diff --git a/ansible/invintory.ini b/ansible/invintory.ini new file mode 100644 index 0000000..c4028a5 --- /dev/null +++ b/ansible/invintory.ini @@ -0,0 +1,5 @@ +[soupclown1] +root@187.77.193.76 + +[pt1] +dietpi@192.168.68.54 \ No newline at end of file diff --git a/src/ansible/playbook.yaml b/ansible/playbook.yaml similarity index 73% rename from src/ansible/playbook.yaml rename to ansible/playbook.yaml index 5c3646c..154f289 100644 --- a/src/ansible/playbook.yaml +++ b/ansible/playbook.yaml @@ -1,7 +1,8 @@ --- -- hosts: qmoran-desktop +- hosts: pt1 become: yes roles: + - dietpi - oneenv vars_files: - secrets.yaml diff --git a/src/ansible/roles/dietpi/tasks/main.yaml b/ansible/roles/dietpi/tasks/main.yaml similarity index 100% rename from src/ansible/roles/dietpi/tasks/main.yaml rename to ansible/roles/dietpi/tasks/main.yaml diff --git a/src/ansible/roles/dietpi/tasks/rns.yaml b/ansible/roles/dietpi/tasks/rns.yaml similarity index 96% rename from src/ansible/roles/dietpi/tasks/rns.yaml rename to ansible/roles/dietpi/tasks/rns.yaml index 4e00ae7..8a6a239 100644 --- a/src/ansible/roles/dietpi/tasks/rns.yaml +++ b/ansible/roles/dietpi/tasks/rns.yaml @@ -1,13 +1,4 @@ --- -# - name: Install python3 packages -# pip: -# name: "{{ item }}" -# state: present -# executable: pip3 -# with_items: -# - rns -# - lxmf - - name: Create systemd service for rns copy: dest: /etc/systemd/system/rns.service diff --git a/src/ansible/roles/oneenv/tasks/main.yaml b/ansible/roles/oneenv/tasks/main.yaml similarity index 100% rename from src/ansible/roles/oneenv/tasks/main.yaml rename to ansible/roles/oneenv/tasks/main.yaml diff --git a/src/ansible/secrets.yaml b/ansible/secrets.yaml similarity index 100% rename from src/ansible/secrets.yaml rename to ansible/secrets.yaml diff --git a/src/docker-compose/.gitignore b/docker-compose/.gitignore similarity index 100% rename from src/docker-compose/.gitignore rename to docker-compose/.gitignore diff --git a/src/docker-compose/all-down.sh b/docker-compose/all-down.sh similarity index 100% rename from src/docker-compose/all-down.sh rename to docker-compose/all-down.sh diff --git a/src/docker-compose/all-pull.sh b/docker-compose/all-pull.sh similarity index 100% rename from src/docker-compose/all-pull.sh rename to docker-compose/all-pull.sh diff --git a/src/docker-compose/all-up.sh b/docker-compose/all-up.sh similarity index 100% rename from src/docker-compose/all-up.sh rename to docker-compose/all-up.sh diff --git a/src/docker-compose/downloadin-compose.yaml b/docker-compose/downloadin-compose.yaml similarity index 100% rename from src/docker-compose/downloadin-compose.yaml rename to docker-compose/downloadin-compose.yaml diff --git a/src/docker-compose/immich-compose.yaml b/docker-compose/immich-compose.yaml similarity index 100% rename from src/docker-compose/immich-compose.yaml rename to docker-compose/immich-compose.yaml diff --git a/src/docker-compose/matrix-compose.yaml b/docker-compose/matrix-compose.yaml similarity index 100% rename from src/docker-compose/matrix-compose.yaml rename to docker-compose/matrix-compose.yaml diff --git a/src/docker-compose/navidrome-compose.yaml b/docker-compose/navidrome-compose.yaml similarity index 100% rename from src/docker-compose/navidrome-compose.yaml rename to docker-compose/navidrome-compose.yaml diff --git a/src/docker-compose/paperless-compose.yaml b/docker-compose/paperless-compose.yaml similarity index 100% rename from src/docker-compose/paperless-compose.yaml rename to docker-compose/paperless-compose.yaml diff --git a/src/ansible/README.md b/src/ansible/README.md deleted file mode 100644 index 49e8935..0000000 --- a/src/ansible/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# Ansible host setup - -### About - -This is made with the intent to be reuseable when any hosts on a network need to be configured back to a common state. -I've actually decided that this will only get the system configs and lower level configs in place for larger tools to then use the host for service orchistration. - -# Tasks - -- Install dependencies -- Create users -- Write env file -- Install Docker -- Install Rclone - -## Variables: - -``` -- soupclown_users: list (Creates a user for each user and then also sets them as sudoer) - - name: - isMod: true | false (sets as sudoer) -- soupclown_drive_configs: (not upgraded yet) -``` diff --git a/src/ansible/archive/driveConfigTasks.yaml b/src/ansible/archive/driveConfigTasks.yaml deleted file mode 100644 index e2e0900..0000000 --- a/src/ansible/archive/driveConfigTasks.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -- name: Install mergerfs if not present - apt: - name: mergerfs - state: present - update_cache: yes - -- name: Update mergerfs systemd service with drive paths - template: - src: mergerfs.service.j2 - dest: /etc/systemd/system/mergerfs.service - mode: "0644" - owner: root - group: root - -- name: Ensure fstab is updated with drive configurations - lineinfile: - regexp: "^PARTUUID={{ item.partuuid }}" - path: /etc/fstab - line: "PARTUUID={{ item.partuuid }} {{ mount_point }}/{{ item.name }} {{ item.fs_type }} defaults,auto,nofail 0 2" - state: present - loop: "{{ drive_configs }}" - -- name: Ensure mount points exist and have appropriate permissions - file: - path: "{{ mount_point }}/{{ item.name }}" - state: directory - mode: "0755" - owner: root - group: root - loop: "{{ drive_configs }}" - -- name: Systemctl daemon-reload - command: systemctl daemon-reload - -- name: Mount all filesystems - command: mount -a - ignore_errors: yes - -- name: Start and enable mergerfs service - systemd: - name: mergerfs - state: started - enabled: yes diff --git a/src/ansible/roles/devtools/tasks/install-ctop.yaml b/src/ansible/roles/devtools/tasks/install-ctop.yaml deleted file mode 100644 index 204d460..0000000 --- a/src/ansible/roles/devtools/tasks/install-ctop.yaml +++ /dev/null @@ -1,93 +0,0 @@ -# ============================================================================ -# CTOP Installation Task -# ============================================================================ -# -# ## Overview -# This task sequence installs **ctop** (a top-like interface for container metrics) -# on the target system using the azlux repository. -# -# ## Prerequisites -# - Target system must be Debian/Ubuntu-based -# - Root or sudo privileges required -# - Internet connectivity to download packages and GPG keys -# -# ## Workflow -# 1. **Prerequisite Check**: Verifies if ctop is already installed via marker file -# 2. **Dependency Installation**: Installs required system packages -# - ca-certificates (SSL/TLS support) -# - curl (download utilities) -# - gnupg (GPG key management) -# - lsb-release (OS release detection) -# 3. **Repository Setup**: -# - Adds azlux GPG key for package verification -# - Validates GPG key integrity -# - Adds azlux apt repository with signed packages -# - Refreshes apt cache -# 4. **Package Installation**: Installs docker-ctop package -# -# ## Key Features -# - ✅ Idempotent: Skips execution if ctop is already installed -# - ✅ GPG Validation: Ensures repository authenticity -# - ✅ Error Handling: Fails playbook if GPG key or repo validation fails -# - ✅ Architecture-Aware: Uses ansible_architecture variable for multi-arch support -# -# ## Variables Used -# - `ansible_architecture`: Target system CPU architecture (auto-detected) -# - `ctop_installed_check`: Registration variable tracking installation status -# - `apt_key_finger_output`: GPG key validation results -# - `azlux_repo_check`: Repository addition verification results -# -# ## Failure Points -# - GPG key import fails or key not found in fingerprint output -# - Repository addition fails or cannot be verified -# - Package installation fails -# -# ## Notes -# - Uses `signed-by` parameter for secure apt repository configuration (modern approach) -# - Creates marker file at `/var/ctop_installed` to track installation state -# - `lsb_release -cs` dynamically determines Debian/Ubuntu codename -# - Ensure that the system is updated before running this playbook for best results - -- name: Check if ctop is installed - stat: - path: /var/ctop_installed - register: ctop_installed_check - -- name: Install prerequisites for ctop - apt: - name: - - ca-certificates - - curl - - gnupg - - lsb-release - state: present - update_cache: yes - when: not ctop_installed_check.stat.exists - -- name: Add azlux GPG key for ctop - apt_key: - url: https://azlux.fr/repo.gpg.key - state: present - keyring: /usr/share/keyrings/azlux-archive-keyring.gpg - when: not ctop_installed_check.stat.exists - -- name: Add azlux repository for ctop - shell: | - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/azlux-archive-keyring.gpg trusted=yes] http://packages.azlux.fr/debian stable main" | sudo tee /etc/apt/sources.list.d/azlux.list >/dev/null - when: not ctop_installed_check.stat.exists - -- name: Update apt cache after adding azlux repository - command: apt-get update - when: not ctop_installed_check.stat.exists - -- name: Install ctop - apt: - name: docker-ctop - state: present - when: not ctop_installed_check.stat.exists - -- name: Create marker file to indicate ctop installation - file: - path: /var/ctop_installed - state: touch - when: not ctop_installed_check.stat.exists \ No newline at end of file diff --git a/src/ansible/roles/devtools/tasks/install-lazydocker.yaml b/src/ansible/roles/devtools/tasks/install-lazydocker.yaml deleted file mode 100644 index 933a872..0000000 --- a/src/ansible/roles/devtools/tasks/install-lazydocker.yaml +++ /dev/null @@ -1,21 +0,0 @@ -- name: Check if lazydocker is installed - stat: - path: /var/lazydocker_installed - register: lazydocker_installed_check - -- name: Download install script for lazydocker - get_url: - url: https://raw.githubusercontent.com/jesseduffield/lazydocker/master/scripts/install_update_linux.sh - dest: /tmp/install_lazydocker.sh - mode: "0755" - when: not lazydocker_installed_check.stat.exists - -- name: Run lazydocker installer script - command: /tmp/install_lazydocker.sh - when: not lazydocker_installed_check.stat.exists - -- name: Create file indicating lazydocker is installed - file: - path: /var/lazydocker_installed - state: touch - when: not lazydocker_installed_check.stat.exists diff --git a/src/ansible/roles/devtools/tasks/install-opentofu.yaml b/src/ansible/roles/devtools/tasks/install-opentofu.yaml deleted file mode 100644 index 6296cc8..0000000 --- a/src/ansible/roles/devtools/tasks/install-opentofu.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# get the installer script -# curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh - -- name: Check if opentofu is installed - stat: - path: /var/opentofu_installed - register: opentofu_installed_check - -- name: Download installer script - get_url: - url: https://get.opentofu.org/install-opentofu.sh - dest: /tmp/install-opentofu.sh - mode: "0755" - when: not opentofu_installed_check.stat.exists - -- name: Make installer script executable - command: chmod +x /tmp/install-opentofu.sh - when: not opentofu_installed_check.stat.exists - -- name: Install opentofu - command: /tmp/install-opentofu.sh --install-method deb - when: not opentofu_installed_check.stat.exists - -- name: Remove installer script - file: - path: /tmp/install-opentofu.sh - state: absent - when: not opentofu_installed_check.stat.exists - -- name: Create file indicating opentofu is installed - file: - path: /var/opentofu_installed - state: touch - when: not opentofu_installed_check.stat.exists diff --git a/src/ansible/roles/devtools/tasks/main.yaml b/src/ansible/roles/devtools/tasks/main.yaml deleted file mode 100644 index 45069ec..0000000 --- a/src/ansible/roles/devtools/tasks/main.yaml +++ /dev/null @@ -1,8 +0,0 @@ -- name: Install opentofu - import_tasks: install-opentofu.yaml - -- name: Install lazydocker - import_tasks: install-lazydocker.yaml - -- name: Install ctop - import_tasks: install-ctop.yaml diff --git a/src/ansible/roles/pcpanel/tasks/main.yaml b/src/ansible/roles/pcpanel/tasks/main.yaml deleted file mode 100644 index 72fc4fc..0000000 --- a/src/ansible/roles/pcpanel/tasks/main.yaml +++ /dev/null @@ -1,66 +0,0 @@ -# add block to /etc/udev/rules.d/70-pcpanel.rules -# SUBSYSTEM=="usb", ATTRS{idVendor}=="04D8", ATTRS{idProduct}=="eb52", TAG+="uaccess" -# SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c4", TAG+="uaccess" -# SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c5", TAG+="uaccess" - -- name: Check if