qdev/soupclown
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

organize

Browse Source
This commit is contained in:
quinm0
2026-04-05 16:13:37 -04:00
parent 87a14e9db1
commit 56e2a38f82
30 changed files with 7 additions and 511 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ansible/invintory.ini
+5
View File
@@ -0,0 +1,5 @@
[soupclown1]
root@187.77.193.76
[pt1]
dietpi@192.168.68.54
src/ansible/playbook.yaml → ansible/playbook.yaml
+2 -1
View File
@@ -1,7 +1,8 @@
---
- hosts: qmoran-desktop
- hosts: pt1
become: yes
roles:
- dietpi
- oneenv
vars_files:
- secrets.yaml
src/ansible/roles/dietpi/tasks/main.yaml → ansible/roles/dietpi/tasks/main.yaml
View File
src/ansible/roles/dietpi/tasks/rns.yaml → ansible/roles/dietpi/tasks/rns.yaml
-9
View File
@@ -1,13 +1,4 @@
---
# - name: Install python3 packages
# pip:
# name: "{{ item }}"
# state: present
# executable: pip3
# with_items:
# - rns
# - lxmf
- name: Create systemd service for rns
copy:
dest: /etc/systemd/system/rns.service
src/ansible/roles/oneenv/tasks/main.yaml → ansible/roles/oneenv/tasks/main.yaml
View File
src/ansible/secrets.yaml → ansible/secrets.yaml
View File
src/docker-compose/.gitignore → docker-compose/.gitignore
View File
src/docker-compose/all-down.sh → docker-compose/all-down.sh
View File
src/docker-compose/all-pull.sh → docker-compose/all-pull.sh
View File
src/docker-compose/all-up.sh → docker-compose/all-up.sh
View File
src/docker-compose/downloadin-compose.yaml → docker-compose/downloadin-compose.yaml
View File
src/docker-compose/immich-compose.yaml → docker-compose/immich-compose.yaml
View File
src/docker-compose/matrix-compose.yaml → docker-compose/matrix-compose.yaml
View File
src/docker-compose/navidrome-compose.yaml → docker-compose/navidrome-compose.yaml
View File
src/docker-compose/paperless-compose.yaml → docker-compose/paperless-compose.yaml
View File
src/ansible/README.md
-23
View File
@@ -1,23 +0,0 @@
# Ansible host setup
### About
This is made with the intent to be reuseable when any hosts on a network need to be configured back to a common state.
I've actually decided that this will only get the system configs and lower level configs in place for larger tools to then use the host for service orchistration.
# Tasks
- Install dependencies
- Create users
- Write env file
- Install Docker
- Install Rclone
## Variables:
```
- soupclown_users: list (Creates a user for each user and then also sets them as sudoer)
- name: <username>
isMod: true | false (sets as sudoer)
- soupclown_drive_configs: (not upgraded yet)
```
src/ansible/archive/driveConfigTasks.yaml
-44
View File
@@ -1,44 +0,0 @@
---
- name: Install mergerfs if not present
apt:
name: mergerfs
state: present
update_cache: yes
- name: Update mergerfs systemd service with drive paths
template:
src: mergerfs.service.j2
dest: /etc/systemd/system/mergerfs.service
mode: "0644"
owner: root
group: root
- name: Ensure fstab is updated with drive configurations
lineinfile:
regexp: "^PARTUUID={{ item.partuuid }}"
path: /etc/fstab
line: "PARTUUID={{ item.partuuid }} {{ mount_point }}/{{ item.name }} {{ item.fs_type }} defaults,auto,nofail 0 2"
state: present
loop: "{{ drive_configs }}"
- name: Ensure mount points exist and have appropriate permissions
file:
path: "{{ mount_point }}/{{ item.name }}"
state: directory
mode: "0755"
owner: root
group: root
loop: "{{ drive_configs }}"
- name: Systemctl daemon-reload
command: systemctl daemon-reload
- name: Mount all filesystems
command: mount -a
ignore_errors: yes
- name: Start and enable mergerfs service
systemd:
name: mergerfs
state: started
enabled: yes
src/ansible/roles/devtools/tasks/install-ctop.yaml
-93
View File
@@ -1,93 +0,0 @@
# ============================================================================
# CTOP Installation Task
# ============================================================================
#
# ## Overview
# This task sequence installs **ctop** (a top-like interface for container metrics)
# on the target system using the azlux repository.
#
# ## Prerequisites
# - Target system must be Debian/Ubuntu-based
# - Root or sudo privileges required
# - Internet connectivity to download packages and GPG keys
#
# ## Workflow
# 1. **Prerequisite Check**: Verifies if ctop is already installed via marker file
# 2. **Dependency Installation**: Installs required system packages
# - ca-certificates (SSL/TLS support)
# - curl (download utilities)
# - gnupg (GPG key management)
# - lsb-release (OS release detection)
# 3. **Repository Setup**:
# - Adds azlux GPG key for package verification
# - Validates GPG key integrity
# - Adds azlux apt repository with signed packages
# - Refreshes apt cache
# 4. **Package Installation**: Installs docker-ctop package
#
# ## Key Features
# - ✅ Idempotent: Skips execution if ctop is already installed
# - ✅ GPG Validation: Ensures repository authenticity
# - ✅ Error Handling: Fails playbook if GPG key or repo validation fails
# - ✅ Architecture-Aware: Uses ansible_architecture variable for multi-arch support
#
# ## Variables Used
# - `ansible_architecture`: Target system CPU architecture (auto-detected)
# - `ctop_installed_check`: Registration variable tracking installation status
# - `apt_key_finger_output`: GPG key validation results
# - `azlux_repo_check`: Repository addition verification results
#
# ## Failure Points
# - GPG key import fails or key not found in fingerprint output
# - Repository addition fails or cannot be verified
# - Package installation fails
#
# ## Notes
# - Uses `signed-by` parameter for secure apt repository configuration (modern approach)
# - Creates marker file at `/var/ctop_installed` to track installation state
# - `lsb_release -cs` dynamically determines Debian/Ubuntu codename
# - Ensure that the system is updated before running this playbook for best results
- name: Check if ctop is installed
stat:
path: /var/ctop_installed
register: ctop_installed_check
- name: Install prerequisites for ctop
apt:
name:
- ca-certificates
- curl
- gnupg
- lsb-release
state: present
update_cache: yes
when: not ctop_installed_check.stat.exists
- name: Add azlux GPG key for ctop
apt_key:
url: https://azlux.fr/repo.gpg.key
state: present
keyring: /usr/share/keyrings/azlux-archive-keyring.gpg
when: not ctop_installed_check.stat.exists
- name: Add azlux repository for ctop
shell: |
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/azlux-archive-keyring.gpg trusted=yes] http://packages.azlux.fr/debian stable main" | sudo tee /etc/apt/sources.list.d/azlux.list >/dev/null
when: not ctop_installed_check.stat.exists
- name: Update apt cache after adding azlux repository
command: apt-get update
when: not ctop_installed_check.stat.exists
- name: Install ctop
apt:
name: docker-ctop
state: present
when: not ctop_installed_check.stat.exists
- name: Create marker file to indicate ctop installation
file:
path: /var/ctop_installed
state: touch
when: not ctop_installed_check.stat.exists
src/ansible/roles/devtools/tasks/install-lazydocker.yaml
-21
View File
@@ -1,21 +0,0 @@
- name: Check if lazydocker is installed
stat:
path: /var/lazydocker_installed
register: lazydocker_installed_check
- name: Download install script for lazydocker
get_url:
url: https://raw.githubusercontent.com/jesseduffield/lazydocker/master/scripts/install_update_linux.sh
dest: /tmp/install_lazydocker.sh
mode: "0755"
when: not lazydocker_installed_check.stat.exists
- name: Run lazydocker installer script
command: /tmp/install_lazydocker.sh
when: not lazydocker_installed_check.stat.exists
- name: Create file indicating lazydocker is installed
file:
path: /var/lazydocker_installed
state: touch
when: not lazydocker_installed_check.stat.exists
src/ansible/roles/devtools/tasks/install-opentofu.yaml
-34
View File
@@ -1,34 +0,0 @@
# get the installer script
# curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
- name: Check if opentofu is installed
stat:
path: /var/opentofu_installed
register: opentofu_installed_check
- name: Download installer script
get_url:
url: https://get.opentofu.org/install-opentofu.sh
dest: /tmp/install-opentofu.sh
mode: "0755"
when: not opentofu_installed_check.stat.exists
- name: Make installer script executable
command: chmod +x /tmp/install-opentofu.sh
when: not opentofu_installed_check.stat.exists
- name: Install opentofu
command: /tmp/install-opentofu.sh --install-method deb
when: not opentofu_installed_check.stat.exists
- name: Remove installer script
file:
path: /tmp/install-opentofu.sh
state: absent
when: not opentofu_installed_check.stat.exists
- name: Create file indicating opentofu is installed
file:
path: /var/opentofu_installed
state: touch
when: not opentofu_installed_check.stat.exists
src/ansible/roles/devtools/tasks/main.yaml
-8
View File
@@ -1,8 +0,0 @@
- name: Install opentofu
import_tasks: install-opentofu.yaml
- name: Install lazydocker
import_tasks: install-lazydocker.yaml
- name: Install ctop
import_tasks: install-ctop.yaml
src/ansible/roles/pcpanel/tasks/main.yaml
-66
View File
@@ -1,66 +0,0 @@
# add block to /etc/udev/rules.d/70-pcpanel.rules
# SUBSYSTEM=="usb", ATTRS{idVendor}=="04D8", ATTRS{idProduct}=="eb52", TAG+="uaccess"
# SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c4", TAG+="uaccess"
# SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c5", TAG+="uaccess"
- name: Check if we've already set up pcpanel
stat:
path: /etc/udev/rules.d/70-pcpanel.rules
register: pcpanel_rules_file
- name: Check if we've installed the deb file before
stat:
path: /var/pcpanel_installed
register: pcpanel_deb_file
- name: Ensure pulseaudio is installed
apt:
name: "{{ item }}"
state: present
update_cache: yes
with_items:
- pulseaudio
- pulseaudio-utils
when: not pcpanel_rules_file.stat.exists
- name: Create required directories for pcpanel
file:
path: /etc/udev/rules.d
state: directory
mode: "0755"
when: not pcpanel_rules_file.stat.exists
- name: Add udev rules for pcpanel
copy:
content: |
# SUBSYSTEM=="usb", ATTRS{idVendor}=="04D8", ATTRS{idProduct}=="eb52", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c4", TAG+="uaccess"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c5", TAG+="uaccess"
dest: /etc/udev/rules.d/70-pcpanel.rules
mode: "0644"
owner: root
group: root
when: not pcpanel_rules_file.stat.exists
- name: Reload udev rules
shell: udevadm control --reload-rules && udevadm trigger
when: not pcpanel_rules_file.stat.exists
- name: Download pcpanel deb file
get_url:
url: "https://github.com/nvdweem/PCPanel/releases/download/v1.7.1/pcpanel_1.7.1_amd64.deb"
dest: /tmp/pcpanel_1.7.1_amd64.deb
mode: "0644"
when: not pcpanel_deb_file.stat.exists
- name: Install pcpanel deb file
apt:
deb: /tmp/pcpanel_1.7.1_amd64.deb
when: not pcpanel_deb_file.stat.exists
- name: Create file to indicate pcpanel installed
file:
path: /var/pcpanel_installed
state: touch
mode: "0644"
when: not pcpanel_deb_file.stat.exists
src/ansible/roles/soupclown/defaults/main.yaml
-18
View File
@@ -1,18 +0,0 @@
soupclown_mod_group_name: soupclown_moderator
soupclown_users:
- name: dbowen
isMod: false
soupclown_drive_configs:
- name: d1
partuuid: ea8eb756-01
fs_type: ext4
- name: d2
partuuid: d9892c39-c6f2-4090-bccc-1b976f85c762
fs_type: ext4
- name: DATA
partuuid: 9f9dfead-c8bd-40bc-a012-7c3fa996e610
fs_type: ext4
src/ansible/roles/soupclown/tasks/create-users.yaml
-13
View File
@@ -1,13 +0,0 @@
- name: Create soupclown moderator group
group:
name: "{{ soupclown_mod_group_name }}"
state: present
- name: For each user in config, ensure user exists and if isMod true, add to moderator group
user:
name: "{{ item.name }}"
state: present
groups: "{{ [soupclown_mod_group_name] if item.isMod else [] }}"
