joakim/rick-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

solve folder structure issue

Browse Source
This commit is contained in:
Joakim
2025-12-16 20:38:51 +01:00
parent a9f814d929
commit 4f8b46fa14
4 changed files with 39 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
playbooks/homelab.yml
View File

@@ -1,64 +0,0 @@
---
# Homelab Infrastructure Deployment
#
# Deploys personal homelab services to arch-vps including:
# - PostgreSQL database
# - Valkey cache/session store
# - Podman container runtime
# - Caddy web server
# - Nextcloud cloud storage
# - Authentik SSO/authentication
# - Gitea git hosting
#
# Usage:
# ansible-playbook playbooks/homelab.yml
- name: Deploy Homelab Infrastructure
hosts: homelab
become: true
gather_facts: true
tasks:
# Workaround: Manually load host_vars due to Ansible 2.20 variable loading issue
- name: Load homelab host variables
include_vars:
dir: "{{ playbook_dir }}/../host_vars/{{ inventory_hostname }}"
extensions: ['yml']
tags: always
# Deploy infrastructure services
- name: Deploy PostgreSQL
include_role:
name: postgresql
tags: ['postgresql', 'infrastructure', 'database']
- name: Deploy Valkey
include_role:
name: valkey
tags: ['valkey', 'redis', 'infrastructure', 'cache']
- name: Deploy Podman
include_role:
name: podman
tags: ['podman', 'containers', 'infrastructure']
- name: Deploy Caddy
include_role:
name: caddy
tags: ['caddy', 'infrastructure', 'web']
# Deploy application services
- name: Deploy Nextcloud
include_role:
name: nextcloud
tags: ['nextcloud', 'cloud', 'storage']
- name: Deploy Authentik
include_role:
name: authentik
tags: ['authentik', 'sso', 'auth']
- name: Deploy Gitea
include_role:
name: gitea
tags: ['gitea', 'git', 'development']

18
playbooks/security.yml
View File

@@ -43,15 +43,9 @@
- "Running kernel: {{ current_kernel.stdout }}"
- "Latest modules: {{ latest_modules.stdout }}"
- name: Test if nftables modules are available
command: nft list ruleset
register: nft_test_prereq
failed_when: false
changed_when: false
- name: Determine if reboot is needed
set_fact:
reboot_needed: "{{ current_kernel.stdout != latest_modules.stdout or nft_test_prereq.rc != 0 }}"
reboot_needed: "{{ current_kernel.stdout != latest_modules.stdout }}"
- name: Reboot system if kernel/module mismatch detected
reboot:
@@ -65,16 +59,6 @@
timeout: 300
when: reboot_needed | bool
- name: Verify nftables is now available after reboot
command: nft list ruleset
register: nft_post_reboot
failed_when: false
changed_when: false
- name: Display post-reboot nftables status
debug:
msg: "nftables availability after reboot: {{ 'Working' if nft_post_reboot.rc == 0 else 'Failed' }}"
# ============================================
# SSH Hardening
# ============================================

2
playbooks/production.yml → production.yml
View File

@@ -21,7 +21,7 @@
# Workaround: Manually load group_vars due to Ansible 2.20 variable loading issue
- name: Load production group variables
include_vars:
dir: "{{ playbook_dir }}/../group_vars/production"
dir: "{{ playbook_dir }}/group_vars/production"
extensions: ['yml']
tags: always

37
rick-infra.yml Normal file
View File

@@ -0,0 +1,37 @@
---
# Homelab Infrastructure Deployment
#
# Deploys personal homelab services to arch-vps including:
# - PostgreSQL database
# - Valkey cache/session store
# - Podman container runtime
# - Caddy web server
# - Nextcloud cloud storage
# - Authentik SSO/authentication
# - Gitea git hosting
#
# Usage:
# ansible-playbook playbooks/homelab.yml
- import_playbook: playbooks/security.yml
- name: Deploy Homelab Infrastructure
hosts: homelab
become: true
gather_facts: true
tasks:
# - name: Deploy Authentik
# include_role:
# name: authentik
# tags: ['authentik', 'sso', 'auth']
# - name: Deploy Gitea
# include_role:
# name: gitea
# tags: ['gitea', 'git', 'development']
- name: Deploy Nextcloud
include_role:
name: nextcloud
tags: ['nextcloud', 'cloud', 'storage']