adding separate group_vars files for linode

3 years ago · 8feb02a77d
parent cb4e7fbc73
commit 8feb02a77d
21 changed files with 225 additions and 130 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,4 @@
 venv
 stack.env
 linodehosts.ini
 test-playbook.yml
--- a/group_vars/linode.yml
+++ b/group_vars/linode.yml
@ -0,0 +1,13 @@
 ---
 # all encrypted variables should go in the linked file.
 vault_file: vault_vars/linode-vault.yml
 # any linode specific variables go here
 configure_mergefs: false
 configure_samba: false
 services:
  - name: gitea
  - name: docker-volume-backup
 # use raw docker compose instead of portainer
 use_docker_compose: true
 use_portainer: false
--- a/group_vars/qnap.yml
+++ b/group_vars/qnap.yml
@ -0,0 +1,61 @@
 ---
 # all encrypted variables should go in the linked file.
 vault_file: vault_vars/qnap-vault.yml
 # any qnap specific variables go here
 configure_mergefs: true
 mounts:
 - path: /mnt/mergerfs
  state: mounted
  branches:
    - "/mnt/data/device0"
    - "/mnt/data/device1"
    - "/mnt/data/device2"
  options: allow_other,use_ino
 devices:
  - uuid: "a54c1bde-1400-4975-bf24-08c603ca3a11" # /dev/sdc1
    path: "/mnt/data/device0"
  - uuid: "727dddaa-f7a1-439a-995f-5f4d35322e08" # /dev/sdd1
    path: "/mnt/data/device1"
  - uuid: "f3cff115-9adc-4761-b1e9-e81055f3e0af" # /dev/sda1
    path: "/mnt/data/device2"
    # SSD for downloads / transcoding
  - uuid: "c528bf82-61ab-4f3d-87e0-d1e6e02ef7ec" # /dev/sdf
    path: "/mnt/ssd0/"
 configure_samba: true
 samba_group: smbgroup
 samba_user: smbuser
 users:
  - name: cianhatton
 shares:
  - /share
  - /share/public_files
  - /share/private_files
  - /share/cian_files
 services:
  - name: gitea
  - name: mealie
  - name: linkding
  - name: overseerr
  - name: nextcloud
  - name: dashboards
  - name: nginx-proxy-manager
  - name: plex
  - name: uptime-kuma
  - name: vpn-stack
  - name: docker-volume-backup
  - name: mariadb
  - name: photoprism
 extra_hosts:
  - "qnap:192.168.178.42"
 # any additional docker networks that should be created
 docker_networks:
  - mariadb_net
 use_portainer: true
--- a/group_vars/servers.yml
+++ b/group_vars/servers.yml
@ -0,0 +1,30 @@
 ---
 backups:
  schedule_keys:
    monthly: "monthly"
    nightly: "nightly"
 docker_compose_directory: /etc/docker-compose/portainer
 # TODO: docker_volume_backup exists in vault. Clean this up.
 dockervolumebackup:
  image: ghcr.io/chatton/docker-volume-backup
  tag: pr-20
  config_directory: /etc/docker-volume-backup
 # dashy related config
 dashy:
  config_file: dashy-config.yml
  source_file: dashboards/dashy-config.yml
  config_directory: /etc/config/olivetin
 # olivetin related config
 olivetin:
  config_file: config.yml
  source_file: olivetin/config.yml
  config_directory: /etc/config/dashy
 docker_networks: []
 homelab_group: cianhatton
 homelab_user: cianhatton
--- a/hosts.ini
+++ b/hosts.ini
@ -1,5 +1,16 @@
-[servers]
+# group qnap and linode to run operations on.
