Commit Graph

228 Commits

Author SHA1 Message Date
e3f03edf3f
Use file-based preshared keys for WireGuard
- Include proxy role in standard Docker playbook
2024-10-13 22:27:27 -04:00
f481a965dd
Update Samba and WireGuard configuration
- Adjust Samba config file permissions to 644
- Introduce PresharedKey option in WireGuard config template
2024-09-10 22:35:20 -04:00
a0aa289c05
Restrict GitHub Actions to a dedicated branch
- The Vagrant testing setup on macos-latest is broken
- Temporary measure until fixed or abandoned
2024-09-10 22:11:31 -04:00
324fe0b191
Upgrade Nextcloud setup to use compose files
- Integrated MariaDB role into Dockerbox configuration
- Moved proxy role to the end to avoid early endpoint activation
- Temporarily disabled select roles for future re-evaluation
- Introduced flush_handlers task for early MariaDB restart
- Moved a few Nextcloud tasks to handlers
- Configured Nextcloud to utilize the host's MariaDB instance
- Enhanced overall code linting quality
2024-04-21 22:27:48 -04:00
6fbd3c53bb
Add Vagrant cache option for dhparams.pem 2024-03-26 21:51:39 -04:00
01e8e22c01
Prevent running 'vagrant ssh' as root
Resolve possible issues with 'vagrant ssh' when executed as root
2024-03-04 23:42:40 -05:00
a31bf233dc
Slight message tweaks in forward-ssh.sh script 2023-12-09 13:16:46 -05:00
60fafed9cd
Update forward-ssh.sh script for Swarm support
- Address limitations in Swarm with loopback binding
- Ensure compatibility with localhost DNS wildcard A record
- Enable port forwarding on 80 and 443 using VM IP for Swarm compatibility
- Retain 8443:localhost:8443 for non-Swarm setups
2023-12-09 13:04:07 -05:00
2c00858590
Update README.md 2023-11-18 17:37:27 -05:00
be80681485
Add multi-machine support to forward-ssh.sh
- Detects multiple private keys
- Adds validation for all discovered keys
- Defaults to "default" machine, with override via the first parameter
2023-11-05 21:37:33 -05:00
a2e60972c7
Comply with linting on proxy setup 2023-11-05 21:34:19 -05:00
598359854f
Update proxy role to comply with linting 2023-11-03 00:47:06 -04:00
ef812c1877
Add copyright notice on forward-ssh.sh 2023-11-03 00:12:12 -04:00
385e60aee5
Update proxy playbook 2023-11-02 23:29:54 -04:00
5633468f41
Fix linting issues on Docker role 2023-10-22 13:48:20 -04:00
7f91b24adb
Add Debian/Official Docker repo toggle
- Default docker_official toggle to false (for now)
- Preempt MariaDB restart before container restarts
- Start containers in a handler
2023-10-22 11:33:05 -04:00
5b09029239
Update base role to pass linting 2023-10-20 21:30:25 -04:00
7adb5f10e9
Update Gitea role for docker_compose_deploy
- Add MariaDB to dev playbook
- Set Git user in "users:"
- Define Gitea external compose project
- Forward SSH port in forwarding script
- Create user groups with system users
- Install python3-pymysql for Ansible
- Strip old Gitea deployment methods
- Bind MariaDB to docker0 for Docker access
2023-10-20 15:41:44 -04:00
c3b4321667
Add Gitea dev playbook and host_vars 2023-10-19 16:40:34 -04:00
d05c5d3086
Slight tweaks on Ansible output 2023-10-19 16:36:05 -04:00
ac412f16ef
Simplify the "Import GPG keys" loop 2023-10-19 14:09:10 -04:00
2354a8fb8c
Verify successful GPG imports 2023-10-19 13:37:35 -04:00
251a7c0dd5
Import PGP key and verify git commits 2023-10-19 02:56:36 -04:00
1d8ae8a0b6
Install ntpsec 2023-10-19 01:27:31 -04:00
6b2feaee5e
Hide docker-compose secrets from diff output 2023-10-18 23:03:52 -04:00
31e0538b84
Add locale configuration tasks to base role 2023-10-18 16:32:09 -04:00
a65c4b9cf6
Handle Ansible undefined loop variable
- Default docker_compose_deploy to empty list if undefined
- Add conditional check to avoid looping through an empty list
2023-10-10 00:14:52 -04:00
7ee6e4810d
Convert booleans to lowercase 2023-10-10 00:00:00 -04:00
87aa7ecf8b
Add external compose support in the docker role
- Use ansible.posix.synchronize for compose.yml
- Set fact for compose service restarts
- Introduce plain Docker dev host
- Optionally verify repos via GPG before sync
- Hide docker_repos_path in .folder
- Tweak .env for conciseness
- Add --diff to Ansible in Vagrantfile
- Clean output with loop_control
- Embed GPG in base role
2023-10-09 23:47:49 -04:00
0377a5e642
Add option for private OCI registry auth 2023-09-29 22:18:59 -04:00
2e02efcbb7
Add Makefile, roles_path, and SSH tunnel variable 2023-09-26 21:14:06 -04:00
8fed63792b
Ask permission for starting vagrant SSH tunnels 2023-09-16 00:04:58 -04:00
2c4fcbacc3
Introduce forward-ssh.sh method & reorganize
- Abandoned update-hosts.sh in favor of loopback SSH forwarding
- Adopted *.local.krislamo.org as a wildcard loopback domain
- Bound Traefik to ports 443/80 on Dockerbox dev
- Removed outdated Gitea config from Dockerbox
- Relocated production playbooks to a new directory
2023-09-15 23:46:45 -04:00
b81372c07a
Fix the Vagrantfile for Github runners 2023-08-30 19:45:42 -04:00
9b5be29a1a
Update Vagrantfile to use external settings 2023-08-21 18:46:47 -04:00
ef5aacdbbd
No deploy keys without compose deploy variable 2023-07-21 23:52:18 -04:00
a635c7aa48
Add option to deploy external docker-compose stack 2023-07-20 03:51:44 -04:00
56aee460ad
Limit Github actions to specific branches 2023-07-20 00:33:42 -04:00
027ba46f6b
Add Github actions and remove old ansible stuff 2023-07-08 23:43:52 -04:00
48216db8f9
Updated Nextcloud settings and added cron job 2023-06-18 23:52:10 -04:00
fa1dc4acb7
Fix WireGuard firewall rule 2023-06-15 03:09:13 -04:00
228cd5795b
Config adjustments for Jellyfin/Samba deployment
- Ignored .vscode
- Added firewall exclusion option
- Allowed guest access in Samba
2023-06-09 22:26:47 -04:00
74a559f1f6
Update mediaserver playbook and fix Wireguard task 2023-06-08 03:47:54 -04:00
4c2a1550c4
Adding samba and general user management 2023-06-07 02:12:17 -04:00
f02cf7b0cc
Refactor docker playbook
- Removed copyright notice
- Variablize 'hosts' value in the playbook
- Install Jenkins agent before running Docker role
2023-05-08 16:26:16 -04:00
9142254a57
Improvements for ansible-linting 2023-05-04 01:44:18 -04:00
dfd93dd5f8
Updated Ansible tasks to FQCN format 2023-05-03 23:42:55 -04:00
81d2ea447a
Add mediaserver, rm .gitignore, FQCN, Jellyfin
- Added development "mediaserver" playbook for testing
- rm .gitignore in roles dir since no external ansible roles are used
- Update a part of the base role to use FQCN for linting
- Added "jellyfin" role to install Jellyfin with docker-compose
- Updated Traefik to use the loopback for default web entry points
- Simplified Traefik docker-compose vars, Ansible sets defaults
2023-04-26 02:26:50 -04:00
9512212b84
Refactor Traefik deploy: docker-compose + systemd
- Replace docker_container ansible with new setup
- Add option to disable HTTPS for alternate reverse proxy use
2023-04-21 03:04:53 -04:00
c67a39982e
Option to enable websockets for the noVNC console 2022-12-06 00:15:10 -05:00