Init
This commit is contained in:
commit
de354f699d
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
.ansible-vault-password
|
4
ansible.cfg
Normal file
4
ansible.cfg
Normal file
|
@ -0,0 +1,4 @@
|
|||
[defaults]
|
||||
interpreter_python = /usr/bin/python3
|
||||
ansible_python_interpreter = /usr/bin/python3
|
||||
roles_path = ./roles/:~/.ansible/roles:/etc/ansible/roles
|
26
inventories/cave/athena.yml
Normal file
26
inventories/cave/athena.yml
Normal file
|
@ -0,0 +1,26 @@
|
|||
---
|
||||
all:
|
||||
children:
|
||||
docker_hosts:
|
||||
hosts:
|
||||
athena.cave:
|
||||
zsh_chic:
|
||||
hosts:
|
||||
athena.cave:
|
||||
zsh_chic:
|
||||
users:
|
||||
- {username: root, home: /root, group: root, starship: true}
|
||||
dev_box:
|
||||
hosts:
|
||||
athena.cave:
|
||||
dev_box:
|
||||
users:
|
||||
- {username: leo, home: /home/leo, group: leo, antibody: true, term: xterm-256color}
|
||||
- {username: omar, home: /home/omar, group: omar, antibody: true}
|
||||
- {username: peppe, home: /home/peppe, group: peppe, antibody: true}
|
||||
- {username: fra, home: /home/fra, group: fra, antibody: true}
|
||||
- {username: tom, home: /home/tom, group: tom, antibody: true}
|
||||
- {username: rick, home: /home/rick, group: rick, antibody: true}
|
||||
- {username: simo, home: /home/simo, group: simo, antibody: true}
|
||||
- {username: busi, home: /home/busi, group: busi, antibody: true}
|
||||
|
85
inventories/cave/cave.yml
Normal file
85
inventories/cave/cave.yml
Normal file
|
@ -0,0 +1,85 @@
|
|||
---
|
||||
all:
|
||||
children:
|
||||
sendmail:
|
||||
hosts:
|
||||
minos.cave:
|
||||
sendmail:
|
||||
version: "0.6"
|
||||
configuration:
|
||||
- "{{ sendmail_users.unit_failure }}"
|
||||
srv.cave:
|
||||
sendmail:
|
||||
version: "0.6"
|
||||
configuration:
|
||||
- "{{ sendmail_users.unit_failure }}"
|
||||
mercury.cave:
|
||||
sendmail:
|
||||
version: "0.6"
|
||||
configuration:
|
||||
- "{{ sendmail_users.unit_failure }}"
|
||||
- name: copione
|
||||
from: copione@troubles.ga
|
||||
to_list: [blallo@troubles.ga]
|
||||
server:
|
||||
address: charon.troubles.ga
|
||||
port: 587
|
||||
user: copione@troubles.ga
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
63353835613866326330653837636562333739373132393432636238386564373135643662663535
|
||||
3230316533633832303261623662336237623565643733610a323439363332623936653030653537
|
||||
39373266653766326138303030366437666664663733343865653965623863353764616335346333
|
||||
3162376234653138380a636330666264373532346466326337313431356566346639663439373330
|
||||
66363066366361663636633566653134303239656430613963323335636539373436
|
||||
- name: los
|
||||
from: los@troubles.ga
|
||||
to_list: [blallo@troubles.ga]
|
||||
server:
|
||||
address: charon.troubles.ga
|
||||
port: 587
|
||||
user: los@troubles.ga
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
64353065363430346432666263323064353862336139613963323735613130333965623038633435
|
||||
3832313733343464303835646339656161383737303730610a613139653264306234363765613062
|
||||
65663738323663656462633531626339383166646633636562363461346638343933363235633863
|
||||
6564626635356230390a346538633861323136326637313230376639393761643337356263373832
|
||||
66306635626533396366306164376434383735663966623062626562643764613930
|
||||
|
||||
docker_hosts:
|
||||
hosts:
|
||||
mercury.cave:
|
||||
|
||||
drone_server:
|
||||
hosts:
|
||||
mercury.cave:
|
||||
|
||||
aosp_factory:
|
||||
hosts:
|
||||
mercury.cave:
|
||||
|
||||
gateway:
|
||||
hosts:
|
||||
minos.cave:
|
||||
|
||||
torrent_server:
|
||||
hosts:
|
||||
srv.cave:
|
||||
|
||||
mysql:
|
||||
hosts:
|
||||
srv.cave:
|
||||
|
||||
zsh_chic:
|
||||
hosts:
|
||||
mercury.cave:
|
||||
srv.cave:
|
||||
minos.cave:
|
||||
vars:
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
||||
|
||||
syncthing:
|
||||
hosts:
|
||||
srv.cave:
|
10
inventories/cave/group_vars/all/config.yml
Normal file
10
inventories/cave/group_vars/all/config.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
default_user:
|
||||
- {username: root, home: /root, group: root, starship: true}
|
||||
|
||||
sendmail:
|
||||
version: "0.6"
|
||||
|
||||
cockpit_disable_tls: yes
|
5
inventories/cave/group_vars/all/dns.yml
Normal file
5
inventories/cave/group_vars/all/dns.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
dns:
|
||||
- 192.168.122.1
|
||||
- 8.8.8.8
|
||||
- 1.1.1.1
|
41
inventories/cave/group_vars/all/drone_server.yml
Normal file
41
inventories/cave/group_vars/all/drone_server.yml
Normal file
|
@ -0,0 +1,41 @@
|
|||
---
|
||||
drone_version: "latest"
|
||||
drone_host_port: "8080"
|
||||
|
||||
drone_server_enable: "true"
|
||||
drone_server_host: "drone.troubles.io"
|
||||
drone_server_proto: "https"
|
||||
drone_rpc_server: "http://192.168.122.10:8080"
|
||||
drone_rpc_secret: "03a50202f21473a2772bc897b6409999"
|
||||
drone_gitea_server: "https://git.abbiamoundominio.org"
|
||||
drone_gitea_client_id: "ca105ddd-913d-459e-a115-40d44d447e55"
|
||||
drone_gitea_client_secret: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
66343634393066323733346161373066353661636332343462373865656462363035356439373963
|
||||
6434643362363832313765353631386533643931623335650a663062663166353139393966353035
|
||||
36386235323563666566333234376130316539663931653665663039633738376536613135316234
|
||||
6231336330353763360a313561393933656663383832643765636162303765303631376232633662
|
||||
35356335323436623337616564613936636133636164646430306231386461303863303532376432
|
||||
3565383732393536643431303135353732336233623964333335
|
||||
drone_gitea_skip_verify: "false"
|
||||
drone_gitea_debug: "false"
|
||||
|
||||
drone_agent_enable: "true"
|
||||
drone_user_create: "username:blallo,admin:true"
|
||||
|
||||
# drone_logs_trace: "true"
|
||||
# drone_logs_debug: "true"
|
||||
|
||||
drone_database_driver: "postgres"
|
||||
drone_postgres_backup_dir: "/var/dronepg"
|
||||
drone_postgres_user: "drone"
|
||||
drone_postgres_db: "drone"
|
||||
drone_database_datasource: "postgres://drone:fd5a3f4dec0d6c9d154591f6d9b3d6d1@192.168.122.10:5432/drone?sslmode=disable"
|
||||
drone_postgres_password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
65373439316431306463363363323535326137373637653262346238393761643964373436636661
|
||||
6662343030383665336239616431363436313731613838630a343130353333356437306261353961
|
||||
37656264313036666137643061376338333766666366633061326136313966656634636261333832
|
||||
3266646561346261650a373439613339303032326333626662303638656263316439303139343763
|
||||
30626638356433343363663866393937333935383039623235636165393262633263383566386263
|
||||
3666393432663864656438613030653532303564326562393336
|
47
inventories/cave/group_vars/all/fdroid.yml
Normal file
47
inventories/cave/group_vars/all/fdroid.yml
Normal file
|
@ -0,0 +1,47 @@
|
|||
---
|
||||
fdroid_server:
|
||||
base_name: "repo.troubles.io"
|
||||
icon: blallo-icon.png
|
||||
repo_name: "Blallo F-Droid Repo"
|
||||
repo_description: |
|
||||
Blallo APKs repo. Private repo, no apk is guaranteed to work. Beware!
