merge
This commit is contained in:
commit
e6ff06dc53
15
README.md
15
README.md
@ -78,29 +78,26 @@
|
|||||||
|
|
||||||
- [x] failtoban role
|
- [x] failtoban role
|
||||||
|
|
||||||
- [ ] nginx/php role
|
- [x] nginx/php role
|
||||||
- install
|
- install
|
||||||
- config
|
- config
|
||||||
|
|
||||||
- [ ] dns role
|
- [x] dns role
|
||||||
-slave/primary
|
-slave/primary
|
||||||
|
|
||||||
|
|
||||||
- [ ] mariadb role
|
- [x] mariadb role
|
||||||
- install
|
- install
|
||||||
- config
|
- config
|
||||||
- backup
|
- (voir pouquoi l'init de mysql ne fonctionne pas dans ansible)
|
||||||
|
|
||||||
- [ ] tt-rss role
|
- [x] tt-rss role
|
||||||
- depend nginx & madiadb role
|
- depend nginx & madiadb role
|
||||||
- fail2ban jail
|
- fail2ban jail
|
||||||
|
|
||||||
- [ ] gitea role
|
- [x] gitea role
|
||||||
- depend of mariadb role
|
- depend of mariadb role
|
||||||
|
|
||||||
- [ ] dns role
|
|
||||||
-slave/primary
|
|
||||||
|
|
||||||
- [ ] backup role?
|
- [ ] backup role?
|
||||||
- controle du reboot
|
- controle du reboot
|
||||||
|
|
||||||
|
8
chainetv.yml
Normal file
8
chainetv.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
- hosts: server
|
||||||
|
vars:
|
||||||
|
force_site_update: true
|
||||||
|
|
||||||
|
roles:
|
||||||
|
- chainetv
|
||||||
|
|
@ -1,10 +1,19 @@
|
|||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
36336139353839303537376234623535363838613761633137633166636261353862643935393563
|
66373932613336323337303165393131656639616164393765646533343937346638343235623665
|
||||||
6363356531376261333364306238343961343435336637380a623134636661326262623635326266
|
3764663835643766636165386231633538323730303865350a373730356638316331643332386236
|
||||||
62623433343939353866373365343966656533376230323835313131326130326265316364336537
|
65346662623063613933663233376239333664396431333264366464386632333936653130353431
|
||||||
6332306265643336630a326530656536373662613636353735666164326461333232363534316564
|
6538366132316333310a393537373862363439346565613566636330613934363136373131353161
|
||||||
36643333636464663734666364366436366235326136313134393965626636643034396662383261
|
30313339343332396132666234646130666661356236333937343730386539656562343538656265
|
||||||
34363236653530326635303239643166313966363062333534616332383736626430346633396438
|
35366237646264393466353835383439616264623737366230303833353033616163326635396539
|
||||||
61353964643930353731316664393534356366373563326337303964323366333733386134646337
|
62363761313663326131363334323761336531353564323565373132393134383664353061396166
|
||||||
31303736383735366662323637336635656161376337313563386438376136653365656433663336
|
65396530313165353164636239383038316137616437333962613662653535343938646637336233
|
||||||
3530
|
31393162623762643038323139313464393965613539353331646134653463306137653661303539
|
||||||
|
31356235656231303261306465393836326362343262613134373566393035396165313235623265
|
||||||
|
37333162313535653838353633626665623030663663386362663037323230393438333832376238
|
||||||
|
