add gdisk to homelab

move some services from snunmu to dell
configure dell to use portainer api instead of docker compose
11 changed files with 109 additions and 77 deletions
--- a/host_vars/dell.yml
+++ b/host_vars/dell.yml
@ -2,68 +2,20 @@
 vault_file: vault_vars/qnap-vault.yml

 portainer_required_templates: []
-#portainer_endpoint: 23
+portainer_endpoint: 34
 services: []
-
-docker_compose_services:
-  - name: dashboards
-    definition:
-      version: '3.5'
-      services:
-        dash-dot:
-          container_name: dashdot
-          image: mauricenino/dashdot:latest
-          restart: unless-stopped
-          privileged: true
-          ports:
-            - '3010:3001'
-          volumes:
-            - /:/mnt/host:ro
-        glances:
-          image: nicolargo/glances:latest-alpine
-          restart: unless-stopped
-          pid: host
-          ports:
-            - "8083:61208"
-          volumes:
-            - /var/run/docker.sock:/var/run/docker.sock
-          environment:
-            - "GLANCES_OPT=-w"
-
-  - name: minio
-    definition:
-      version: '3'
-      services:
-        minio:
-          image: "minio/minio:RELEASE.2023-06-29T05-12-28Z"
-          ports:
-            # The API
-            - "11000:9000"
-            # The web console
-            - "11001:9001"
-          volumes:
-            - minio_storage:/data
-          environment:
-            # specified in the vault file
-            MINIO_ROOT_USER: "{{ minio_username }}"
-            MINIO_ROOT_PASSWORD: "{{ minio_password }}"
-            MINIO_API_ROOT_ACCESS: "on"
-            MINIO_BROWSER_REDIRECT_URL: "http://{{ ansible_default_ipv4.address }}:11000"
-
-          command: server --console-address ":9001" /data
-      volumes:
-        minio_storage: {}
-
-
+docker_compose_services: []
 ansible_pull_path: /usr/local/bin/ansible-pull

 backup_directories: []
 cron_hour: "4"

-# docker options
-#docker_daemon_options:
-#  hosts:
-#    - "tcp://0.0.0.0:2375"
-#    - "unix:///var/run/docker.sock"
-
-portainer_roles: []
+portainer_roles:
+  - role: portainer_minio
+  - role: portainer_glances
+  - role: portainer_dashdot
+  - role: portainer_dashy
+  - role: portainer_vaultwarden
+  - role: portainer_bookstack
+  - role: portainer_vikunja
+  - role: portainer_linkding
--- a/host_vars/snunmu.yml
+++ b/host_vars/snunmu.yml
@ -7,7 +7,7 @@ portainer_required_templates:
    dest_directory: /etc/config/diun
    handler: restart-diun

-portainer_endpoint: 23
+portainer_endpoint: 35
 services:
  - name: hasteypaste
  - name: diun
@ -17,13 +17,6 @@ ansible_pull_path: /usr/local/bin/ansible-pull
 backup_directories: []
 cron_hour: "4"

-# docker options
-docker_daemon_options:
-  hosts:
-    - "tcp://0.0.0.0:2375"
-    - "unix:///var/run/docker.sock"
-
-
 # Note: this must be inline with the host name,
 # this is a work around as it is not possible to template
 # the name of the volume in the portainer task.
@ -32,10 +25,7 @@ pihole_volumes:
  snunmu_dns: {}

 portainer_roles:
-  - role: portainer_bookstack
-  - role: portainer_vaultwarden
  - role: portainer_dashy
  - role: portainer_dashdot
  - role: portainer_glances
  - role: portainer_pihole
-  - role: portainer_vikunja
--- a/hosts.ini
+++ b/hosts.ini
@ -18,6 +18,10 @@ dell
 [portainer]
 qnap

+[portainer_agent]
+dell
+snunmu
+
 [docker]
 qnap
 snunmu
--- a/playbooks/setup-homelab.yml
+++ b/playbooks/setup-homelab.yml
@ -4,11 +4,6 @@
  become: true
  gather_facts: false
  strategy: free
-  pre_tasks:
-    - name: Update Packages
-      ansible.builtin.apt:
-        upgrade: dist
-        update_cache: true
  roles:
    - role: setup_users

@ -47,8 +42,14 @@
  roles:
    - role: setup_portainer
      tags: [services, portainer]
-      vars:
-        portainer_version: "2.18.3"
+
+- name: Install Portainer agent on Portainer agent hosts.
+  gather_facts: false
+  hosts: portainer_agent
+  become: true
+  roles:
+    - role: setup_portainer_agent
+      tags: [services, portainer_agent]