|
||||
archive_older: 3
|
||||
archive_name: "Blallo F-Droid Archive Repo"
|
||||
archive_description: |
|
||||
Blallo APKs archive repo. Private repo, no apk is guaranteed to work. Beware!
|
||||
repo_keyalias: key0
|
||||
keystore: blallo.jks
|
||||
keystorepass: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
36383763653261383362336632613434386633633535393536303562316534666630666136393431
|
||||
3765666331333037356463313839393065333234343966330a353365376264616631633365646566
|
||||
66323730353031366166356331356564336464326239356239323466346664353666313464653131
|
||||
3039356266336336360a633464383134643363376638656130343162376339643839356133346430
|
||||
3563
|
||||
keypass: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
31323338376230393333613430646633656164333962306666656165616563356635383266333364
|
||||
3136313061333431393634623737663833653639373233390a653366376165346463366234356338
|
||||
32333861663562383037636365333562343965353064653632323262623465666563346131633531
|
||||
6138616265643133630a336535376136303566613532366432373332323939633535366539356633
|
||||
3862
|
||||
keydname: "CN=Blallo, OU=Blallica R&D, O=Blallica"
|
||||
apps:
|
||||
- app_java_name: org.mozilla.fenix.nightly
|
||||
author_name: "Mozilla"
|
||||
categories: ["Blallo", "Internet"]
|
||||
issue_tracker_url: "https://github.com/mozilla-mobile/fenix/issues"
|
||||
app_name: "Firefox Nightly"
|
||||
source_code_url: "https://git.abbiamoundominio.org/blallo/fenix"
|
||||
summary: "Mozilla Firefox, nightly version (blallo build)"
|
||||
website_url: "https://git.abbiamoundominio.org/blallo/fenix"
|
||||
build_src_path: /var/builds/fenix
|
||||
- app_java_name: org.thoughtcrime.securesms
|
||||
author_name: "Open Whisper Systems"
|
||||
categories: ["Blallo", "Chat"]
|
||||
issue_tracker_url: "https://github.com/signalapp/Signal-Android/issues"
|
||||
app_name: "Signal"
|
||||
source_code_url: "https://git.abbiamoundominio.org/blallo/Signal-Android"
|
||||
summary: "Signal, Private Communication (blallo build)"
|
||||
website_url: "https://signal.org"
|
||||
build_src_path: /var/builds/signal
|
285
inventories/cave/group_vars/all/gateway.yml
Normal file
285
inventories/cave/group_vars/all/gateway.yml
Normal file
|
@ -0,0 +1,285 @@
|
|||
---
|
||||
public_address: 15.161.166.194
|
||||
|
||||
gateway:
|
||||
proxied_services:
|
||||
- domain_name: sync.troubles.io
|
||||
internal_ip: 192.168.122.11
|
||||
internal_port: 8384
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
- domain_name: drone.troubles.io
|
||||
internal_ip: 192.168.122.10
|
||||
internal_port: 8080
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
- domain_name: bt.troubles.io
|
||||
internal_ip: 192.168.122.11
|
||||
internal_port: 8081
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: no
|
||||
websockets:
|
||||
path: /service
|
||||
internal_ip: 192.168.122.11
|
||||
internal_port: 8412
|
||||
- domain_name: flix.troubles.io
|
||||
internal_ip: 192.168.122.11
|
||||
internal_port: 8080
|
||||
redirect_to_https: no
|
||||
http_opts:
|
||||
- proxy_http_version 1.1;
|
||||
- proxy_set_header Upgrade $http_upgrade;
|
||||
- proxy_set_header Connection $http_connection;
|
||||
- domain_name: repo.troubles.io
|
||||
internal_ip: 192.168.122.10
|
||||
internal_port: 8081
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
- domain_name: minos.cockpit.troubles.io
|
||||
internal_ip: 127.0.0.1
|
||||
internal_port: 9090
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
https_opts:
|
||||
- proxy_http_version 1.1;
|
||||
- proxy_set_header Upgrade $http_upgrade;
|
||||
- proxy_set_header Connection $http_connection;
|
||||
websockets:
|
||||
path: /cockpit/socket
|
||||
internal_ip: 127.0.0.1
|
||||
internal_port: 9090
|
||||
- domain_name: srv.cockpit.troubles.io
|
||||
internal_ip: 192.168.122.11
|
||||
internal_port: 9090
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
https_opts:
|
||||
- proxy_http_version 1.1;
|
||||
- proxy_set_header Upgrade $http_upgrade;
|
||||
- proxy_set_header Connection $http_connection;
|
||||
websockets:
|
||||
path: /cockpit/socket
|
||||
internal_ip: 192.168.122.11
|
||||
internal_port: 9090
|
||||
- domain_name: mercury.cockpit.troubles.io
|
||||
internal_ip: 192.168.122.10
|
||||
internal_port: 9090
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
https_opts:
|
||||
- proxy_http_version 1.1;
|
||||
- proxy_set_header Upgrade $http_upgrade;
|
||||
- proxy_set_header Connection $http_connection;
|
||||
websockets:
|
||||
path: /cockpit/socket
|
||||
internal_ip: 192.168.122.10
|
||||
internal_port: 9090
|
||||
- domain_name: athena.cockpit.troubles.io
|
||||
internal_ip: 192.168.122.254
|
||||
internal_port: 9090
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
https_opts:
|
||||
- proxy_http_version 1.1;
|
||||
- proxy_set_header Upgrade $http_upgrade;
|
||||
- proxy_set_header Connection $http_connection;
|
||||
websockets:
|
||||
path: /cockpit/socket
|
||||
internal_ip: 192.168.122.254
|
||||
internal_port: 9090
|
||||
- domain_name: stakhanov.cockpit.troubles.io
|
||||
internal_ip: 192.168.122.1
|
||||
internal_port: 9090
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
https_opts:
|
||||
- proxy_http_version 1.1;
|
||||
- proxy_set_header Upgrade $http_upgrade;
|
||||
- proxy_set_header Connection $http_connection;
|
||||
websockets:
|
||||
path: /cockpit/socket
|
||||
internal_ip: 192.168.122.1
|
||||
internal_port: 9090
|
||||
- domain_name: proro.ga
|
||||
internal_ip: 192.168.122.254
|
||||
internal_port: 230
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
https_opts:
|
||||
- proxy_http_version 1.1;
|
||||
- proxy_set_header Upgrade $http_upgrade;
|
||||
- proxy_set_header Connection $http_connection;
|
||||
- domain_name: los.troubles.io
|
||||
internal_ip: 192.168.122.10
|
||||
internal_port: 8082
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
https_custom_locations:
|
||||
- rule: /builds/
|
||||
conf_lines:
|
||||
- "proxy_pass http://192.168.122.10:8083"
|
||||
- "proxy_set_header Host $remote_addr"
|
||||
- "proxy_set_header X-Forwarded-Proto $scheme"
