diff --git a/.ansible-lint b/.ansible-lint deleted file mode 100644 index 8ccc65b..0000000 --- a/.ansible-lint +++ /dev/null @@ -1,4 +0,0 @@ -skip_list: - - '403' # allow for latest packages - - name[casing] - - yaml[indentation] diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index a654411..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,53 +0,0 @@ -name: CI -on: - workflow_dispatch: - pull_request: - -env: - VAULT_PASSWORD: ${{ secrets.VAULT_PASSWORD }} - SSH_PUB: ${{ secrets.SSH_PUB }} - ANSIBLE_FORCE_COLOR: '1' - -jobs: - tests: - name: Test Ansible Playbooks - runs-on: ubuntu-latest - steps: - - name: Create SSH pub - run: | - echo "creating ~/.ssh/id_rsa.pub file" - mkdir -p ~/.ssh/ - echo "$SSH_PUB" > ~/.ssh/id_rsa.pub - - name: Install SSH key - uses: shimataro/ssh-key-action@v2 - with: - key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} - - name: Check out the codebase. - uses: actions/checkout@v3 - - name: Prepare Test Files - run: | - mv tests/.vault-pass.sh ./.vault-pass.sh - mv tests/ansible.cfg ./ansible.cfg - mv tests/hosts.ini ./hosts.ini - - uses: actions/setup-python@v4 - with: - python-version: 3.11.4 - - name: Install test dependencies. - run: pip install -r requirements.txt - - name: Install ansible dependencies. - run: ansible-galaxy install -r requirements.yml - - name: Syntax Check - run: | - ansible-playbook setup-linode.yml --syntax-check - ansible-playbook setup-homelab.yml --syntax-check - ansible-playbook verify-homelab.yml --syntax-check - - name: Setup Linode Instance - run: ansible-playbook setup-linode.yml - - name: Setup Home Lab - run: ansible-playbook setup-homelab.yml - - name: Verify Home Lab - run: ansible-playbook verify-homelab.yml - - name: Delete Linode Instance - run: ansible-playbook setup-linode.yml --extra-vars "state=absent" - diff --git a/.github/workflows/delete-linode-instances.yml b/.github/workflows/delete-linode-instances.yml deleted file mode 100644 index 80e730c..0000000 --- a/.github/workflows/delete-linode-instances.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Delete test linode instance -on: - schedule: - - cron: 0 0 * * * # delete at midnight every day - -env: - VAULT_PASSWORD: ${{ secrets.VAULT_PASSWORD }} - SSH_PUB: ${{ secrets.SSH_PUB }} - ANSIBLE_FORCE_COLOR: '1' - -jobs: - delete-linode-instance: - name: Delete Linode Instance - runs-on: ubuntu-latest - steps: - - name: Create SSH pub - run: | - echo "creating ~/.ssh/id_rsa.pub file" - mkdir -p ~/.ssh/ - echo "$SSH_PUB" > ~/.ssh/id_rsa.pub - - name: Install SSH key - uses: shimataro/ssh-key-action@v2 - with: - key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} - - name: Check out the codebase. - uses: actions/checkout@v3 - - name: Prepare Test Files - run: | - mv tests/.vault-pass.sh ./.vault-pass.sh - mv tests/ansible.cfg ./ansible.cfg - mv tests/hosts.ini ./hosts.ini - - uses: actions/setup-python@v4 - with: - python-version: 3.11.4 - - name: Install test dependencies. - run: pip install -r requirements.txt - - name: Delete Linode Instance - run: ansible-playbook setup-linode.yml --extra-vars "state=absent" - diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml deleted file mode 100644 index 40b3f29..0000000 --- a/.github/workflows/lint.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: Code Health -on: - workflow_dispatch: - push: - -jobs: - lint: - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - directory: - - roles - - playbooks - - group_vars - - host_vars - steps: - - name: Checkout the codebase - uses: actions/checkout@v3 - - uses: actions/setup-python@v4 - with: - python-version: 3.11.4 - - name: Create Vault Key - run: echo "${{ secrets.VAULT_PASSWORD }}" > ~/.vault-key - - name: Install dependencies - run: make deps - - name: Test Directory - run: make lint dir=${{ matrix.directory }} - - format: - runs-on: ubuntu-latest - steps: - - name: Checkout the codebase - uses: actions/checkout@v3 - - uses: actions/setup-python@v4 - with: - python-version: 3.11.4 - - name: Install dependencies - run: make deps - - name: Format code - run: make format diff --git a/Makefile b/Makefile index df1feb0..d47dd8e 100644 --- a/Makefile +++ b/Makefile @@ -1,9 +1,7 @@ #!