vincent/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

merge with master

Browse Source
This commit is contained in:
vincent 2019-11-24 14:49:14 +01:00
commit 626716f94e
7 changed files with 124 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -15,6 +15,11 @@
`ansible-vault encrypt_string`
## avant de lancer le playbook
- vérifier que l'identité SSH et bien enregistrer dans l'agent
- si la machine a déja une partie des logiciel instalé forcé l'upgrade (il vaut mieux partir d'une machien from scratch que d'une machine a moitier passé par le playbook)
- si le role userconfig est déja descendu s'assurer que le repo local de la machine n'a pas de modification a pushé
## Prerequis
- python

56
group_vars/all/all_vault
View File

@ -1,28 +1,30 @@
$ANSIBLE_VAULT;1.1;AES256
36373932323731323261306130393236616639363063616661653562343033663365373235353732
3665333739623264646665663832346436616539666238300a346230633632646664346162333930
65613032346632626364336339646139393331646439383438353937323036653435316433396239
6266646263306466610a373263663063373761353865323138323336343564323437373863343836
33616533356436643262646139386661313130393762313530666162363162623631663464363532
39346235303662366632616164333266643866326236663336333261646633643761316461646562
33306236353038313734616436623330313937626433623665393063663530363435656134663263
62356465616265356439306139393430363738633061646466363431623735336461626165346636
31386438346538346330656265636663656134363664353432626565393935333366373738656139
64623133356161366135363335323235396138373736396235356437643131626263646435643839
61396662323731623765626265363230396533376532323763313838373834643833363130656232
36366439393736636433353862303262376432313162323237393061653139316437623235393065
64623334343266373663646633653539363936323338356562336464666330376435343338383831
62366361303232343965616461376339386663666663666135323236313836326338653739306264
35376630333565653865623037306137336636353562366563303264643564366430346430303561
61663564666662663132383433396439653266366637313737363131666236396431326365343162
66363061643761656364643166366437366164346430343639396261353065356430346464613566
34363165373039383762656533626363633261633334376230656464323131323135666330313738
39336339363332393862336638626236343237643039656334316664326565376264343262666439
34323566333339346563393261373730363935383731383666343933353137646235623132636265
39343733613063393131373161343961623239316533306430316262656234643963626139323933
66653338303163393639323663613561363436373333313530643433656639663531666662326361
36346663613532383861666330356366643263393564643363653366343066646639393463613165
31663163333563336662376331386564356661613261323138373562333764303037326465363164
39333461663362653833633731393164346437333964623230313463323464323461323030373532
34383337623263346433363438303334393262333836316234393339376332626164316339376239
666530303630336333303237343534616431
36393436653566306436363065303537636361316533303036323966316161343739666233333331
6562383739343862386462613861666536646337303863320a646366663664643434333263343935
35306233623866643530393863326532613063386662346530346133353439626636373666653065
6561346437346663630a366463393762343862636539363863366662326439323732366663656162
39306333396434343236323439636261636235373836356165313938306366613335343634653065
66623162663334646332666537323032656562643961303665383531373565656665326533343266
61383536353038393631643837316366383136346231333336663135323764613937653333333330
65313331303366373239623561663932323266646236383739346235383938356665313461616131
36336338303530323736313537303938356137383434323030336237656635376433653633323237
32646162613731383166653930363835643162306362646335643233303461376235643933636634
39353233643836396534663364316539386130386166663134633033643861356338336165363031
33303534333763363437646433336665373362326530623730316664376230616333653139646336
37666531336362373861376135366463323134643561346163643137613038663235636134356363
37623037656630343739333734366361313634313832343732633564356161306134646664316134
31373066306230323130613536356265396439313733376437316361393864393265666332633535
34373861616565353762366663333833346334356535336365613632656461396566323363326537
66613438663539313163306166323734366333306533346463633031376237326264613565613766
65383537313461613664343961616432313037346531333261323331663131373034323935373566
63363633633562653533326138633462633238353264323361386133316234666638383831663433
61623635636432653031373036383664393630306332386563353632373430623530336166613163
33346661353634396532353266303162326331393534336131316537366335643637613532393631
34303130356431393163636363383233356235623666623165373730633436346162343137623438
66373730653636356663366162363133303961613165343735326563636363306533386434646133
65383063396166343066383332616132353732343765323964666634633533373530643230373939
62366363356433336365343264393730653265633531326563303166393638383731313163373261
37313531643337313333336432636438393932613363393831663163646333666536653166383739
31633362636635336430336463643564626563333964313830643833396630363262666162356665
38383433323661396331663763623563636137633034643065623032383466633535343937383965
3965

24
group_vars/server
View File

@ -6,6 +6,13 @@ systemd_mounts:
options:
- " "
automount: true
diskstation_CardDav:
share: diskstation.ducamps.win:/volume2/CardDav
mount: /mnt/diskstation/CardDav
type: nfs
options:
- " "
automount: true
backup_disk:
share: /dev/sda1
mount: /mnt/backup
@ -51,6 +58,7 @@ systemd_mounts_enabled:
- backup_disk
- diskstation_photo
- diskstation_home
- diskstation_CardDav
credentials_files:
@ -120,7 +128,10 @@ nginx_vhosts:
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
location / {
rewrite ^/.well-known/carddav /radicale/$remote_user/carddav/ redirect;
rewrite ^/.well-known/caldav /radicale/$remote_user/caldav/ redirect;
index index.php index.html index.htm ;
default_type text/html;
@ -128,6 +139,15 @@ nginx_vhosts:
location =/ {
rewrite ^ /starter;
}
location /radicale/
{
# The trailing / is important!
proxy_pass http://localhost:5232/; # The / is important!
proxy_set_header X-Script-Name /radicale;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
}
location ~ \.php$ {
# try_files $uri =404;
@ -256,5 +276,5 @@ gitea_ssh_port: 22
gitea_SQl_target_file: /mnt/diskstation/git/backup/mysql/last/gitea.sql
supysonic_db_password: "{{ vault_mysql_supysonic }}"
supysonic_force_site_update: true
docker_users: "{{user.name}}"

14
group_vars/workstation
View File

@ -49,20 +49,12 @@ systemd_mounts:
- gid=100
- vers=3.0
automount: true
davfs_share:
share: https://diskstation.ducamps.win:5006/home/keepass
mount: /mnt/diskstation/keepass
type: davfs
options:
- uid=1024
automount: true
systemd_mounts_enabled:
- diskstation_media
- diskstation_music
- diskstation_ebook
- davfs_share
- diskstation_photo
- diskstation_home
@ -72,9 +64,3 @@ credentials_files:
path: /etc/creds/.diskstation_credentials
username: admin
password: "{{ vault_default_password }}"
2:
type: davfs
path: /etc/davfs2/secrets
adress: https://diskstation.ducamps.win:5006/home/keepass
username: admin
password: "{{ vault_default_password }}"

14
host_vars/arch3
View File

@ -18,14 +18,26 @@ nginx_vhosts:
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
location / {
rewrite ^/.well-known/carddav /radicale/$remote_user/carddav/ redirect;
rewrite ^/.well-known/caldav /radicale/$remote_user/caldav/ redirect;
index index.php index.html index.htm ;
default_type text/html;
}
location =/ {
rewrite ^ /starter;
}
location /radicale/
{
# The trailing / is important!
proxy_pass http://localhost:5232/; # The / is important!
proxy_set_header X-Script-Name /radicale;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
}
location ~ \.php$ {
# try_files $uri =404;

50
host_vars/nas
View File

@ -2,7 +2,55 @@
##music_directory: '/mnt/diskstation/music'
ttrss_url_path: http://nas/tt-rss/
system_upgrade: true
gitea_http_domain: nas
gitea_root_url: http://nas:3000
chainetv_repo_branch: dev
chainetv_repo_branch: master
certbot_create_if_missing: false
nginx_vhosts:
- listen: "80"
server_name: "_"
filename: "default.conf"
state: "present"
template: "{{ nginx_vhost_template }}"
extra_parameters: |
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
rewrite ^/.well-known/carddav /radicale/$remote_user/carddav/ redirect;
rewrite ^/.well-known/caldav /radicale/$remote_user/caldav/ redirect;
index index.php index.html index.htm ;
default_type text/html;
}
location =/ {
rewrite ^ /starter;
}
location /radicale/
{
# The trailing / is important!
proxy_pass http://localhost:5232/; # The / is important!
proxy_set_header X-Script-Name /radicale;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
}
location ~ \.php$ {
# try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 800;
fastcgi_index index.php;
include fastcgi_params;
}
include /etc/nginx/conf.d/*.default;

7
server.yml
View File

@ -18,11 +18,16 @@
- {role: nginx, become: yes }
- {role: ansible-role-certbot, become: yes} ##need to have a external connection on 80
- {role: mariadb, become: yes }
- {role: radicale , become: yes }
- cloud-commander
- php
- tt-rss
- gitea
- chainetv
- supysonic
<<<<<<< HEAD
- user_config
=======
- chainetv
>>>>>>> master