Add SNUNMU server (#28)

Makefile

@@ -8,7 +8,14 @@ bootstrap:
 qnap:
 	ansible-playbook playbooks/setup-homelab.yml --limit qnap
 
-homelab: bootstrap
+services:
+	ansible-playbook playbooks/setup-homelab.yml --tags services
+
+snunmu:
+	ansible-playbook playbooks/setup-homelab.yml --limit snunmu
+
+
+homelab:
 	ansible-playbook playbooks/setup-homelab.yml
 
 verify:

group_vars/servers.yml

@@ -15,11 +15,11 @@ olivetin:
   config_file: config.yml
   config_directory: /etc/config/OliveTin
 
-docker_networks: []
-
 homelab_user: cianhatton
 
-configure_samba: true
+
+configure_mergerfs: false
+configure_samba: false
 samba_group: smbgroup
 samba_user: smbuser
 users:
@@ -51,4 +51,8 @@ directories:
 
 desired_docker_images:
   - ubuntu:latest
-  - busybox:latest
+
+portainer_endpoint: -1
+portainer_host: false
+portainer_base_url: "http://qnap:9000"
+external_docker_networks: []

host_vars/qnap.yml

@@ -1,6 +1,7 @@
 # all encrypted variables should go in the linked file.
 vault_file: vault_vars/qnap-vault.yml
 # any qnap specific variables go here
+configure_mergerfs: true
 mounts:
   - path: /mnt/mergerfs
     state: mounted
@@ -10,6 +11,10 @@ mounts:
       - /mnt/data/device2
     options: allow_other,use_ino
 
+
+configure_samba: true
+portainer_host: true
+
 devices:
   - uuid: a54c1bde-1400-4975-bf24-08c603ca3a11     # /dev/sdc1
     path: /mnt/data/device0
@@ -25,48 +30,37 @@ devices:
 external_docker_networks:
   - mariadb_net
 
+ansible_pull_path: /home/{{ homelab_user }}/.local/bin/ansible-pull
+
+portainer_endpoint: 2
+
 services:
   - name: gitea
-    endpoint_id: &qnap_endpoint 2
     template_vars:
       image: gitea/gitea
       tag: 1.16.9
   - name: mealie
-    endpoint_id: *qnap_endpoint
-    template_vars: {}
-  - name: linkding
-    endpoint_id: *qnap_endpoint
     template_vars: {}
   - name: overseerr
-    endpoint_id: *qnap_endpoint
     template_vars: {}
   - name: nextcloud
-    endpoint_id: *qnap_endpoint
     template_vars:
       default_network: mariadb_net
   - name: dashboards
-    endpoint_id: *qnap_endpoint
     template_vars: {}
   - name: nginx-proxy-manager
-    endpoint_id: *qnap_endpoint
     template_vars: {}
   - name: plex
-    endpoint_id: *qnap_endpoint
     template_vars: {}
   - name: uptime-kuma
-    endpoint_id: *qnap_endpoint
     template_vars: {}
   - name: vpn-stack
-    endpoint_id: *qnap_endpoint
     template_vars: {}
   - name: mariadb
-    endpoint_id: *qnap_endpoint
     template_vars:
       default_network: mariadb_net
   - name: photoprism
-    endpoint_id: *qnap_endpoint
     template_vars:
       default_network: mariadb_net
   - name: olivetin
-    endpoint_id: *qnap_endpoint
     template_vars: {}

host_vars/snunmu.yml

@@ -0,0 +1,9 @@
+---
+vault_file: vault_vars/qnap-vault.yml
+
+portainer_endpoint: 23
+services:
+  - name: linkding
+    template_vars: {}
+
+ansible_pull_path: /usr/local/bin/ansible-pull

hosts.ini

@@ -3,13 +3,17 @@
 [servers:children]
 qnaps
 linodes
+snunmus
 
 [qnaps]
 qnap
 
+[snunmus]
+snunmu
 
 [dockerhosts]
 qnap
+snunmu
 
 # BEGIN ANSIBLE MANAGED BLOCK
 [linodes]

playbooks/bootstrap.yml

@@ -15,5 +15,6 @@
 - name: Bootstrap Ansible hosts.
   hosts: all
   become: true
+  become_method: su
   roles:
     - role: bootstrap

playbooks/setup-homelab.yml

@@ -11,15 +11,8 @@
   roles:
     - role: setup_users
 
-- name: Install docker on docker hosts
-  hosts: dockerhosts
-  become: true
-  roles:
-    - role: setup_docker
-      tags: [setup, docker]
-
-- name: Setup and deploy services on the QNAP
-  hosts: qnap
+- name: Setup and deploy services.
+  hosts: servers
   become: true
   pre_tasks:
     - name: Include vault variables.
@@ -29,14 +22,18 @@
   roles:
     - role: setup_mergerfs
       tags: [mergerfs]
+      when: configure_mergerfs
     - role: setup_samba
+      when: configure_samba
       tags: [samba]
+    - role: setup_docker
+      tags: [setup, docker]
     - role: setup_portainer
+      when: portainer_host
       tags: [services, portainer]
     - role: setup_hosted_services
       tags: [services]
 
