common.yml 7.06 KB
Newer Older
1
---
2
- hosts: physical
3
  tags: proxmox
4
5
6
  roles:
    - { role: proxmox_config }

Rob Connolly's avatar
Rob Connolly committed
7
- import_playbook: "provision_vms.yaml"
8
9
10
  tags:
    - proxmox
    - provision
Rob Connolly's avatar
Rob Connolly committed
11

Rob Connolly's avatar
Rob Connolly committed
12
13
14
15
16
17
18
19
20
21
- hosts: zfs_loopback
  tags: zfs
  vars:
    zfs_loopback: true
    zfs_loopfile: "storage"
    zfs_zpool_mnt: "/storage"
    zfs_zpool_name: "storage"
  roles:
    - { role: zfs }

22
- hosts: all,!clients,!ecthelion
23
  tags: checkmk
24
25
26
27
  roles:
    - { role: checkmk_agent }

- hosts: docker_hosts
28
  tags: docker
29
30
31
  vars:
    pip_install_packages:
      - name: docker
Rob Connolly's avatar
Rob Connolly committed
32
      - name: docker-compose
33
34
35
36
    docker_users:
      - ci
      - rob
  roles:
Rob Connolly's avatar
Rob Connolly committed
37
38
    - { role: geerlingguy.docker, become: yes }
    - { role: geerlingguy.pip, become: yes }
39

Rob Connolly's avatar
Rob Connolly committed
40
41
42
43
#- hosts: zm_servers
#  tags: zoneminder
#  roles:
#    - { role: zoneminder }
44

45
- hosts: media_servers
46
  tags: media
Rob Connolly's avatar
Rob Connolly committed
47
48
  vars:
    recordings_share: /storage/recordings
Rob Connolly's avatar
Rob Connolly committed
49
    media_share: /storage/media
Rob Connolly's avatar
Rob Connolly committed
50
    music_share: /storage/music
Rob Connolly's avatar
Rob Connolly committed
51
    docker_share: /storage/data/docker
52
  roles:
53
    - { role: robconnolly.docker_app_roles.docker_tvheadend }
Rob Connolly's avatar
Rob Connolly committed
54
    - { role: robconnolly.docker_app_roles.docker_jellyfin }
Rob Connolly's avatar
Rob Connolly committed
55
    - { role: robconnolly.docker_app_roles.docker_multiroom_audio }
56

57
58
59
60
61
- hosts: vpn_clients
  tags: vpn
  roles:
    - { role: openvpn_client }

62
63
64
65
- hosts: mailservers
  tags: mail
  roles:
    - { role: certbot }
66
    - { role: mailserver }
67

68
69
70
71
72
- hosts: work_machine
  tags: wfh
  roles:
    - { role: wfh_meeting_detect }

Rob Connolly's avatar
Rob Connolly committed
73
74
75
- hosts: weewx_hosts
  tags: weewx
  roles:
Rob Connolly's avatar
Rob Connolly committed
76
    - { role: robconnolly.docker_app_roles.docker_weewx }
Rob Connolly's avatar
Rob Connolly committed
77

Rob Connolly's avatar
Rob Connolly committed
78
79
80
81
82
- hosts: frigate_hosts
  tags: frigate
  roles:
    - { role: robconnolly.docker_app_roles.docker_frigate }