/usr/bin/make -f -all: deps bootstrap homelab +all: deps homelab SHELL := /bin/bash -bootstrap: - ansible-playbook playbooks/bootstrap.yml -K -e ansible_ssh_user=cianhatton -e ansible_ssh_private_key_file=~/.ssh/id_rsa qnap: ansible-playbook playbooks/setup-homelab.yml --limit qnap @@ -20,44 +18,20 @@ portainer: qnap-services: ansible-playbook playbooks/setup-homelab.yml --tags services --limit qnap -snunmu-services: - ansible-playbook playbooks/setup-homelab.yml --tags services --limit snunmu - -snunmu: - ansible-playbook playbooks/setup-homelab.yml --limit snunmu - homelab: ansible-playbook playbooks/setup-homelab.yml verify: ansible-playbook playbooks/verify-homelab.yml -venv: - source ./venv/bin/activate - -deps: venv +deps: pip install --upgrade pip pip install -r requirements.txt ansible-galaxy install -r requirements.yml -format: - scripts/format_all_yaml.sh - -lint-all: - make lint dir=host_vars - make lint dir=group_vars - make lint dir=roles - make lint dir=playbooks - -lint: - ansible-lint $(dir) --exclude "roles/sprat.*" --exclude roles/docker_restore_container --exclude "roles/geerlingguy.*" --exclude collections --exclude .github - backup: deps ansible-playbook playbooks/backup-docker-volumes.yml -backup-snunmu: deps - ansible-playbook playbooks/backup-docker-volumes.yml --limit snunmu - backup-qnap: deps ansible-playbook playbooks/backup-docker-volumes.yml --limit qnap diff --git a/group_vars/linodes.yml b/group_vars/linodes.yml deleted file mode 100644 index f48ada5..0000000 --- a/group_vars/linodes.yml +++ /dev/null @@ -1,18 +0,0 @@ -# all encrypted variables should go in the linked file. -vault_file: vault_vars/linode-vault.yml -# any linode specific variables go here -services: - - name: gitea - - name: mealie - - name: linkding - - name: overseerr - - name: nextcloud - - name: nginx-proxy-manager - - name: uptime-kuma - - name: mariadb - - name: photoprism - - name: olivetin - -# any additional docker networks that should be created -docker_networks: - - mariadb_net diff --git a/host_vars/dell.yml b/host_vars/dell.yml index 52c0f71..4232ddd 100644 --- a/host_vars/dell.yml +++ b/host_vars/dell.yml @@ -3,7 +3,6 @@ vault_file: vault_vars/qnap-vault.yml portainer_endpoint: 34 services: [] -docker_compose_services: [] ansible_pull_path: /usr/local/bin/ansible-pull backup_directories: [] @@ -35,4 +34,3 @@ portainer_roles: - role: portainer_pihole - role: portainer_uptime_kuma - role: portainer_gitea - - role: portainer_christmas diff --git a/host_vars/snunmu.yml b/host_vars/snunmu.yml deleted file mode 100644 index db33bb2..0000000 --- a/host_vars/snunmu.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -vault_file: vault_vars/qnap-vault.yml - -portainer_endpoint: 35 -services: - - name: hasteypaste - -ansible_pull_path: /usr/local/bin/ansible-pull - -backup_directories: [] -cron_hour: "4" - -# Note: this must be inline with the host name, -# this is a work around as it is not possible to template -# the name of the volume in the portainer task. -pihole_volumes: - snunmu_app: {} - snunmu_dns: {} - -portainer_roles: - - role: portainer_dashy - - role: portainer_diun - - role: portainer_dashdot - - role: portainer_glances - - role: portainer_pihole diff --git a/hosts.ini b/hosts.ini index c9c4664..fb6fbcf 100644 --- a/hosts.ini +++ b/hosts.ini @@ -3,15 +3,11 @@ [servers:children] qnaps linodes -snunmus dells [qnaps] qnap -[snunmus] -snunmu - [dells] dell @@ -20,11 +16,9 @@ qnap [portainer_agent] dell -snunmu [docker] qnap -snunmu dell [mergerfs] diff --git a/playbooks/bootstrap.yml b/playbooks/bootstrap.yml deleted file mode 100644 index b36a63d..0000000 --- a/playbooks/bootstrap.yml +++ /dev/null @@ -1,20 +0,0 @@ -# needs to be run with a different user with access to create ansible key and user. -# e.g. -# ansible-playbook bootstrap.yml -e ansible_ssh_user=cianhatton -# might additionally require -K if your user requires password for sudo. - -- name: Generate SSH Key for ansible - hosts: localhost - connection: local - tasks: - - name: Generate an OpenSSH rsa keypair for ansible - community.crypto.openssh_keypair: - path: ~/.ssh/ansible - passphrase: '' - -- name: Bootstrap Ansible hosts. - hosts: all - become: true - become_method: su - roles: - - role: bootstrap diff --git a/playbooks/setup-homelab.yml b/playbooks/setup-homelab.yml index 899fe13..5a17742 100644 --- a/playbooks/setup-homelab.yml +++ b/playbooks/setup-homelab.yml @@ -60,17 +60,6 @@ - role: setup_portainer_agent tags: [services, portainer_agent] -- name: Setup and deploy compose services. - hosts: dell - become: true - pre_tasks: - - name: Include vault variables. - ansible.builtin.include_vars: '../{{ vault_file }}' - tags: [always] - roles: - - role: setup_compose_services - tags: [compose] - - name: Setup and deploy portainer services. gather_facts: false hosts: servers diff --git a/playbooks/setup-linode.yml b/playbooks/setup-linode.yml deleted file mode 100644 index 11d8760..0000000 --- a/playbooks/setup-linode.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Setup linode instance. - hosts: localhost - become: true - roles: - - role: roles/setup_linode - vars: - state: present diff --git a/playbooks/verify-homelab.yml b/playbooks/verify-homelab.yml deleted file mode 100644 index 0cafda7..0000000 --- a/playbooks/verify-homelab.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -- name: Verify HomeLab has been correctly set up. - hosts: all - become: true - pre_tasks: - - name: Include vault variables. - ansible.builtin.include_vars: ../{{ vault_file }} - tags: - - always - tasks: - - name: Docker Compose Files Exist - ansible.builtin.command: stat {{ directories.docker_compose_directory }}/{{ item.name }}/docker-compose.yml - with_items: '{{ services }}' - changed_when: false - register: docker_compose_stat - - - name: Assert all Docker Compose files were created - ansible.builtin.assert: - that: item.rc == 0 - with_items: '{{ docker_compose_stat.results }}' - - - name: Populate service facts - ansible.builtin.service_facts: {} - - - name: Assert docker is installed and started - ansible.builtin.assert: - that: - - ansible_facts.services.docker.state == "running" - - ansible_facts.services['docker.service'].status == "enabled" - - name: Inspect all images - docker_image_info: {} - register: image_details - - name: Assert desired images exist - ansible.builtin.assert: - that: "{{ item in image_details.images | map(attribute='RepoTags') | flatten }}" - with_items: '{{ desired_docker_images }}' - - - name: Fetch Sudoers Files - ansible.builtin.command: stat /etc/sudoers.d/{{ item.name }} - changed_when: false - register: sudoers_stat - with_items: '{{ users }}' - when: item.passwordless_sudo - - - name: Assert sudoers files are created - ansible.builtin.assert: - that: item.rc == 0 - with_items: '{{ sudoers_stat.results }}' diff --git a/roles/bootstrap/files/sources_list b/roles/bootstrap/files/sources_list deleted file mode 100644 index 4209473..0000000 --- a/roles/bootstrap/files/sources_list +++ /dev/null @@ -1,8 +0,0 @@ -deb http://deb.debian.org/debian bullseye main -deb-src http://deb.debian.org/debian bullseye main - -deb http://deb.debian.org/debian-security/ bullseye-security main -deb-src http://deb.debian.org/debian-security/ bullseye-security main - -deb http://deb.debian.org/debian bullseye-updates main -deb-src http://deb.debian.org/debian bullseye-updates main diff --git a/roles/bootstrap/tasks/main.yml b/roles/bootstrap/tasks/main.yml deleted file mode 100644 index d4dd75c..0000000 --- a/roles/bootstrap/tasks/main.