-
 - name: Setup home lab on linode instances.
   hosts: linodes
   become: true

roles/bootstrap/files/sources_list

@@ -0,0 +1,8 @@
+deb http://deb.debian.org/debian bullseye main
+deb-src http://deb.debian.org/debian bullseye main
+
+deb http://deb.debian.org/debian-security/ bullseye-security main
+deb-src http://deb.debian.org/debian-security/ bullseye-security main
+
+deb http://deb.debian.org/debian bullseye-updates main
+deb-src http://deb.debian.org/debian bullseye-updates main

roles/bootstrap/files/sudoer_ansible

@@ -1 +0,0 @@
-ansible ALL=(ALL) NOPASSWD: ALL

roles/bootstrap/tasks/main.yml

@@ -1,4 +1,12 @@
 ---
+- name: Add sources list
+  ansible.builtin.copy:
+    src: sources_list
+    dest: /etc/apt/sources.list
+    owner: root
+    group: root
+    mode: 0440
+
 - name: Update Packages
   ansible.builtin.apt:
     upgrade: dist
@@ -16,10 +24,13 @@
     state: present
     key: "{{ lookup('file', '~/.ssh/ansible.pub') }}"
 
-- name: Add sudoers file for ansible
-  ansible.builtin.copy:
-    src: sudoer_ansible
-    dest: /etc/sudoers.d/ansible
+- name: Add sudoers files
+  ansible.builtin.template:
+    src: sudoer_file
+    dest: "/etc/sudoers.d/{{ item }}"
     owner: root
     group: root
     mode: 0440
+  with_items:
+    - ansible
+    - cianhatton

roles/bootstrap/templates/sudoer_file

@@ -0,0 +1 @@
+{{ item }} ALL=(ALL) NOPASSWD: ALL

roles/deploy_portainer_stack/tasks/main.yml

@@ -56,6 +56,7 @@
   chatton.portainer.portainer_stack:
     username: admin
     password: '{{ portainer.password }}'
+    base_url: '{{ portainer_base_url }}'
     docker_compose_file_path: '{{ directories.docker_compose_directory }}/{{ portainer_stack_name }}/docker-compose.yml'
     stack_name: '{{ portainer_stack_name }}'
     endpoint_id: '{{ portainer_stack_endpoint_id }}'

roles/setup_hosted_services/tasks/main.yml

@@ -1,4 +1,9 @@
 ---
+- name: Install Modules for Python
+  ansible.builtin.pip:
+    name:
+      - boto3
+
 - name: Docker | Pull images
   docker_image:
     name: '{{ item }}'
@@ -47,7 +52,7 @@
     name: deploy_portainer_stack
   vars:
     portainer_stack_name: "{{ item.name }}"
-    portainer_stack_endpoint_id: "{{ item.endpoint_id }}"
+    portainer_stack_endpoint_id: "{{ portainer_endpoint }}"
     portainer_stack_template_vars: "{{ item.template_vars | default({}) }}"
   with_items: "{{ services }}"
 
@@ -67,8 +72,8 @@
     hour: "4"
     user: "{{ homelab_user }}"
     job: >
-      /home/{{ homelab_user }}/.local/bin/ansible-pull
-      -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=nightly >> ~/logs/nightly.log 2>&1
+     {{ ansible_pull_path }}
+     -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=nightly >> ~/logs/nightly.log 2>&1
     cron_file: ansible_nightly_docker_volume_backup
     state: present
 
@@ -80,7 +85,7 @@
     day: "0"
     user: "{{ homelab_user }}"
     job: >
-      /home/{{ homelab_user }}/.local/bin/ansible-pull
-      -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=monthly >> ~/logs/monthly.log 2>&1
+     {{ ansible_pull_path }}
+     -U https://github.com/chatton/ansible-homelab playbooks/backup-docker-volumes.yml -e schedule=monthly >> ~/logs/monthly.log 2>&1
     cron_file: ansible_monthly_docker_volume_backup
     state: present