 - name: Setup and deploy compose services.
  hosts: dell
--- a/roles/portainer_minio/defaults/main.yml
+++ b/roles/portainer_minio/defaults/main.yml
@ -0,0 +1,8 @@
+---
+minio_state: present
+minio_image: minio/minio
+minio_tag: RELEASE.2023-06-29T05-12-28Z
+minio_api_expose_port: 11000
+minio_console_expose_port: 11001
+minio_container_name: minio
+minio_portainer_stack_name: minio
--- a/roles/portainer_minio/tasks/main.yml
+++ b/roles/portainer_minio/tasks/main.yml
@ -0,0 +1,32 @@
+---
+- name: "Minio | Update Portainer."
+  chatton.portainer.portainer_stack:
+    username: '{{ portainer_user }}'
+    password: '{{ portainer.password }}'
+    base_url: '{{ portainer_base_url }}'
+    stack_name: '{{ minio_portainer_stack_name }}'
+    endpoint_id: '{{ portainer_endpoint }}'
+    state: "{{ minio_state }}"
+    definition:
+      version: '3'
+      services:
+        minio:
+          container_name: "{{ minio_container_name }}"
+          image: "{{ minio_image }}:{{ minio_tag }}"
+          ports:
+            # The API
+            - "{{ minio_api_expose_port }}:9000"
+            # The web console
+            - "{{ minio_console_expose_port }}:9001"
+          volumes:
+            - minio_storage:/data
+          environment:
+            # specified in the vault file
+            MINIO_ROOT_USER: "{{ minio_username }}"
+            MINIO_ROOT_PASSWORD: "{{ minio_password }}"
+            MINIO_API_ROOT_ACCESS: "on"
+            MINIO_BROWSER_REDIRECT_URL: "http://{{ ansible_default_ipv4.address }}:11000"
+
+          command: server --console-address ":9001" /data
+      volumes:
+        minio_storage: {}
--- a/roles/setup_portainer/defaults/main.yml
+++ b/roles/setup_portainer/defaults/main.yml
@ -0,0 +1,2 @@
+---
+portainer_version: 2.18.3
--- a/roles/setup_portainer_agent/defaults/main.yml
+++ b/roles/setup_portainer_agent/defaults/main.yml
@ -0,0 +1,2 @@
+---
+portainer_agent_version: 2.18.3
--- a/roles/setup_portainer_agent/tasks/main.yml
+++ b/roles/setup_portainer_agent/tasks/main.yml
@ -0,0 +1,16 @@
+---
+- name: Portainer Agent
+  community.docker.docker_compose:
+    project_name: portainer_agent
+    definition:
+      version: '3.3'
+      services:
+        agent:
+          ports:
+            - '9001:9001'
+          container_name: portainer_agent
+          restart: always
+          volumes:
+            - '/var/run/docker.sock:/var/run/docker.sock'
+            - '/var/lib/docker/volumes:/var/lib/docker/volumes'
+          image: 'portainer/agent:{{ portainer_agent_version }}'
--- a/roles/setup_users/files/sources_list
+++ b/roles/setup_users/files/sources_list
@ -0,0 +1,8 @@
+deb http://deb.debian.org/debian bullseye main
+deb-src http://deb.debian.org/debian bullseye main
+
+deb http://deb.debian.org/debian-security/ bullseye-security main
+deb-src http://deb.debian.org/debian-security/ bullseye-security main
+
+deb http://deb.debian.org/debian bullseye-updates main
+deb-src http://deb.debian.org/debian bullseye-updates main
--- a/roles/setup_users/tasks/main.yml
+++ b/roles/setup_users/tasks/main.yml
@ -1,4 +1,20 @@
 # https://stackoverflow.com/questions/37333305/ansible-create-a-user-with-sudo-privileges
+- name: Add sources list
+  ansible.builtin.copy:
+    src: sources_list
+    dest: /etc/apt/sources.list
+    owner: root
+    group: root
+    mode: 0440
+
+- name: Copy vault key.
+  ansible.builtin.copy:
+    content: "{{ lookup('file', '~/.vault-key') }}"
+    dest: "/home/{{ homelab_user }}/.vault-key"
+    owner: "{{ homelab_user }}"
+    group: "{{ homelab_user }}"
+    mode: 0440
+
 - name: Install Packages.
  ansible.builtin.apt:
    pkg:
@ -6,6 +22,7 @@
      # TODO move these somewhere else
      - ufw
      - htop
+      - gdisk
    state: latest
    update_cache: true
Author	SHA1	Message	Date
chatton	676b21017a	add gdisk to homelab	2 years ago
chatton	470478bbb5	move some services from snunmu to dell	2 years ago
chatton	160a0990f1	configure dell to use portainer api instead of docker compose	2 years ago
chatton	f3c8366878	adding portainer agent instead of exposing socket	2 years ago
chatton	f6274e8c06	add sources list in initial setup	2 years ago