 # this ensures we don't run everything on localhost as well.
 [servers:children]
 qnap
 linode
 [qnap]
 cianhatton@qnap
 [localhost]
 localhost ansible_connection=local ansible_python_interpreter=/Users/chatton/checkouts/ansible-homelab/venv/bin/python
 # BEGIN ANSIBLE MANAGED BLOCK
 [linode]
 root@45.79.165.198
 # END ANSIBLE MANAGED BLOCK
--- a/library/portainer.py
+++ b/library/portainer.py
@ -204,10 +204,6 @@ def handle_state_present(client, module):
    with open(module.params["docker_compose_file_path"]) as f:
        file_contents = f.read()
    envs = []
    if "env_file_path" in module.params:
        envs = _load_envs_from_file(module.params["env_file_path"])
    target_stack_name = module.params["stack_name"]
    for stack in stacks:
        if stack["Name"] == target_stack_name:
@ -216,7 +212,7 @@ def handle_state_present(client, module):
            break
    if not already_exists:
-        stack = _create_stack(client, module, file_contents, envs=envs)
+        stack = _create_stack(client, module, file_contents)
        result["changed"] = True
        result["stack_id"] = stack["Id"]
        module.exit_json(**result)
@ -233,7 +229,7 @@ def handle_state_present(client, module):
        return
    # the stack exists and we have a new config.
-    _update_stack(client, module, stack_id, envs=envs)
+    _update_stack(client, module, stack_id)
    result["changed"] = True
    module.exit_json(**result)
@ -267,7 +263,6 @@ def run_module():
    module_args = dict(
        stack_name=dict(type='str', required=True),
        docker_compose_file_path=dict(type='str', required=True),
        env_file_path=dict(type='str', required=False),
        username=dict(type='str', default='admin'),
        password=dict(type='str', required=True, no_log=True),
        base_url=dict(type='str', default="http://localhost:9000"),
--- a/roles/setup_hosted_services/defaults/main-vault.yml
+++ b/roles/setup_hosted_services/defaults/main-vault.yml
@ -1,31 +0,0 @@
 $ANSIBLE_VAULT;1.1;AES256
 61663635393234373338643564313337353832313533656466623266303965326333353663353336
 3431663531363464626562383135393830353339323764370a303031353864633834346539363832
 33313832616138386365353966333137363937663736306261346136646565653936646332626135
 3538356635613735380a666336356139656466306432636466653630633762323133333936353133
 31616437663332653134363630363961303132653064666436383864613835353437336637353265
 63653963306338363730346139383636643033353835346134363231326264666461303134353432
 62396237316261383061383566616433303833613561383638663361363963326463656461346537
 62383761386266316664666432316664646562316565333330373264373535393035303466613536
 61633565663237373734653062333564653964366234333035393937613139313930363936323963
 31623166313564616362303230386466653831393438616166353666653536393231613565656461
 35313239363563323434626561336363353137643361376437363736613263303738333462323538
 32343230663033646437343937613633623663333339313037393661313938346232346535663935
 30663631326431663838356131346530643930663633306233633135646665313264633436336665
 63626532343763633936313264613836353437356233396161616362323837376166313438353131
 62613064393362616430313935646662316239333332393036303766373837343338623036316539
 34643639666237356536666562376664376637643430663930353337623037373133663961633961
 38623863626265363661333132656662613337613939656365353734326463373833323332323463
 35356334326239313661626462376666626435313565306366333062393433323734326563616261
 65646130626234333039646136646463393365643833306562343165613766636133373463333465
 38316538383964343164323238356461643632346365646536356265353933336466613838623335
 34663630633062346562653964613831333165386538353636313565343536666465366438303136
 65663336303239636239626662323730383834376436636562333164396631323035333862393832
 63646364343564383235376137303031653163393966656264646338366163633931613437393830
 33643935353965393661323837646437306364396633636335346361316339326432306363376432
 66333637336636396536656237623232326539326264363033393334616235626463623435373763
 65396162336430336666373233636138363666613235323565336334353231613263383564633663
 35653433383936623638393032363935666134323833306563393266663933653261383061303036
 37393065643766643336616465663631316130653365366666613333363638663631303363636431
 34333435616435386261383865356166396666633737613763303165396365616635346534616131
 3437323335316432396363353138333163613830623165666666
--- a/roles/setup_hosted_services/defaults/main.yml
+++ b/roles/setup_hosted_services/defaults/main.yml
@ -1,28 +1,4 @@
 ---
 services:
  - name: gitea
  - name: mealie
  - name: linkding
  - name: overseerr
  - name: nextcloud
  - name: dashboards
  - name: nginx-proxy-manager
  - name: plex
  - name: uptime-kuma
  - name: vpn-stack
  - name: docker-volume-backup
  - name: mariadb
  - name: photoprism
 # any additional docker networks that should be created
 docker_networks:
  - mariadb_net
 backups:
  schedule_keys:
    monthly: "monthly"
    nightly: "nightly"
 qnap:
  # path on qnap where downloads go
  downloads_dir: /mnt/ssd0/downloads
@ -39,22 +15,5 @@ qnap:
  # path where photoprism photos are stored
  photoprism_dir: /mnt/mergerfs/photoprism
-dockervolumebackup:
+use_portainer: true
-  image: ghcr.io/chatton/docker-volume-backup
+use_docker_compose: false
  tag: pr-20
  config_directory: /etc/docker-volume-backup
 # dashy related config
 dashy:
  destination_dir: /etc/config/dashy
  destination_file: dashy-config.yml
  source_file: dashboards/dashy-config.yml
 # olivetin related config
 olivetin:
  destination_dir: /etc/config/olivetin
  destination_file: config.yml
  source_file: olivetin/config.yml
 extra_hosts:
  - "qnap:192.168.178.42"
--- a/roles/setup_hosted_services/tasks/main.yml
+++ b/roles/setup_hosted_services/tasks/main.yml
@ -1,7 +1,4 @@
 ---
 - name: Include all defaults
  include_vars: defaults/main-vault.yml
 - name: Docker | Pull images
  docker_image:
    name: "{{item}}"
@ -30,21 +27,21 @@
    state: directory
    mode: '0755'
  with_items:
-    - "{{dashy.destination_dir}}"
+    - "{{dashy.config_directory}}"
-    - "{{olivetin.destination_dir}}"
+    - "{{olivetin.config_directory}}"
    - "{{dockervolumebackup.config_directory}}"
 - name: Dashy | Config Files
  copy:
    src: "{{dashy.source_file}}"
-    dest: "{{dashy.destination_dir}}/{{dashy.destination_file}}"
+    dest: "{{dashy.config_directory}}/{{dashy.config_file}}"
  notify:
    - restart-dashy
 - name: Olivetin | Config Files
  copy:
    src: "{{olivetin.source_file}}"
-    dest: "{{olivetin.destination_dir}}/{{olivetin.destination_file}}"
+    dest: "{{olivetin.config_directory}}/{{olivetin.config_file}}"
  notify:
    - restart-olivetin
@ -105,10 +102,17 @@
  with_items: "{{ docker_networks }}"
 - name: Portainer | Update Stack
  when: use_portainer
  portainer:
    username: admin
    password: "{{portainer.password}}"
    docker_compose_file_path: "{{qnap.docker_compose_directory}}/{{ item.name }}/docker-compose.yml"
    env_file_path: "{{qnap.docker_compose_directory}}/{{ item.name }}/stack.env"
    stack_name: "{{ item.name }}"
  with_items: "{{services}}"
 - name: Docker compose | Update Stack
  when: use_docker_compose
  docker_compose:
    project_src: "{{qnap.docker_compose_directory}}/{{ item.name }}"
    state: present
  with_items: "{{services}}"
--- a/roles/setup_linode/tasks/main.yml
+++ b/roles/setup_linode/tasks/main.yml
@ -28,8 +28,11 @@
  debug:
    msg: "{{my_linode}}"
- name: Template Hosts File
+- name: Update hosts.ini
-  template:
+  blockinfile:
-    src: hosts.j2
+    path: hosts.ini
-    dest: linodehosts.ini
+    block: |
-
+      [linode]
      {% for host in hosts %}
      {{host.user}}@{{host.ip}}
      {% endfor %}
--- a/roles/setup_linode/templates/hosts.j2
+++ b/roles/setup_linode/templates/hosts.j2
@ -1,4 +0,0 @@
 [servers]
 {% for host in hosts %}
 {{host.user}}@{{host.ip}}
 {% endfor %}
--- a/roles/setup_mergerfs/defaults/main.yml
+++ b/roles/setup_mergerfs/defaults/main.yml
@ -1,21 +1,2 @@
 ---
 # defaults file for setup_mergerfs
 mounts:
 - path: /mnt/mergerfs
  state: mounted
  branches:
    - "/mnt/data/device0"
    - "/mnt/data/device1"
    - "/mnt/data/device2"
  options: allow_other,use_ino
 devices:
  - uuid: "a54c1bde-1400-4975-bf24-08c603ca3a11" # /dev/sdc1