31383734653733636337616639323161316535363636663236346234323833303662346230626565
|
||||||
|
65633730363937646237643035366535393063653962346536616361666232336466663233313063
|
||||||
|
64363864336237343739653065663730353031363130396134393337346465396164386161303938
|
||||||
|
61303334323939616437313763663164323937386266666530373732613962366130326435613563
|
||||||
|
62326332646561363365376363616431623330373561623761383336303835323765383831353064
|
||||||
|
32643235316130333039616538326533636466346439616261616139326262396631386239653138
|
||||||
|
6165613133656637633766643434376566393134643731343534
|
||||||
|
@ -14,11 +14,27 @@ systemd_mounts:
|
|||||||
- uid=1024
|
- uid=1024
|
||||||
- guid=100
|
- guid=100
|
||||||
automount: true
|
automount: true
|
||||||
|
diskstation_music:
|
||||||
|
share: //diskstation.ducamps.win/music
|
||||||
|
mount: /mnt/diskstation/music
|
||||||
|
type: cifs
|
||||||
|
options:
|
||||||
|
- credentials=/etc/creds/.diskstation_credentials
|
||||||
|
- uid=1024
|
||||||
|
- gid=100
|
||||||
|
automount: true
|
||||||
systemd_mounts_enabled:
|
systemd_mounts_enabled:
|
||||||
- diskstation_git
|
- diskstation_git
|
||||||
|
- diskstation_music
|
||||||
- backup_disk
|
- backup_disk
|
||||||
|
|
||||||
|
credentials_files:
|
||||||
|
1:
|
||||||
|
type: smb
|
||||||
|
path: /etc/creds/.diskstation_credentials
|
||||||
|
username: admin
|
||||||
|
password: "{{ vault_default_password }}"
|
||||||
|
|
||||||
syncthing_address: "{{inventory_hostname}}:8384"
|
syncthing_address: "{{inventory_hostname}}:8384"
|
||||||
syncthing_gui_user: "{{user.name}}"
|
syncthing_gui_user: "{{user.name}}"
|
||||||
syncthing_gui_password: $2a$10$nJZ8YN/1mB84Cbi79BKka.6SFMAKF.CBwyCNJDA9qUgXdkcuBilx2
|
syncthing_gui_password: $2a$10$nJZ8YN/1mB84Cbi79BKka.6SFMAKF.CBwyCNJDA9qUgXdkcuBilx2
|
||||||
@ -59,15 +75,15 @@ nginx_vhosts:
|
|||||||
location = /50x.html {
|
location = /50x.html {
|
||||||
root /usr/share/nginx/html;
|
root /usr/share/nginx/html;
|
||||||
}
|
}
|
||||||
|
location / {
|
||||||
location =/ {
|
|
||||||
rewrite ^ /starter;
|
|
||||||
}
|
|
||||||
location / {
|
|
||||||
index index.php index.html index.htm ;
|
index index.php index.html index.htm ;
|
||||||
default_type text/html;
|
default_type text/html;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
location =/ {
|
||||||
|
rewrite ^ /starter;
|
||||||
|
}
|
||||||
|
|
||||||
location ~ \.php$ {
|
location ~ \.php$ {
|
||||||
# try_files $uri =404;
|
# try_files $uri =404;
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
@ -77,6 +93,7 @@ nginx_vhosts:
|
|||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
include fastcgi_params;
|
include fastcgi_params;
|
||||||
}
|
}
|
||||||
|
include /etc/nginx/conf.d/*.default;
|
||||||
|
|
||||||
|
|
||||||
nginx_realIP_Proxy: 192.168.1.10/24
|
nginx_realIP_Proxy: 192.168.1.10/24
|
||||||
@ -86,3 +103,46 @@ php_extention_enable:
|
|||||||
- mysqli
|
- mysqli
|
||||||
- pdo_mysql
|
- pdo_mysql
|
||||||
- soap
|
- soap
|
||||||
|
|
||||||
|
mysql_root_password: "{{ vault_mysql_root }}"
|
||||||
|
mysql_root_password_update: true
|
||||||
|
|
||||||
|
|
||||||
|
# Users.
|
||||||
|
mysql_users:
|
||||||
|
- name: dump
|
||||||
|
host: localhost
|
||||||
|
password: "{{ vault_mysql_dump }}"
|
||||||
|
priv: "*.*:SELECT,SHOW DATABASES,LOCK TABLES"
|
||||||
|
|
||||||
|
ttrss_db_password: "{{ vault_mysql_ttrss }}"
|
||||||
|
ttrss_log_destination: ""
|
||||||
|
ttrss_SQl_target_file: /mnt/diskstation/git/backup/mysql/last/ttrss.sql
|
||||||
|
|
||||||
|
bind_listen_ipv4: ['any']
|
||||||
|
bind_allow_query: ['any']
|
||||||
|
bind_zone_master_server_ip: 192.168.1.10
|
||||||
|
bind_zone_domains:
|
||||||
|
- name: ducamps.win
|
||||||
|
hostmaster_email: "vincent@ducamps.win"
|
||||||
|
- name: 1.168.192.in-addr.arpa
|
||||||
|
hostmaster_email: "vincent@ducamps.win"
|
||||||
|
bind_forwarders:
|
||||||
|
- '1.1.1.1'
|
||||||
|
- '80.67.169.40'
|
||||||
|
bind_recursion: true
|
||||||
|
bind_allow_recursion:
|
||||||
|
- "192.168.1.0/24"
|
||||||
|
|
||||||
|
gitea_http_listen: 0.0.0.0
|
||||||
|
gitea_db_type: mysql
|
||||||
|
gitea_db_host: localhost:3306
|
||||||
|
gitea_db_name: gitea
|
||||||
|
gitea_db_user: gitea
|
||||||
|
gitea_db_password: "{{ vault_mysql_gitea }}"
|
||||||
|
gitea_ssh_domain: "{{ansible_hostname}}"
|
||||||
|
gitea_start_ssh: false
|
||||||
|
gitea_ssh_port: 22
|
||||||
|
gitea_SQl_target_file: /mnt/diskstation/git/backup/mysql/last/gitea.sql
|
||||||
|
|
||||||
|
supysonic_db_password: "{{ vault_mysql_supysonic }}"
|
6
host_vars/arch3
Normal file
6
host_vars/arch3
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
ttrss_url_path: http://arch3/tt-rss/
|
||||||
|
|
||||||
|
gitea_http_domain: arch3
|
||||||
|
gitea_root_url: http://arch3:3000
|
||||||
|
|
||||||
|
chainetv_repo_branch: dev
|
@ -1,2 +1,8 @@
|
|||||||
##ansible_python_interpreter: /usr/bin/python2
|
##ansible_python_interpreter: /usr/bin/python2
|
||||||
##music_directory: '/mnt/diskstation/music'
|
##music_directory: '/mnt/diskstation/music'
|
||||||
|
ttrss_url_path: http://nas/tt-rss/
|
||||||
|
|
||||||
|
gitea_http_domain: nas
|
||||||
|
gitea_root_url: http://nas:3000
|
||||||
|
|
||||||
|
chainetv_repo_branch: dev
|
@ -0,0 +1,3 @@
|
|||||||
|
ttrss_url_path: "https://www.{{domain.name}}/tt-rss"
|
||||||
|
gitea_http_domain: git.{{domain.name}}
|
||||||
|
gitea_root_url: https://git.{{domain.name}}
|
@ -9,15 +9,17 @@
|
|||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
|
- user_config
|
||||||
- ssmtp
|
- ssmtp
|
||||||
- cronie
|
- cronie
|
||||||
- rsyncd
|
- rsyncd
|
||||||
- gandi-dyn-dns
|
- gandi-dyn-dns
|
||||||
- fail2ban
|
- fail2ban
|
||||||
- dns
|
- {role: dns , become: yes }
|
||||||
- {role: nginx, become: yes }
|
- {role: nginx, become: yes }
|
||||||
|
- {role: mariadb, become: yes }
|
||||||
- php
|
- php
|
||||||
- tt-rss
|
- tt-rss
|
||||||
- gitea
|
- gitea
|
||||||
- user_config
|
- chainetv
|
||||||
|
|
||||||
|
8
supysonic.yml
Normal file
8
supysonic.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
- hosts: server
|
||||||
|
vars:
|
||||||
|
force_site_update: true
|
||||||
|
|
||||||
|
roles:
|
||||||
|
- supysonic
|
||||||
|
|
Loading…
Reference in New Issue
Block a user