password: "{{ lookup('password', '/dev/null length=16 chars=ascii_letters,digits') | password_hash('sha512') }}"
update_password: on_create
loop: "{{ soupclown_users }}"
src/ansible/roles/soupclown/tasks/docker-install.yaml
-47
View File
@@ -1,47 +0,0 @@
---
- name: Check if our custom file indicating Docker is installed exists
stat:
path: /var/docker_installed
register: docker_installed_check
- name: Uninstall old Docker versions if present
apt:
name:
- docker
- docker-engine
- docker.io
- containerd
- runc
state: absent
purge: yes
update_cache: yes
when: not docker_installed_check.stat.exists
- name: Install required packages for Docker
apt:
name:
- gpg
- ca-certificates
- curl
- gnupg
- lsb-release
state: present
update_cache: yes
when: not docker_installed_check.stat.exists
# curl -fsSL https://get.docker.com -o get-docker.sh
- name: Get temporary Docker installation script
get_url:
url: https://get.docker.com
dest: /tmp/get-docker.sh
mode: "0755"
when: not docker_installed_check.stat.exists
- name: Install Docker using the official installation script
command: sh /tmp/get-docker.sh
when: not docker_installed_check.stat.exists
- name: Create file indicating Docker is installed
file:
path: /var/docker_installed
state: touch
src/ansible/roles/soupclown/tasks/install-deps.yaml
-42
View File
@@ -1,42 +0,0 @@
# NOTE: Never use apt for rclone, use official script
- name: Remove defualt packages
apt:
name:
- firefox
- thunderbird
state: absent
- name: Install common packages
apt:
name:
- btop
- htop
- desktop-file-utils
- git
- gh
- ssh-import-id
- python3-venv
- python3-pip
- name: Install snap packages
snap:
name: "{{ item }}"
state: present
with_items:
- vivaldi
- signal-desktop
- name: Install python3 packages
pip:
name: "{{ item }}"
state: present
break_system_packages: yes
executable: pip3
with_items:
- pyyaml
- cryptography
- passlib
- name: Install Docker
import_tasks: docker-install.yaml
src/ansible/roles/soupclown/tasks/main.yaml
-9
View File
@@ -1,9 +0,0 @@
---
- name: Install all dependencies
import_tasks: install-deps.yaml
- name: Create users
import_tasks: create-users.yaml
- name: Install rclone (MEGA)
import_tasks: rclone-mega-install.yaml
src/ansible/roles/soupclown/tasks/rclone-mega-install.yaml
-71
View File
@@ -1,71 +0,0 @@
- name: Check if rclone is installed
stat:
path: /var/rclone_installed
register: rclone_installed_check
- name: Install rclone (mega)
command:
# This command is for sure not working but I ran it manually and it worked. So I blame ansible
cmd: "curl https://rclone.org/install.sh | sudo bash ; touch /var/rclone_installed"
creates: /var/rclone_installed
when: not rclone_installed_check.stat.exists
- name: Create required directories
file:
path: "{{ item }}"
state: directory
mode: "0770"
with_items:
- /root/.config/rclone
- /mnt/mega
- name: Create rclone config
copy:
content: |
[mega]
type = mega
user = tnuu9h362@mozmail.com
pass = {{ rclone_mega_key }}
[data]
type = crypt
remote = mega:enc
password = {{ rclone_encPass_one }}
password2 = {{ rclone_encPass_two }}
dest: /root/.config/rclone/rclone.conf
- name: Write service file for rclone mount
copy:
content: |
[Unit]
Description=Rclone mount service
After=local-fs.target network.target
[Service]
Type=simple
User=root
KillMode=control-group
ExecStart=rclone mount data:enc /mnt/mega -vv \
--vfs-cache-mode full \
--allow-other \
--umask 0 \
--dir-perms 0777 \
--file-perms 0777 \
--dir-cache-time 300h
ExecStop=umount /mnt/mega
Restart=on-failure
[Install]
WantedBy=default.target
dest: /etc/systemd/system/rclone.service
mode: "0644"
owner: root
group: root
- name: Systemctl daemon-reload
command: systemctl daemon-reload
- name: Enable and start rclone service
systemd:
name: rclone
state: started
enabled: yes
src/ansible/tailscale-inventory.ini
-10
View File
@@ -1,10 +0,0 @@
; qmoran-laptop (personal laptop)
[qmoran-laptop]
qmoran@100.118.33.8 ansible_ssh_private_key_file=~/.ssh/po/qmoran@qmoran-laptop_ed25519
[qmoran-desktop]
qmoran@qmoran-desktop-1.tailc7e587.ts.net
[po1]
qmoran@po1
src/ansible/vps-inv.ini
-2
View File
@@ -1,2 +0,0 @@
[all]
root@187.77.193.76