|
||||
- "proxy_set_header X-Forwarded-Port $server_port"
|
||||
- "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for"
|
||||
- rule: /builds.json
|
||||
conf_lines:
|
||||
- "proxy_pass http://192.168.122.10:8083"
|
||||
- "proxy_set_header Host $remote_addr"
|
||||
- "proxy_set_header X-Forwarded-Proto $scheme"
|
||||
- "proxy_set_header X-Forwarded-Port $server_port"
|
||||
- "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for"
|
||||
https_custom_configurations:
|
||||
- "rewrite ^/builds$ /builds/ permanent"
|
||||
- domain_name: cam.troubles.io
|
||||
internal_ip: 192.168.1.8
|
||||
internal_port: 8080
|
||||
cert_email: blallo@troubles.ga
|
||||
redirect_to_https: yes
|
||||
password_protect: yes
|
||||
password_file: /etc/nginx/.cam.troubles.io-htpasswd
|
||||
username: leo
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
65636138313034316234643236313733343361623337356464643937666439633535343930343166
|
||||
3935646261386666343535303734666166336562353539310a643733653163666333636531366139
|
||||
63343764616135306661646433346435376334636431303033363364313930613864373834343036
|
||||
6636376437643466380a363633323731663430386237623632383164643161643934636331633338
|
||||
66333538353864326162313234616262633831663638396564386337343235336661
|
||||
https_custom_locations:
|
||||
- rule: /0/
|
||||
conf_lines:
|
||||
- "proxy_pass http://192.168.1.8:8081/0/stream"
|
||||
- "proxy_set_header Host $remote_addr"
|
||||
- "proxy_set_header X-Forwarded-Proto $scheme"
|
||||
- "proxy_set_header X-Forwarded-Port $server_port"
|
||||
- "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for"
|
||||
|
||||
firewall:
|
||||
home_iface: enp0s0
|
||||
public_iface: internet
|
||||
vm_iface: eth0
|
||||
forwarded_ports:
|
||||
- zone: home
|
||||
from:
|
||||
port: 16493
|
||||
addr: 192.168.1.20
|
||||
proto: "tcp"
|
||||
to:
|
||||
port: 16493
|
||||
addr: 192.168.122.11
|
||||
- zone: home
|
||||
from:
|
||||
port: 16309
|
||||
addr: 192.168.1.20
|
||||
proto: "udp"
|
||||
to:
|
||||
port: 16309
|
||||
addr: 192.168.122.11
|
||||
- zone: home
|
||||
from:
|
||||
port: 16362
|
||||
addr: 192.168.1.20
|
||||
proto: "udp"
|
||||
to:
|
||||
port: 16362
|
||||
addr: 192.168.122.11
|
||||
- zone: home
|
||||
from:
|
||||
port: 445
|
||||
addr: 192.168.1.20
|
||||
proto: "tcp"
|
||||
to:
|
||||
port: 445
|
||||
addr: 192.168.122.11
|
||||
- zone: home
|
||||
from:
|
||||
port: 139
|
||||
addr: 192.168.1.20
|
||||
proto: "tcp"
|
||||
to:
|
||||
port: 139
|
||||
addr: 192.168.122.11
|
||||
- zone: home
|
||||
from:
|
||||
port: 138
|
||||
addr: 192.168.1.20
|
||||
proto: "udp"
|
||||
to:
|
||||
port: 138
|
||||
addr: 192.168.122.11
|
||||
- zone: home
|
||||
from:
|
||||
port: 137
|
||||
addr: 192.168.1.20
|
||||
proto: "udp"
|
||||
to:
|
||||
port: 137
|
||||
addr: 192.168.122.11
|
||||
- zone: home
|
||||
from:
|
||||
port: 22000
|
||||
addr: 192.168.1.20
|
||||
proto: "tcp"
|
||||
to:
|
||||
port: 22000
|
||||
addr: 192.168.122.11
|
||||
- zone: public
|
||||
from:
|
||||
port: 31337
|
||||
addr: "{{ public_address }}"
|
||||
proto: "tcp"
|
||||
to:
|
||||
port: 22
|
||||
addr: 192.168.122.254
|
||||
- zone: public
|
||||
from:
|
||||
port: 22000
|
||||
addr: "{{ public_address }}"
|
||||
proto: "tcp"
|
||||
to:
|
||||
port: 22000
|
||||
addr: 192.168.122.11
|
||||
- zone: public
|
||||
from:
|
||||
port: 21027
|
||||
addr: "{{ public_address }}"
|
||||
proto: "udp"
|
||||
to:
|
||||
port: 21027
|
||||
addr: 192.168.122.11
|
||||
|
||||
ivacy:
|
||||
username: ivacy0d8560848
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
30633462393336626266333038653734303835656533303139326330633864313765643839323266
|
||||
6239396539393265623837343530363962303664323639630a313563313464663134613166393131
|
||||
38653731636562346363656466366464366139303935643866373431633631663063353633326337
|
||||
3433613030373832390a353830626531353161383133643765343362393563383565386136643736
|
||||
6465
|
||||
|
||||
vpn:
|
||||
name: internet
|
||||
this_ip: 10.255.255.2
|
||||
listen_port: 10666
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
37393062623161343361356130626630393065616162646535366265386363643063343261326462
|
||||
3030383034383638386233393434346132323238633565660a393231623939626532643435363136
|
||||
31653734636337633738376561316137303861373339323131326632316539646262626138323764
|
||||
3064346233613934390a396663393236323733323930363162613937623064643637303839333339
|
||||
35383638313137353966663531326432623661336165303036353162393135656362633037386639
|
||||
3531323065623833336435323561393066333166396536653333
|
||||
endpoint:
|
||||
url: 15.161.228.33
|
||||
this_ip: 10.255.255.1
|
||||
port: 21212
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
34323535393334613237396532333836383734626538393066386630613838663236633832336330
|
||||
6333653838326438313634633966336431383066646633340a383930306430363662306161633966
|
||||
34623333613935613434323631383961386266643765386164333965643661356333363834373565
|
||||
3633343833306164660a313164353466343032643937633934653830386234323361343433626635
|
||||
30653132636230346338323332386363343266316666643137613239366263336238643535353162
|
||||
3565643330643833383531343937323839626434646565346439
|
8
inventories/cave/group_vars/all/lineage_builder.yml
Normal file
8
inventories/cave/group_vars/all/lineage_builder.yml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
lineage_builder:
|
||||
app_version: "0.1"
|
||||
base_name: los.troubles.io
|
||||
builds_path: /var/builds/los/enchilada/
|
||||
builds_json_path: /var/builds/los/enchilada/builds.json
|
||||
builder_path: /var/lineage_builder
|
||||
timer: " *-*-* 2:00:00"
|
18
inventories/cave/group_vars/all/sendmail_users.yml
Normal file
18
inventories/cave/group_vars/all/sendmail_users.yml
Normal file
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
sendmail_users:
|
||||
unit_failure:
|
||||
name: unit_failure
|
||||
from: memento@troubles.ga
|
||||
to_list:
|
||||
- blallo@troubles.ga
|
||||
server:
|
||||
address: charon.troubles.ga
|
||||
port: 587
|
||||
user: memento@troubles.ga
