mirror of
https://codeberg.org/hyperreal/ansible-homelab
synced 2024-11-01 16:43:09 +01:00
Add cloud-init configs
This commit is contained in:
parent
787c160256
commit
af258ddef6
25
cloud-init/debian-borg.yml
Normal file
25
cloud-init/debian-borg.yml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
#cloud-config
|
||||||
|
package_update: true
|
||||||
|
package_upgrade: true
|
||||||
|
packages:
|
||||||
|
- borgbackup
|
||||||
|
- borgmatic
|
||||||
|
- ssh
|
||||||
|
- rsync
|
||||||
|
- rsyslog
|
||||||
|
rsyslog:
|
||||||
|
configs:
|
||||||
|
- content: "*.* @10.0.0.41"
|
||||||
|
filename: 99-forward.conf
|
||||||
|
remotes:
|
||||||
|
moonshadow: 10.0.0.41
|
||||||
|
runcmd:
|
||||||
|
- [ mkdir, -p, /borg ]
|
||||||
|
timezone: America/Chicago
|
||||||
|
users:
|
||||||
|
- name: root
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@si.local
|
||||||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItZX/e12RMbdTov8HYLTLTiY0U08X8z73LXdlRMNkTZ jas@moonshadow
|
||||||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXUMrnu1NPslYWRiWyvbYudwC32DW1Wb/btiuJ8yUPx root@moonshadow
|
||||||
|
lock_passwd: true
|
@ -30,4 +30,8 @@ rsyslog:
|
|||||||
remotes:
|
remotes:
|
||||||
moonshadow: 10.0.0.41
|
moonshadow: 10.0.0.41
|
||||||
timezone: America/Chicago
|
timezone: America/Chicago
|
||||||
|
runcmd:
|
||||||
|
- [ git, clone, https://gist.github.com/90c3b2fcc9d70cf06e9f3660e0d15a48.git, /tmp/vimrc ]
|
||||||
|
- [ cp, /tmp/vimrc/.vimrc, /root/.vimrc ]
|
||||||
|
- [ cp, /tmp/vimrc/.vimrc, /home/debian/.vimrc ]
|
||||||
|
- [ chown, debian:debian, /home/debian/.vimrc ]
|
||||||
|
37
cloud-init/debian-serv.yml
Normal file
37
cloud-init/debian-serv.yml
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
#cloud-config
|
||||||
|
apt:
|
||||||
|
sources_list: |
|
||||||
|
deb http://deb.debian.org/debian $RELEASE main
|
||||||
|
deb http://deb.debian.org/debian $RELEASE-updates main
|
||||||
|
deb http://deb.debian.org/debian-security/ $RELEASE-security main
|
||||||
|
deb http://deb.debian.org/debian $RELEASE-backports main
|
||||||
|
package_update: true
|
||||||
|
package_upgrade: true
|
||||||
|
packages:
|
||||||
|
- apt-transport-https
|
||||||
|
- build-essential
|
||||||
|
- certbot
|
||||||
|
- curl
|
||||||
|
- debian-keyring
|
||||||
|
- debian-archive-keyring
|
||||||
|
- git
|
||||||
|
- golang
|
||||||
|
- ssh
|
||||||
|
- python3-dev
|
||||||
|
- python3-pip
|
||||||
|
- rsync
|
||||||
|
- wget
|
||||||
|
users:
|
||||||
|
- name: debian
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@si.local
|
||||||
|
sudo: 'ALL=(ALL) NOPASSWD: ALL'
|
||||||
|
shell: /bin/bash
|
||||||
|
lock_passwd: true
|
||||||
|
rsyslog:
|
||||||
|
configs:
|
||||||
|
- content: "*.* @10.0.0.41:514"
|
||||||
|
filename: 99-forward.conf
|
||||||
|
remotes:
|
||||||
|
moonshadow: 10.0.0.41
|
||||||
|
timezone: America/Chicago
|
15
cloud-init/fedora-transmission.yml
Normal file
15
cloud-init/fedora-transmission.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
#cloud-config
|
||||||
|
package_update: true
|
||||||
|
package_upgrade: true
|
||||||
|
packages:
|
||||||
|
- curl
|
||||||
|
- less
|
||||||
|
- rsyslog
|
||||||
|
- transmission-daemon
|
||||||
|
rsyslog:
|
||||||
|
configs:
|
||||||
|
- content: "*.* @10.0.0.41:514"
|
||||||
|
filename: 99-forward.conf
|
||||||
|
remotes:
|
||||||
|
moonshadow: 10.0.0.41
|
||||||
|
timezone: America/Chicago
|
33
cloud-init/ubuntu-archivebox.yml
Normal file
33
cloud-init/ubuntu-archivebox.yml
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
#cloud-config
|
||||||
|
package_update: true
|
||||||
|
package_upgrade: true
|
||||||
|
packages:
|
||||||
|
- curl
|
||||||
|
- git
|
||||||
|
- nodejs
|
||||||
|
- npm
|
||||||
|
- python3-dev
|
||||||
|
- python3-pip
|
||||||
|
- ripgrep
|
||||||
|
- wget
|
||||||
|
- xauth
|
||||||
|
- youtube-dl
|
||||||
|
users:
|
||||||
|
- name: archivebox
|
||||||
|
ssh_authorized_keys:
|
||||||
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOmibToJQ8JZpSFLH3482oxvpD56QAfu4ndoofbew5t jas@si.local
|
||||||
|
sudo: 'ALL=(ALL) NOPASSWD: ALL'
|
||||||
|
shell: /bin/bash
|
||||||
|
lock_passwd: true
|
||||||
|
rsyslog:
|
||||||
|
configs:
|
||||||
|
- content: "*.* @10.0.0.41:514"
|
||||||
|
filename: 99-forward.conf
|
||||||
|
remotes:
|
||||||
|
moonshadow: 10.0.0.41
|
||||||
|
timezone: America/Chicago
|
||||||
|
runcmd:
|
||||||
|
- [ git, clone, https://gist.github.com/90c3b2fcc9d70cf06e9f3660e0d15a48.git, /tmp/vimrc ]
|
||||||
|
- [ cp, /tmp/vimrc/.vimrc, /root/.vimrc ]
|
||||||
|
- [ cp, /tmp/vimrc/.vimrc, /home/archivebox/.vimrc ]
|
||||||
|
- [ chown, archivebox:archivebox, /home/archivebox/.vimrc ]
|
8
roles/debian-serv/defaults/main.yml
Normal file
8
roles/debian-serv/defaults/main.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
# defaults file for debian-serv
|
||||||
|
|
||||||
|
vimrc_gist_url: https://gist.github.com/90c3b2fcc9d70cf06e9f3660e0d15a48.git
|
||||||
|
caddy_pubkey_url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
|
||||||
|
caddy_sources_url: https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt
|
||||||
|
tailscale_pubkey_url: https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg
|
||||||
|
tailscale_sources_url: https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list
|
61
roles/debian-serv/tasks/main.yml
Normal file
61
roles/debian-serv/tasks/main.yml
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
---
|
||||||
|
# tasks file for debian-serv
|
||||||
|
|
||||||
|
- name: Clone vimrc gist
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: "{{ vimrc_gist_url }}"
|
||||||
|
dest: /tmp/vimrc
|
||||||
|
|
||||||
|
- name: Copy vimrc to /root/.vimrc
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: /tmp/vimrc/.vimrc
|
||||||
|
dest: /root/.vimrc
|
||||||
|
remote_src: true
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
|
- name: Copy vimrc to /home/debian/.vimrc
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: /tmp/vimrc/.vimrc
|
||||||
|
dest: /home/debian/.vimrc
|
||||||
|
remote_src: true
|
||||||
|
owner: debian
|
||||||
|
group: debian
|
||||||
|
|
||||||
|
- name: Fetch Caddy pubkey
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: "{{ caddy_pubkey_url }}"
|
||||||
|
dest: /tmp/gpg.key
|
||||||
|
|
||||||
|
- name: Sign Caddy pubkey
|
||||||
|
ansible.builtin.shell:
|
||||||
|
cmd: gpg --dearmor -o caddy-stable-archive-keyring.gpg gpg.key && rm -f gpg.key
|
||||||
|
chdir: /tmp
|
||||||
|
|
||||||
|
- name: Copy signed key to /usr/share/keyrings/caddy-stable-archive-keyring.gpg
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: /tmp/caddy-stable-archive-keyring.gpg
|
||||||
|
dest: /usr/share/keyrings/caddy-stable-archive-keyring.gpg
|
||||||
|
remote_src: true
|
||||||
|
|
||||||
|
- name: Fetch Caddy sources.list
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: "{{ caddy_sources_url }}"
|
||||||
|
dest: /etc/apt/sources.list.d/caddy-stable.list
|
||||||
|
|
||||||
|
- name: Fetch Tailscale pubkey
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: "{{ tailscale_pubkey_url }}"
|
||||||
|
dest: /usr/share/keyrings/tailscale-archive-keyring.gpg
|
||||||
|
|
||||||
|
- name: Fetch Tailscale sources.list
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: "{{ tailscale_sources_url }}"
|
||||||
|
dest: /etc/apt/sources.list.d/tailscale.list
|
||||||
|
|
||||||
|
- name: Install Caddy and Tailscale
|
||||||
|
ansible.builtin.apt:
|
||||||
|
pkg:
|
||||||
|
- caddy
|
||||||
|
- tailscale
|
||||||
|
update_cache: true
|
@ -3,3 +3,4 @@
|
|||||||
roles:
|
roles:
|
||||||
# Tag each role so that we can select individual roles to run with ansible-playbook --tags
|
# Tag each role so that we can select individual roles to run with ansible-playbook --tags
|
||||||
- {role: debian-mail, tags: ['debian-mail']}
|
- {role: debian-mail, tags: ['debian-mail']}
|
||||||
|
- {role: debian-serv, tags: ['debian-serv']}
|
||||||
|
Loading…
Reference in New Issue
Block a user