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- -- name: Add sources list - ansible.builtin.copy: - src: sources_list - dest: /etc/apt/sources.list - owner: root - group: root - mode: 0440 - -- name: Update Packages - ansible.builtin.apt: - upgrade: dist - update_cache: true - -- name: Install Sudo - ansible.builtin.apt: - pkg: - - sudo - -#- name: Create ansible user -# ansible.builtin.user: -# name: ansible -# groups: root -# shell: /bin/bash -# -#- name: Add ssh key for ansible -# authorized_key: -# user: ansible -# state: present -# key: "{{ lookup('file', '~/.ssh/ansible.pub') }}" - -- name: Ensure the sudoers.d directory exists - ansible.builtin.file: - path: /etc/sudoers.d - state: directory - mode: '0440' - -- name: Add sudoers files - ansible.builtin.template: - src: sudoer_file - dest: "/etc/sudoers.d/{{ item }}" - owner: root - group: root - mode: 0440 - with_items: -# - ansible - - cianhatton diff --git a/roles/bootstrap/templates/sudoer_file b/roles/bootstrap/templates/sudoer_file deleted file mode 100644 index 43a250a..0000000 --- a/roles/bootstrap/templates/sudoer_file +++ /dev/null @@ -1 +0,0 @@ -{{ item }} ALL=(ALL) NOPASSWD: ALL diff --git a/roles/portainer_arr/defaults/main.yml b/roles/portainer_arr/defaults/main.yml index a1df00a..c7c20d4 100644 --- a/roles/portainer_arr/defaults/main.yml +++ b/roles/portainer_arr/defaults/main.yml @@ -42,9 +42,3 @@ jackett_exposed_port: 9117 jackett_container_name: jackett jackett_puid: 1000 jackett_pgid: 1000 - -# Lidarr -lidarr_image: lscr.io/linuxserver/lidarr -lidarr_tag: latest -lidarr_exposed_port: 8686 -lidarr_container_name: lidarr diff --git a/roles/portainer_arr/tasks/main.yml b/roles/portainer_arr/tasks/main.yml index 81bb02f..b46f32a 100644 --- a/roles/portainer_arr/tasks/main.yml +++ b/roles/portainer_arr/tasks/main.yml @@ -9,7 +9,6 @@ - name: "{{ arr_portainer_stack_name }}_radarr_config" - name: "{{ arr_portainer_stack_name }}_sonarr_config" - name: "{{ arr_portainer_stack_name }}_jackett_config" - - name: "{{ arr_portainer_stack_name }}_lidarr_config" - name: "Arr | Update Portainer." chatton.portainer.portainer_stack: @@ -61,8 +60,6 @@ - "{{ sonarr_exposed_port }}:8989" # jackett - "{{ jackett_exposed_port }}:9117" - # lidarr - - "{{ lidarr_exposed_port }}:8686" - "8191:8191" qbittorrent: @@ -145,24 +142,7 @@ - "CAPTCHA_SOLVER=none" - "TZ=Europe/London" restart: unless-stopped - - lidarr: - image: "{{ lidarr_image }}:{{ lidarr_tag }}" - depends_on: - - protonwire - network_mode: "service:protonwire" - container_name: "{{ lidarr_container_name }}" - environment: - - PUID=1000 - - PGID=1000 - - TZ=Etc/UTC - volumes: - - lidarr_config:/config - - "{{ directories.music_dir }}:/music" - - "{{ directories.downloads_dir }}:/downloads" - restart: unless-stopped volumes: - lidarr_config: {} qbittorrent_config: {} radarr_config: {} sonarr_config: {} diff --git a/roles/portainer_christmas/defaults/main.yml b/roles/portainer_christmas/defaults/main.yml deleted file mode 100644 index 925e708..0000000 --- a/roles/portainer_christmas/defaults/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# https://github.com/Wingysam/Christmas-Community/tree/master -christmas_state: present -christmas_image: wingysam/christmas-community -christmas_tag: latest -christmas_expose_port: 8082 -christmas_container_name: christmas -christmas_portainer_stack_name: christmas diff --git a/roles/portainer_christmas/tasks/main.yml b/roles/portainer_christmas/tasks/main.yml deleted file mode 100644 index c93a8a2..0000000 --- a/roles/portainer_christmas/tasks/main.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -- name: "Christmas | Restore any missing volumes from S3" - ansible.builtin.include_role: - name: chatton.docker_backup.docker_s3_volume_restore - vars: - docker_backup_s3_volume: - name: "{{ christmas_portainer_stack_name }}_data" - -- name: "Christmas | Update Portainer." - chatton.portainer.portainer_stack: - username: '{{ portainer_user }}' - password: '{{ portainer.password }}' - base_url: '{{ portainer_base_url }}' - stack_name: '{{ christmas_portainer_stack_name }}' - endpoint_id: '{{ portainer_endpoint }}' - state: "{{ christmas_state }}" - definition: - version: "3" - volumes: - data: {} - services: - christmas-community: - labels: "{{ backup_labels }}" - container_name: "{{ christmas_container_name }}" - image: "{{ christmas_image }}:{{ christmas_tag }}" - volumes: - - data:/data - ports: - # If you want to go to localhost:8080 to access Christmas Community, - # use - 8080:80 instead of - - "{{ christmas_expose_port }}:80" - environment: - # Amazon Smile, set to 'false' to disable www.amazon.com links - # turning into smile.amazon.com - SMILE: 'false' - # Table mode, set to 'false' to revert to box mode - TABLE: 'true' - # Single list mode - # (for weddings, birthdays, etc. only the admin account's list is accessible) - # Set to 'true' to enable - SINGLE_LIST: 'false' - # Some websites (like walmart) send headers that are larger than 8MB in - # length. If issues are encountered, set the node.js limit to a higher - # number than 8192 - #NODE_OPTIONS: "--max-http-header-size=32768" - restart: "{{ restart_policy }}" diff --git a/roles/setup_compose_services/tasks/main.yml b/roles/setup_compose_services/tasks/main.yml deleted file mode 100644 index 82b051c..0000000 --- a/roles/setup_compose_services/tasks/main.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- - -# TODO get volumes from docker-compose.yml - -- name: Install Docker Module for Python - pip: - name: - - docker - - docker-compose - -- name: "{{ item.name }} | Docker compose up" - with_items: "{{ docker_compose_services }}" - community.docker.docker_compose_v2: - project_name: "{{ item.name }}" - definition: "{{ item.definition }}" diff --git a/scripts/format_all_yaml.sh b/scripts/format_all_yaml.sh deleted file mode 100755 index 8a14ae8..0000000 --- a/scripts/format_all_yaml.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -function format_dir(){ - dir="${1}" - yaml_files="$(find ${dir} -type f -name "*.yml")" - for f in $yaml_files - do - yamlfmt $f -w - done -} - -format_dir roles -format_dir playbooks -format_dir host_vars -format_dir group_vars -format_dir .github/workflows diff --git a/tests/.vault-pass.sh b/tests/.vault-pass.sh deleted file mode 100755 index d913f4e..0000000 --- a/tests/.vault-pass.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -echo "${VAULT_PASSWORD}" diff --git a/tests/ansible.cfg b/tests/ansible.cfg deleted file mode 100644 index 7f3db54..0000000 --- a/tests/ansible.cfg +++ /dev/null @@ -1,7 +0,0 @@ -[defaults] -default_module_path=library -inventory=hosts.ini -vault_password_file=.vault-pass.sh -host_key_checking = False -enable_plugins = linode -roles_path = roles diff --git a/tests/hosts.ini b/tests/hosts.ini deleted file mode 100644 index a516c87..0000000 --- a/tests/hosts.ini +++ /dev/null @@ -1,6 +0,0 @@ -[servers:children] -linode - -# BEGIN ANSIBLE MANAGED BLOCK -[linode] -# END ANSIBLE MANAGED BLOCK