solve folder structure issue
This commit is contained in:
@@ -1,64 +0,0 @@
|
|||||||
---
|
|
||||||
# Homelab Infrastructure Deployment
|
|
||||||
#
|
|
||||||
# Deploys personal homelab services to arch-vps including:
|
|
||||||
# - PostgreSQL database
|
|
||||||
# - Valkey cache/session store
|
|
||||||
# - Podman container runtime
|
|
||||||
# - Caddy web server
|
|
||||||
# - Nextcloud cloud storage
|
|
||||||
# - Authentik SSO/authentication
|
|
||||||
# - Gitea git hosting
|
|
||||||
#
|
|
||||||
# Usage:
|
|
||||||
# ansible-playbook playbooks/homelab.yml
|
|
||||||
|
|
||||||
- name: Deploy Homelab Infrastructure
|
|
||||||
hosts: homelab
|
|
||||||
become: true
|
|
||||||
gather_facts: true
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
# Workaround: Manually load host_vars due to Ansible 2.20 variable loading issue
|
|
||||||
- name: Load homelab host variables
|
|
||||||
include_vars:
|
|
||||||
dir: "{{ playbook_dir }}/../host_vars/{{ inventory_hostname }}"
|
|
||||||
extensions: ['yml']
|
|
||||||
tags: always
|
|
||||||
|
|
||||||
# Deploy infrastructure services
|
|
||||||
- name: Deploy PostgreSQL
|
|
||||||
include_role:
|
|
||||||
name: postgresql
|
|
||||||
tags: ['postgresql', 'infrastructure', 'database']
|
|
||||||
|
|
||||||
- name: Deploy Valkey
|
|
||||||
include_role:
|
|
||||||
name: valkey
|
|
||||||
tags: ['valkey', 'redis', 'infrastructure', 'cache']
|
|
||||||
|
|
||||||
- name: Deploy Podman
|
|
||||||
include_role:
|
|
||||||
name: podman
|
|
||||||
tags: ['podman', 'containers', 'infrastructure']
|
|
||||||
|
|
||||||
- name: Deploy Caddy
|
|
||||||
include_role:
|
|
||||||
name: caddy
|
|
||||||
tags: ['caddy', 'infrastructure', 'web']
|
|
||||||
|
|
||||||
# Deploy application services
|
|
||||||
- name: Deploy Nextcloud
|
|
||||||
include_role:
|
|
||||||
name: nextcloud
|
|
||||||
tags: ['nextcloud', 'cloud', 'storage']
|
|
||||||
|
|
||||||
- name: Deploy Authentik
|
|
||||||
include_role:
|
|
||||||
name: authentik
|
|
||||||
tags: ['authentik', 'sso', 'auth']
|
|
||||||
|
|
||||||
- name: Deploy Gitea
|
|
||||||
include_role:
|
|
||||||
name: gitea
|
|
||||||
tags: ['gitea', 'git', 'development']
|
|
||||||
@@ -43,15 +43,9 @@
|
|||||||
- "Running kernel: {{ current_kernel.stdout }}"
|
- "Running kernel: {{ current_kernel.stdout }}"
|
||||||
- "Latest modules: {{ latest_modules.stdout }}"
|
- "Latest modules: {{ latest_modules.stdout }}"
|
||||||
|
|
||||||
- name: Test if nftables modules are available
|
|
||||||
command: nft list ruleset
|
|
||||||
register: nft_test_prereq
|
|
||||||
failed_when: false
|
|
||||||
changed_when: false
|
|
||||||
|
|
||||||
- name: Determine if reboot is needed
|
- name: Determine if reboot is needed
|
||||||
set_fact:
|
set_fact:
|
||||||
reboot_needed: "{{ current_kernel.stdout != latest_modules.stdout or nft_test_prereq.rc != 0 }}"
|
reboot_needed: "{{ current_kernel.stdout != latest_modules.stdout }}"
|
||||||
|
|
||||||
- name: Reboot system if kernel/module mismatch detected
|
- name: Reboot system if kernel/module mismatch detected
|
||||||
reboot:
|
reboot:
|
||||||
@@ -65,16 +59,6 @@
|
|||||||
timeout: 300
|
timeout: 300
|
||||||
when: reboot_needed | bool
|
when: reboot_needed | bool
|
||||||
|
|
||||||
- name: Verify nftables is now available after reboot
|
|
||||||
command: nft list ruleset
|
|
||||||
register: nft_post_reboot
|
|
||||||
failed_when: false
|
|
||||||
changed_when: false
|
|
||||||
|
|
||||||
- name: Display post-reboot nftables status
|
|
||||||
debug:
|
|
||||||
msg: "nftables availability after reboot: {{ 'Working' if nft_post_reboot.rc == 0 else 'Failed' }}"
|
|
||||||
|
|
||||||
# ============================================
|
# ============================================
|
||||||
# SSH Hardening
|
# SSH Hardening
|
||||||
# ============================================
|
# ============================================
|
||||||
|
|||||||
@@ -21,7 +21,7 @@
|
|||||||
# Workaround: Manually load group_vars due to Ansible 2.20 variable loading issue
|
# Workaround: Manually load group_vars due to Ansible 2.20 variable loading issue
|
||||||
- name: Load production group variables
|
- name: Load production group variables
|
||||||
include_vars:
|
include_vars:
|
||||||
dir: "{{ playbook_dir }}/../group_vars/production"
|
dir: "{{ playbook_dir }}/group_vars/production"
|
||||||
extensions: ['yml']
|
extensions: ['yml']
|
||||||
tags: always
|
tags: always
|
||||||
|
|
||||||
37
rick-infra.yml
Normal file
37
rick-infra.yml
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
---
|
||||||
|
# Homelab Infrastructure Deployment
|
||||||
|
#
|
||||||
|
# Deploys personal homelab services to arch-vps including:
|
||||||
|
# - PostgreSQL database
|
||||||
|
# - Valkey cache/session store
|
||||||
|
# - Podman container runtime
|
||||||
|
# - Caddy web server
|
||||||
|
# - Nextcloud cloud storage
|
||||||
|
# - Authentik SSO/authentication
|
||||||
|
# - Gitea git hosting
|
||||||
|
#
|
||||||
|
# Usage:
|
||||||
|
# ansible-playbook playbooks/homelab.yml
|
||||||
|
|
||||||
|
- import_playbook: playbooks/security.yml
|
||||||
|
- name: Deploy Homelab Infrastructure
|
||||||
|
hosts: homelab
|
||||||
|
become: true
|
||||||
|
gather_facts: true
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
# - name: Deploy Authentik
|
||||||
|
# include_role:
|
||||||
|
# name: authentik
|
||||||
|
# tags: ['authentik', 'sso', 'auth']
|
||||||
|
|
||||||
|
# - name: Deploy Gitea
|
||||||
|
# include_role:
|
||||||
|
# name: gitea
|
||||||
|
# tags: ['gitea', 'git', 'development']
|
||||||
|
|
||||||
|
- name: Deploy Nextcloud
|
||||||
|
include_role:
|
||||||
|
name: nextcloud
|
||||||
|
tags: ['nextcloud', 'cloud', 'storage']
|
||||||
|
|
||||||
Reference in New Issue
Block a user