    path: "/mnt/data/device0"
  - uuid: "727dddaa-f7a1-439a-995f-5f4d35322e08" # /dev/sdd1
    path: "/mnt/data/device1"
  - uuid: "f3cff115-9adc-4761-b1e9-e81055f3e0af" # /dev/sda1
    path: "/mnt/data/device2"
    # SSD for downloads / transcoding
  - uuid: "c528bf82-61ab-4f3d-87e0-d1e6e02ef7ec" # /dev/sdf
    path: "/mnt/ssd0/"
--- a/roles/setup_portainer/defaults/main.yml
+++ b/roles/setup_portainer/defaults/main.yml
@ -1,2 +1 @@
 ---
 docker_compose_directory: /etc/docker-compose/portainer
--- a/roles/setup_portainer/files/docker-compose.yml
+++ b/roles/setup_portainer/files/docker-compose.yml
@ -4,6 +4,7 @@ services:
  portainer:
    labels:
      ie.cianhatton.backup.enabled: "true"
      ie.cianhatton.backup.key: "nightly"
    image: portainer/portainer-ce
    container_name: "portainer"
    ports:
--- a/roles/setup_portainer/tasks/main.yml
+++ b/roles/setup_portainer/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Portainer | Create directory if it does not exist
  ansible.builtin.file:
    path: "{{docker_compose_directory}}"
--- a/roles/setup_portainer/tests/inventory
+++ b/roles/setup_portainer/tests/inventory
@ -1,2 +0,0 @@
 localhost
--- a/roles/setup_portainer/tests/test.yml
+++ b/roles/setup_portainer/tests/test.yml
@ -1,5 +0,0 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - setup_portainer
--- a/roles/setup_users/defaults/main.yml
+++ b/roles/setup_users/defaults/main.yml
@ -1,4 +1,2 @@
 ---
 # defaults file for setup_users
 homelab_group: cianhatton
 homelab_user: cianhatton
--- a/setup-homelab.yml
+++ b/setup-homelab.yml
@ -1,18 +1,25 @@
 ---
 - hosts: servers
  become: true
-  vars_files:
+
-    - secrets-vault.yml
+  pre_tasks:
    - name: Include vault variables.
      include_vars: "{{vault_file}}"
      tags: ["always"]
  roles:
    - role: 'roles/setup_mergerfs'
      tags: ["mergerfs"]
      when: configure_mergefs
    - role: 'roles/setup_users'
      tags: ["users"]
    - role: 'roles/setup_samba'
      tags: ["samba"]
      when: configure_samba
    - role: 'roles/setup_docker'
      tags: ["docker"]
    - role: 'roles/setup_portainer'
      tags: ["portainer"]
      when: use_portainer
    - role: 'roles/setup_hosted_services'
      tags: ["services"]
--- a/vault_vars/linode-vault.yml
+++ b/vault_vars/linode-vault.yml
@ -0,0 +1,30 @@
 $ANSIBLE_VAULT;1.1;AES256
 30366332636539663938343535343632386164326137373937363336623136336436663831666166
 6237326538393061383033633864666165333136666366630a326664636638303566316531346430
 63363363656461313162663935613065616236386332326133363331663937396232353865633834
 6137653864623962300a303035366132313939623937393863316261386238616138643866663632
 38383562613339333564393438323938343331633935643864633332626662323231323465303938
 38626633313264376464326431363562663932343263613637383939663966383230373561393465
 33396430343864326163663433376662636565643839303734383566323666356330366562626637
 36343835666334303863323839643032363635626366626339323333396164643835646364353037
 65323562313636396566363234656566383561396564383265356630633366373930376665323038
 65333631353836623333323765363866323062303236333030323564383332306466666639306332
 33393434626239363861343130363362333734363662656236303833636165633231316233316132
 65353930656230326461326436396533393433316331633837616531303861326138353831366436
 36356266613236393165333339653334356338636636346166363736653063313531653339646565
 35383233343965316630613236643530636430333966633466636135663931633031343634313535
 35383564663631663431313536336231663337663537346131653534393163633266353430666531
 34643362363239613561623064626331353639333766623066666638313866663863396636623331
 38313437623261626131636261646331376366646635326332376332633338653136633732616237
 31323531383130343436623838366439316539396263323864396266646630666334343237303961
 64333430336265316565303264666636646431666137323133663035346430346331313634656637
 39663165356263343263393863653338303366343830306139353033393463616666316136653532
 64666361353536386162653934663936336465393730653431336437393161303166623231336562
 38306131336537386362323730656234373839643538616638326332633735626639343633346365
 38356234616165363837306634383937653963333936633030666435333534313235313962363263
 63353932613939363166613336336266333064336262383062303761616535656534653064393066
 34333832623831653965393166633065663965386162373238663632656636326265333464303530
 33633037653730613135313335343264343730396236626563353235663037366339303638623930
 35373765343436613531656537656636613663366438653233346465396330393034623537653733
 30366466326362636464313963613866306565616630363366616263306264346561613332393835
 30386561383334383361643834376536643931616533656330353166396335333731
--- a/vault_vars/qnap-vault.yml
+++ b/vault_vars/qnap-vault.yml
@ -0,0 +1,43 @@
 $ANSIBLE_VAULT;1.1;AES256
 37666165636561303539306466393465653238336365663731616363323164313361633830353730
 3531623965653935303664383061386164383038656439330a323265306137613231313837383335
 31373763633930333536313533356333336235633265326265366337303035333464646462326163
 6632656239626631380a333365653563313139343631306330643638396661393736376239613061
 36616234346663373236666633623231333137316561336362323830643531323934363735323837
 39353363616462343065303538333637623837653633366437646436313963616333653834306334
 30663839616335363162346135393037646330616331323464623631663931623935323563313437
 62323462306463376433663636663033623633343562653834663066323932656230623232666136
 66636264633631393937613535363366626135303939656364623937653763383865303461646536
 65656665643866623363623464656632323261656433663030316333613935336662303763303062
 30623937303738616138633933343438363935616334353837616465643930306435326462313961
 65633131303732343135663635303933313935636533333935633830336439636236363330306337
 36323932613339666631333038323538656334393565343666346133393864643664383662316166
 32636462636165383230353231653261333564646562663035316266653466623565623661376637
 36653935383539313864656165636234636562323664653435633732383737353039323565643537
 34383739616639343831306565323930373961656235383666366139346662626166646462356139
 31336334653864373037353135646538633039623332336635386132396664623737626436303530
 63316532366639643861663433383335626530613437363831623232656339613235383734646466
 39653838326566656439626663363731356134383362333535643736663231323030366565653461
 62343166343762646533653065303531656564363866356366663364363438373731333861316163
 35323430616164323962356635323436306265623335343736623132363138343663613163313862
 37383066393335616666343336643131656431386264386230366434623362663733383334343037
 36616237613233333630323233643630353330343730386464316634633938383030353765366436
 62303962353838643461326565313236336265346234316637626338623031303430623039366562
 64653062333963383865343263343232356366643238393636383139656536613639376135353163
 32306233373533356365393233393165666132336637613862653038373839613036353463306233
 63643564656364353836303665613862316165393263633536623731343137366162663335623066
 66613835306135303563323036313336313632306131643730643931363438666364313864353766
 36643431343265343036313362653262393636653134343339666361383263623936353564393266
 36303836313437656436656634363462386362613361653536373038313263623562653833333735
 62333339626437336464326263393838336135326566346436336637313035333062643662393463
 38633964656361346530326437663233356139373537643130656266653236666437663730356561
 66356662373961623537343063343162303833363130653439613965393363386532633966623537
 66653730613866323933363733633734646437376530396234303161373365376235653132363262
 36643965393164393165363231303336656238326530373531356631313532663864656261653936
 37333365313036363330336133376431313839626633623732316163363632363033306338633030
 34396530313764613465633435323435653161646634336562303064373563373938356132653638
 63643361363763326532363836643433613166636266623933653065633631366234643366383464
 39313465653432663833623030333862363430363036646334366261316161656633646339366231
 37323533633139636363666664353965333637353735633039616337636439636266613962323138
 39333962646233343361363461643936616661323237303030663534336634636239336164653939
 6263396338326466363861343332376264376635653362643764
`@ -1,2 +1 @@`
	`---`	`---`
	`docker_compose_directory: /etc/docker-compose/portainer`