Fix baldur playbook
This commit is contained in:
parent
867eca1e9b
commit
7b84ee2d21
@ -4,11 +4,27 @@
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
system_base_ssh_user: "{{ vault_system_base_ssh_user }}"
|
||||
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# system:var
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
system_var_hostname: "baldur"
|
||||
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# vpn
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
vpn_subnet_id: 3
|
||||
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# music:rip
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
music_user_name: "music"
|
||||
music_user_password: "{{ vault_music_user_password }}"
|
||||
|
||||
music_user_home_directory: "{{ system_var_home_directory }}/{{ music_user_name }}"
|
||||
music_user_data_directory: "{{ system_var_data_directory }}/{{ music_user_name }}"
|
||||
music_user_data_collection_directory: "{{ music_user_data_directory }}/collection"
|
||||
music_user_data_archive_directory: "{{ music_user_data_directory }}/archive"
|
||||
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# services
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
@ -18,17 +34,29 @@ services_resolv_host: "baldur"
|
||||
services_host_services:
|
||||
lrproxy:
|
||||
address: "{{ vpn_bridge_prefix }}.2"
|
||||
tcp: [80, 443]
|
||||
restic: true
|
||||
database:
|
||||
address: "{{ vpn_bridge_prefix }}.3"
|
||||
restic: true
|
||||
cloud:
|
||||
address: "{{ vpn_bridge_prefix }}.4"
|
||||
restic: true
|
||||
git:
|
||||
address: "{{ vpn_bridge_prefix }}.5"
|
||||
tcp: ["{{ services.git.ssh_port }}"]
|
||||
restic: true
|
||||
notes:
|
||||
address: "{{ vpn_bridge_prefix }}.6"
|
||||
restic: true
|
||||
music:
|
||||
address: "{{ vpn_bridge_prefix }}.7"
|
||||
www:
|
||||
collection_path: "{{ music_user_data_collection_directory }}"
|
||||
archive_path: "{{ music_user_data_archive_directory }}"
|
||||
restic: true
|
||||
rproxy:
|
||||
address: "{{ vpn_bridge_prefix }}.8"
|
||||
tcp: [80, 443]
|
||||
restic: true
|
||||
www:
|
||||
address: "{{ vpn_bridge_prefix }}.9"
|
||||
restic: false
|
||||
|
@ -12,7 +12,7 @@
|
||||
default('127.0.0.1') }}"
|
||||
loop: "{{ [system_mail_smtp_server | default([])] |
|
||||
union( [vpn_wireguard_server_address | default([])] ) |
|
||||
union( [services_backups_restic_aws_bucket_endpoint | default([])] ) |
|
||||
union( [backups_restic_user_aws_bucket_endpoint | default([])] ) |
|
||||
flatten }}"
|
||||
when: not (the_nine_worlds_production | bool)
|
||||
tags: "always"
|
||||
@ -51,6 +51,37 @@
|
||||
tags:
|
||||
- "system:base"
|
||||
- "system:base:user"
|
||||
vars:
|
||||
system_base_user_become_user: "{{ system_base_ssh_user }}"
|
||||
- role: "system/directories"
|
||||
tags: "system:directories"
|
||||
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
# backups
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
- role: "backups/restic/setup"
|
||||
tags: "backups:restic:setup"
|
||||
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
# music
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
- role: "music/user"
|
||||
tags: "music:user"
|
||||
vars:
|
||||
music_user_public_key_file: "~/.ssh/debian-virt.pub"
|
||||
- role: "music/collection"
|
||||
tags: "music:collection"
|
||||
- role: "backups/restic/user"
|
||||
vars:
|
||||
backups_restic_user_name: "{{ music_user_name }}"
|
||||
backups_restic_user_use_dataset: "{{ 'zfs' in group_names }}"
|
||||
backups_restic_user_data_dataset: "{{ music_user_data_dataset | default('') }}"
|
||||
backups_restic_user_data_directory: "{{ music_user_data_directory }}"
|
||||
backups_restic_user_aws_bucket_prefix: "the-nine-worlds---{{ music_user_name }}"
|
||||
tags:
|
||||
- "music:backups"
|
||||
- "music:backups:restic"
|
||||
- "music:backups:restic:user"
|
||||
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
# vpn
|
||||
@ -60,12 +91,6 @@
|
||||
- role: "vpn/bridge"
|
||||
tags: "vpn:bridge"