Rob Connolly's avatar
Rob Connolly committed
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
#- hosts: all
#  tasks:
#    - name: Install common apt packages
#      become: true
#      when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
#      apt:
#        pkg:
#          - vim
#          - git
#          - tmux
#          - htop
#          - dnsutils
#          - ack-grep
#          - stow
#          - zsh
#          - build-essential
#          - python-dev
#          - python3-dev
#          - cmake
#          - curl
#          - virtualenvwrapper
#          - moreutils
#          - neovim
#          - mosh
#          - figlet
#          - lolcat
#          - acl
#
#    - name: Install common apt packages (newer distros)
#      become: true
#      when: (ansible_distribution == 'Debian' and ansible_distribution_version|int > 9) or ansible_distribution == 'Ubuntu'
#      apt:
#        pkg:
#          - python-neovim
#
#    - name: Install common pacman packages
#      become: true
#      when: ansible_distribution == 'Archlinux'
#      pacman:
#        name:
#          - vim
#          - git
#          - tmux
#          - htop
#          - bind-tools
#          - ack
#          - stow
#          - zsh
#          - cmake
#          - clang
#          - curl
#          - python-virtualenvwrapper
#          - moreutils
#          - neovim
#          - python-pynvim
#          - mosh
#          - acl
#
#    - name: Set up authorized keys
#      become: true
#      authorized_key:
#        user: '{{ admin_user }}'
#        state: present
#        key: '{{ item }}'
#      with_file:
#        - public_keys/aragorn.pub
#        - public_keys/arathorn.pub
#        - public_keys/work.pub
#        - public_keys/phone.pub
#
#    - name: Remove old authorized keys
#      become: true
#      authorized_key:
#        user: '{{ admin_user }}'
#        state: absent
#        key: '{{ item }}'
#      with_file:
#        - public_keys/riker.pub.deprecated
#
#    - name: Install cron wrapper script
#      become: true
#      copy:
#        src: scripts/log-output
#        dest: /usr/local/bin/log-output
#        owner: root
#        group: root
#        mode: 0755
#
#    - name: Create cron log file
#      become: true
#      file:
#        name: /var/log/cron.log
#        state: touch
#        mode: 0666
#
#- hosts: all,!cloud,!rpis
#  serial: 2
#  tasks:
#    - name: Copy deploy key
#      become: true
#      become_user: "{{ admin_user }}"
#      copy:
#        src: dotfiles_deploy_key
#        dest: "/home/{{ admin_user }}/.dotfiles_deploy_key"
#        owner: "{{ admin_user }}"
#        group: "{{ admin_user }}"
#        mode: 0600
#
#    - name: Clone dotfiles repo
192
193
194
#      become: true
#      become_user: "{{ admin_user }}"
#      git:
Rob Connolly's avatar
Rob Connolly committed
195
196
#        repo: "{{ dotfiles_repo }}"
#        dest: "/home/{{ admin_user }}/dotfiles"
197
#        version: master
Rob Connolly's avatar
Rob Connolly committed
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
#        accept_hostkey: true
#        ssh_opts: "-i /home/{{ admin_user }}/.dotfiles_deploy_key"
#
#    - name: Unstow dotfiles
#      become: true
#      become_user: "{{ admin_user }}"
#      command:
#        chdir: "/home/{{ admin_user }}/dotfiles"
#        cmd: "stow {{ item.name }}"
#        creates: "{{ item.file }}"
#      with_items:
#        - { name: ssh, file: "/home/{{ admin_user }}/.ssh/config"}
#        - { name: vim, file: "/home/{{ admin_user }}/.vimrc"}
#        - { name: tmux, file: "/home/{{ admin_user }}/.tmux.conf"}
#        - { name: neovim, file: "/home/{{ admin_user }}/.config/nvim/init.vim"}
#
#    - name: Add dotfile update cronjob
#      become: true
#      cron:
#        name: "Update dotfiles"
#        minute: "*/15"
#        job: "/usr/local/bin/log-output /home/{{ admin_user }}/dotfiles/update.sh"
#        user: "{{ admin_user }}"
#
##    - name: Install vundle
##      become: true
##      become_user: "{{ admin_user }}"
##      git:
##        repo: https://github.com/VundleVim/Vundle.vim.git
##        dest: "/home/{{ admin_user }}/.vim/bundle/Vundle.vim"
##        version: master
##
##    - name: Install vim plugins
##      become: true
##      become_user: "{{ admin_user }}"
##      shell:
##        cmd: 'vim -E -s -c "source /home/{{ admin_user }}/.vimrc" -c PluginInstall -c qa || touch /home/{{ admin_user }}/.vim/plugins_installed'
##        creates: "/home/{{ admin_user }}/.vim/plugins_installed"
##
##    - name: Build ycm_core
##      become: true
##      become_user: "{{ admin_user }}"
##      command:
##        cmd: "./install.py --clang-completer {% if ansible_distribution == 'Archlinux' %}--system-libclang{% endif %}"
##        chdir: "/home/{{ admin_user }}/.vim/bundle/YouCompleteMe"
##        creates: "/home/{{ admin_user }}/.vim/bundle/YouCompleteMe/third_party/ycmd/ycm_core.so"
##      environment:
##        YCM_CORES: 1
246
#
Rob Connolly's avatar
Rob Connolly committed
247
#    - name: Install oh-my-zsh
248
249
250
#      become: true
#      become_user: "{{ admin_user }}"
#      shell:
Rob Connolly's avatar
Rob Connolly committed
251
252
253
254
255
256
257
258
259
260
261
#        cmd: sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
#        creates: "/home/{{ admin_user }}/.oh-my-zsh"
#      register: ohmyzsh
#
#    - name: Remove default zshrc
#      become: true
#      become_user: "{{ admin_user }}"
#      file: # noqa 503
#        name: "/home/{{ admin_user }}/.zshrc"
#        state: absent
#      when: ohmyzsh.changed
262
#
Rob Connolly's avatar
Rob Connolly committed
263
#    - name: Unstow zsh config
264
265
266
#      become: true
#      become_user: "{{ admin_user }}"
#      command:
Rob Connolly's avatar
Rob Connolly committed
267
268
269
270
271
272
273
274
275
#        chdir: "/home/{{ admin_user }}/dotfiles"
#        cmd: "stow zsh"
#        creates: "/home/{{ admin_user }}/.zshrc"
#
#    - name: Change shell to zsh
#      become: true
#      user:
#        name: "{{ admin_user }}"
#        shell: /usr/bin/zsh