florian.richer/myserver-configuration
1
0
Fork 0
Code Issues 1 Activity

Compare commits

base: florian.richer:d6727970ff9c6152e02d5155e0fceae13108fa6b
Branches Tags
florian.richer:main
..
compare: florian.richer:93cbcd29fbc7d3904337fb57f0178ff9ace2fee2
Branches Tags
florian.richer:main

No commits in common. "d6727970ff9c6152e02d5155e0fceae13108fa6b" and "93cbcd29fbc7d3904337fb57f0178ff9ace2fee2" have entirely different histories.
d6727970ff ... 93cbcd29fb

39 changed files with 112 additions and 64 deletions
Show stats Expand all files Collapse all files

9
flake.nix
View file

@ -11,14 +11,6 @@
let
pkgs = import nixpkgs { inherit system; };
import_pub_gpg = pkgs.writeScriptBin "import_pub_gpg" ''
#!${pkgs.runtimeShell}
echo "Importing public key"
gpg --import <(curl https://gitea.mrdev023.fr/florian.richer.gpg)
'';
init_sops = pkgs.writeScriptBin "init_sops" ''
#!${pkgs.runtimeShell}
@ -45,7 +37,6 @@
buildInputs = [
pkgs.ansible
pkgs.sops
import_pub_gpg
init_sops
clean_sops
];

2
roles/borg/tasks/base.yml
View file

@ -8,5 +8,5 @@
owner: root
mode: u=rwx,g=rx,o=rx
loop:
- { src: 'backup', dest: 'backup' }
- { src: 'backup.j2', dest: 'backup' }
become: true

0
roles/borg/templates/backup → roles/borg/templates/backup.j2
View file

2
roles/clean/tasks/docker.yml
View file

@ -5,6 +5,6 @@
containers: true
images: true
networks: true
# volumes: true
volumes: true
builder_cache: true
become: yes

9
roles/cloud/tasks/base.yml
View file

@ -23,12 +23,13 @@
src: "{{ item.src }}"
dest: "cloud/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: cloud_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: cloud
state: present
pull: always
recreate: "{{ 'always' if cloud_copy_files_results.changed else 'auto' }}"
pull: true
restarted: "{{ cloud_copy_files_results.changed or cloud_copy_templates_results.changed }}"
become: true

2
roles/cloud/templates/docker-compose.yml → roles/cloud/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
db:
image: postgres:14

8
roles/dolibarr/tasks/base.yml
View file

@ -11,7 +11,8 @@
src: "{{ item.src }}"
dest: "dolibarr/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: dolibarr_copy_templates_results
- name: Prepare volume folder
ansible.builtin.file:
@ -24,8 +25,9 @@
become: true
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: dolibarr
state: present
pull: always
pull: true
restarted: "{{ dolibarr_copy_templates_results.changed }}"
become: true

2
roles/dolibarr/templates/docker-compose.yml → roles/dolibarr/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
mariadb:
image: mariadb:latest

6
roles/gitea/tasks/base.yml
View file

@ -12,10 +12,12 @@
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'config.yml', dest: 'config.yml' }
register: gitea_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: gitea
state: present
pull: always
pull: true
restarted: "{{ gitea_copy_templates_results.changed }}"
become: true

4
roles/gitea/templates/docker-compose.yml
View file

@ -1,3 +1,5 @@
version: "3"
services:
gitea:
image: gitea/gitea:latest
@ -57,4 +59,4 @@ networks:
metrics:
external: true
proxy:
external: true
external: true

8
roles/home_assistant/tasks/base.yml
View file

@ -10,11 +10,13 @@
src: "{{ item.src }}"
dest: "home_assistant/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: home_assistant_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: home_assistant
state: present
pull: always
pull: true
restarted: "{{ home_assistant_copy_templates_results.changed }}"
become: true

2
roles/home_assistant/templates/docker-compose.yml → roles/home_assistant/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
home_assistant:
image: homeassistant/home-assistant

2
roles/iptables/tasks/base.yml
View file

@ -7,7 +7,7 @@
group: root
mode: u=rwx,g=rx,o=rx
loop:
- { src: 'firewall', dest: '/usr/bin/firewall' }
- { src: 'firewall.j2', dest: '/usr/bin/firewall' }
register: iptables_templates_results
become: yes

0
roles/iptables/templates/firewall → roles/iptables/templates/firewall.j2
View file

9
roles/matrix/tasks/base.yml
View file

@ -16,12 +16,13 @@
src: "{{ item.src }}"
dest: "matrix/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: matrix_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: matrix
state: present
pull: always
recreate: "{{ 'always' if matrix_copy_files_results.changed else 'auto' }}"
pull: true
restarted: "{{ matrix_copy_files_results.changed or matrix_copy_templates_results.changed }}"
become: true

2
roles/matrix/templates/docker-compose.yml → roles/matrix/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
postgres:
image: postgres:15

6
roles/metrics/tasks/base.yml
View file

@ -11,10 +11,12 @@
dest: "metrics/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
register: metrics_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: metrics
state: present
pull: always
pull: true
restarted: "{{ metrics_copy_templates_results.changed }}"
become: true

2
roles/metrics/templates/docker-compose.yml
View file

@ -1,3 +1,5 @@
version: '3'
services:
prometheus:
image: prom/prometheus:latest

8
roles/n8n/tasks/base.yml
View file

@ -10,11 +10,13 @@
src: "{{ item.src }}"
dest: "n8n/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: n8n_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: n8n
state: present
pull: always
pull: true
restarted: "{{ n8n_copy_templates_results.changed }}"
become: true

2
roles/n8n/templates/docker-compose.yml → roles/n8n/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
db:
image: postgres:14