|
||||
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
# backups
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
- role: "backups/restic/setup"
|
||||
tags: "backups:restic:setup"
|
||||
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
# services
|
||||
# ----------------------------------------------------------------------------------------------
|
||||
@ -106,15 +131,26 @@
|
||||
|
||||
- name: "backups : restic"
|
||||
ansible.builtin.include_role:
|
||||
name: "services/backups/restic"
|
||||
name: "backups/restic/user"
|
||||
apply:
|
||||
tags:
|
||||
- "services:{{ services_service_name }}"
|
||||
- "services:backups"
|
||||
- "services:backups:restic"
|
||||
- "services:backups:restic:{{ services_service_name }}"
|
||||
- "services:{{ services_service_name }}:backups:restic"
|
||||
- "services:backups:restic:user"
|
||||
- "services:backups:restic:user:{{ services_service_name }}"
|
||||
- "services:{{ services_service_name }}:backups:restic:user"
|
||||
vars:
|
||||
backups_restic_user_name: "\
|
||||
{{ services_backups_restic_services[services_service_name].user_name }}"
|
||||
backups_restic_user_use_dataset: "{{ 'zfs' in group_names }}"
|
||||
backups_restic_user_data_dataset: "\
|
||||
{{ services_backups_restic_services[services_service_name].data_dataset | default('') }}"
|
||||
backups_restic_user_data_directory: "\
|
||||
{{ services_backups_restic_services[services_service_name].data_directory }}"
|
||||
backups_restic_user_aws_bucket_prefix: "\
|
||||
{{ services_backups_restic_services[services_service_name].aws_bucket_prefix }}"
|
||||
loop: "{{ services_host_services | dict2items | map(attribute='key') }}"
|
||||
when: "services_host_services[services_service_name].restic"
|
||||
loop_control:
|
||||
loop_var: "services_service_name"
|
||||
tags: "always"
|
||||
|
@ -2,8 +2,14 @@
|
||||
- name: "music : yggdrasil"
|
||||
hosts: "yggdrasil"
|
||||
roles:
|
||||
- role: "music/datasets"
|
||||
tags: "music:datasets"
|
||||
- role: "music/datasets/user"
|
||||
tags:
|
||||
- "music:datasets"
|
||||
- "music:datasets:user"
|
||||
- role: "music/datasets/collection"
|
||||
tags:
|
||||
- "music:datasets"
|
||||
- "music:datasets:collection"
|
||||
- role: "music/user"
|
||||
tags: "music:user"
|
||||
vars:
|
||||
@ -13,6 +19,8 @@
|
||||
{% else %}\
|
||||
~/.ssh/debian-virt.pub\
|
||||
{% endif %}"
|
||||
- role: "music/collection"
|
||||
tags: "music:collection"
|
||||
- role: "music/rip"
|
||||
tags: "music:rip"
|
||||
- role: "backups/snapshots/user"
|
||||
@ -33,10 +41,11 @@
|
||||
backups_restic_user_data_dataset: "{{ music_user_data_dataset }}"
|
||||
backups_restic_user_data_directory: "{{ music_user_data_directory }}"
|
||||
backups_restic_user_aws_bucket_prefix: "the-nine-worlds---{{ music_user_name }}"
|
||||
music_org_nextcloud_ip_address: "{{ services_all_services.lrproxy.address }}"
|
||||
tags:
|
||||
- "music:backups"
|
||||
- "music:backups:restic"
|
||||
- "music:backups:restic:user"
|
||||
- role: "music/org"
|
||||
tags: "music:org"
|
||||
vars:
|
||||
music_org_nextcloud_ip_address: "{{ services_all_services.lrproxy.address }}"
|
||||
|
16
playbooks/roles/music/collection/meta/argument_specs.yml
Normal file
16
playbooks/roles/music/collection/meta/argument_specs.yml
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
options:
|
||||
music_user_name:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_data_directory:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_data_collection_directory:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_data_archive_directory:
|
||||
type: "str"
|
||||
required: true
|
24
playbooks/roles/music/collection/tasks/main.yml
Normal file
24
playbooks/roles/music/collection/tasks/main.yml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
- name: "create data directory"
|
||||
ansible.builtin.file:
|
||||
path: "{{ music_user_data_directory }}"
|
||||
state: "directory"
|
||||
owner: "{{ music_user_name }}"
|
||||
group: "{{ music_user_name }}"
|
||||
mode: 0755
|
||||
|
||||
- name: "create collection directory"
|
||||
ansible.builtin.file:
|
||||
path: "{{ music_user_data_collection_directory }}"
|
||||
state: "directory"
|
||||
owner: "{{ music_user_name }}"
|
||||
group: "{{ music_user_name }}"
|
||||
mode: 0755
|
||||
|
||||
- name: "create archive directory"
|
||||
ansible.builtin.file:
|
||||
path: "{{ music_user_data_archive_directory }}"
|
||||
state: "directory"
|
||||
owner: "{{ music_user_name }}"
|
||||
group: "{{ music_user_name }}"
|
||||
mode: 0755
|
@ -2,12 +2,6 @@
|
||||
argument_specs:
|
||||
main:
|
||||
options:
|
||||
music_user_home_dataset:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_home_directory:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_data_dataset:
|
||||
type: "str"
|
||||
required: true
|
||||
@ -17,3 +11,9 @@ argument_specs:
|
||||
music_user_data_archive_dataset:
|
||||
type: "str"
|
||||
required: true
|
||||
system_backups_snapshots_data_dataset:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_name:
|
||||
type: "str"
|
||||
required: true
|
@ -1,19 +1,4 @@
|
||||
---
|
||||
- name: "create home dataset"
|
||||
community.general.zfs:
|
||||
name: "{{ music_user_home_dataset }}"
|
||||
state: "present"
|
||||
register: music_datasets_user_zfs_home
|
||||
|
||||
- name: "populate home dataset with skeleton"
|
||||
ansible.builtin.copy:
|
||||
src: "/etc/skel/"
|
||||
dest: "{{ music_user_home_directory }}"
|
||||
mode: "preserve"
|
||||
remote_src: true
|
||||
when:
|
||||
music_datasets_user_zfs_home.changed
|
||||
|
||||
- name: "create data dataset"
|
||||
community.general.zfs:
|
||||
name: "{{ music_user_data_dataset }}"
|
10
playbooks/roles/music/datasets/user/meta/argument_specs.yml
Normal file
10
playbooks/roles/music/datasets/user/meta/argument_specs.yml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
options:
|
||||
music_user_home_dataset:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_home_directory:
|
||||
type: "str"
|
||||
required: true
|
15
playbooks/roles/music/datasets/user/tasks/main.yml
Normal file
15
playbooks/roles/music/datasets/user/tasks/main.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
- name: "create home dataset"
|
||||
community.general.zfs:
|
||||
name: "{{ music_user_home_dataset }}"
|
||||
state: "present"
|
||||
register: music_datasets_user_zfs_home
|
||||
|
||||
- name: "populate home dataset with skeleton"
|
||||
ansible.builtin.copy:
|
||||
src: "/etc/skel/"
|
||||
dest: "{{ music_user_home_directory }}"
|
||||
mode: "preserve"
|
||||
remote_src: true
|
||||
when:
|
||||
music_datasets_user_zfs_home.changed
|
@ -11,6 +11,9 @@ argument_specs:
|
||||
music_user_home_directory:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_data_directory:
|
||||
music_user_data_collection_directory:
|
||||
type: "str"
|
||||
required: true
|
||||
music_user_data_archive_directory:
|
||||
type: "str"
|
||||
required: true
|
||||
|
@ -1,28 +1,4 @@
|
||||
---
|
||||
- name: "directories : create data directory"
|
||||
ansible.builtin.file:
|
||||
path: "{{ music_user_data_directory }}"
|
||||
state: "directory"
|
||||
owner: "{{ music_user_name }}"
|
||||
group: "{{ music_user_name }}"
|
||||
mode: 0755
|
||||
|
||||
- name: "directories : create collection directory"
|
||||
ansible.builtin.file:
|
||||
path: "{{ music_user_data_collection_directory }}"
|
||||
state: "directory"
|
||||
owner: "{{ music_user_name }}"
|
||||
group: "{{ music_user_name }}"
|
||||
mode: 0755
|
||||
|
||||
- name: "directories : create archive directory"
|
||||
ansible.builtin.file:
|
||||
path: "{{ music_user_data_archive_directory }}"
|
||||
state: "directory"
|
||||
owner: "{{ music_user_name }}"
|
||||
group: "{{ music_user_name }}"
|
||||
mode: 0755
|
||||
|
||||
- name: "directories : create rip directory"
|
||||
ansible.builtin.file:
|
||||
path: "{{ music_user_home_directory }}/rip"
|
||||
|
Loading…
Reference in New Issue
Block a user