we've already set up pcpanel - stat: - path: /etc/udev/rules.d/70-pcpanel.rules - register: pcpanel_rules_file - -- name: Check if we've installed the deb file before - stat: - path: /var/pcpanel_installed - register: pcpanel_deb_file - -- name: Ensure pulseaudio is installed - apt: - name: "{{ item }}" - state: present - update_cache: yes - with_items: - - pulseaudio - - pulseaudio-utils - when: not pcpanel_rules_file.stat.exists - -- name: Create required directories for pcpanel - file: - path: /etc/udev/rules.d - state: directory - mode: "0755" - when: not pcpanel_rules_file.stat.exists - -- name: Add udev rules for pcpanel - copy: - content: | - # SUBSYSTEM=="usb", ATTRS{idVendor}=="04D8", ATTRS{idProduct}=="eb52", TAG+="uaccess" - SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c4", TAG+="uaccess" - SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a3c5", TAG+="uaccess" - dest: /etc/udev/rules.d/70-pcpanel.rules - mode: "0644" - owner: root - group: root - when: not pcpanel_rules_file.stat.exists - -- name: Reload udev rules - shell: udevadm control --reload-rules && udevadm trigger - when: not pcpanel_rules_file.stat.exists - -- name: Download pcpanel deb file - get_url: - url: "https://github.com/nvdweem/PCPanel/releases/download/v1.7.1/pcpanel_1.7.1_amd64.deb" - dest: /tmp/pcpanel_1.7.1_amd64.deb - mode: "0644" - when: not pcpanel_deb_file.stat.exists - -- name: Install pcpanel deb file - apt: - deb: /tmp/pcpanel_1.7.1_amd64.deb - when: not pcpanel_deb_file.stat.exists - -- name: Create file to indicate pcpanel installed - file: - path: /var/pcpanel_installed - state: touch - mode: "0644" - when: not pcpanel_deb_file.stat.exists diff --git a/src/ansible/roles/soupclown/defaults/main.yaml b/src/ansible/roles/soupclown/defaults/main.yaml deleted file mode 100644 index 0766a50..0000000 --- a/src/ansible/roles/soupclown/defaults/main.yaml +++ /dev/null @@ -1,18 +0,0 @@ -soupclown_mod_group_name: soupclown_moderator - -soupclown_users: - - name: dbowen - isMod: false - -soupclown_drive_configs: - - name: d1 - partuuid: ea8eb756-01 - fs_type: ext4 - - - name: d2 - partuuid: d9892c39-c6f2-4090-bccc-1b976f85c762 - fs_type: ext4 - - - name: DATA - partuuid: 9f9dfead-c8bd-40bc-a012-7c3fa996e610 - fs_type: ext4 diff --git a/src/ansible/roles/soupclown/tasks/create-users.yaml b/src/ansible/roles/soupclown/tasks/create-users.yaml deleted file mode 100644 index 5049acd..0000000 --- a/src/ansible/roles/soupclown/tasks/create-users.yaml +++ /dev/null @@ -1,13 +0,0 @@ -- name: Create soupclown moderator group - group: - name: "{{ soupclown_mod_group_name }}" - state: present - -- name: For each user in config, ensure user exists and if isMod true, add to moderator group - user: - name: "{{ item.name }}" - state: present - groups: "{{ [soupclown_mod_group_name] if item.isMod else [] }}" - password: "{{ lookup('password', '/dev/null length=16 chars=ascii_letters,digits') | password_hash('sha512') }}" - update_password: on_create - loop: "{{ soupclown_users }}" diff --git a/src/ansible/roles/soupclown/tasks/docker-install.yaml b/src/ansible/roles/soupclown/tasks/docker-install.yaml deleted file mode 100644 index 072f2dc..0000000 --- a/src/ansible/roles/soupclown/tasks/docker-install.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -- name: Check if our custom file indicating Docker is installed exists - stat: - path: /var/docker_installed - register: docker_installed_check - -- name: Uninstall old Docker versions if present - apt: - name: - - docker - - docker-engine - - docker.io - - containerd - - runc - state: absent - purge: yes - update_cache: yes - when: not docker_installed_check.stat.exists - -- name: Install required packages for Docker - apt: - name: - - gpg - - ca-certificates - - curl - - gnupg - - lsb-release - state: present - update_cache: yes - when: not docker_installed_check.stat.exists - -# curl -fsSL https://get.docker.com -o get-docker.sh -- name: Get temporary Docker installation script - get_url: - url: https://get.docker.com - dest: /tmp/get-docker.sh - mode: "0755" - when: not docker_installed_check.stat.exists - -- name: Install Docker using the official installation script - command: sh /tmp/get-docker.sh - when: not docker_installed_check.stat.exists - -- name: Create file indicating Docker is installed - file: - path: /var/docker_installed - state: touch diff --git a/src/ansible/roles/soupclown/tasks/install-deps.yaml b/src/ansible/roles/soupclown/tasks/install-deps.yaml deleted file mode 100644 index 7250796..0000000 --- a/src/ansible/roles/soupclown/tasks/install-deps.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# NOTE: Never use apt for rclone, use official script - -- name: Remove defualt packages - apt: - name: - - firefox - - thunderbird - state: absent - -- name: Install common packages - apt: - name: - - btop - - htop - - desktop-file-utils - - git - - gh - - ssh-import-id - - python3-venv - - python3-pip - -- name: Install snap packages - snap: - name: "{{ item }}" - state: present - with_items: - - vivaldi - - signal-desktop - -- name: Install python3 packages - pip: - name: "{{ item }}" - state: present - break_system_packages: yes - executable: pip3 - with_items: - - pyyaml - - cryptography - - passlib - -- name: Install Docker - import_tasks: docker-install.yaml diff --git a/src/ansible/roles/soupclown/tasks/main.yaml b/src/ansible/roles/soupclown/tasks/main.yaml deleted file mode 100644 index 0ee7cd3..0000000 --- a/src/ansible/roles/soupclown/tasks/main.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Install all dependencies - import_tasks: install-deps.yaml - -- name: Create users - import_tasks: create-users.yaml - -- name: Install rclone (MEGA) - import_tasks: rclone-mega-install.yaml diff --git a/src/ansible/roles/soupclown/tasks/rclone-mega-install.yaml b/src/ansible/roles/soupclown/tasks/rclone-mega-install.yaml deleted file mode 100644 index 034f3e3..0000000 --- a/src/ansible/roles/soupclown/tasks/rclone-mega-install.yaml +++ /dev/null @@ -1,71 +0,0 @@ -- name: Check if rclone is installed - stat: - path: /var/rclone_installed - register: rclone_installed_check - -- name: Install rclone (mega) - command: - # This command is for sure not working but I ran it manually and it worked. So I blame ansible - cmd: "curl https://rclone.org/install.sh | sudo bash ; touch /var/rclone_installed" - creates: /var/rclone_installed - when: not rclone_installed_check.stat.exists - -- name: Create required directories - file: - path: "{{ item }}" - state: directory - mode: "0770" - with_items: - - /root/.config/rclone - - /mnt/mega - -- name: Create rclone config - copy: - content: | - [mega] - type = mega - user = tnuu9h362@mozmail.com - pass = {{ rclone_mega_key }} - - [data] - type = crypt - remote = mega:enc - password = {{ rclone_encPass_one }} - password2 = {{ rclone_encPass_two }} - dest: /root/.config/rclone/rclone.conf - -- name: Write service file for rclone mount - copy: - content: | - [Unit] - Description=Rclone mount service - After=local-fs.target network.target - - [Service] - Type=simple - User=root - KillMode=control-group - ExecStart=rclone mount data:enc /mnt/mega -vv \ - --vfs-cache-mode full \ - --allow-other \ - --umask 0 \ - --dir-perms 0777 \ - --file-perms 0777 \ - --dir-cache-time 300h - ExecStop=umount /mnt/mega - Restart=on-failure - [Install] - WantedBy=default.target - dest: /etc/systemd/system/rclone.service - mode: "0644" - owner: root - group: root - -- name: Systemctl daemon-reload - command: systemctl daemon-reload - -- name: Enable and start rclone service - systemd: - name: rclone - state: started - enabled: yes diff --git a/src/ansible/tailscale-inventory.ini b/src/ansible/tailscale-inventory.ini deleted file mode 100644 index 9148ad6..0000000 --- a/src/ansible/tailscale-inventory.ini +++ /dev/null @@ -1,10 +0,0 @@ - -; qmoran-laptop (personal laptop) -[qmoran-laptop] -qmoran@100.118.33.8 ansible_ssh_private_key_file=~/.ssh/po/qmoran@qmoran-laptop_ed25519 - -[qmoran-desktop] -qmoran@qmoran-desktop-1.tailc7e587.ts.net - -[po1] -qmoran@po1 \ No newline at end of file diff --git a/src/ansible/vps-inv.ini b/src/ansible/vps-inv.ini deleted file mode 100644 index 7d86867..0000000 --- a/src/ansible/vps-inv.ini +++ /dev/null @@ -1,2 +0,0 @@ -[all] -root@187.77.193.76 \ No newline at end of file