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
61646263303237376334663331626165616238393962333436333437313031643633316631353432
|
||||
6362656437373261303233333332373237343839333134360a646137636539623862643233316435
|
||||
62623937623635393435653034643630343864633731333932623863643564373461323936666138
|
||||
6632386265623934340a396334653630666133303063383031303931336332663966336461313335
|
||||
64346334666165373930373063353530346639613532336330656239393734376662
|
14
inventories/cave/group_vars/all/syncthing.yml
Normal file
14
inventories/cave/group_vars/all/syncthing.yml
Normal file
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
syncthing:
|
||||
home: /var/syncthing
|
||||
dir: /syncthing
|
||||
user: leo
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
30636561643939376139313864366565663462336562353639616531313636663039363834623635
|
||||
3634663439366465643765313166376162363864386139350a346538343764656336383366336332
|
||||
31663734666535346262656361386662663837346630323430386662333637393162623932653561
|
||||
3836353833326638310a356230323465386465643634643630386535313165376334366436613861
|
||||
32336464366363666533306662323264393830373565623632326564643736346366383862643538
|
||||
66643539613134313639653938363231363033306139326363393165633461653662373166383431
|
||||
333761303561656137376133313561656337
|
73
inventories/cave/group_vars/all/torrent_server.yml
Normal file
73
inventories/cave/group_vars/all/torrent_server.yml
Normal file
|
@ -0,0 +1,73 @@
|
|||
---
|
||||
torrent_server:
|
||||
db_root_password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
61626139623664616138383431623134636435353765376632653537316663313965663439313532
|
||||
3534393362643365363739356338316536393234313335390a326339643162343364306463343331
|
||||
32653234343865333936383265363837633236393934666437366433393337633161393633303630
|
||||
6264323235386264360a383336356634623837366665353061613038633464393861396466376264
|
||||
37356434343837386461393932613831353063366133666239636130386534303562
|
||||
public_url: bt.troubles.io
|
||||
synapse:
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
64653435623931623366353937393331383637323936663832636463326262666134386463336661
|
||||
6564346332373932366239613734656137633065666361640a383662356535623864306364306564
|
||||
66616333396636316236646631356263303838663639656135656339326633343034393765353637
|
||||
3265653739623664620a323464323364386232313337306334396332643737346364376462303933
|
||||
37646166343061653338386231653037663065613433353430653939646438386561
|
||||
max_dl: 10
|
||||
rpc_port: 8412
|
||||
peer_tcp_port: 16493
|
||||
dht_udp_port: 16309
|
||||
trackers_udp_port: 16362
|
||||
release_url: https://github.com/Luminarys/synapse/releases/download/1.0/synapse
|
||||
syncli_release_url: https://github.com/Luminarys/synapse/releases/download/1.0/sycli
|
||||
receptor:
|
||||
release_url: https://git.abbiamoundominio.org/blallo/receptor/releases/download/1.0.1/receptor-1.0.1.tar.gz
|
||||
streama:
|
||||
release_url: https://github.com/streamaserver/streama/releases/download/v1.8.0-beta/streama-1.8.0.jar
|
||||
db_password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
37323136363866323533383032653930346264643966613532363766623438643030626331333831
|
||||
6337613264663130323062653338636232353131656334380a313862323966343262396135373230
|
||||
30306562376130643635393636316635313338386235316261373132623438633962326237313433
|
||||
3238353861313861630a386437646230363235303831656638613963333435646330663434313939
|
||||
38663533356462343731346262333964396363663436666335616438633338323161
|
||||
samba:
|
||||
workgroup: "TROUBLES"
|
||||
log:
|
||||
file: /var/log/samba.log
|
||||
shares:
|
||||
- name: pirate_cave
|
||||
path: /opt/synapse/download
|
||||
read_only: yes
|
||||
writeable: no
|
||||
browseable: yes
|
||||
valid_users: ["leo"]
|
||||
users:
|
||||
- name: leo
|
||||
uid: 1024
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
33326662626234363936666238313665663561356334363364633234366338346230636631626534
|
||||
3239633834656134343461653638356535366237363231350a656632626332326164373563666464
|
||||
37633838646637306362306534653363613562383039636336373339363639353332346132313562
|
||||
3338363934643135610a326662353061613931643933396532383639613863613264353666383139
|
||||
36666330383363326332643532653138366364373739626664666165626430643533
|
||||
openvpn:
|
||||
outserver: Netherlands-Amsterdam-UDP
|
||||
username: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
30306534326433323466306263333637343736323264306363623938613233316232326636613830
|
||||
3864396136313830333166393438343165356437663465330a353965383938326434633933383564
|
||||
32333130383361373931656463343536613438623166663563333161353333386338353264313564
|
||||
6430343034326139330a616332663632343561653438613235363337323833363537386536633435
|
||||
63653065396437323939666261383862623964303337306464613738356161666662
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
39393761393739636461386466323532366130386634633538373238323535333233353332613838
|
||||
6632653839396463386662623366323164373961356435620a316435643932626437353063336262
|
||||
36333962323034346163653636306664613431383862313331626466306364393137613066333465
|
||||
3530383465623839320a633035363636643137663765326264373938396333383737623238303465
|
||||
66633332633531633233396636623232646139616261653866383532333065633863
|
11
inventories/cave/servipi.yml
Normal file
11
inventories/cave/servipi.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
all:
|
||||
hosts:
|
||||
servipi.cave:
|
||||
ansible_host: 192.168.1.8
|
||||
zsh_chic:
|
||||
users:
|
||||
- {username: root, home: /root, group: root, antibody: true, term: xterm-256color}
|
||||
zsh_chic_arch: armhf
|
||||
tor_node_services:
|
||||
- {name: ssh, local_port: 22, public_port: 22}
|
27
inventories/cave/stakhanov.yml
Normal file
27
inventories/cave/stakhanov.yml
Normal file
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
all:
|
||||
hosts:
|
||||
stakhanov.cave:
|
||||
cockpit_disable_tls: yes
|
||||
zsh_chic:
|
||||
users:
|
||||
- {username: root, home: /root, group: root, starship: true}
|
||||
- {username: blallo, home: /home/blallo, group: blallo, antibody: true, term: xterm-256color}
|
||||
sendmail:
|
||||
version: "0.6"
|
||||
configuration:
|
||||
- name: unit_failure
|
||||
from: memento@troubles.ga
|
||||
to_list:
|
||||
- blallo@troubles.ga
|
||||
server:
|
||||
address: charon.troubles.ga
|
||||
port: 587
|
||||
user: memento@troubles.ga
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
62633866623631363965356565333833343734383963393233393135303737376231643330383835
|
||||
3132643964616161373931316139623762386536373166310a653735363234643363643861383565
|
||||
66646135393761323333363765376132623361303337316261373861656234666339386531363631
|
||||
6532636239663961390a383235343462353036373230303333396465326563303331616633623765
|
||||
39613839346364333962316639306635376563623634346163376638316463663730
|
4
inventories/chat/chat.yml
Normal file
4
inventories/chat/chat.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
all:
|
||||
hosts:
|
||||
matrix.degenerazione.xyz:
|
5
inventories/chat/group_vars/all/config.yml
Normal file
5
inventories/chat/group_vars/all/config.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
default_user:
|
||||
- {username: root, home: /root, group: root, starship: true}
|
25
inventories/pikubed/group_vars/all/config.yml
Normal file
25
inventories/pikubed/group_vars/all/config.yml
Normal file
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
default_user:
|
||||
- {username: root, home: /root, group: root, antibody: true, powerline: true}
|
||||
|
||||
apt_cacher_ng_cacher_ip: 192.168.1.40
|
||||
|
||||
gen_tls_generate_certs: true
|
||||
gen_tls_cert_dir: ~/Documents/coding/playbooks/keep/certs
|
||||
gen_tls_generate_ca_cert: true
|
||||
gen_tls_generate_server_cert: true
|
||||
gen_tls_ca_commonname: Pikubed Kluster
|
||||
gen_tls_ca_country: EU
|
||||
gen_tls_ca_state: Italy
|
||||
gen_tls_ca_locality: Milan
|
||||
gen_tls_ca_organization: Pikubed
|
||||
gen_tls_ca_organizationalunit: Pikubed Kluster
|
||||
gen_tls_ca_email: blallo@troubles.ga
|
||||
gen_tls_populate_etc_hosts: true
|
||||
gen_tls_tld: pikubed
|
||||
|
||||
ansible_registry_golang_flags: "GOOS=linux GOARCH=arm64"
|
||||
ansible_registry_filesystem_path: /var/cache/registry
|
||||
ansible_registry_is_cache: true
|
||||
ansible_registry_tls_cert_path: /etc/ssl/local/certs/leader.pem
|
||||
ansible_registry_tls_key_path: /etc/ssl/local/private/leader.key
|
2
inventories/pikubed/pi2
Normal file
2
inventories/pikubed/pi2
Normal file
|
@ -0,0 +1,2 @@
|
|||
leader
|
||||
worker1
|
28
inventories/pikubed/pikubed.old.yml
Normal file
28
inventories/pikubed/pikubed.old.yml
Normal file
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
all:
|
||||
hosts:
|
||||
leader:
|
||||
ansible_host: 192.168.1.40
|
||||
worker1:
|
||||
ansible_host: 192.168.1.41
|
||||
worker2:
|
||||
ansible_host: 192.168.1.42
|
||||
worker3:
|
||||
ansible_host: 192.168.1.43
|
||||
|
||||
|
||||
children:
|
||||
arm64:
|
||||
hosts:
|
||||
worker2:
|
||||
worker3:
|
||||
vars:
|
||||
zsh_chic:
|
||||
bat_arch: arm64
|
||||
arm32:
|
||||
hosts:
|
||||
leader:
|
||||
worker1:
|
||||
vars:
|
||||
zsh_chic:
|
||||
bat_arch: armhf
|
30
inventories/pikubed/pikubed.yml
Normal file
30
inventories/pikubed/pikubed.yml
Normal file
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
all:
|
||||
hosts:
|
||||
leader:
|
||||
ansible_host: 192.168.1.40
|
||||
worker1:
|
||||
ansible_host: 192.168.1.41
|
||||
worker2:
|
||||
ansible_host: 192.168.1.42
|
||||
worker3:
|
||||
ansible_host: 192.168.1.43
|
||||
|
||||
children:
|
||||
arm64:
|
||||
hosts:
|
||||
leader:
|
||||
worker1:
|
||||
worker2:
|
||||
worker3:
|
||||
vars:
|
||||
zsh_chic:
|
||||
bat_arch: arm64
|
||||
cacher:
|
||||
hosts:
|
||||
leader:
|
||||
vars:
|
||||
apt_cacher_ng_is_cacher: true
|
||||
registry:
|
||||
hosts:
|
||||
leader:
|
4
inventories/sea/group_vars/all/config.yml
Normal file
4
inventories/sea/group_vars/all/config.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
zsh_chic:
|
||||
users:
|
||||
- {username: root, home: /root, group: root, starship: true}
|
150
inventories/sea/group_vars/all/dns_server.yml
Normal file
150
inventories/sea/group_vars/all/dns_server.yml
Normal file
|
@ -0,0 +1,150 @@
|
|||
---
|
||||
dns_server:
|
||||
verbosity: 1
|
||||
main_zone:
|
||||
name: troubles.io
|
||||
soa: demetra.troubles.io
|
||||
email: postmaster.troubles.ga
|
||||
records:
|
||||
- {name: "", type: MX, value: "10 charon"}
|
||||
- {name: charon, type: A, value: "162.248.163.56"}
|
||||
- {name: virgil, type: A, value: "162.248.163.209"}
|
||||
- {name: degenerazione, type: A, value: "176.9.70.210"}
|
||||
- {name: cave, type: A, value: "15.161.166.194"}
|
||||
- {name: flix, type: A, value: "192.168.1.21"}
|
||||
- {name: nextcloud, type: CNAME, value: degenerazione}
|
||||
- {name: cloud, type: CNAME, value: degenerazione}
|
||||
- {name: rss, type: CNAME, value: degenerazione}
|
||||
- {name: quassel, type: CNAME, value: virgil}
|
||||
- {name: drone, type: CNAME, value: cave}
|
||||
- {name: "*.cockpit", type: CNAME, value: cave}
|
||||
- {name: cam, type: CNAME, value: cave}
|
||||
- {name: bt, type: CNAME, value: cave}
|
||||
- {name: sync, type: CNAME, value: cave}
|
||||
- {name: blog, type: CNAME, value: troubles.noblogs.org.}
|
||||
- {name: chat, type: A, value: "176.9.70.210"}
|
||||
- {name: matrix.chat, type: A, value: "176.9.70.210"}
|
||||
- {name: "*.chat", type: CNAME, value: matrix.chat}
|
||||
- {name: "_matrix._tcp", type: SRV, value: "10 0 8448 matrix.chat"}
|
||||
- {name: "_matrix-identity._tcp", type: SRV, value: "10 0 443 matrix.chat"}
|
||||
zones:
|
||||
- name: troubles.ga
|
||||
soa: demetra.troubles.ga
|
||||
email: postmaster.troubles.ga
|
||||
records:
|
||||
- {name: "", type: MX, value: "10 charon"}
|
||||
- {name: demetra, type: A, value: "15.161.228.33"}
|
||||
- {name: proserpina, type: A, value: "139.64.247.185"}
|
||||
- {name: persephone, type: A, value: "139.64.247.184"}
|
||||
- {name: demetra, type: AAAA, value: "2a05:d01a:b6b:e933:4b76:3ec1:3e24:ab81"}
|
||||
- {name: proserpina, type: AAAA, value: "2607:8880::147:b9"}
|
||||
- {name: persephone, type: AAAA, value: "2607:8880::147:b8"}
|
||||
- {name: charon, type: A, value: "162.248.163.56"}
|
||||
- {name: virgil, type: A, value: "162.248.163.209"}
|
||||
- {name: degenerazione, type: A, value: "176.9.70.210"}
|
||||
- {name: cave, type: A, value: "15.161.166.194"}
|
||||
- {name: flix, type: A, value: "192.168.1.21"}
|
||||
- {name: nextcloud, type: CNAME, value: degenerazione}
|
||||
- {name: cloud, type: CNAME, value: degenerazione}
|
||||
- {name: rss, type: CNAME, value: degenerazione}
|
||||
- {name: cam, type: CNAME, value: cave}
|
||||
- {name: blog, type: CNAME, value: troubles.noblogs.org.}
|
||||
- name: mail._domainkey
|
||||
type: TXT
|
||||
value: |
|
||||
("v=DKIM1; "
|
||||
"k=rsa; "
|
||||
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXvEQgdPwPXJVIsHqDb0568cPfGck2gzfnOtf"
|
||||
"Y2a4Fg2ELFyJzEcgbKAPWZqilTdGrK3Z12cY21ASnn5uljDUhQIMprmckPT1rMvwko1oqCBU5qWHOztlW2/"
|
||||
"k4Cr/1UWjvgY/C1zfZb31mX+LpdCiOdSucmdsVn8D6cMan/VQt4N/xOfFwE2weJIHEsw2c1nHbPck8H/Ay+"
|
||||
"w/0qhuEoOb1syqEe6a2JcdPbs2KmGGqjJyOQxlFeLWh+ka9aVYarRXguqqX/SOT7ujoLyvomJ0TLbqCXfXo"
|
||||
"2jfSeTgzBLIDfNHByVMxKj+Hq8fJq+lUHe66WrrsU9Zj4hyVX4uE9+rQIDAQAB")
|
||||
- {name: _dmarc, type: TXT, value: "v=DMARC1; p=none; rua=mailto:admin@troubles.ga"}
|
||||
|
||||
servers:
|
||||
- name: demetra
|
||||
hostname: demetra.troubles.io
|
||||
local_resolver: true
|
||||
nsd_addr: 127.0.0.1
|
||||
nsd_port: 5353
|
||||
star: true
|
||||
public_ip: "15.161.228.33"
|
||||
public_ip6: "2a05:d01a:b6b:e933:4b76:3ec1:3e24:ab81"
|
||||
vpn:
|
||||
address: 10.13.12.1
|
||||
net_size: 24
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
33363065653930353363633538656637353264343764306136373361666133396462326339613361
|
||||
3563363061666561653661366539383037373435313565660a303066353535396264366531643662
|
||||
39646439393636653861393634633239356236613831623961386532616337303634306563633461
|
||||
6561646562383932610a313462623830393165393764356437663635316238393564323430356136
|
||||
32623338303164383230393962323939383238323337366137376563303366333062386361316465
|
||||
3833306261646139363739653865656532613330333933613561
|
||||
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
34323137306430663737643831303262626239623833616435643035656632303539326462373735
|
||||
3635313331633666656439633035666133623030663837620a323338653931356362653436666231
|
||||
65366466643461303637303530306133323462386366616635313062316161653639623866343734
|
||||
3239663930313064640a393962616438353933653339366364653730643139303035353137306239
|
||||
33613632636165336664316339613537336439376664346534666335663863373330313930333934
|
||||
6439323064653263336666656637613934396363316234613436
|
||||
|
||||
- name: proserpina
|
||||
hostname: proserpina.troubles.io
|
||||
local_resolver: true
|
||||
nsd_addr: 127.0.0.1
|
||||
nsd_port: 5353
|
||||
satellite: true
|
||||
public_ip: "139.64.247.185"
|
||||
public_ip6: "2607:8880::147:b9"
|
||||
vpn:
|
||||
address: 10.13.12.2
|
||||
net_size: 24
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
35623232383937613530336338646663336234383834383466643535303335613739613362396232
|
||||
3137353339653539393736353532333238306537616137640a653366356434626466653236326332
|
||||
35316361363735346362363534623434633531373861336664646562613532393830613033653666
|
||||
3762653730363638640a386665613431633735636363326663333534313538373235333130333336
|
||||
38303962666136643362633638356265366366363365383761663634303234633037333066666261
|
||||
3866396237656339343236613565346566376533303931383461
|
||||
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
36653735306637386431626461633433376438306564663230323066626532623239626638616633
|
||||
6236656366656131616465623935346330636236323538350a356130306433636665396436646234
|
||||
32626463323665376465393061313234326534343935356431323530353232323764373736376530
|
||||
3330393765393564300a363662356139356230313834653165373637373833333832626436613164
|
||||
62613937626561313562373339656438383738333034623637353339373161306335616132666438
|
||||
3139643030336464633330373333303635366538623062616561
|
||||
|
||||
- name: persephone
|
||||
hostname: persephone.troubles.io
|
||||
local_resolver: true
|
||||
nsd_addr: 127.0.0.1
|
||||
nsd_port: 5353
|
||||
satellite: true
|
||||
public_ip: "139.64.247.184"
|
||||
public_ip6: "2607:8880::147:b8"
|
||||
vpn:
|
||||
address: 10.13.12.3
|
||||
net_size: 24
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
61333039343563626630633938396434666466343361346365363561336664333066656637393730
|
||||
3432656233366666313765376161323932333335633364390a323535333865373161663163646234
|
||||
62306562376265323039383961333562623563363939333238366166316234363963386561356563
|
||||
3532343261626639350a626162393335366464346265623438623736646562326262356331366334
|
||||
33396631363266633932323663393532303730633632366333376564643136636365386436376439
|
||||
3366616332306333633164653533333738356438373664663561
|
||||
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
38326437616339373537626538343839393636356630623064646561393863663537333630346166
|
||||
3732663262333464666562386432613834343732633737390a613531353235323933366139356631
|
||||
65333236333235383235656536663965616535353164316430666466373665353535656137343162
|
||||
3036356331356230640a613262666636333039653530626233386434363531646431626236393339
|
||||
39303638613761376163656135313131666166396665366535633532613235666162366163376262
|
||||
6339323033366436343866636365616165343037623434363131
|
19
inventories/sea/group_vars/all/sendmail.yml
Normal file
19
inventories/sea/group_vars/all/sendmail.yml
Normal file
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
sendmail:
|
||||
version: "0.6"
|
||||
configuration:
|
||||
- name: unit_failure
|
||||
from: memento@troubles.ga
|
||||
to_list:
|
||||
- blallo@troubles.ga
|
||||
server:
|
||||
address: charon.troubles.ga
|
||||
port: 587
|
||||
user: memento@troubles.ga
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
34313963353264323662366130303265336136373064643931386563613330653034313137393336
|
||||
6232386639313139623962376436333663653466373162370a353064363032343738393933333939
|
||||
38623963356630313536643436663366356138386661326661306561643235336165353730656136
|
||||
3834326533633630640a353532656435316337663034376666666231386637383336663062623330
|
||||
34626130613861353734376134363238613961633961666138613565613566613838
|
29
inventories/sea/group_vars/all/vpn_gateway.yml
Normal file
29
inventories/sea/group_vars/all/vpn_gateway.yml
Normal file
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
vpn_gateway:
|
||||
name: stakhanov
|
||||
public_ip: 15.161.166.194
|
||||
this_ip: 10.255.255.1
|
||||
local_ip: 172.31.19.139
|
||||
gateway_ip: 172.31.16.1
|
||||
net_size: 31
|
||||
listen_port: 21212
|
||||
iface: ens6
|
||||
table: 130
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
35363633313163663732356638306165623230346531616135623135643066623834333638343537
|
||||
6335643438643464633662363836383835656262633565350a663366373738366464356164623962
|
||||
62373934653762643031623034363231636462313730353065373763636363663564323239613233
|
||||
6633656666303266330a646566303464363061356535356534663336633632626666366666633731
|
||||
33363436303766633037396635313938616162393562636631343465656163346438623031633136
|
||||
6364623766316362613338366663626665346433333263373961
|
||||
peer:
|
||||
address: 10.255.255.2
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;cave
|
||||
37646364376337383137623261366332333461346630363332656436323234323566323234616335
|
||||
3836326430396539303166663831623333393865353330380a323065636665303534363439316266
|
||||
32666432356339363666306463623033373935333865353538393334376461303034326630336330
|
||||
6366333230383733320a636332656566316139613737326266323636376633393966303364306263
|
||||
30326466323366353635323232393039616539303737663337623834623564323239613735333331
|
||||
3737393961376639666565303135623930653639306563346330
|
28
inventories/sea/sea.yml
Normal file
28
inventories/sea/sea.yml
Normal file
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
all:
|
||||
hosts:
|
||||
demetra:
|
||||
ansible_host: demetra.sea
|
||||
proserpina:
|
||||
ansible_host: proserpina.sea
|
||||
persephone:
|
||||
ansible_host: persephone.sea
|
||||
charon:
|
||||
ansible_host: charon.sea
|
||||
virgil:
|
||||
ansible_host: virgil.sea
|
||||
|
||||
children:
|
||||
dns:
|
||||
hosts:
|
||||
demetra:
|
||||
ansible_host: demetra.sea
|
||||
proserpina:
|
||||
ansible_host: proserpina.sea
|
||||
persephone:
|
||||
ansible_host: persephone.sea
|
||||
|
||||
vpn_gateway:
|
||||
hosts:
|
||||
demetra:
|
||||
ansible_host: demetra.sea
|
53
inventories/sea/secrets.yml
Normal file
53
inventories/sea/secrets.yml
Normal file
|
@ -0,0 +1,53 @@
|
|||
demetra.sea:
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
33363065653930353363633538656637353264343764306136373361666133396462326339613361
|
||||
3563363061666561653661366539383037373435313565660a303066353535396264366531643662
|
||||
39646439393636653861393634633239356236613831623961386532616337303634306563633461
|
||||
6561646562383932610a313462623830393165393764356437663635316238393564323430356136
|
||||
32623338303164383230393962323939383238323337366137376563303366333062386361316465
|
||||
3833306261646139363739653865656532613330333933613561
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
34323137306430663737643831303262626239623833616435643035656632303539326462373735
|
||||
3635313331633666656439633035666133623030663837620a323338653931356362653436666231
|
||||
65366466643461303637303530306133323462386366616635313062316161653639623866343734
|
||||
3239663930313064640a393962616438353933653339366364653730643139303035353137306239
|
||||
33613632636165336664316339613537336439376664346534666335663863373330313930333934
|
||||
6439323064653263336666656637613934396363316234613436
|
||||
|
||||
proserpina.sea:
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
35623232383937613530336338646663336234383834383466643535303335613739613362396232
|
||||
3137353339653539393736353532333238306537616137640a653366356434626466653236326332
|
||||
35316361363735346362363534623434633531373861336664646562613532393830613033653666
|
||||
3762653730363638640a386665613431633735636363326663333534313538373235333130333336
|
||||
38303962666136643362633638356265366366363365383761663634303234633037333066666261
|
||||
3866396237656339343236613565346566376533303931383461
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
36653735306637386431626461633433376438306564663230323066626532623239626638616633
|
||||
6236656366656131616465623935346330636236323538350a356130306433636665396436646234
|
||||
32626463323665376465393061313234326534343935356431323530353232323764373736376530
|
||||
3330393765393564300a363662356139356230313834653165373637373833333832626436613164
|
||||
62613937626561313562373339656438383738333034623637353339373161306335616132666438
|
||||
3139643030336464633330373333303635366538623062616561
|
||||
|
||||
persephone.sea:
|
||||
private_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
61333039343563626630633938396434666466343361346365363561336664333066656637393730
|
||||
3432656233366666313765376161323932333335633364390a323535333865373161663163646234
|
||||
62306562376265323039383961333562623563363939333238366166316234363963386561356563
|
||||
3532343261626639350a626162393335366464346265623438623736646562326262356331366334
|
||||
33396631363266633932323663393532303730633632366333376564643136636365386436376439
|
||||
3366616332306333633164653533333738356438373664663561
|
||||
public_key: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;sea
|
||||
38326437616339373537626538343839393636356630623064646561393863663537333630346166
|
||||
3732663262333464666562386432613834343732633737390a613531353235323933366139356631
|
||||
65333236333235383235656536663965616535353164316430666466373665353535656137343162
|
||||
3036356331356230640a613262666636333039653530626233386434363531646431626236393339
|
||||
39303638613761376163656135313131666166396665366535633532613235666162366163376262
|
||||
6339323033366436343866636365616165343037623434363131
|
5
playbooks/aosp.yml
Normal file
5
playbooks/aosp.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- hosts: aosp_factory
|
||||
roles:
|
||||
- fdroid-server
|
||||
- lineage-builder
|
9
playbooks/base.yml
Normal file
9
playbooks/base.yml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
- hosts: all
|
||||
roles:
|
||||
roles:
|
||||
- role: jnv.unattended-upgrades
|
||||
unattended_remove_unused_dependencies: true
|
||||
- role: base
|
||||
tags: "base"
|
||||
- role: cockpit
|
4
playbooks/dns.sea.yml
Normal file
4
playbooks/dns.sea.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- hosts: dns
|
||||
roles:
|
||||
- dns
|
4
playbooks/drone.yml
Normal file
4
playbooks/drone.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- hosts: mercury.cave
|
||||
roles:
|
||||
- ansible-drone
|
4
playbooks/gateway.yml
Normal file
4
playbooks/gateway.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- hosts: minos.cave
|
||||
roles:
|
||||
- gateway
|
40
playbooks/playbook.cave.yml
Normal file
40
playbooks/playbook.cave.yml
Normal file
|
@ -0,0 +1,40 @@
|
|||
---
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
roles:
|
||||
- role: jnv.unattended-upgrades
|
||||
unattended_remove_unused_dependencies: true
|
||||
- role: base
|
||||
tags: "base"
|
||||
- role: cockpit
|
||||
- hosts: minos.cave
|
||||
roles:
|
||||
- zsh_chic
|
||||
- gateway
|
||||
- sendmail
|
||||
vars:
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
||||
- hosts: srv.cave
|
||||
roles:
|
||||
- role: zsh_chic
|
||||
tag: shell
|
||||
- mysql
|
||||
- role: torrent_server
|
||||
tag: srv_torrent
|
||||
- sendmail
|
||||
- syncthing
|
||||
vars:
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
||||
- hosts: mercury.cave
|
||||
roles:
|
||||
- zsh_chic
|
||||
- docker_hosts
|
||||
- drone_server
|
||||
- fdroid_server
|
||||
# - lineage-builder
|
||||
- sendmail
|
||||
vars:
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
10
playbooks/playbook.chat.yml
Normal file
10
playbooks/playbook.chat.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
roles:
|
||||
- role: base
|
||||
- role: zsh_chic
|
||||
- role: ansible-role-docker
|
||||
vars:
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
4
playbooks/playbook.pikubed.registry.yml
Normal file
4
playbooks/playbook.pikubed.registry.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- hosts: registry
|
||||
roles:
|
||||
- role: docker-registry
|
25
playbooks/playbook.pikubed.yml
Normal file
25
playbooks/playbook.pikubed.yml
Normal file
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
gather_facts: yes
|
||||
roles:
|
||||
- role: base
|
||||
- role: generate-tls-certs
|
||||
- role: apt_cacher_ng
|
||||
- hosts: arm64
|
||||
roles:
|
||||
- role: zsh_chic
|
||||
vars:
|
||||
zsh_chic_arch: arm64
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
||||
- hosts: arm32
|
||||
roles:
|
||||
- role: zsh_chic
|
||||
vars:
|
||||
zsh_chic_arch: armhf
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
||||
- hosts: registry
|
||||
roles:
|
||||
- role: docker-registry
|
17
playbooks/playbook.sea.yml
Normal file
17
playbooks/playbook.sea.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
- hosts: dns
|
||||
roles:
|
||||
- dns
|
||||
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
roles:
|
||||
- role: jnv.unattended-upgrades
|
||||
unattended_remove_unused_dependencies: true
|
||||
- base
|
||||
- zsh_chic
|
||||
- sendmail
|
||||
|
||||
- hosts: vpn_gateway
|
||||
roles:
|
||||
- vpn_gateway
|
9
playbooks/playbook.servipi.yml
Normal file
9
playbooks/playbook.servipi.yml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
gather_facts: yes
|
||||
roles:
|
||||
- jnv.debian-backports
|
||||
- base
|
||||
- zsh_chic
|
||||
- tor_node
|
9
playbooks/playbook.stakhanov.yaml
Normal file
9
playbooks/playbook.stakhanov.yaml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
roles:
|
||||
- role: base
|
||||
tags: "base"
|
||||
- role: sendmail
|
||||
- role: zsh_chic
|
||||
- role: cockpit
|
47
playbooks/playbook.yaml
Normal file
47
playbooks/playbook.yaml
Normal file
|
@ -0,0 +1,47 @@
|
|||
---
|
||||
- hosts: all
|
||||
remote_user: root
|
||||
roles:
|
||||
- role: jnv.unattended-upgrades
|
||||
unattended_remove_unused_dependencies: true
|
||||
- role: base
|
||||
tags: base
|
||||
- role: cockpit
|
||||
tags: srv_cockpit
|
||||
- hosts: sendmail
|
||||
tags: sendmail
|
||||
roles:
|
||||
- sendmail
|
||||
- hosts: docker_hosts
|
||||
tags: docker
|
||||
roles:
|
||||
- ansible-role-docker
|
||||
- hosts: drone_server
|
||||
tags: srv_drone
|
||||
roles:
|
||||
- ansible-drone
|
||||
- hosts: gateway
|
||||
tags: gateway
|
||||
roles:
|
||||
- gateway
|
||||
- hosts: torrent_server
|
||||
tags: srv_torrent
|
||||
roles:
|
||||
- torrent_server
|
||||
- hosts: dev_box
|
||||
tags: dev_box
|
||||
roles:
|
||||
- dev_box
|
||||
- hosts: aosp_factory
|
||||
tags: aosp_builder
|
||||
roles:
|
||||
- fdroid-server
|
||||
# - lineage-builder
|
||||
- hosts: zsh_chic
|
||||
tags: shell
|
||||
roles:
|
||||
- zsh_chic
|
||||
- hosts: syncthing
|
||||
tags: srv_syncthing
|
||||
roles:
|
||||
- syncthing
|
4
playbooks/sendmail.yml
Normal file
4
playbooks/sendmail.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- hosts: sendmail
|
||||
roles:
|
||||
- sendmail
|
4
playbooks/torrent_server.yml
Normal file
4
playbooks/torrent_server.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- hosts: torrent_server
|
||||
roles:
|
||||
- torrent_server
|
4
playbooks/vpn_gateway.yml
Normal file
4
playbooks/vpn_gateway.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- hosts: vpn_gateway
|
||||
roles:
|
||||
- vpn_gateway
|
8
playbooks/zsh_chic.yml
Normal file
8
playbooks/zsh_chic.yml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
- hosts: all
|
||||
roles:
|
||||
- role: zsh_chic
|
||||
vars:
|
||||
zsh_chic_arch: armhf
|
||||
zsh_chic:
|
||||
users: "{{ default_user }}"
|
Loading…
Reference in New Issue
Block a user