6
roles/portfolio/tasks/base.yml
View file

@ -11,10 +11,12 @@
dest: "portfolio/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
register: portfolio_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: portfolio
state: present
pull: always
pull: true
restarted: "{{ portfolio_copy_templates_results.changed }}"
become: true

2
roles/portfolio/templates/docker-compose.yml
View file

@ -1,3 +1,5 @@
version: "3"
services:
portfolio:
image: gitea.mrdev023.fr/florian.richer/portfolio:latest

9
roles/protonmail/tasks/base.yml
View file

@ -16,7 +16,8 @@
src: "{{ item.src }}"
dest: "protonmail/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: protonmail_copy_templates_results
- name: Create protonmail network
community.docker.docker_network:
@ -30,9 +31,9 @@
when: not protonmail.initialized
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: protonmail
state: present
pull: always
recreate: "{{ 'always' if protonmail.initialized and protonmail_copy_files_results.changed else 'auto' }}"
pull: true
restarted: "{{ protonmail.initialized and (protonmail_copy_templates_results.changed or protonmail_copy_files_results.changed) }}"
become: true

2
roles/protonmail/templates/docker-compose.yml → roles/protonmail/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
protonmail-bridge:
image: shenxn/protonmail-bridge

8
roles/ryot/tasks/base.yml
View file

@ -10,11 +10,13 @@
src: "{{ item.src }}"
dest: "ryot/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: ryot_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: ryot
state: present
pull: always
pull: true
restarted: "{{ ryot_copy_templates_results.changed }}"
become: true

2
roles/ryot/templates/docker-compose.yml → roles/ryot/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: "3.9"
services:
postgres:
image: postgres:16-alpine

2
roles/ssh/tasks/base.yml
View file

@ -7,7 +7,7 @@
group: root
mode: u=rwx,g=rx,o=rx
loop:
- { src: 'port.conf', dest: '/etc/ssh/sshd_config.d/99-port.conf' }
- { src: 'port.conf.j2', dest: '/etc/ssh/sshd_config.d/99-port.conf' }
register: iptables_templates_results
become: yes

0
roles/ssh/templates/port.conf → roles/ssh/templates/port.conf.j2
View file

14
roles/traefik/tasks/base.yml
View file

@ -12,6 +12,7 @@
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'config/traefik.yml', dest: 'config/traefik.yml' }
register: traefik_copy_templates_results
# Avoid restart docker if dynamic_conf updated
- name: Copy dynamic_conf conf
@ -19,9 +20,10 @@
src: "config/dynamic_conf.yml"
dest: "traefik/config/dynamic_conf.yml"
# - name: Update and restart container
# community.docker.docker_compose_v2:
# project_src: traefik
# state: present
# pull: always
# become: true
- name: Update and restart container
community.docker.docker_compose:
project_src: traefik
state: present
pull: true
restarted: "{{ traefik_copy_templates_results.changed }}"
become: true

2
roles/traefik/templates/docker-compose.yml
View file

@ -1,3 +1,5 @@
version: '3'
services:
traefik:
image: traefik:latest

10
roles/vaultwarden/tasks/base.yml
View file

@ -11,13 +11,14 @@
src: "{{ item.src }}"
dest: "vaultwarden/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: vaultwarden_copy_templates_results
- name: Copy dotenv as root
ansible.builtin.template:
owner: root
group: root
src: ".env"
src: ".env.j2"
dest: "vaultwarden/.env"
mode: 0600
become: true
@ -33,8 +34,9 @@
become: true
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: vaultwarden
state: present
pull: always
pull: true
restarted: "{{ vaultwarden_copy_templates_results.changed }}"
become: true

2
roles/vaultwarden/templates/.env → roles/vaultwarden/templates/.env.j2
View file

@ -1,6 +1,6 @@
WEBSOCKET_ENABLED=true
SIGNUPS_ALLOWED=false
ADMIN_TOKEN='{{ vaultwarden.admin_token }}'
ADMIN_TOKEN={{ vaultwarden.admin_token }}
POSTGRES_PASSWORD=vaultwarden
POSTGRES_DB=vaultwarden
POSTGRES_USER=vaultwarden

2
roles/vaultwarden/templates/docker-compose.yml → roles/vaultwarden/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
db:
image: postgres:15

8
roles/watchtower/tasks/base.yml
View file

@ -10,11 +10,13 @@
src: "{{ item.src }}"
dest: "watchtower/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: watchtower_copy_templates_results
- name: Force update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: watchtower
state: present
pull: always
pull: true
restarted: "{{ watchtower_copy_templates_results.changed }}"
become: true

2
roles/watchtower/templates/docker-compose.yml → roles/watchtower/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
watchtower:
image: containrrr/watchtower:latest

8
roles/whoami/tasks/base.yml
View file

@ -10,11 +10,13 @@
src: "{{ item.src }}"
dest: "whoami/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: whoami_copy_templates_results
- name: Force update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: whoami
state: present
pull: always
pull: true
restarted: "{{ whoami_copy_templates_results.changed }}"
become: true

2
roles/whoami/templates/docker-compose.yml → roles/whoami/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
whoami:
image: "containous/whoami"

8
roles/wireguard/tasks/base.yml
View file

@ -10,11 +10,13 @@
src: "{{ item.src }}"
dest: "wireguard/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: wireguard_copy_templates_results
- name: Update and restart container
community.docker.docker_compose_v2:
community.docker.docker_compose:
project_src: wireguard
state: present
pull: always
pull: true
restarted: "{{ wireguard_copy_templates_results.changed }}"
become: true

2
roles/wireguard/templates/docker-compose.yml → roles/wireguard/templates/docker-compose.yml.j2
View file

@ -1,3 +1,5 @@
version: '3'
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest