testing

README.md

@@ -1,39 +1,25 @@
-# Homelab
-This repository contains Ansible to automate Debian GNU/Linux servers, deploying
-server technologies that are either useful in a personal capacity or provide
-educational value on automating enterprise infrastructure.
+# Project Moxie
 
-Development is accomplished using Vagrant to allow easy reproducibility in an
-isolated virtual environment that be ran on your local machine.
+Project Moxie is a personal IT homelab project written in Ansible and executed by Jenkins. It is a growing collection of infrastructure as code (IaC) I write out of curiosity and for reference purposes, keeping a handful of beneficial projects managed and secured.
 
 ## Quick Start
-These steps assume a basic understanding of GNU/Linux, Hypervisors, Vagrant, and Ansible.
+
+To configure a local virtual machine for testing, follow these simple steps.
 
 ### Prerequisites
-- [Vagrant](https://developer.hashicorp.com/vagrant/docs/installation)
-- [Supported hypervisor](https://developer.hashicorp.com/vagrant/docs/providers)
-- Ansible
+
+Vagrant and VirtualBox are used to develop Project Moxie. You will need to install these before continuing.
 
 ### Installation
 
 1. Clone this repository
    ```
-   git clone https://git.krislamo.org/kris/homelab
-   ```
-   OR download from the mirror on GitHub:
-   ```
-   git clone https://github.com/krislamo/homelab
+   git clone https://github.com/krislamo/moxie
    ```
+2. Set the `PLAYBOOK` environmental variable to a development playbook name in the `dev/` directory
 
-2. Find available playbooks for development
-   ```
-   cd homelab
-   ```
-   ```
-   find dev -maxdepth 1 -name "*.yml" -exec basename {} .yml \;
-   ```
+   The following `PLAYBOOK` names are available: `dockerbox`, `hypervisor`, `minecraft`, `bitwarden`, `nextcloud`, `nginx`
 
-3. Set the `PLAYBOOK` environmental variable to a value listed in the last step, e.g.,
    ```
    export PLAYBOOK=dockerbox
    ```
@@ -43,10 +29,11 @@ These steps assume a basic understanding of GNU/Linux, Hypervisors, Vagrant, and
    ```
 
 #### Copyright and License
-Copyright (C) 2020-2022  Kris Lamoureux
+Copyright (C) 2020-2021  Kris Lamoureux
 
 [![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)
 
+
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
 
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

dev/host_vars/mediaserver.yml

@@ -0,0 +1,26 @@
+base_domain: vm.krislamo.org
+
+# base
+allow_reboot: false
+manage_network: false
+
+# proxy
+proxy:
+  #production: true
+  dns_cloudflare:
+    opts: --test-cert
+    #email: realemail@example.com
+    #api_token: CLOUDFLARE_DNS01_API_TOKEN
+    wildcard_domains:
+      - "{{ base_domain }}"
+  servers:
+    - domain: "{{ jellyfin_domain }}"
+      proxy_pass: "http://127.0.0.1:8080"
+
+# docker
+docker_users:
+  - vagrant
+
+# jellyfin
+jellyfin_domain: "jellyfin.{{ base_domain }}"
+jellyfin_version: latest

dev/mediaserver.yml

@@ -0,0 +1,10 @@
+- name: Install Media Server
+  hosts: all
+  become: true
+  vars_files:
+    - host_vars/mediaserver.yml
+  roles:
+    - base
+    - proxy
+    - docker
+    - jellyfin

mediaserver.yml

@@ -0,0 +1,7 @@
+- name: Install Media Server
+  hosts: mediaservers
+  become: true
+  roles:
+    - base
+    - docker
+    - jellyfin

roles/.gitignore

@@ -1,20 +1 @@
-/*
-!.gitignore
-!requirements.yml
-!base*/
-!bitwarden*/
-!docker*/
-!gitea*/
-!jenkins*/
-!libvirt*/
-!mariadb*/
-!minecraft*/
-!nextcloud*/
-!nginx*/
-!postgresql*/
-!prometheus*/
-!proxy*/
-!rsnapshot*/
-!traefik*/
-!unifi*/
-!wordpress*/
+.gitignore

roles/base/handlers/main.yml

@@ -1,18 +1,24 @@
 - name: Reboot host
-  reboot:
+  ansible.builtin.reboot:
     msg: "Reboot initiated by Ansible"
     connect_timeout: 5
   listen: reboot_host
   when: allow_reboot
 
 - name: Restart WireGuard
-  service:
+  ansible.builtin.service:
     name: wg-quick@wg0
     state: restarted
   listen: restart_wireguard
 
 - name: Restart Fail2ban
-  service:
+  ansible.builtin.service:
     name: fail2ban
     state: restarted
   listen: restart_fail2ban
+
+- name: Restart ddclient
+  ansible.builtin.service:
+    name: ddclient
+    state: restarted
+  listen: restart_ddclient

roles/base/tasks/ansible.yml

@@ -1,11 +1,11 @@
 - name: 'Install Ansible dependency: python3-apt'
-  shell: 'apt-get update && apt-get install python3-apt -y'
+  ansible.builtin.shell: 'apt-get update && apt-get install python3-apt -y'
   args:
     creates: /usr/lib/python3/dist-packages/apt
     warn: false
 
 - name: Install additional Ansible dependencies
-  apt:
+  ansible.builtin.apt:
     name: "{{ item }}"
     state: present
     force_apt_get: true
@@ -17,7 +17,7 @@
     - python3-psycopg2
 
 - name: Create Ansible's temporary remote directory
-  file:
+  ansible.builtin.file:
     path: "~/.ansible/tmp"
     state: directory
     mode: 0700

roles/base/tasks/ddclient.yml

@@ -1,22 +1,17 @@
 - name: Install ddclient
-  apt:
+  ansible.builtin.apt:
     name: ddclient
     state: present
 
 - name: Install ddclient settings
-  template:
+  ansible.builtin.template:
     src: ddclient.conf.j2
     dest: /etc/ddclient.conf
+    mode: 0600
   register: ddclient_settings
 
 - name: Start ddclient and enable on boot
-  service:
+  ansible.builtin.service:
     name: ddclient
     state: started
     enabled: true
-
-- name: Restart ddclient
-  service:
-    name: ddclient
-    state: restarted
-  when: ddclient_settings.changed

roles/jellyfin/defaults/main.yml

@@ -0,0 +1,4 @@
+jellyfin_name: jellyfin
+jellyfin_volume: "{{ jellyfin_name }}"
+jellyfin_rooturl: "https://{{ jellyfin_domain }}"
+jellyfin_root: "{{ docker_compose_root }}/{{ jellyfin_name }}"

roles/jellyfin/handlers/main.yml

@@ -0,0 +1,6 @@
+- name: Restart Jellyfin
+  service:
+    name: "{{ docker_compose_service }}@{{ jellyfin_name }}"
+    state: restarted
+  listen: restart_jellyfin
+  

roles/jellyfin/tasks/main.yml

@@ -0,0 +1,37 @@
+- name: Create Jellyfin directory
+  ansible.builtin.file:
+    path: "{{ jellyfin_root }}"
+    state: directory
+
+- name: Create jellyfin user
+  user:
+    name: jellyfin
+    state: present
+
+- name: jellyfin user uid
+  getent:
+    database: passwd
+    key: jellyfin
+
+- name: jellyfin user gid
+  getent:
+    database: group
+    key: jellyfin
+
+- name: Install Jellyfin's docker-compose file
+  template:
+    src: docker-compose.yml.j2
+    dest: "{{ jellyfin_root }}/docker-compose.yml"
+  notify: restart_jellyfin
+
+- name: Install Jellyfin's docker-compose variables
+  template:
+    src: compose-env.j2
+    dest: "{{ jellyfin_root }}/.env"
+  notify: restart_jellyfin
+
+- name: Start and enable Jellyfin service
+  service:
+    name: "{{ docker_compose_service }}@{{ jellyfin_name }}"
+    state: started
+    enabled: true

roles/jellyfin/templates/compose-env.j2

@@ -0,0 +1,5 @@
+# {{ ansible_managed }}
+jellyfin_version={{ jellyfin_version }}
+jellyfin_name={{ jellyfin_name }}
+jellyfin_domain={{ jellyfin_domain }}
+jellyfin_rooturl={{ jellyfin_rooturl }}

roles/jellyfin/templates/docker-compose.yml.j2

@@ -0,0 +1,13 @@
+version: '3.7'
+
+services:
+  jellyfin:
+    image: "jellyfin/jellyfin:${jellyfin_version}"
+    container_name: "${jellyfin_name}"
+    volumes:
+      - ./config:/config
+      - ./cache:/cache
+      - {{ jellyfin_volume }}:/media
+
+volumes:
+  {{ jellyfin_volume }}: