestate
accept_hostkey: yes accept_hostkey: yes
@ -18,18 +18,18 @@
ansible.builtin.template: ansible.builtin.template:
src: mastodon-spacestate-config.py src: mastodon-spacestate-config.py
dest: /var/lib/mastodon-spacestate/config.py dest: /var/lib/mastodon-spacestate/config.py
owner: root owner: "root"
group: root group: "root"
mode: 0655 mode: "0655"
notify: Restart mastodon-spacestate notify: Restart mastodon-spacestate
- name: Install service file - name: Install service file
ansible.builtin.template: ansible.builtin.template:
src: mastodon-spacestate.service src: mastodon-spacestate.service
dest: /etc/systemd/system/mastodon-spacestate.service dest: /etc/systemd/system/mastodon-spacestate.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart mastodon-spacestate notify: Restart mastodon-spacestate
- name: Start mastodon-spacestate - name: Start mastodon-spacestate

12
roles/services/tasks/power_mqtt.yaml
View file

@ -7,9 +7,9 @@
ansible.builtin.template: ansible.builtin.template:
src: power-mqtt.py src: power-mqtt.py
dest: /var/lib/power-mqtt.py dest: /var/lib/power-mqtt.py
owner: root owner: "root"
group: root group: "root"
mode: 0755 mode: "0755"
notify: Restart power-mqtt notify: Restart power-mqtt
- name: Remove old service - name: Remove old service
@ -21,9 +21,9 @@
ansible.builtin.template: ansible.builtin.template:
src: generic.service src: generic.service
dest: /etc/systemd/system/power-mqtt@.service dest: /etc/systemd/system/power-mqtt@.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
vars: vars:
description: "SMD630 to MQTT Probe" description: "SMD630 to MQTT Probe"
exec: "/var/lib/power-mqtt.py %i" exec: "/var/lib/power-mqtt.py %i"

8
roles/services/tasks/siahsd.yaml
View file

@ -16,8 +16,8 @@
ansible.builtin.template: ansible.builtin.template:
src: siahsd.conf src: siahsd.conf
dest: /etc/siahsd.conf dest: /etc/siahsd.conf
owner: root owner: "root"
group: root group: "root"
mode: "0644" mode: "0644"
notify: Restart siahsd notify: Restart siahsd
@ -25,8 +25,8 @@
ansible.builtin.template: ansible.builtin.template:
src: siahsd.service src: siahsd.service
dest: /etc/systemd/system/siahsd.service dest: /etc/systemd/system/siahsd.service
owner: root owner: "root"
group: root group: "root"
mode: "0644" mode: "0644"
notify: Restart siahsd notify: Restart siahsd

8
roles/services/tasks/spacestated.yaml
View file

@ -21,7 +21,7 @@
- name: Clone source - name: Clone source
ansible.builtin.git: ansible.builtin.git:
repo: https://git.bitlair.nl/bitlair/spacestated.git repo: https://github.com/bitlair/spacestated.git
version: main version: main
dest: /var/lib/spacestated/spacestated dest: /var/lib/spacestated/spacestated
accept_hostkey: yes accept_hostkey: yes
@ -32,9 +32,9 @@
ansible.builtin.template: ansible.builtin.template:
src: spacestated.service src: spacestated.service
dest: /etc/systemd/system/spacestated.service dest: /etc/systemd/system/spacestated.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: Restart spacestated notify: Restart spacestated
- name: Start spacestated - name: Start spacestated

6
roles/services/tasks/wifi_mqtt.yaml
View file

@ -8,7 +8,7 @@
- name: Clone source - name: Clone source
ansible.builtin.git: ansible.builtin.git:
repo: https://git.bitlair.nl/bitlair/wifi-mqtt.git repo: https://github.com/bitlair/wifi-mqtt.git
version: main version: main
dest: /var/lib/wifi-mqtt dest: /var/lib/wifi-mqtt
accept_hostkey: yes accept_hostkey: yes
@ -19,8 +19,8 @@
ansible.builtin.template: ansible.builtin.template:
src: wifi-mqtt.service src: wifi-mqtt.service
dest: /etc/systemd/system/wifi-mqtt.service dest: /etc/systemd/system/wifi-mqtt.service
owner: root owner: "root"
group: root group: "root"
mode: "0644" mode: "0644"
notify: Restart wifi-mqtt notify: Restart wifi-mqtt

8
roles/www/tasks/calendar.yaml
View file

@ -5,7 +5,7 @@
- name: Clone source - name: Clone source
ansible.builtin.git: ansible.builtin.git:
repo: https://git.bitlair.nl/bitlair/wiki-calendar-exporter.git repo: https://github.com/bitlair/calendar-parser.git
version: main version: main
dest: /usr/local/src/bitlair-calendar dest: /usr/local/src/bitlair-calendar
accept_hostkey: yes accept_hostkey: yes
@ -19,6 +19,6 @@
ansible.builtin.template: ansible.builtin.template:
src: calendar.cron src: calendar.cron
dest: /etc/cron.d/bitlair-calendar dest: /etc/cron.d/bitlair-calendar
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"

6
roles/www/tasks/mediawiki.yaml
View file

@ -9,7 +9,7 @@
ansible.builtin.template: ansible.builtin.template:
src: security.txt src: security.txt
dest: /opt/security.txt dest: /opt/security.txt
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"

6
roles/www/tasks/mqtt.yaml
View file

@ -24,9 +24,9 @@
ansible.builtin.template: ansible.builtin.template:
src: mqtt2web.service src: mqtt2web.service
dest: /etc/systemd/system/mqtt2web.service dest: /etc/systemd/system/mqtt2web.service
owner: root owner: "root"
group: root group: "root"
mode: 0644 mode: "0644"
notify: notify:
- Daemon reload - Daemon reload
- Restart mqtt2web - Restart mqtt2web

6
roles/www/tasks/spaceapi.yaml
View file

@ -1,7 +1,7 @@
--- ---
- name: Clone spaceapi source - name: Clone spaceapi source
ansible.builtin.git: ansible.builtin.git:
repo: https://git.bitlair.nl/bitlair/spaceapi.git repo: https://github.com/bitlair/spaceapi.git
version: main version: main
dest: /opt/spaceapi dest: /opt/spaceapi
accept_hostkey: true accept_hostkey: true
@ -11,8 +11,8 @@
ansible.builtin.template: ansible.builtin.template:
src: spaceapi.service src: spaceapi.service
dest: /etc/systemd/system/spaceapi.service dest: /etc/systemd/system/spaceapi.service
owner: root owner: "root"
group: root group: "root"
mode: "0644" mode: "0644"
notify: Restart spaceapi notify: Restart spaceapi