♻️ refactor how hosts are defined
This commit is contained in:
parent
1dd45be13c
commit
409e17b72f
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
restic_repo_pw: "{{ vault_restic_pw_jake }}"
|
||||
restic_repo_url: "{{ vault_restic_url_jake }}"
|
||||
restic_backup_pre_cmd:
|
||||
- (cd "/tmp" && forgejo.sh dump --file="forgejo.zip")
|
||||
restic_backup_targets:
|
||||
- /tmp/forgejo.zip
|
||||
restic_backup_frequency: daily
|
||||
sendmail_mta_user: "{{ vault_mta_user }}"
|
||||
sendmail_mta_user_pw: "{{ vault_mta_user_pw }}"
|
||||
sendmail_mailhub: "box.nilsnh.no:465"
|
||||
sendmail_hostname: jake.box.nilsnh.no
|
||||
sendmail_rewrite_domain: "nilsnh.no"
|
||||
sendmail_revaliases:
|
||||
root: "{{ machine_from_email }}"
|
||||
jake: "{{ machine_from_email }}"
|
||||
git: "{{ machine_from_email }}"
|
||||
machine_from_email: "noreply+jake@nilsnh.no"
|
||||
machine_notifications_receiver: "mail@nilsnh.no"
|
||||
forgejo_domain: "code.on.nilsnh.no"
|
||||
forgejo_from: "\"Forgejo at nilsnh.no\" <{{ machine_from_email }}>"
|
||||
firewall_allowed_ports:
|
||||
- { port: 80, proto: "tcp" }
|
||||
- { port: 443, proto: "tcp" }
|
||||
- { port: 51820, proto: "udp" } # Wireguard
|
||||
wireguard_private_key: "{{ vault_wireguard_private_key }}"
|
||||
wireguard_address: 10.0.24.1/24
|
||||
wireguard_peers:
|
||||
- { AllowedIPs: 10.0.24.2/32, Endpoint: finn.lan:51820, PublicKey: "ZXbZPQY9aycB9t+lqLsiteleeWqxNi+Q37yYZcPIlSA=" }
|
|
@ -1,5 +1,5 @@
|
|||
[jake]
|
||||
[servers]
|
||||
jake.box.nilsnh.no ansible_user=jake
|
||||
|
||||
[this_machine]
|
||||
[this-machine]
|
||||
localhost ansible_connection=local
|
||||
|
|
42
playbook.yml
42
playbook.yml
|
@ -1,41 +1,11 @@
|
|||
---
|
||||
- hosts: jake
|
||||
handlers:
|
||||
vars:
|
||||
restic_repo_pw: "{{ vault_restic_pw_jake }}"
|
||||
restic_repo_url: "{{ vault_restic_url_jake }}"
|
||||
restic_backup_pre_cmd:
|
||||
- (cd "/tmp" && forgejo.sh dump --file="forgejo.zip")
|
||||
restic_backup_targets:
|
||||
- /tmp/forgejo.zip
|
||||
restic_backup_frequency: daily
|
||||
sendmail_mta_user: "{{ vault_mta_user }}"
|
||||
sendmail_mta_user_pw: "{{ vault_mta_user_pw }}"
|
||||
sendmail_mailhub: "box.nilsnh.no:465"
|
||||
sendmail_hostname: jake.box.nilsnh.no
|
||||
sendmail_rewrite_domain: "nilsnh.no"
|
||||
sendmail_revaliases:
|
||||
root: "{{ machine_from_email }}"
|
||||
jake: "{{ machine_from_email }}"
|
||||
git: "{{ machine_from_email }}"
|
||||
machine_from_email: "noreply+jake@nilsnh.no"
|
||||
machine_notifications_receiver: "mail@nilsnh.no"
|
||||
forgejo_domain: "code.on.nilsnh.no"
|
||||
forgejo_from: "\"Forgejo at nilsnh.no\" <{{ machine_from_email }}>"
|
||||
firewall_allowed_ports:
|
||||
- { port: 80, proto: "tcp" }
|
||||
- { port: 443, proto: "tcp" }
|
||||
- { port: 51820, proto: "udp" } # Wireguard
|
||||
wireguard_private_key: "{{ vault_wireguard_private_key }}"
|
||||
wireguard_address: 10.0.24.1/24
|
||||
wireguard_peers:
|
||||
- { AllowedIPs: 10.0.24.2/32, Endpoint: finn.lan:51820, PublicKey: "ZXbZPQY9aycB9t+lqLsiteleeWqxNi+Q37yYZcPIlSA=" }
|
||||
- hosts: jake.box.nilsnh.no
|
||||
roles:
|
||||
- wireguard
|
||||
# - backup
|
||||
# - sendmail
|
||||
# - nodejs
|
||||
- backup
|
||||
- sendmail
|
||||
- nodejs
|
||||
- firewall
|
||||
# - forgejo
|
||||
# - caddy
|
||||
- forgejo
|
||||
- caddy
|
||||
|
||||
|
|
Loading…
Reference in New Issue